Realtime malware scanning

2025-03-01 05:48:23 +03:00 · 2017-12-16 07:11:02 -05:00 · 2017-12-16 07:11:02 -05:00 · bf4b0cda06
commit bf4b0cda06
parent 4dfca28d22
9 changed files with 117 additions and 5 deletions
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@ -23,6 +23,10 @@
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
+        <service
+            android:name=".MalwareScannerService"
+            android:enabled="true"
+            android:exported="false"/>
    </application>

 </manifest>
--- a/app/src/main/java/us/spotco/malwarescanner/MainActivity.java
+++ b/app/src/main/java/us/spotco/malwarescanner/MainActivity.java
@ -1,6 +1,7 @@
 package us.spotco.malwarescanner;

 import android.Manifest;
+import android.content.Intent;
 import android.content.pm.ApplicationInfo;
 import android.content.pm.PackageManager;
 import android.os.AsyncTask;
@ -78,6 +79,9 @@ public class MainActivity extends AppCompatActivity {
        });

        requestPermissions();
+
+        Intent realtimeScanner = new Intent(this, MalwareScannerService.class);
+        startService(realtimeScanner);
    }

    @Override
--- a/app/src/main/java/us/spotco/malwarescanner/MalwareScanner.java
+++ b/app/src/main/java/us/spotco/malwarescanner/MalwareScanner.java
@ -1,11 +1,13 @@
 package us.spotco.malwarescanner;

 import android.app.Activity;
+import android.app.Notification;
 import android.app.NotificationManager;
 import android.content.Context;
 import android.os.AsyncTask;
 import android.os.SystemClock;
 import android.support.v4.app.NotificationCompat;
+import android.util.Log;
 import android.widget.TextView;

 import java.io.File;
@ -15,6 +17,7 @@ import java.math.BigInteger;
 import java.security.MessageDigest;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Random;
 import java.util.Set;

 public class MalwareScanner extends AsyncTask<Set<File>, Object, String> {
@ -43,11 +46,14 @@ public class MalwareScanner extends AsyncTask<Set<File>, Object, String> {
            logOutput.append(result + "\n");
        } else if (!userFacingOnly) {
            NotificationCompat.Builder mBuilder =
-                    new NotificationCompat.Builder(context)
-                            .setSmallIcon(R.drawable.ic_launcher_foreground)
-                            .setContentTitle("Malware Detected!")
-                            .setContentText(result);
-            notificationManager.notify(1, mBuilder.build());
+                new NotificationCompat.Builder(context)
+                        .setSmallIcon(R.drawable.ic_notification)
+                        .setContentTitle(context.getText(R.string.lblNotificationRealtimeDetection))
+                        .setContentText(result)
+                        .setPriority(Notification.PRIORITY_MAX)
+                        .setVisibility(Notification.VISIBILITY_SECRET)
+                        .setDefaults(Notification.DEFAULT_VIBRATE);
+            notificationManager.notify(new Random().nextInt(), mBuilder.build());
        }
    }

--- a/app/src/main/java/us/spotco/malwarescanner/MalwareScannerService.java
+++ b/app/src/main/java/us/spotco/malwarescanner/MalwareScannerService.java
@ -0,0 +1,95 @@
+package us.spotco.malwarescanner;
+
+import android.app.Notification;
+import android.app.NotificationManager;
+import android.app.Service;
+import android.content.Context;
+import android.content.Intent;
+import android.os.Environment;
+import android.os.FileObserver;
+import android.os.IBinder;
+import android.support.v4.app.NotificationCompat;
+import android.util.Log;
+import android.widget.Toast;
+
+import java.io.File;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Random;
+import java.util.Set;
+
+public class MalwareScannerService extends Service {
+
+    private ArrayList<MalwareMonitor> malwareMonitors = null;
+
+    @Override
+    public IBinder onBind(Intent intent) {
+        return null;
+    }
+
+    @Override
+    public int onStartCommand(Intent intent, int flags, int startId) {
+        if(true) {//Check if we're enabled
+            malwareMonitors = new ArrayList<>();
+            malwareMonitors.add(new MalwareMonitor(Environment.getExternalStorageDirectory().toString()));
+            malwareMonitors.add(new MalwareMonitor(getExternalFilesDir(Environment.DIRECTORY_DOWNLOADS).toString()));
+
+            for(MalwareMonitor malwareMonitor : malwareMonitors) {
+                malwareMonitor.startWatching();
+            }
+            Toast.makeText(this, "Theia: Realtime Scanning Started", Toast.LENGTH_SHORT).show();
+            setForeground();
+        } else {
+            stopSelf();
+        }
+
+        return START_STICKY;
+    }
+
+    @Override
+    public void onDestroy() {
+        for(MalwareMonitor malwareMonitor : malwareMonitors) {
+            malwareMonitor.stopWatching();
+        }
+        Toast.makeText(this, "Theia: Realtime Scanning Stopped", Toast.LENGTH_SHORT).show();
+    }
+
+    private void setForeground() {
+        NotificationManager notificationManager = (NotificationManager) this.getSystemService(Context.NOTIFICATION_SERVICE);
+
+        Notification notification =
+                new NotificationCompat.Builder(this)
+                        .setSmallIcon(R.drawable.ic_notification)
+                        .setContentTitle(getText(R.string.lblNotificationRealtimeTitle))
+                        .setContentText(getText(R.string.lblNotificationRealtimeText))
+                        .setPriority(Notification.PRIORITY_MIN)
+                        .build();
+
+        startForeground(-1, notification);
+    }
+
+    private class MalwareMonitor extends FileObserver {
+
+        private String rootPath = null;
+
+        public MalwareMonitor(String path) {
+            super(path);
+            rootPath = path;
+            if(!rootPath.endsWith("/")) {
+                rootPath += "/";
+            }
+        }
+        @Override
+        public void onEvent(int eventID, String path) {
+            if(eventID == FileObserver.CLOSE_WRITE) {
+                File file = new File(rootPath + path);
+                if(file.exists() && file.length() > 0) {
+                    Set<File> filesToScan = new HashSet<>();
+                    filesToScan.add(file);
+                    new MalwareScanner(null, getApplicationContext(), false).execute(filesToScan);
+                }
+            }
+        }
+    }
+
+}
--- a/app/src/main/res/drawable-hdpi/ic_notification.png
+++ b/app/src/main/res/drawable-hdpi/ic_notification.png
--- a/app/src/main/res/drawable-mdpi/ic_notification.png
+++ b/app/src/main/res/drawable-mdpi/ic_notification.png
--- a/app/src/main/res/drawable-xhdpi/ic_notification.png
+++ b/app/src/main/res/drawable-xhdpi/ic_notification.png
--- a/app/src/main/res/drawable-xxhdpi/ic_notification.png
+++ b/app/src/main/res/drawable-xxhdpi/ic_notification.png
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@ -5,4 +5,7 @@
    <string name="lblScanApps">Scan App APKs</string>
    <string name="lblScanInternal">Scan Internal Storage</string>
    <string name="lblScanExternal">Scan External Storage</string>
+    <string name="lblNotificationRealtimeTitle">Realtime Scanner</string>
+    <string name="lblNotificationRealtimeText">Malware will be detected in realtime</string>
+    <string name="lblNotificationRealtimeDetection">Malware Detected!</string>
 </resources>