Hacked By AnonymousFox

Current Path : /opt/imunify360/venv/lib/python3.11/site-packages/imav/malwarelib/cleanup/__pycache__/
Upload File :
Current File : //opt/imunify360/venv/lib/python3.11/site-packages/imav/malwarelib/cleanup/__pycache__/cleaner.cpython-311.pyc

�

��gT0���dZddlZddlZddlZddlZddlZddlZddlZddlm	Z	ddl
mZddlm
Z
ddlmZmZmZmZmZmZmZddlmZmZmZddlmZdd	lmZdd
lmZm Z m!Z!m"Z"ddl#m$Z$ddl%m&Z&dd
l'm(Z(m)Z)m*Z*ej+e,��Z-d!d�Z.Gd�de*��Z/Gd�de)��Z0Gd�de*��Z1dee2e3fde3fd�Z4Gd�de5��Z6Gd�dee2e6f��Z7Gd�d��Z8Gd�de � ��Z9dS)"u

This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
�N)�defaultdict)�suppress)�islice)�Callable�Dict�List�Optional�Set�Tuple�Union)�Malware�MalwareSignatures�MyImunifyConfig)�MessageType)�&ms_clean_requires_myimunify_protection)�RecurringCheckStop�	Singleton�base64_encode_filename�recurring_check)�MalwareTune)�
MalwareHit)�RevisiumCSVFile�RevisiumJsonFile�RevisiumTempFilec�Z�tjrt||��St||��S�N)r�USE_JSON_REPORTrr��tempdir�modes  �T/opt/imunify360/venv/lib/python3.11/site-packages/imav/malwarelib/cleanup/cleaner.py�cleaner_result_instancer"<s-���"�/����.�.�.��7�D�)�)�)�c��eZdZdS)�MalwareCleanerLogN)�__name__�
__module__�__qualname__�r#r!r%r%Bs�������Dr#r%c�>�eZdZdZdZed��d���ZdS)�MalwareCleanerProgressz+
    Get progress from external source
    r�c���K�	|���}n-#t$rt���tj$rYdSwxYw|d}||jz
|c}|_||��dS)N�current)�read�FileNotFoundErrorr�json�JSONDecodeError�	_progress)�self�callback�data�progress�	increments     r!�watchzMalwareCleanerProgress.watchMs�����	��9�9�;�;�D�D�� �	'�	'�	'�$�&�&�&��#�	�	�	��F�F�	�����	�?��$,�t�~�$=�x�!�	�4�>��������s��&A�AN)r&r'r(�__doc__r3rr9r)r#r!r+r+FsI���������I��_�Q���������r#r+c��eZdZd�ZdS)�MalwareCleanupFileListc��|j�d��5}|�d�|D����ddd��dS#1swxYwYdS)N�wbc3�:K�|]}t|��dzV��dS)�
N)r)�.0�fs  r!�	<genexpr>z/MalwareCleanupFileList.write.<locals>.<genexpr>`s0����M�M�q�/��2�2�U�:�M�M�M�M�M�Mr#)�_path�open�
writelines)r4�filelist�ws   r!�writezMalwareCleanupFileList.write^s���
�Z�_�_�T�
"�
"�	N�a�
�L�L�M�M�H�M�M�M�M�M�M�	N�	N�	N�	N�	N�	N�	N�	N�	N�	N�	N�	N����	N�	N�	N�	N�	N�	Ns� A�A�AN)r&r'r(rIr)r#r!r<r<]s(������N�N�N�N�Nr#r<�value�returnc�D�	t|��S#t$rYdSwxYw)zbConvert str|int to int, in case errors return -2
    -1 used as default value when storing CH
    ���)�int�
ValueError)rJs r!�
_parse_intrPcs5����5�z�z��������r�r����s��
�c�b��eZdZdeeeeefff�fd�Zd�Zd�Z	d�Z
d�Zd�Z�xZ
S)�CleanupResultEntryr6c�2��t���t|�dd����t|�dd����|d|dt|�dd�������dS)N�d����e�srB�r)rTrVrWrBrX)�super�__init__rP�get)r4r6�	__class__s  �r!rZzCleanupResultEntry.__init__ns����	���������#�r�*�*�+�+�����#�r�*�*�+�+��3�i��3�i�����#�r�*�*�+�+�	�	
