joxeankoret / multiav Goto Github PK
View Code? Open in Web Editor NEWMultiAV scanner with Python and JSON API. Disclaimer: I don't maintain it any more.
License: Other
MultiAV scanner with Python and JSON API. Disclaimer: I don't maintain it any more.
License: Other
Hii Jo ,
If i want to add more antivirus ,.. ? Where i have to update in code i think updating in cfg file not enough .
Issue: McAfee antivirus scanning is very slow
Fix/Solution: Use the uvscan --decompress command line option on new signature updates before scanning - applies to McAfee VirusScan Command Line versions below 6.0.5
McAfee antivirus scanning is listed as "(Very slow, only enabled when running all the engines)"; however, there is a way to significantly improve the McAfee scan performance. Unfortunately McAfee has not documented this feature in the uvscan man page or in the uvscan -h help option AFAIK. McAfee has documented this in their Virus Scan for UNIX product documentation. This feature applies to versions below 6.0.5
On page 34
After an update, run the following command once to decompress the newly downloaded DATs and accelerate the time for subsequent initializations.
uvscan --decompress
Example:
uvscan --decompress /usr/local/uvscan/
See results below for an example of before and after running uvscan --decompress
Some of the extra white space has been removed for brevity.
d@ubuntu:~/Downloads$ time uvscan --ASCII --ANALYZE --MANALYZE --MACRO-HEURISTICS --RECURSIVE --UNZIP Cover-Letter.pdf
McAfee VirusScan Command Line for Linux64 Version: 6.0.4.564
Copyright (C) 2013 McAfee, Inc.
AV Engine version: 5600.1067 for Linux64.
Dat set version: 8036 created Jan 6 2016
Scanning for 670676 viruses, trojans and variants.
Time: 00:00.00
real 0m21.249s
user 0m20.277s
sys 0m0.341s
d@ubuntu:~/Downloads$ time uvscan --ASCII --ANALYZE --MANALYZE --MACRO-HEURISTICS --RECURSIVE --UNZIP Resume.pdf
McAfee VirusScan Command Line for Linux64 Version: 6.0.4.564
Copyright (C) 2013 McAfee, Inc.
AV Engine version: 5600.1067 for Linux64.
Dat set version: 8036 created Jan 6 2016
Scanning for 670676 viruses, trojans and variants.
Time: 00:00.00
real 0m16.388s
user 0m15.362s
sys 0m0.306s
d@ubuntu:~/Downloads$ time uvscan --ASCII --ANALYZE --MANALYZE --MACRO-HEURISTICS --RECURSIVE --UNZIP Cover-Letter.pdf
McAfee VirusScan Command Line for Linux64 Version: 6.0.4.564
Copyright (C) 2013 McAfee, Inc.
AV Engine version: 5600.1067 for Linux64.
Dat set version: 8036 created Jan 6 2016
Scanning for 670676 viruses, trojans and variants.
Time: 00:00.00
real 0m2.834s
user 0m2.677s
sys 0m0.156s
d@ubuntu:~/Downloads$ time uvscan --ASCII --ANALYZE --MANALYZE --MACRO-HEURISTICS --RECURSIVE --UNZIP Resume.pdf
McAfee VirusScan Command Line for Linux64 Version: 6.0.4.564
Copyright (C) 2013 McAfee, Inc.
AV Engine version: 5600.1067 for Linux64.
Dat set version: 8036 created Jan 6 2016
Scanning for 670676 viruses, trojans and variants.
