some small fixes
This commit is contained in:
jakani24
@@ -68,7 +68,7 @@ int main(int argc, char* argv[]) {
|
|||||||
if ((err = selfcheck()) != 0) {
|
if ((err = selfcheck()) != 0) {
|
||||||
log(LOGLEVEL::PANIC, "[main()]:This installation of cyberhex failed the self check! Application may be tampered with!", err);
|
log(LOGLEVEL::PANIC, "[main()]:This installation of cyberhex failed the self check! Application may be tampered with!", err);
|
||||||
log(LOGLEVEL::PANIC, "[main()]:Panic, self check failed, terminating process!");
|
log(LOGLEVEL::PANIC, "[main()]:Panic, self check failed, terminating process!");
|
||||||
Sleep(1000); //wait for the log to be written and swnt to the server
|
Sleep(1000); //wait for the log to be written and sent to the server
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -82,7 +82,6 @@ int main(int argc, char* argv[]) {
|
|||||||
|
|
||||||
// Initialize hash databases
|
// Initialize hash databases
|
||||||
err = initialize(DB_DIR);
|
err = initialize(DB_DIR);
|
||||||
log(LOGLEVEL::INFO_NOSEND, "[main()]:Hash databases initialized.");
|
|
||||||
if (err != 0) {
|
if (err != 0) {
|
||||||
switch (err) {
|
switch (err) {
|
||||||
case 1:
|
case 1:
|
||||||
@@ -99,6 +98,9 @@ int main(int argc, char* argv[]) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
log(LOGLEVEL::INFO_NOSEND, "[main()]:Hash databases initialized.");
|
||||||
|
}
|
||||||
|
|
||||||
// Start a second thread for real-time protection
|
// Start a second thread for real-time protection
|
||||||
if (get_setting("rtp_folder_scan:status") == 1) {
|
if (get_setting("rtp_folder_scan:status") == 1) {
|
||||||
@@ -123,29 +125,28 @@ int main(int argc, char* argv[]) {
|
|||||||
auto start = std::chrono::high_resolution_clock::now();
|
auto start = std::chrono::high_resolution_clock::now();
|
||||||
|
|
||||||
// Check for tasks from user interface
|
// Check for tasks from user interface
|
||||||
//printf("checking for tasks from user interface\n");
|
check_for_com_tasks(MAIN_COM, MAIN_COM_PATH);
|
||||||
if (check_for_com_tasks(MAIN_COM, MAIN_COM_PATH) != 0) {
|
|
||||||
// Log message commented out as this error is expected when the file doesn't exist
|
|
||||||
}
|
|
||||||
// Check for scheduled tasks
|
// Check for scheduled tasks
|
||||||
if (check_for_sched_tasks(SCHED, SCHED_PATH) != 0) {
|
if (check_for_sched_tasks(SCHED, SCHED_PATH) != 0) {
|
||||||
log(LOGLEVEL::ERR, "[main()]:Error opening schedule file in: ", SCHED_PATH);
|
log(LOGLEVEL::ERR, "[main()]:Error opening schedule file in: ", SCHED_PATH);
|
||||||
}
|
}
|
||||||
// Execute tasks from the queue
|
// Execute tasks from the queue
|
||||||
if (can_run_thread()) {
|
if (can_run_thread()) { // check if there is "space" for another run (= if there is not another thread running right now)
|
||||||
int queue_size = get_queue_size();
|
int queue_size = get_queue_size();
|
||||||
for (int i = 0; i < queue_size; i++) {
|
for (int i = 0; i < queue_size; i++) {
|
||||||
start_thread(queue_pop());
|
if (can_run_thread()) //check again if a new thread can be started.