�	
�	
�	
�	
r#c���|���s|���rdS|ddkr#t�d|d��dS|ddko|ddkS)	NFrV�z2File has changed, assuming that it was cleaned: %srBTrrT)�	is_failed�requires_myimunify_protection�logger�warning�r4s r!�
is_cleanedzCleanupResultEntry.is_cleaned�sz���>�>���	�t�A�A�C�C�	��5���9��>�>��N�N�D�d�3�i�
�
�
��4��C�y�A�~�0�$�s�)�q�.�0r#c�\�|���o|ddko|ddkS)NrVrrT�r_rcs r!�
is_removedzCleanupResultEntry.is_removed�s/���>�>�#�#�#�H��S�	�Q��H�4��9�q�=�Hr#c��|ddkS)NrX�r)rcs r!r_zCleanupResultEntry.is_failed�����C�y�A�~�r#c��|ddkS)NrXr,r)rcs r!r`z0CleanupResultEntry.requires_myimunify_protection�rjr#c�D�|���o|ddkS)NrV�rfrcs r!�	not_existzCleanupResultEntry.not_exist�s"���>�>�#�#�#�6��S�	�Q��6r#)r&r'r(r�strrrNrZrdrgr_r`rn�
__classcell__�r\s@r!rRrRms��������
�T�#�u�S�#�X��"6�7�
�
�
�
�
�
�$
1�
1�
1�I�I�I�������7�7�7�7�7�7�7r#rRc���eZdZdZd	�fd�	Zedeeefdefd���Z	deeeff�fd�Z
deeeff�fd�Z�xZS)
�
CleanupResultz5
    Cleanup result container for result entries
    Nc�f��|r-t���d�|D����dSdS)Nc�:�i|]}|dt|����S)rB)rR)rArVs  r!�
<dictcomp>z*CleanupResult.__init__.<locals>.<dictcomp>�s'��L�L�L��a��f�&8��&;�&;�L�L�Lr#)rYrZ)r4�reportr\s  �r!rZzCleanupResult.__init__�sE����	N��G�G���L�L�V�L�L�L�M�M�M�M�M�	N�	Nr#�hitrKc�$�t|d|��S)N�	orig_file)�getattr)rxs r!�__keyzCleanupResult.__key�s���s�K��-�-�-r#c�l��t���|�|����Sr)rY�__contains__�_CleanupResult__key�r4rxr\s  �r!r~zCleanupResult.__contains__�s%����w�w�#�#�D�J�J�s�O�O�4�4�4r#c�l��t���|�|����Sr)rY�__getitem__rr�s  �r!r�zCleanupResult.__getitem__�s%����w�w�"�"�4�:�:�c�?�?�3�3�3r#r)
r&r'r(r:rZ�staticmethodrrorrr~r�rprqs@r!rsrs�s����������N�N�N�N�N�N��.�5��j��)�.�c�.�.�.��\�.�5��c�:�o� 6�5�5�5�5�5�5�4�u�S�*�_�5�4�4�4�4�4�4�4�4�4�4r#rsc��eZdZdZejZdd�Zdddd�d�Zede	de
ed	ed
e
ede
ef
d���Zd
efd�Z			ddeee
ee
effd�Zedededefd���ZdS)�MalwareCleanerz/opt/ai-bolit/procu2.phpNc�r�|r|ntj��|_t��|_||_dSr)�asyncio�get_event_loop�_loop�MalwareCleanupProxy�_proxy�_sink)r4�loop�sinks   r!rZzMalwareCleaner.__init__�s3��!�?�T�T�w�'=�'?�'?��
�)�+�+�����
�
�
r#T)�	blacklist�use_csv�
standard_onlyc
�P�d|jddddd|zdd|zg	}
|r|
�d	|z��|
�d
|zd|zg��tjr|
�d��|r|
�d
|zg��n|
�d|zg��|	r|
�dg��t
j�|j��r/|
�d��|
�|j��|r|
�d��|
S)Nz/opt/ai-bolit/wrapperz
--deobfuscatez
--nobackupz--forcibly_cleanupz--rescanz	--list=%sz--input-fn-b64-encodedz
--username=%sz--black-list=%sz--log=%sz
--progress=%sz--disable-cloudavz--csv_result=%sz--result=%sz--standard-onlyz--avdbz--soft)	�
PROCU_PATH�append�extendr
�CLEANUP_DISABLE_CLOUDAV�os�path�exists�PROCU_DB)r4�filename�
progress_path�result_path�log_path�soft�usernamer�r�r��cmds           r!�_cmdzMalwareCleaner._cmd�sZ��
$��O��� ���(�"�$��h�&�

