update to ES 6.3

malice-plugins · Jul 29, 2018 · 5a5cfa6 · 5a5cfa6
1 parent 6eed4d8
commit 5a5cfa6
Show file tree

Hide file tree

Showing 704 changed files with 380,470 additions and 109 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -11,7 +11,7 @@ jobs:
       - run:
           name: Install dependencies
           command: |
-            apk add --no-cache curl jq
+            apk add --no-cache jq
       - restore_cache:
           keys:
             - v1-{{ .Branch }}
@@ -43,15 +43,18 @@ jobs:
           key: v1-{{ .Branch }}-{{ epoch }}
           paths:
             - /caches/app.tar
+      - run:
+          name: Download sample
+          command: |
+            docker run --init blacktop/httpie --follow https://github.com/maliceio/malice-av/raw/master/samples/befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 > /tmp/sample
+            docker create -v /malware --name malvol alpine:3.8 /bin/true
+            docker cp /tmp/sample malvol:/malware
       - run:
           name: Run tests
           command: |
             set -x
-            curl -L -o /tmp/sample https://github.com/maliceio/malice-av/raw/master/samples/befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408
-            docker create -v /malware --name malvol alpine:3.6 /bin/true
-            docker cp /tmp/sample malvol:/malware
-            docker run --rm --volumes-from malvol app -t sample
             docker run --rm --volumes-from malvol app -V sample | jq .
+            docker run --rm --volumes-from malvol app -t sample
       - run:
           name: Run update test
           command: |

diff --git a/.dockerignore b/.dockerignore
@@ -2,9 +2,10 @@
 .git*
 .gitignore
 
-docs*
 .circleci*
-.vscode*
+docs*
+vendor*
+tests*
 
 README.md
 README.md.bu

diff --git a/.gitignore b/.gitignore
@@ -18,3 +18,5 @@
 .vagrant
 befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408
 .circleci/build_num
+tests/malware
+tests/not.malware
diff --git a/Dockerfile b/Dockerfile
@@ -7,27 +7,27 @@ LABEL malice.plugin.category="av"
 LABEL malice.plugin.mime="*"
 LABEL malice.plugin.docker.engine="*"
 
-ENV GO_VERSION 1.9.2
+ENV GO_VERSION 1.10.3
 
 COPY . /go/src/github.com/maliceio/malice-windows-defender
 RUN buildDeps='ca-certificates \
-               libreadline-dev:i386 \
-               libc6-dev:i386 \
-               build-essential \
-               gcc-multilib \
-               cabextract \
-               mercurial \
-               git-core \
-               unzip \
-               wget' \
+  libreadline-dev:i386 \
+  libc6-dev:i386 \
+  build-essential \
+  gcc-multilib \
+  cabextract \
+  mercurial \
+  git-core \
+  unzip \
+  wget' \
   && set -x \
   && dpkg --add-architecture i386 && apt-get update -qq \
   && apt-get install -y $buildDeps libc6-i386 --no-install-recommends \
   && echo "===> Install taviso/loadlibrary..." \
   && git clone https://github.com/taviso/loadlibrary.git /loadlibrary \
   && echo "===> Download 32-bit antimalware update file.." \
   && wget --progress=bar:force "https://go.microsoft.com/fwlink/?LinkID=121721&arch=x86" -O \
-    /loadlibrary/engine/mpam-fe.exe \
+  /loadlibrary/engine/mpam-fe.exe \
   && cd /loadlibrary/engine \
   && cabextract mpam-fe.exe \
   && rm mpam-fe.exe \
@@ -43,8 +43,8 @@ RUN buildDeps='ca-certificates \
   && export GOPATH=/go \
   && go version \
   && go get \
-  && go build -ldflags "-X main.Version=$(cat VERSION) -X main.BuildTime=$(date -u +%Y%m%d)" \
-              -o /bin/avscan \
+  && go build -ldflags "-s -w -X main.Version=$(cat VERSION) -X main.BuildTime=$(date -u +%Y%m%d)" \
+  -o /bin/avscan \
   && ls -lah /bin/avscan \
   && echo "===> Clean up unnecessary files..." \
   && apt-get purge -y --auto-remove $buildDeps $(apt-mark showauto) \
@@ -53,6 +53,7 @@ RUN buildDeps='ca-certificates \
 
 # Add EICAR Test Virus File to malware folder
 ADD http://www.eicar.org/download/eicar.com.txt /malware/EICAR
+
 RUN  mkdir -p /opt/malice
 COPY update.sh /opt/malice/update
 

diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/Gopkg.toml b/Gopkg.toml
@@ -0,0 +1,58 @@
+# Gopkg.toml example
+#
+# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
+# for detailed Gopkg.toml documentation.
+#
+# required = ["github.com/user/thing/cmd/thing"]
+# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
+#
+# [[constraint]]
+#   name = "github.com/user/project"
+#   version = "1.0.0"
+#
+# [[constraint]]
+#   name = "github.com/user/project2"
+#   branch = "dev"
+#   source = "github.com/myfork/project2"
+#
+# [[override]]
+#   name = "github.com/x/y"
+#   version = "2.4.0"
+#
+# [prune]
+#   non-go = false
+#   go-tests = true
+#   unused-packages = true
+
+
+[[constraint]]
+  name = "github.com/Sirupsen/logrus"
+  version = "1.0.6"
+
+[[constraint]]
+  name = "github.com/fatih/structs"
+  version = "1.0.0"
+
+[[constraint]]
+  name = "github.com/gorilla/mux"
+  version = "1.6.2"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/malice-plugins/go-plugin-utils"
+
+[[constraint]]
+  name = "github.com/parnurzeal/gorequest"
+  version = "0.2.15"
+
+[[constraint]]
+  name = "github.com/pkg/errors"
+  version = "0.8.0"
+
+[[constraint]]
+  name = "github.com/urfave/cli"
+  version = "1.20.0"
+
+[prune]
+  go-tests = true
+  unused-packages = true