/********************************** Class: MAGSHIMIM C2 ** Week:

1. /*********************************
2. * Class: MAGSHIMIM C2 *
3. * Week: 8 *
4. * Name: ron sason *
5. * Credits: *
6. **********************************/
7. // https://pastebin.com/iQ6s87fH
8. #include <stdio.h>
9. #include <string.h>
10. #include <stdlib.h>
11. #include "dirent.h"
12.  
13. typedef struct dirent dirent;
14.  
15. #define FOLDER_ADDRES_IN_ARGV 1
16. #define BACK_SLASH_FOR_ADDRES 47
17. #define INDEX_FIRST_ADRESS 2
18. #define INDEX_OF_ARGV_ANTI_VIRUS_FILE 2
19. #define INDEX_OF_ARGV_FOLDER 2
20. #define ADD_FOR_MAKE_STR 2
21. #define SIZE_OF_BLACK_SLASH_STR 2
22. #define TWENTY_PRECENT 20
23. #define ONEHUNDERED_PRECENT 100
24. #define FIRST_QUICK_SCAN 1
25. #define LAST_QUICK_SCAN 2 // The function see this number and chose what to do
26. #define NORMAL_SCAN 0
27. #define MAKE_LAST_80_PRECENT 4
28.  
29. FILE* fileBinaryOpen(FILE* pFile, char** argv);
30. char* readBinaryFile(FILE* pFile, long* size);
31. char** inputFolderInArr(char** argv, int* addresSize);
32. FILE* myOpenFile(char* addres);
33. int checkSingnInFile(char* bufferOfSing, char* addresOfFile, long antiVirusSize, int precentToCheck);
34. int outTwentyPercent(int num, int precentToCheck);
35. void freeMatriza(char** arrOfStr, int size);
36.  
37. int main(int argc, char** argv)
38. {
39. int check = 0, addresSize = 0, i = 0, choceOfUser = 0, precentToCheck = 0, flag = 1;
40. long sizeBuferAntiVirus = 0;
41. char** addresInFolder = 0;
42. char* bufferOfAntiVirus = 0;
43. char* folderToInputData = 0;
44. char antiLog[] = "AntiVirusLog.txt";
45. FILE* signOfAntiVirus = 0;
46. FILE* logFile = 0;
47.  
48.  
49. folderToInputData = (char*)malloc(sizeof(char) * (strlen(antiLog) + strlen(argv[INDEX_OF_ARGV_FOLDER])));
50. strcpy(folderToInputData, argv[1]);
51. strcat(folderToInputData, "\\");
52. strcat(folderToInputData, antiLog);
53.  
54.  
55. logFile = fopen(folderToInputData, "w");
56.  
57. printf("Welcome my virus scan!\n\n");
58. fprintf(logFile, "Welcome my virus scan!\n");
59.  
60. printf("Folder to scan: %s\n", argv[INDEX_OF_ARGV_FOLDER]);
61. printf("Virus signature: %s\n", argv[INDEX_OF_ARGV_ANTI_VIRUS_FILE]);
62. fprintf(logFile, "Folder to scan:\n %s\n", argv[INDEX_OF_ARGV_FOLDER]);
63. fprintf(logFile, "Virus signature:\n %s\n", argv[INDEX_OF_ARGV_ANTI_VIRUS_FILE]);
64.  
65. signOfAntiVirus = fileBinaryOpen(signOfAntiVirus, argv);
66.  
67. bufferOfAntiVirus = readBinaryFile(signOfAntiVirus, &sizeBuferAntiVirus);
68.  
69. addresInFolder = inputFolderInArr(argv, &addresSize);
70.  
71. printf("Pressc 0 for normal scan or any other key for a quick scan: ");
72. scanf("%d", &choceOfUser);
73. getchar();
74.  
75. if (choceOfUser) // for input data to file
76. {
77. fprintf(logFile, "Scanning option:\nQuick scan\n");
78. }
79. else
80. {
81. fprintf(logFile, "Scanning option:\nNormal scan\n");
82. }
83.  
84.  