���	6��J�J�(�9�4�5�5�5��
�
��X�%��-�/�
�	
�	
�	
��*�	,��J�J�*�+�+�+��	6��J�J�)�K�7�8�9�9�9�9��J�J�
��3�4�5�5�5��	,��J�J�)�*�+�+�+�
�7�>�>�$�-�(�(�	&��J�J�x� � � ��J�J�t�}�%�%�%��	!��J�J�x� � � ��
r#�excr��
returncode�stdout�stderrc	��t|jj|||�|�d���nd|�|�d���nd���S)N�replace)�errors�)�	exception�return_code�command�out�err)�dictr\r&�decode)r�r�r�r�r�s     r!�_get_cleaner_error_infoz&MalwareCleaner._get_cleaner_error_info�s_����m�,�"��39�3E��
�
�Y�
�/�/�/�2�39�3E��
�
�Y�
�/�/�/�2�
�
�
�	
r#�infoc��BK�|jr�	tji|�dtt	j����i���}|j�|���d{V��dS#tj$r�t$rt�
d��YdSwxYwdS)N�	timestampz-Exception while sending CleanupFailed message)r�r�
CleanupFailedrN�time�process_messager��CancelledError�	Exceptionrar�)r4r��msgs   r!�_send_cleanup_failed_messagez+MalwareCleaner._send_cleanup_failed_message�s������:�	�

�!�/�?�t�?��S�����-=�-=�>�?�����j�0�0��5�5�5�5�5�5�5�5�5�5�5���)�
�
�
���
�
�
�� � �C�������
����	�	s�AA%�%3B�BrKc��~K�tj��}t|���}t|t��}|�||��}t
|d���5}	t
|d���5}
t|���5}|5}t|���5}
|	�	|��|r|
�	|��|j
�|�|j
j����|r8|�|	j|j|j|
j|||
j||��	�	}n1|�|	j|j|j|
j||||���}t"�dd�|����d\}}d}	t)jj|t*jt*jd	���d{V��}|����d{V��\}}|���}�n�#t(j$rD|r@t7t8��5|���ddd��n#1swxYwY�t<$�r&}|�|||r|j nd
||�	��}t"�!d|�"d���d
�|�"d���d|�"d����i|�d|i����|�#i|�tItK|���������d{V��tM��tO|��|fcYd}~cddd��cddd��cddd��cddd��cddd��Sd}~wwxYwtM|��d|fcddd��cddd��cddd��cddd��cddd��S#1swxYwYddd��n#1swxYwYddd��n#1swxYwYddd��n#1swxYwYddd��dS#1swxYwYdS)N)ri�r)r�r�r�r�)r�r�r�zExecuting %s� )r#r#)r�r��~zCleanup failed exit_code=r�z: %sr�r�r�)�extra)�message)(�tempfile�
gettempdirr"�
isinstancer�is_standard_onlyr<r+r%rIr��create_taskr9r��progress_cbr�r�ra�debug�joinr��
subprocess�create_subprocess_exec�PIPE�communicater/r�r�ProcessLookupError�	terminater�r�r��errorr[r�r�rors�repr)r4�userrGr�r�r�r�result_filer��flist�blkr7�result�logr�r�r��procrwr�r�s                     r!�startzMalwareCleaner.starts������%�'�'��-�g�>�>�>���[�/�:�:���-�-�d�M�B�B�
�
#��%�
�
�
�I	4�
�*��%�
�
�
�I	4��(��
�
�
�	I	4��{�
I	4�'-�.?��/
�/
�/
�
I	4���K�K��!�!�!��
%��	�	�)�$�$�$��J�"�"�8�>�>�$�+�2I�#J�#J�K�K�K��
��i�i��N��%��O��L��!�!�l�#�"/� �
�
����i�i��N��%��O��L��!�#�"/� �	�	��
�L�L�����#���7�7�7��H�C���D�
7�$�/�F��%�?�%�?�����������
"&�!1�!1�!3�!3�3�3�3�3�3�3���S����������)�
�
�
��)�!�"4�5�5�)�)����(�(�(�)�)�)�)�)�)�)�)�)�)�)����)�)�)�)���
7�
7�
7��3�3���'+�4�D�O�O����4�������M�����0G�0G�M�M�M��x�x����:�:����%���:�:�4�T�4�;��4�4�����
�7�7�6�t�6�t�C��H�H�5�5�5�6����������%����S�	�	�3�6�6�6�6�6�6�OI	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�����l
7����&!��(�(�$��3�SI	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4����I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4����I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4����I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4����I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4�I	4����I	4�I	4�I	4�I	4�I	4�I	4s#�"P2�4P�P�O,	�DO�A"H
�O�%N
�'I�<N
�I�N
�I�N
�CM?
�=N
�>O�O,	�P�P�&P2�?N
�O�O,	�$P�0P�<P2�O�O,	�O�O,	� P�,O0
�0P�3O0
�4P�7P�P�P�
P�P�P2�P	�P2�!P	�"P2�2P6�9P6r�r�c��dS)z@Check if only standard signatures should be applied for the userF)r�ENABLEDr)r�r�s  r!r�zMalwareCleaner.is_standard_only_s	��
�ur#�NN)TNN)r&r'r(r�rr�rZr�r�r�rrorNr	�bytesr�r�r�rrsr��boolr�r)r#r!r�r��sM������+�J� �)�H��������1�1�1�1�1�f�

�
�

�
�#�Y�

��

����	

�
���

�

�

��\�

��t�����$���
V4�V4�
�}�h�s�m�T�#�Y�6�	7�V4�V4�V4�V4�p�
�s�
�4�
�D�
�
�
��\�
�
�
r#r�c�V�eZdZdZ	d�Zd�Zdeeeeee	ffd�Z
dd�Zd�Zd	�Z
d
S)r�i'c�T�dx|_|_tt��|_dS�Nr)r.�totalr�set�hitsrcs r!rZzMalwareCleanupProxy.__init__vs#��$%�%���t�z���$�$��	�	�	r#c�P�|j|||||f�|��dSr)r��update)r4�cause�	initiator�post_action�scan_idr�r�s       r!�addzMalwareCleanupProxy.addzs+���	�
�I�{�G�]�C�	
�
�&��,�,�,�,�,r#rKc#�K�|jr�|j���\}}t|��}tt	||j����}t
|d��}|�@|j|�|��|j|�|��|xj	t|��z
c_	g|�|�RV�|j��dSdSr)r��popitem�iterr�r�_CHUNK_SIZE�nextr�r�r��len)r4�	scan_infor��all_hits�
remaining_hits     r!�flushzMalwareCleanupProxy.flushs������i�	#�"�i�/�/�1�1�O�I�t��D�z�z�H��v�h��(8�9�9�:�:�D� ��4�0�0�M��(��	�)�$�(�(��7�7�7��	�)�$�+�+�H�5�5�5��J�J�#�d�)�)�#�J�J�"�9�"�d�"�"�"�"�"��i�	#�	#�	#�	#�	#r#ric�&�|xj|z
c_dSr)r.)r4r8s  r!r�zMalwareCleanupProxy.progress_cb�s�����	�!����r#c�"�dx|_|_dSr�)r.r�rcs r!�resetzMalwareCleanupProxy.reset�s��$%�%���t�z�z�zr#c��	t|j|jt|j��zzdz��S#t
$rYdSwxYw)N�d)rNr.r�r�r��ZeroDivisionErrorrcs r!�get_progressz MalwareCleanupProxy.get_progress�sR��	��t�|�t�z�C��	�N�N�'B�C�c�I�J�J�J�� �	�	�	��4�4�	���s�36�
A�AN)ri)r&r'r(r�rZr�rrorr
r�r�r�r�r)r#r!r�r�ps��������K��%�%�%����

#�u�S�#�x��c�9�:�
#�
#�
#�
#�"�"�"�"�&�&�&�����r#r�)�	metaclassr�):r:r�r1�loggingr�r�r�r��collectionsr�
contextlibr�	itertoolsr�typingrrrr	r
rr� defence360agent.contracts.configr
rr�"defence360agent.contracts.messagesr�%defence360agent.contracts.permissionsr�defence360agent.utilsrrrr�imav.contracts.configr�imav.malwarelib.modelr�imav.malwarelib.utils.revisiumrrr�	getLoggerr&rar"r%r+r<rorNrPr�rRrsr�r�r)r#r!�<module>rs\����*������������	�	�	�	�������������#�#�#�#�#�#�������������D�D�D�D�D�D�D�D�D�D�D�D�D�D�D�D�D�D�����������
;�:�:�:�:�:�������������������.�-�-�-�-�-�,�,�,�,�,�,�����������
��	�8�	$�	$��*�*�*�*�	�	�	�	�	�(�	�	�	������-����.N�N�N�N�N�-�N�N�N��e�C��H�o��#�����)7�)7�)7�)7�)7��)7�)7�)7�X4�4�4�4�4�D��0�0�1�4�4�4�(@�@�@�@�@�@�@�@�F(�(�(�(�(�I�(�(�(�(�(�(r#

Hacked By AnonymousFox1.0, Coded By AnonymousFox