Time: 00:00.00
real 0m2.846s
user 0m2.683s
sys 0m0.147s
McAfee says:
From version 6.0.5 the DECOMPRESS switch is automatically applied. So the first time after each DAT update it will automatically replace the local copy of the compressed DAT with the decompressed equivalent for future use. It is no longer necessary to use the DECOMPRESS switch with the VSCL 6.0.5 and later releases." Documented here - https://kc.mcafee.com/corporate/index?page=content&id=KB68023
Line# 108 not being execute -> cmd = self.build_cmd(path)
And therefore Error coming while executing Line# 113 -> output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment**
The complete error is shown below:
Traceback (most recent call last):
File "/bin/multiav-scan.py", line 25, in
main(sys.argv[1])
File "/bin/multiav-scan.py", line 11, in main
ret = multi_av.scan(path, AV_SPEED_ALL)
File "/usr/lib/python2.7/site-packages/multiav/core.py", line 593, in scan
return self.single_scan(path, max_speed)
File "/usr/lib/python2.7/site-packages/multiav/core.py", line 598, in single_scan
results = self.scan_one(av_engine, path, results, max_speed)
File "/usr/lib/python2.7/site-packages/multiav/core.py", line 607, in scan_one
av.scan(path)
File "/usr/lib/python2.7/site-packages/multiav/core.py", line 118, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
this code :
import pprint
import multiav
multi_av = multiav.CMultiAV()
ret = multi_av.scan(path, multiav.AV_SPEED_MEDIUM)
pprint.pprint(multi_av)
show this error:
Traceback (most recent call last): File "test.py", line 4, in <module> multi_av = multiav.CMultiAV() AttributeError: 'module' object has no attribute 'CMultiAV'
I will be changing the license of this project to the GNU Affero GPL 3.0. While it means no change for 99,99% of users, I would like to know if you have a strong opinion against the change.
Can you please provide requirements.txt
and which python version should I use?
I think the C / S structure is relatively good, the client runs on Windows so that anti-virus software can scan the sample.
Is there any intention to develop it ?
hi joxeankoret
plz help me to install multiav
.i am problem to run multiav install to ubento .
You're not prepared to install video tutorial?
thanks joxeankoret
Hello Sir
i`m newbie in Linux OS an py language
but i need to install your amazing Multi-AV
would you please help me how can I install it ? or how can i scan my file with all 18 antivirus
please help me is you can
thanks in advance
Hi Jox
Can you provide me compatible python and its module version details
I tried 2.6.6 , 2.7.9 and 3.4.3
Keep on throwing some errors
Traceback (most recent call last):
File "multiav.py", line 500, in
main(sys.argv[1])
File "multiav.py", line 487, in main
ret = multi_av.scan(path, AV_SPEED_ALL)
File "multiav.py", line 448, in scan
return self.single_scan(path, max_speed)
File "multiav.py", line 453, in single_scan
results = self.scan_one(av_engine, path, results, max_speed)
File "multiav.py", line 462, in scan_one
av.scan(path)
File "multiav.py", line 113, in scan
output = check_output(cmd)
File "/usr/local/lib/python2.7/subprocess.py", line 530, in check_output
process = Popen(stdout=PIPE, _popenargs, *_kwargs)
File "/usr/local/lib/python2.7/subprocess.py", line 672, in init
errread, errwrite)
File "/usr/local/lib/python2.7/subprocess.py", line 1201, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory
Do you by chance have an installer of some kind to put some/all of these on automatically?
(preferably CentOS, Ubuntu or Debian, but I'm not too picky)
hello , and thank you for your work about multiav.
i setup this tool on ubuntu
python setup.py install
then for test i run the expamle code here
https://github.com/joxeankoret/multiav/blob/master/multiav/scripts/multiav-scan.py
and set the multiav.CMultiAV() to my config file in the example code below, i enable just E-sacn in config file ( all other have flag Disable=1) , but when i run the test code i get this errors :
Process Process-1: Traceback (most recent call last): File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap self.run() File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run self._target(*self._args, **self._kwargs) File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 638, in scan_one av.scan(path) File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 153, in scan call(cmd) File "/usr/lib/python2.7/subprocess.py", line 523, in call return Popen(*popenargs, **kwargs).wait() File "/usr/lib/python2.7/subprocess.py", line 711, in __init__ errread, errwrite) File "/usr/lib/python2.7/subprocess.py", line 1340, in _execute_child raise child_exception **OSError: [Errno 2] No such file or directory** {}
please help me :)
best regards
Where is multiav.py file ? i can't run it
Honestly can't get this to work in any form.