85. printf("Scanning began...\nThis process may take several mintes...\n\n");
86. fprintf(logFile, "Result\n");
87. for (i = INDEX_FIRST_ADRESS; i < addresSize; i++) // pass all the folder
88. {
89. if (choceOfUser) // For quick scan check only 20%
90. {
91. precentToCheck = FIRST_QUICK_SCAN;
92. }
93.  
94. while (flag)
95. {
96. check = checkSingnInFile(bufferOfAntiVirus, addresInFolder[i], sizeBuferAntiVirus, precentToCheck);
97. if (!precentToCheck) // if normal scan to know what to print
98. {
99. if (check)
100. {
101. printf("%s - Infected!\n", addresInFolder[i]);
102. fprintf(logFile, "%s - Infected!\n", addresInFolder[i]);
103. flag = 0;
104. }
105. else
106. {
107. printf("%s - Clean\n", addresInFolder[i]);
108. fprintf(logFile, "%s - Clean\n", addresInFolder[i]);
109. flag = 0;
110. }
111. }
112. else if (precentToCheck == FIRST_QUICK_SCAN)
113. {
114. if (check)
115. {
116. printf("%s - Infected! <First 20%%>\n", addresInFolder[i]);
117. fprintf(logFile, "%s - Infected! <First 20%%>\n", addresInFolder[i]);
118. flag = 0;
119. }
120. else
121. {
122. precentToCheck = LAST_QUICK_SCAN; // Make check last 20 pecent
123. }
124. }
125. else if (precentToCheck == LAST_QUICK_SCAN)
126. {
127. check = checkSingnInFile(bufferOfAntiVirus, addresInFolder[i], sizeBuferAntiVirus, precentToCheck); // becuse need make check agin
128. if (check)
129. {
130. printf("%s - Infected! <Last 20%%>\n", addresInFolder[i]);
131. fprintf(logFile, "%s - Infected! <Last 20%%>\n", addresInFolder[i]);
132. flag = 0;
133. }
134. else
135. {
136. precentToCheck = NORMAL_SCAN; // Go to noramla check
137. }
138. }
139. }
140. flag = 1; // make the loop making agin
141. }
142. printf("Scan Completed.\n");
143. printf("See log path for results: %s", folderToInputData);
144.  
145. freeMatriza(addresInFolder, addresSize);
146. free(folderToInputData);
147. free(bufferOfAntiVirus);
148. fclose(logFile);
149. fclose(signOfAntiVirus);
150. getchar();
151. return 0;
152. }
153.  
154. /*
155. the function open the file to read in binary, if the file not found it close the plant
156. input: p p file to open hem
157. .
158. output:POINTER OF file
159. .
160. */
161. FILE* fileBinaryOpen(FILE* pFile, char** argv)
162. {
163. pFile = fopen(argv[INDEX_OF_ARGV_ANTI_VIRUS_FILE], "rb");
164. if (pFile == NULL)
165. {
166. printf("Error opening file!\n");
167. getchar();
168. exit(1);
169. }
170. return pFile;
171. }
172.  
173. /*
174. the function get pFile and take the binary in the file and input to buffer
175. input: pFile we wont copy hem and pointer to return the size
176. .
177. output:pointer of buffer white the word
178. .
179. */
180. char* readBinaryFile(FILE* pFile, long* size)
181. {
182. char* buffer;
183.  
184. fseek(pFile, 0, SEEK_END);
185. *size = ftell(pFile);
186. fseek(pFile, 0, SEEK_SET);
187. buffer = (char *)malloc(*size * sizeof(char));
188. *buffer = 0;
189.  
190. fread(buffer, 1, *size, pFile);
191.  
192. return buffer;
193. }
194.  
195. /*
196. the function get file and buffer of sing and check if the sing in the buffer file
197. input: buffer of sing and file pointer to open and check
198. .
199. output:1 if the sing in the file 0 if not
200. .
201. */
202. int checkSingnInFile(char* bufferOfSing, char* addresOfFile, long antiVirusSize, int precentToCheck)
203. {
204. int j = 0, i = 0, flag = 0, count = 0, sizeFile = 0;
205. char* bufferOfFile = 0;
206. FILE* pFile = 0;
207.  
