I create a github project: https://github.com/AbMaster/pyClamav Thanks Henri :)
-----Original Message----- From: clamav-devel-boun...@lists.clamav.net [mailto:clamav-devel-boun...@lists.clamav.net] On Behalf Of AB tunForge Sent: mercredi 22 mai 2013 14:24 To: clamav-devel@lists.clamav.net Subject: [Clamav-devel] Contribution: libclamav.dll + Python Hi everyone, I wrote this python code. It shows how to load libclamav.dll and call exported functions to scan a file. # # Python version: 2.7.3 # libclamav.dll version : 0.97.0.0 # # Author: Ab Arous <a...@tunforge.org> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # MA 02110-1301, USA. # import sys from ctypes import * import argparse # JUST SOME CONSTANTS THAT WE NEED IN THIS EXEMPLE CL_INIT_DEFAULT = 0x0 CL_SUCCESS = 0 CL_DB_BYTECODE = 0x2000 CL_SCAN_PE = 0x20 CL_CLEAN = 0 # RETRIEVE THE NAME OF THE FILE TO SCAN FROM THE COMMAND LINE ARGUMENTS parser = argparse.ArgumentParser(description='Sample demo: Using libclamav.dll to scan a file') parser.add_argument('-f', '--file', help='File to scan', required=True) args = parser.parse_args() FILE_TO_SCAN_PATH = args.file # CHECK IF THE FILE EXIST fdesc = open(FILE_TO_SCAN_PATH, "r") if not fdesc: print "PYTHON # File not found: %s" % FILE_TO_SCAN_PATH sys.exit(1) fdesc.close() # CALLING LoadLibrary LIBCLAMAV_PATH = "libclamav.dll" libclam = cdll.LoadLibrary(LIBCLAMAV_PATH) if libclam: print "PYTHON # libclamav loaded : %s " % libclam # INITIALIZATION init = libclam.cl_init(CL_INIT_DEFAULT) if init != CL_SUCCESS: print "PYTHON # Can't initiaize libclamav: %s " % libclam.cl_strerror(init) sys.exit(1) else: print "PYTHON # Initialized " # ENABLE DEBUG MESSAGES # UNCOMMENT CODE BELOW TO SEE DEBUG MESSAGES #libdebug = libclam.cl_debug() #if libdebug: # print "PYTHON # Debug enabled : %s " % libdebug # CREATE NEW ENGINE engine = libclam.cl_engine_new() if not engine: print "PYTHON # Can't create new engine" sys.exit(1) else: print "PYTHON # New engine created : %s " % engine # LOADING SIGNATURES # sigs: WILL HOLD SIGNATURES COUNT sigs = c_uint(0) SIGNATURES_PATH = "." load = libclam.cl_load(SIGNATURES_PATH, engine, byref(sigs),CL_DB_BYTECODE) if load != CL_SUCCESS: print "PYTHON # Can't load signatures : %s " % libclam.cl_strerror(init) libclam.cl_engine_free(engine) sys.exit(1) else: print "PYTHON # Loaded %d signatures : %s " % (sigs.value, load) # COMPILING THE ENGINE compeng = libclam.cl_engine_compile(engine) if compeng != CL_SUCCESS: print "PYTHON # Database initialization error: %s " % libclam.cl_strerror(init) libclam.cl_engine_free(engine) sys.exit(1) else: print "PYTHON # Engine compiled : %s " % compeng # CALLING CL_SCANFILE: # C PROTOTYPE : cl_scanfile(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, unsigned int scanoptions) # PASSING PARAMETERS BY REFENRENCE USING byref() # virname: WILL HOLD MALWARE NAME virname = c_char_p() size = c_int() scanfile = libclam.cl_scanfile(FILE_TO_SCAN_PATH, byref(virname), byref(size), engine, CL_SCAN_PE) if scanfile: print "PYTHON # New Match : %s " % virname.value print " - FILE : %s FOUND : %s " % (FILE_TO_SCAN_PATH, virname.value) elif scanfile == CL_CLEAN: print "PYTHON # No malware detected" else: print "Error: %s " % libclam.cl_strerror(scanfile) libclam.cl_engine_free(engine) sys.exit(1) # FREE MEMORY libclam.cl_engine_free(engine) # # OUTPUT EXEMPLE: # # D:\clamav-win32\code>files.py -f scanme.exe # PYTHON # libclamav loaded : <CDLL 'libclamav.dll', handle 1bc0000 at 1a62250> # PYTHON # Initialized # PYTHON # New engine created : 32051704 # LibClamAV Warning: *********************************************************** # LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** # LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** # LibClamAV Warning: *********************************************************** # PYTHON # Loaded 1267523 signatures : 0 # PYTHON # Engine compiled : 0 # PYTHON # New Match : AB_VIRUS.UNOFFICIAL # - FILE : scanme.exe FOUND : AB_VIRUS.UNOFFICIAL # Maybe you can add it to the examples folder (near: ex1.c). Feedbacks are welcome :) Ab _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