Steps so far
python setup.py install
configured cfg and made sure AV clients were install
Launch python interpreter and import multiav (succeeded)
Then when trying to do anything I'm basically getting Module object has no attribute
>>> multi_av = multiav.CMultiAV()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: 'module' object has no attribute 'CMultiAV'
I confirmed the packages were install against Pypi:
PIP:
pip install multiav
Requirement already satisfied (use --upgrade to upgrade): multiav in ./lib/python2.7/site-packages/multiav-0.1.0-py2.7.egg
Requirement already satisfied (use --upgrade to upgrade): web.py in ./lib/python2.7/site-packages/web.py-0.40.dev0-py2.7.egg (from multiav)
Requirement already satisfied (use --upgrade to upgrade): pyClamd in ./lib/python2.7/site-packages/pyClamd-0.3.17-py2.7.egg (from multiav)
EASY_Install
Searching for multiav
Best match: multiav 0.1.0
Processing multiav-0.1.0-py2.7.egg
multiav 0.1.0 is already the active version in easy-install.pth
Installing multiav-client.py script to /home/_/Desktop/multiav-master/pyav/bin
Installing runserver.py script to /home/__/Desktop/multiav-master/pyav/bin
Installing multiav-scan.py script to /home/_**/Desktop/multiav-master/pyav/bin
Using /home/******/Desktop/multiav-master/pyav/lib/python2.7/site-packages/multiav-0.1.0-py2.7.egg
Processing dependencies for multiav
Finished processing dependencies for multiav
i am trying to run the multiav-scan.py as follows
chmod +x multiav-scan.py
./multiav-scan.py malwaresample.scr
it is giving me following error:
Process Process-1:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 508, in scan
cmd.append("-REPORT=%s" % fname)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-2:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 165, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-3:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 370, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-4:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-5:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 209, in scan
output = check_output(cmd, stderr=devnull)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-6:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-7:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 445, in scan
cmd = self.build_cmd(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 96, in build_cmd
scan_path = parser.get(self.name, "PATH")
File "/usr/lib/python2.7/ConfigParser.py", line 607, in get
raise NoSectionError(section)
NoSectionError: No section: 'Ikarus'
Process Process-8:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 390, in scan
ret = CAvScanner.scan(self, path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-9:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-10:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 415, in scan
cmd = self.build_cmd(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 96, in build_cmd
scan_path = parser.get(self.name, "PATH")
File "/usr/lib/python2.7/ConfigParser.py", line 607, in get
raise NoSectionError(section)
NoSectionError: No section: 'AVG'
Process Process-11:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 342, in scan
return CAvScanner.scan(self, path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-12:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 330, in scan
return CAvScanner.scan(self, path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-13:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 293, in scan
return CAvScanner.scan(self, path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-14:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 281, in scan
return CAvScanner.scan(self, path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-15:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 304, in scan
cmd = self.build_cmd(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 96, in build_cmd
scan_path = parser.get(self.name, "PATH")
File "/usr/lib/python2.7/ConfigParser.py", line 607, in get
raise NoSectionError(section)
NoSectionError: No section: 'ESET'
Process Process-16:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 113, in scan
output = check_output(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment
Process Process-17:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(_self._args, *_self._kwargs)
File "/usr/local/lib/python2.7/dist-packages/multiav/core.py", line 601, in scan_one
av.scan(path)
pls help!!
Hello, I've been having problems running the multiav server. There doesn't seem to be documentation on how to do it. I tried using runserver.py, but it always fails with an error about the path from where is being run (even if I run it from the path it asks to be run from). Also, I can't find any place where the port number of the server could be changed
Thankyou for writing an amazing tool, however I am unable to get it to work on kali 64bit, I keep getting and error multiav.py no such file or directory, I have tried reinstalling a few times now, is it possible you could briefly go over the installation, as the error makes me think I have made a mistake during installation. I have tried everything according to your book.
Thankyou
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.