使用PHP在Windows下扫描恶意软件的上传文件 [英] Scan uploaded files for malwares under Windows using PHP
问题描述
我实际上想要扫描恶意软件上传的文件并返回值安全或被感染者:X
您认为Windows可以使用免费的图书馆吗?
你知道是否有付费软件可以做到这一点(甚至使用命令行)吗? 我设法在Windows 2008 Server上安装ClamWin。 (的ClamWin-0.97.6)。我创建了 eicar.txt 文件来测试检测:
X5O!P%@ AP EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$ H + H *
$ b $ [4 \PZX54(P ^)7CC) b
创建 test.php 文件:
<?php
$ file ='C:/Users/Localadmin/Desktop/testfile/eicar.txt'; //被感染的测试文件
$ db ='C:/ Documents and Settings / All Users / .clamwin / db /'; //病毒定义数据库的路径
$ scan_result = shell_exec(D:/ programs / clamwin / bin / clamscan --database = $ db $ file);
echo $ scan_result;
?>
它给了我这个结果:
Eicar-Test-Signature FOUND
-----------扫描总结-----------
已知病毒:1568163
引擎版本:0.97.6
扫描的目录:0
扫描的文件:1
被感染的文件:1
扫描的数据:0.00 MB
数据读取:0.00 MB(比率0.00:1)
时间:7.363秒(0 m 7 s)
您可以处理字符串 $ scan_result 来确定在'感染文件后返回了什么数字。 b
我将使用它扫描通过表单上传的文件,由于扫描需要时间(7秒),我将使用一些ajax脚本,它可以很好地将反馈返回给用户,例如上传文件... 和扫描病毒...
I'm trying to install ClamAV on Windows but I can't find how to.
What I want actually is to scan for malwares uploaded files and return a value like "safe" or "Infected by: X"
Do you think it's possible on Windows using a free library?
Do you know if there is a paid software that can do this (even using command-line)?
I managed to do it by installing ClamWin on the Windows 2008 Server. (clamwin-0.97.6). I created the eicar.txt file in order to test detection:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Created test.php file:
<?php
$file = 'C:/Users/Localadmin/Desktop/testfile/eicar.txt'; // infected test file
$db = '"C:/Documents and Settings/All Users/.clamwin/db/"'; // path to database of virus definition
$scan_result = shell_exec("D:/programs/clamwin/bin/clamscan --database=$db $file");
echo $scan_result;
?>
It gives me this result:
Eicar-Test-Signature FOUND
----------- SCAN SUMMARY -----------
Known viruses: 1568163
Engine version: 0.97.6
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 7.363 sec (0 m 7 s)
Than you can process the string $scan_result to figure out what number has been returned after 'Infected files: '.
I will be using it to scan files uploaded via form and since the scanning takes time (7 seconds) I will use some ajax script which can nicely return feedback to the user such "Uploading file..." and "Scanning for viruses..."
这篇关于使用PHP在Windows下扫描恶意软件的上传文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