|
||||||
|
start_thread(queue_pop());
|
||||||
|
else
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Sleep to ensure loop takes at least 1 second
|
// Sleep to ensure loop takes at least 1 second, else it will destroy the cpu
|
||||||
auto stop = std::chrono::high_resolution_clock::now();
|
auto stop = std::chrono::high_resolution_clock::now();
|
||||||
auto duration = std::chrono::duration_cast<std::chrono::milliseconds>(stop - start);
|
auto duration = std::chrono::duration_cast<std::chrono::milliseconds>(stop - start);
|
||||||
if (duration.count() < 1000)
|
if (duration.count() < 1000)
|
||||||
Sleep(1000 - duration.count());
|
Sleep(1000 - duration.count());
|
||||||
}
|
}
|
||||||
yr_finalize();
|
yr_finalize();
|
||||||
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -34,18 +34,14 @@ std::mutex yara_scan_mutex;
|
|||||||
int deep_cnt = 0;
|
int deep_cnt = 0;
|
||||||
int deep_all_files = 0;
|
int deep_all_files = 0;
|
||||||
int action_deepscan_is_virus = 0; //flag that is set by the callback function to tell the action_deepscan function if the file is a virus or not. this is needed to talk to the desktop client
|
int action_deepscan_is_virus = 0; //flag that is set by the callback function to tell the action_deepscan function if the file is a virus or not. this is needed to talk to the desktop client
|
||||||
//scan with yara rules
|
|
||||||
//functions to create: action_deepscanfile
|
|
||||||
//deepscan_file_t
|
|
||||||
//action_deepscanfolder
|
|
||||||
//deepscan_folder
|
|
||||||
|
|
||||||
// Load YARA rules from a file and compile them
|
// Load YARA rules from a file and compile them
|
||||||
YR_RULES* load_yara_rules(const char* ruleFilePath, YR_RULES* compiledRules = nullptr) {
|
YR_RULES* load_yara_rules(const char* ruleFilePath, YR_RULES* compiledRules = nullptr) {
|
||||||
// Create a new compiler
|
// Create a new compiler
|
||||||
YR_COMPILER* compiler;
|
YR_COMPILER* compiler;
|
||||||
if (yr_compiler_create(&compiler) != ERROR_SUCCESS) {
|
if (yr_compiler_create(&compiler) != ERROR_SUCCESS) {
|
||||||
std::cerr << "Failed to create YARA compiler." << std::endl;
|
log(LOGLEVEL::ERR_NOSEND, "[load_yara_rules()]: Failed to create YARA compiler.");
|
||||||
return nullptr;
|
return nullptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -44,7 +44,7 @@ std::string queue_pop() {
|
|||||||
std::string ret = queue[queue_end-1];
|
std::string ret = queue[queue_end-1];
|
||||||
queue_end = (queue_end - 1) % queue_limit;
|
queue_end = (queue_end - 1) % queue_limit;
|
||||||
queue_size--;
|
queue_size--;
|
||||||
return ret; // Success
|
return ret;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -409,6 +409,8 @@ void do_quickscan() {
|
|||||||
}
|
}
|
||||||
//general startup folder
|
//general startup folder
|
||||||
scan_folder("C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup");
|
scan_folder("C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup");
|
||||||
|
scan_folder("C:\\Users\\All Users\\Microsoft\\Windows\\Start Menu\\Programs\\Startup");
|
||||||
|
|
||||||
//find every users startupfolder and scan it:
|
//find every users startupfolder and scan it:
|
||||||
std::string user_folder = "C:\\Users\\*";
|
std::string user_folder = "C:\\Users\\*";
|
||||||
std::string user_folder_no_wildcrad = "C:\\Users";
|
std::string user_folder_no_wildcrad = "C:\\Users";
|
||||||
@@ -421,10 +423,8 @@ void do_quickscan() {
|
|||||||
}
|
}
|
||||||
std::string full_path = user_folder_no_wildcrad + "\\" + find_file_data.cFileName + "\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup";
|
std::string full_path = user_folder_no_wildcrad + "\\" + find_file_data.cFileName + "\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup";
|
||||||
scan_folder(full_path);
|
scan_folder(full_path);
|
||||||
//printf("Scanning: %s\n", full_path.c_str());
|
|
||||||
} while (FindNextFile(hFind, &find_file_data) != 0);
|
} while (FindNextFile(hFind, &find_file_data) != 0);
|
||||||
FindClose(hFind);
|
FindClose(hFind);
|
||||||
printf("finished\n");
|
|
||||||
}
|
}
|
||||||
std::ofstream answer_com(ANSWER_COM_PATH, std::ios::app);
|
std::ofstream answer_com(ANSWER_COM_PATH, std::ios::app);
|
||||||
if (answer_com.is_open()) {
|
if (answer_com.is_open()) {
|
||||||
|
|||||||
Reference in New Issue
Block a user