8 posts
Posted 19 June 2014 - 10:46 PM
This app was created in about 30 minutes (about a few hours after 0.2 was released) and is a Virus protector for CraftOS, this was created to be used on servers and other WAN networks that lots of people can join.
This will remove the basic Virus so far, and will be able to be compatible with removing other known Viruses as I find them out. This is also given a look to mimic (or at least try) the Windows XP Restoring/other amazing stuff screen.
COMMENT KNOWN VIRUSES PLEASE! THEY WILL GET IMPLEMENTED IN A QUICK UPDATE!
Version 0.2 Changelog:
-removed fake progress bar
-recoded everything
-partially compatible with LabyOS (WIP)
-Optional Virus check (basic and advanced) (basic just checks the front page of files where advanced checks some folders I've made compatible)
Download:
Virus protector: pastebin get SJ6N5gme (REMOVE OLD VERSION)
Any problems or just something you want to say, write it in the comments!
Edited on 19 June 2014 - 09:39 PM
570 posts
Posted 19 June 2014 - 11:05 PM
If this ever deletes a virus, I'll be surprised.
But in all honesty, we expect programs here that took time and effort to make and if your post states that it took three minutes, then you're doing something wrong.
I'm aware that you're probably going to update this but please don't post it if it's not even close to complete. You can post WIPs in the general section to anticipate people for your program.
8 posts
Posted 19 June 2014 - 11:08 PM
Oh right, thank you I'll do that in future. But yes at the moment there are only the basic viruses it deletes, I need someone that knows most of the popular ones that are on servers so I can make an update for this to sort that problem out. And I didn't mean literally 3 mins but that was to perspective
376 posts
Location
[string "FindMe"]:23143: bad argument #1 to 'returnPos' (vector expected, got nil)
Posted 19 June 2014 - 11:12 PM
Please no fake load bar
45 posts
Posted 19 June 2014 - 11:18 PM
It just removes any program that has the name virus or trojan in it
8 posts
Posted 19 June 2014 - 11:30 PM
Currently I've removed that fake progress bar, recoded everything, and am now wanting to know what people on their servers call their Viruses. I'll release this update but I will need to know names as so far it's just "Virus" and "trojan"
1852 posts
Location
Sweden
Posted 19 June 2014 - 11:32 PM
Well.. this is.. kinda useless( no offense ) :P/>
I mean, if someone actually created a virus, do you believe they would name it virus/trojan? A better approach would be to check the code of each file on the computer.
570 posts
Posted 19 June 2014 - 11:35 PM
Currently I've removed that fake progress bar, recoded everything, and am now wanting to know what people on their servers call their Viruses. I'll release this update but I will need to know names as so far it's just "Virus" and "trojan"
It's generally a bad idea to judge whether a program is a virus or not by its name. You should check it by its contents. To accomplish that, you can hash a file and compare its hash with any of the hashes on your database. To make it more efficient, you should remove all spaces before hashing, so that an extra newline at the end of the file won't confuse it.
8 posts
Posted 19 June 2014 - 11:45 PM
sorry this going to sound bad but, how to hash files? I don't normally check anything by it's content, just by names and I'm pretty new to better LUA
28 posts
Posted 19 June 2014 - 11:52 PM
You should make it check a table, and from there if a existing file has the same name as a value in the assigned table it will delete it.
Example:
Spoiler
vLibrary = {"virus", "trojan"}
files = fs.list("/")
for i,v in pairs(files) do
if vLibrary[v] ~= nil then
fs.delete(v)
end
end
1852 posts
Location
Sweden
Posted 20 June 2014 - 12:08 AM
You should make it check a table, and from there if a existing file has the same name as a value in the assigned table it will delete it.
Example:
Spoiler
vLibrary = {"virus", "trojan"}
files = fs.list("/")
for i,v in pairs(files) do
if vLibrary[v] ~= nil then
fs.delete(v)
end
end
It still isn't so smart to delete files depending on their name, as I said above, those who create viruses usually don't name them virus/trojan.
If you want a really simple way of check it's content then here's a code snippet
local keywords = {
["rawset"] = "Destroy your computer! D-:";
["fs"] = "Access filesystem";
}
--# This is a function that theoriginalbit created
local function fsList(start)
local function yieldFsList(startPath)
local list = fs.list(startPath)
for _, file in ipairs(list) do
local path = fs.combine(startPath, file)
if fs.isDir(path) then
yieldFsList(path)
else
coroutine.yield(path, file)
end
end
end
return coroutine.wrap(function() yieldFsList(start or "/") end)
end
for fullpath, name in fsList("/") do --# Loop through all files on the computer
local f = fs.open( fullpath, "r" ) --# open the file in mode 'r' to read the file
local code = f.readAll() --# Assign the read data to the variable code
f.close() --# Close the file when done
for i, v in pairs( keywords ) do --# Loop through all the keywords
if code:find( i ) then --# Check if you find any of the keywords in the code
print( "Potentionally dangerous file: " .. fullpath .. ": trying to :" .. v )
end
end
end
Even though this is more efficient than checking filenames you can't be sure that it's a virus, lot's of programs use fs and some use rawset. But that doesn't mean it's a virus :P/>
28 posts
Posted 20 June 2014 - 12:22 AM
Even though this is more efficient than checking filenames you can't be sure that it's a virus, lot's of programs use fs and some use rawset. But that doesn't mean it's a virus
In that case:
Spoiler
local falsePositives = {"directory/file1", "safeFile", "direc1/direc2/file"}
local keywords = {
["rawset"] = "Destroy your computer! D-:";
["fs"] = "Access filesystem";
}
local function fsList(start)
local function yieldFsList(startPath)
local list = fs.list(startPath)
for _, file in ipairs(list) do
if falsePositives[file] == nil then -- #Checks if the file isn't in the table 'falsePositive'
local path = fs.combine(startPath, file)
if fs.isDir(path) then
yieldFsList(path)
else
coroutine.yield(path, file)
end
end
end
end
return coroutine.wrap(function() yieldFsList(start or "/") end)
end
for fullpath, name in fsList("/") do
local f = fs.open( fullpath, "r" )
local code = f.readAll()
f.close() --# Close the file when done
for i, v in pairs( keywords ) do
if code:find( i ) then
print( "Potentionally dangerous file: " .. fullpath .. ": trying to :" .. v )
end
end
end
You could get an input from the user which you can then add to a table (in this case I named the table 'falsePositives') to avoid the Anti-Virus from accidently deleting the file
3790 posts
Location
Lincoln, Nebraska
Posted 20 June 2014 - 03:24 AM
You're encouraging others to post known viruses, and you are only looking for specific filenames. Who in their right mind is going to be creating a virus, and name it "virus"? Nobody, that's who.