API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 16th, 2019
93
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.74 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Linq;
  4. using System.Text;
  5. using System.Threading.Tasks;
  6. using System.IO;
  7.  
  8. using System.Runtime.InteropServices;
  9. using System.Security.Permissions;
  10. //create 2 folders
  11.  
  12.  
  13. //transfer data placed in one to the other after checking
  14. //virus status
  15. //check inca connection
  16. //check power connection
  17. //antivirus scan
  18. //create source folder
  19. //check drive capacity
  20.  
  21. namespace Updates
  22. {
  23. class Program
  24. {
  25.  
  26. [DllImport("Amsi.dll", EntryPoint = "AmsiInitialize", CallingConvention = CallingConvention.StdCall)]
  27. public static extern int AmsiInitialize([MarshalAs(UnmanagedType.LPWStr)]string appName, out IntPtr amsiContext);
  28.  
  29. [DllImport("Amsi.dll", EntryPoint = "AmsiUninitialize", CallingConvention = CallingConvention.StdCall)]
  30. public static extern void AmsiUninitialize(IntPtr amsiContext);
  31.  
  32. [DllImport("Amsi.dll", EntryPoint = "AmsiOpenSession", CallingConvention = CallingConvention.StdCall)]
  33. public static extern int AmsiOpenSession(IntPtr amsiContext, out IntPtr session);
  34.  
  35. [DllImport("Amsi.dll", EntryPoint = "AmsiCloseSession", CallingConvention = CallingConvention.StdCall)]
  36. public static extern void AmsiCloseSession(IntPtr amsiContext, IntPtr session);
  37.  
  38. [DllImport("Amsi.dll", EntryPoint = "AmsiScanString", CallingConvention = CallingConvention.StdCall)]
  39. public static extern int AmsiScanString(IntPtr amsiContext, [InAttribute()] [MarshalAsAttribute(UnmanagedType.LPWStr)]string @string, [InAttribute()] [MarshalAsAttribute(UnmanagedType.LPWStr)]string contentName, IntPtr session, out AMSI_RESULT result);
  40. [DllImport("Amsi.dll", EntryPoint = "AmsiScanBuffer", CallingConvention = CallingConvention.StdCall)]
  41. public static extern int AmsiScanBuffer(IntPtr amsiContext, byte[] buffer, ulong length, string contentName, IntPtr session, out AMSI_RESULT result);
  42.  
  43. //This method apparently exists on MSDN but not in AMSI.dll (version 4.9.10586.0)
  44. [DllImport("Amsi.dll", CharSet = CharSet.Unicode, CallingConvention = CallingConvention.StdCall)]
  45. public static extern bool AmsiResultIsMalware(AMSI_RESULT result);
  46.  
  47.  
  48. static void Main(string[] args)
  49. {
  50. PaintCar(CarColor.blue);
  51. bool xxx;
  52. string sourcePath = @"D:\TestSource";
  53. string destinationPath = @"D:\TestDestination";
  54. Find:
  55. string[] move = Directory.GetFiles(sourcePath, "*.*", SearchOption.AllDirectories);
  56. if (move.Length != 0)
  57. {
  58. xxx = true;
  59. foreach (string file in move)
  60. {
  61. //check file size
  62. //check drive capacity
  63. string a = Path.GetFullPath(file);
  64.  
  65. string files = Path.GetFileName(file);
  66. string fileContent = File.ReadAllText(file);
  67.  
  68. CallAntimalwareScanInterface(fileContent, files);
  69.  
  70. string dstfile = Path.Combine(destinationPath, files);
  71. if (File.Exists(dstfile))
  72. {
  73. dstfile = dstfile + "copy";
  74. File.Move(a, dstfile);
  75. //File.Delete(e.FullPath); // For example
  76. }
  77. else
  78. {
  79. File.Move(a, dstfile);
  80.  
  81.  
  82. }
  83.  
  84. Console.WriteLine("{a} is in directory {file}");
  85.  
  86. }
  87.  
  88. }
  89.  
  90. else
  91. {
  92. xxx = false;
  93. Console.WriteLine("Empty");
  94. System.Threading.Thread.Sleep(20000);
  95.  
  96. }
  97. goto Find;
  98.  
  99. }
  100.  
