upload da files

malice-plugins · May 24, 2017 · f50e6f5 · f50e6f5
1 parent 35201fc
commit f50e6f5
Show file tree

Hide file tree

Showing 5 changed files with 412 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -12,3 +12,4 @@
 
 # Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
 .glide/
+*.bu
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,47 @@
+FROM debian:jessie
+
+LABEL maintainer "https://github.com/blacktop"
+
+ENV GO_VERSION 1.8.1
+
+COPY . /go/src/github.com/maliceio/malice-windows-defender
+RUN buildDeps='ca-certificates \
+               build-essential \
+               cabextract \
+               mercurial \
+               git-core \
+               unzip \
+               wget' \
+  && apt-get update \
+  && apt-get install -y $buildDeps libc6-i386 --no-install-recommends \
+  && echo "===> Download 32-bit antimalware update file.." \
+  && cd /tmp \
+  && wget "http://go.microsoft.com/fwlink/?LinkID=121721&arch=x86" \
+  && cabextract mpam-fe.exe \
+  && echo "===> Install taviso/loadlibrary..." \
+  && git clone https://github.com/taviso/loadlibrary.git /tmp/loadlibrary \
+  && cd /tmp/loadlibrary \
+  && make \
+  && echo "===> Install Go..." \
+  && ARCH="$(dpkg --print-architecture)" \
+  && wget https://storage.googleapis.com/golang/go$GO_VERSION.linux-$ARCH.tar.gz -O /tmp/go.tar.gz \
+  && tar -C /usr/local -xzf /tmp/go.tar.gz \
+  && export PATH=$PATH:/usr/local/go/bin \
+  && echo "===> Building avscan Go binary..." \
+  && cd /go/src/github.com/maliceio/malice-windows-defender \
+  && export GOPATH=/go \
+  && go version \
+  && go get \
+  && go build -ldflags "-X main.Version=$(cat VERSION) -X main.BuildTime=$(date -u +%Y%m%d)" -o /bin/avscan \
+  && echo "===> Clean up unnecessary files..." \
+  && apt-get purge -y --auto-remove $buildDeps $(apt-mark showauto) \
+  && apt-get clean \
+  && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives /tmp/* /var/tmp/* /go /usr/local/go
+
+# Add EICAR Test Virus File to malware folder
+ADD http://www.eicar.org/download/eicar.com.txt /malware/EICAR
+
+WORKDIR /malware
+
+ENTRYPOINT ["/bin/avscan"]
+CMD ["--help"]
diff --git a/Makefile b/Makefile
@@ -0,0 +1,21 @@
+REPO=malice
+NAME=windows-defender
+VERSION=$(shell cat VERSION)
+
+all: build size test
+
+build:
+	docker build -t $(REPO)/$(NAME):$(VERSION) .
+
+size:
+	sed -i.bu 's/docker image-.*-blue/docker image-$(shell docker images --format "{{.Size}}" $(REPO)/$(NAME):$(VERSION))-blue/' README.md
+
+tags:
+	docker images --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" $(REPO)/$(NAME)
+
+test:
+	docker run --init --rm $(REPO)/$(NAME):$(VERSION)
+	docker run --init --rm $(REPO)/$(NAME):$(VERSION) -V EICAR > results.json
+	cat results.json | jq .
+
+.PHONY: build size tags test
diff --git a/VERSION b/VERSION
@@ -0,0 +1 @@
+0.1.0
Original file line number	Diff line number	Diff line change
Expand Up		@@ -12,3 +12,4 @@

		# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
		.glide/
		*.bu