403Webshell
Server IP : 66.29.132.122  /  Your IP : 3.137.198.239
Web Server : LiteSpeed
System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : admazpex ( 531)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /proc/self/root/proc/self/root/proc/thread-self/root/proc/self/root/opt/imunify360/venv/lib64/python3.11/site-packages/imav/plugins/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /proc/self/root/proc/self/root/proc/thread-self/root/proc/self/root/opt/imunify360/venv/lib64/python3.11/site-packages/imav/plugins/event_hook_executor.py
"""
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
"""
from defence360agent.contracts.hook_events import HookEvent
from defence360agent.contracts.messages import MessageType
from defence360agent.contracts.plugins import (
    expect,
)
from defence360agent.hooks.execute import execute_hooks
from defence360agent.plugins.event_hook_executor import EventHookExecutor
from imav.malwarelib.config import MalwareHitStatus
from imav.malwarelib.model import MalwareHit

EVENTS = (
    HookEvent.MalwareScanningStarted,
    HookEvent.MalwareScanningFinished,
    HookEvent.MalwareCleanupStarted,
    HookEvent.MalwareCleanupFinished,
    HookEvent.MalwareDetectedCritical,
)


async def detected_hook(
    sink, scan_id, scan_type, started, path, total, error=None
):
    total_malicious, hits = MalwareHit.malicious_list(
        by_scan_id=scan_id, ignore_cleaned=True
    )
    if hits:
        malware_detected = HookEvent.MalwareDetectedCritical(
            scan_id=scan_id,
            scan_type=scan_type,
            error=error,
            started=started,
            path=path,
            total_files=total,
            total_malicious=total_malicious,
            DUMP=hits,
        )
        await sink.process_message(malware_detected)


class ImavEventHookExecutor(EventHookExecutor):
    @expect(*EVENTS)
    async def receive_event(self, event):
        self._loop.create_task(execute_hooks(event))

    @expect(MessageType.MalwareCleanup)
    async def process_malware_cleanup(self, message):
        error = message["error"]
        status = "failed" if error else "ok"

        hits = message["hits"]
        cleaned = [h for h in hits if h.status in MalwareHitStatus.RESTORABLE]
        dump = [hit.as_dict() for hit in hits]

        malware_cleanup = HookEvent.MalwareCleanupFinished(
            cleanup_id=message["cleanup_id"],
            started=message["started"],
            error=error,
            total_files=len(hits),
            total_cleaned=len(cleaned),
            status=status,
            DUMP=dump,
        )
        await self._sink.process_message(malware_cleanup)

    @expect(MessageType.MalwareScan)
    async def process_malware_scan(self, message):
        summary = message["summary"]

        # Message without summary means that detached scan is finished
        #  and summary will arrive along with results in another message - this
        #  is when the hooks should be called.
        if not summary.get("path"):
            return

        await detected_hook(
            self._sink,
            summary["scanid"],
            summary["type"],
            summary["started"],
            summary["path"],
            summary["total_files"],
            summary["error"],
        )

    @expect(MessageType.MalwareDatabaseScan)
    async def process_malware_db_scan(self, message):
        await detected_hook(
            self._sink,
            message.scan_id,
            message.type,
            message.started,
            message.path,
            message.total_resources,
            message.error,
        )

Youez - 2016 - github.com/yon3zu
LinuXploit