  101. static void CallAntimalwareScanInterface(string fileContent, string fileName)
  102. {
  103. IntPtr amsiContext;
  104. IntPtr session;
  105. AMSI_RESULT result = 0;
  106. int returnValue;
  107.  
  108. //implement for bytes
  109.  
  110.  
  111. //returnValue = AmsiScanBuffer
  112.  
  113.  
  114. //implement for stream
  115. //check data type
  116.  
  117. returnValue = AmsiInitialize("AliceLocalUpdates", out amsiContext);
  118. returnValue = AmsiOpenSession(amsiContext, out session);
  119. //returnValue = AmsiScanString(amsiContext, @"X5O!P % @AP[4\PZX54(P ^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*", "EICAR", session, out result);
  120. returnValue = AmsiScanString(amsiContext, fileContent, fileName, session, out result);
  121. // AmsiResultIsMalware(result);
  122.  
  123. AmsiCloseSession(amsiContext, session);
  124.  
  125. AmsiUninitialize(amsiContext);
  126. Console.WriteLine("{0} in {1} has been checked for virus with result: {2} and return value of {3}", fileName, fileContent, result, returnValue);
  127.  
  128.  
  129. }
  130. static void moveFiles()
  131. {
  132. bool check;
  133.  
  134. }
  135. FileSystemWatcher watcher = new FileSystemWatcher();
  136.  
  137. public enum AMSI_RESULT
  138. {
  139. AMSI_RESULT_CLEAN = 0,
  140. AMSI_RESULT_NOT_DETECTED = 1,
  141. AMSI_RESULT_DETECTED = 32768
  142. }
  143.  
  144.  
  145.  
  146. [PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
  147. private static void Run()
  148. {
  149. //string[] args = Environment.GetCommandLineArgs();
  150. //if (args.Length != 2)
  151. //{
  152. // Console.WriteLine("Usage: Watcher.exe (directory)");
  153. // return;
  154. //}
  155.  
  156. using (FileSystemWatcher watcher = new FileSystemWatcher())
  157. {
  158. //watcher.Path = ;
  159. watcher.NotifyFilter = NotifyFilters.LastAccess
  160. | NotifyFilters.LastWrite
  161. | NotifyFilters.FileName
  162. | NotifyFilters.DirectoryName;
  163. watcher.Filter = "*.*";
  164.  
  165. watcher.Changed += OnChanged;
  166. watcher.Created += OnChanged;
  167. watcher.Deleted += OnChanged;
  168. // watcher.Renamed += OnRenamed;
  169.  
  170. watcher.EnableRaisingEvents = true;
  171.  
  172. Console.WriteLine("Press 'q' to quit");
  173. while (Console.Read() != 'q') ;
  174. }
  175. }
  176.  
  177. //private static void OnRenamed(object sender, RenamedEventArgs e)
  178. //{
  179.  
  180. //}
  181.  
  182. private static void OnChanged(object sender, FileSystemEventArgs e)
  183. {
  184.  
  185. }
  186.  
  187.  
  188. static void GetSum(int number, out int solution)
  189. {
  190. solution = number * 2;
  191.  
  192. }
  193. enum CarColor
  194. {
  195. Orange = 3,
  196. blue,
  197. red = 7,
  198. green
  199.  
  200. }
  201. static void PaintCar(CarColor cc)
  202. {
  203. Console.WriteLine("The color {0} has the code {1}", cc, (int)cc);
  204. }
  205.  
  206. public static void Swap(ref int num1, ref int num2)
  207. {
  208. int temp = num1;
  209. num1 = num2;
  210. num2 = temp;
  211. }
  212.  
  213. public static double getMore(params double[] nums)
  214. {
  215. double sum = 0;
  216. foreach (int num in nums)
  217. {
  218. sum += num;
  219. }
  220. return sum;
  221. }
  222.  
  223. public static void PrintInfo(string name, int zipCode)
  224. {
  225. Console.WriteLine(name, zipCode);
  226. }
  227. //public void CreateFolders(sourceName, destinationFolderName)
  228. //{
  229. // if (!sourceFolderDirectory.Exists())
  230. // {
  231. // //CreateFolders
  232.  
  233. // }
  234. //}
  235. //public void MoveFiles(source, destination)
  236. //{
  237. // if (fileAddedToFolder)
  238. // {
  239. // runVirusScan();
  240. // MoveFilesFromSourceToDestination();
  241. // }
  242. //}
  243.  
  244. }
  245. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!