Scan uploaded files for malwares under Windows using PHP

我是研究僧i 提交于 2019-12-21 06:57:56

问题


I'm trying to install ClamAV on Windows but I can't find how to.

What I want actually is to scan for malwares uploaded files and return a value like "safe" or "Infected by: X"

Do you think it's possible on Windows using a free library?

Do you know if there is a paid software that can do this (even using command-line)?


回答1:


I managed to do it by installing ClamWin on the Windows 2008 Server. (clamwin-0.97.6). I created the eicar.txt file in order to test detection:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Created test.php file:

<?php
$file = 'C:/Users/Localadmin/Desktop/testfile/eicar.txt'; // infected test file
$db = '"C:/Documents and Settings/All Users/.clamwin/db/"'; // path to database of virus definition
$scan_result = shell_exec("D:/programs/clamwin/bin/clamscan --database=$db $file"); 
echo $scan_result;
?>

It gives me this result:

Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 1568163
Engine version: 0.97.6
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 7.363 sec (0 m 7 s)

Than you can process the string $scan_result to figure out what number has been returned after 'Infected files: '.

I will be using it to scan files uploaded via form and since the scanning takes time (7 seconds) I will use some ajax script which can nicely return feedback to the user such "Uploading file..." and "Scanning for viruses..."




回答2:


You can install clamav for windows (clamwin), and use php's passthru function to scan a file via commandline and get the output back. Parse it then display your message. You will have to adjust your php timeout value, or configure your application to upload, get the user to constantly refresh for the status while a background script scans and inserts the result into a database or something. Try looking at virustotal.com they do this, and scan it with over 20 av scanners.



来源:https://stackoverflow.com/questions/4130203/scan-uploaded-files-for-malwares-under-windows-using-php

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!