MaintainTeam/Hypatia
1
0
Fork 0
mirror of https://github.com/MaintainTeam/Hypatia.git synced 2025-03-01 05:48:23 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Tweaks, more databases, and scan more aggressively

Browse source
This commit is contained in:
Tad 2017-12-16 14:30:21 -05:00
parent 0befda3456
commit f4f8f7d12e
6 changed files with 34 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/build.gradle
View file

@ -6,7 +6,7 @@ android {
applicationId "us.spotco.malwarescanner" applicationId "us.spotco.malwarescanner"
minSdkVersion 21 minSdkVersion 21
targetSdkVersion 26 targetSdkVersion 26
versionCode 10 versionCode 11
versionName "1.5" } versionName "1.5" }
buildTypes { buildTypes {
release { release {

2
app/src/main/java/us/spotco/malwarescanner/BootReceiver.java
View file

@ -11,7 +11,7 @@ public class BootReceiver extends BroadcastReceiver {
public void onReceive(Context context, Intent intent) { public void onReceive(Context context, Intent intent) {
if (intent.getAction().equals(Intent.ACTION_BOOT_COMPLETED)) { if (intent.getAction().equals(Intent.ACTION_BOOT_COMPLETED)) {
SharedPreferences prefs = context.getSharedPreferences(BuildConfig.APPLICATION_ID, Context.MODE_PRIVATE); SharedPreferences prefs = context.getSharedPreferences(BuildConfig.APPLICATION_ID, Context.MODE_PRIVATE);
boolean autostart = prefs.getBoolean("autostart", true); boolean autostart = prefs.getBoolean("autostart", false);
if (autostart) { if (autostart) {
Intent realtimeScanner = new Intent(context, MalwareScannerService.class); Intent realtimeScanner = new Intent(context, MalwareScannerService.class);

23
app/src/main/java/us/spotco/malwarescanner/Database.java
View file

@ -29,11 +29,23 @@ public class Database {
databasePath = new File(context.getFilesDir() + "/signatures/"); databasePath = new File(context.getFilesDir() + "/signatures/");
databasePath.mkdir(); databasePath.mkdir();
signatureDatabases.add(new SignatureDatabase("https://spotco.us/clamav-main.hdb", "clamav-main.hdb")); signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/bofhland_malware_attach.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/clamav-main.hsb", "clamav-main.hsb")); signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/crdfam.clamav.hdb"));
//signatureDatabases.add(new SignatureDatabase("http://cdn.rfxn.com/downloads/rfxn.hdb", "rfxn.hdb")); signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/doppelstern.hdb"));
//signatureDatabases.add(new SignatureDatabase("http://clamav.bofhland.org/bofhland_malware_attach.hdb", "bofhland_malware_attach.hdb")); signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/hackingteam.hsb"));
//signatureDatabases.add(new SignatureDatabase("http://cdn.malware.expert/malware.expert.hdb", "malware.expert.hdb")); signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/main.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/main.hsb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/malware.expert.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/malwarehash.hsb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/porcupine.hsb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/rfxn.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/rogue.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/spamattach.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/spamimg.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/winnow.attachments.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/winnow_bad_cw.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/winnow_extended_malware.hdb"));
signatureDatabases.add(new SignatureDatabase("https://spotco.us/Theia/winnow_malware.hdb"));
} }
public static boolean areDatabasesAvailable() { public static boolean areDatabasesAvailable() {
@ -139,6 +151,7 @@ public class Database {
connection.disconnect(); connection.disconnect();
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); e.printStackTrace();
out.delete();
publishProgress("Failed to download, check logcat\n"); publishProgress("Failed to download, check logcat\n");
} }
return null; return null;

3
app/src/main/java/us/spotco/malwarescanner/MalwareScanner.java
View file

@ -5,6 +5,7 @@ import android.app.Notification;
import android.app.NotificationManager; import android.app.NotificationManager;
import android.content.Context; import android.content.Context;
import android.os.AsyncTask; import android.os.AsyncTask;
import android.os.Environment;
import android.os.SystemClock; import android.os.SystemClock;
import android.support.v4.app.NotificationCompat; import android.support.v4.app.NotificationCompat;
import android.widget.TextView; import android.widget.TextView;
@ -106,7 +107,7 @@ public class MalwareScanner extends AsyncTask<Set<File>, Object, String> {
for (Map.Entry<String, File> file : signaturesToCheck.entrySet()) { for (Map.Entry<String, File> file : signaturesToCheck.entrySet()) {
if (signatureDatabase.containsKey(file.getKey())) { if (signatureDatabase.containsKey(file.getKey())) {
String result = signatureDatabase.get(file.getKey()); String result = signatureDatabase.get(file.getKey());
publishProgress(result + " in " + file.getValue(), false); publishProgress(result + " in " + file.getValue().toString().replaceAll(Environment.getExternalStorageDirectory().toString(), "~"), false);
} }
} }
publishProgress("Checked all " + hashType + " hashes against signature databases\n", true); publishProgress("Checked all " + hashType + " hashes against signature databases\n", true);

5
app/src/main/java/us/spotco/malwarescanner/MalwareScannerService.java
View file

@ -76,13 +76,16 @@ public class MalwareScannerService extends Service {
@Override @Override
public void onEvent(int eventID, String path) { public void onEvent(int eventID, String path) {
if (eventID == FileObserver.CLOSE_WRITE) { switch (eventID) {
case FileObserver.MOVED_TO:
case FileObserver.CLOSE_WRITE:
File file = new File(rootPath + path); File file = new File(rootPath + path);
if (file.exists() && file.length() > 0) { if (file.exists() && file.length() > 0) {
Set<File> filesToScan = new HashSet<>(); Set<File> filesToScan = new HashSet<>();
filesToScan.add(file); filesToScan.add(file);
new MalwareScanner(null, getApplicationContext(), false).execute(filesToScan); new MalwareScanner(null, getApplicationContext(), false).execute(filesToScan);
} }
break;
} }
} }
} }

4
app/src/main/java/us/spotco/malwarescanner/SignatureDatabase.java
View file

@ -5,9 +5,9 @@ public class SignatureDatabase {
private String url = null; private String url = null;
private String name = null; private String name = null;
public SignatureDatabase(String url, String name) { public SignatureDatabase(String url) {
this.url = url; this.url = url;
this.name = name; this.name = url.replaceAll("https://spotco.us/Theia/", "");
} }
public String getUrl() { public String getUrl() {