208. pFile = myOpenFile(addresOfFile);
209. fseek(pFile, 0, SEEK_END);
210. sizeFile = ftell(pFile);
211. fseek(pFile, 0, SEEK_SET);
212. bufferOfFile = (char*)malloc((sizeof(char) * sizeFile));
213.  
214. fread(bufferOfFile, 1, sizeFile, pFile);
215.  
216. if (precentToCheck == FIRST_QUICK_SCAN) // If quick scan
217. {
218. sizeFile = outTwentyPercent(sizeFile, TWENTY_PRECENT);
219. }
220.  
221.  
222. for (i = 0; antiVirusSize + i <= sizeFile && !flag; i++) // pass all the buffer
223. {
224. if (LAST_QUICK_SCAN == precentToCheck)
225. {
226. i = sizeFile - outTwentyPercent(sizeFile, TWENTY_PRECENT);
227. precentToCheck = 0;
228. }
229. for (j = 0; j < antiVirusSize; j++) // pass on the size of the buffer
230. {
231. if (bufferOfFile[i + j] == bufferOfSing[j]) // if all the buffer comper then he eqal to size of sing buffer len
232. {
233. count++;
234. }
235. }
236. if (count == antiVirusSize)
237. {
238. flag = 1;
239. }
240. count = 0;
241. }
242.  
243. fclose(pFile);
244. free(bufferOfFile);
245. return flag;
246. }
247.  
248. /*
249. the function make a dinamik place to arr to input ther all the folder str
250. input: the argv for addres and the size to use in ather function
251. .
252. output: pointer if addres arr
253. .
254. */
255. char** inputFolderInArr(char** argv, int* addresSize)
256. {
257. char** addresInFolder = 0;
258. int count = 0, i = 0;
259. char backSlashForAddres[SIZE_OF_BLACK_SLASH_STR] = { 0 };
260. backSlashForAddres[0] = BACK_SLASH_FOR_ADDRES;
261. struct dirent* de;
262. DIR* dr = opendir(argv[FOLDER_ADDRES_IN_ARGV]);
263.  
264. if (dr == NULL) // opendir returns NULL if couldn't open directory
265. {
266. printf("Could not open current directory");
267. return 0;
268. }
269.  
270. while ((de = readdir(dr)) != NULL) // count the item in folder to input to folder
271. {
272. count++;
273. }
274. addresInFolder = (char**)malloc(sizeof(char*) * count);
275. closedir(dr);
276.  
277. dr = opendir(argv[FOLDER_ADDRES_IN_ARGV]);
278.  
279. while ((de = readdir(dr)) != NULL)
280. {
281. addresInFolder[i] = (char*)malloc((sizeof(char) *(strlen(argv[FOLDER_ADDRES_IN_ARGV]) + strlen(de->d_name)) + ADD_FOR_MAKE_STR));
282. strcpy(addresInFolder[i], argv[FOLDER_ADDRES_IN_ARGV]);
283. strcat(addresInFolder[i], backSlashForAddres); // make the addres for next function
284. strcat(addresInFolder[i], de->d_name);
285. i++;
286. }
287.  
288. *addresSize = count;
289.  
290. closedir(dr);
291. return addresInFolder;
292. }
293.  
294. /*
295. the function open file to read in binary
296. input: get the addtes of file to input
297. .
298. output: pointer of file
299. .
300. */
301. FILE* myOpenFile(char* addres)
302. {
303. FILE* pFile = 0;
304.  
305. pFile = fopen(addres, "rb");
306. if (pFile == NULL)
307. {
308. printf("Error opening file!\n");
309. getchar();
310. exit(1);
311. }
312. return pFile;
313. }
314.  
315.  
316. /*
317. the function return 20% of number he get
318. input: get number to return the 20%
319. .
320. output: number of 20% from the number input
321. .
322. */
323. int outTwentyPercent(int num, int precentToCheck)
324. {
325. num *= precentToCheck;
326. num /= ONEHUNDERED_PRECENT;
327.  
328. return num;
329. }
330.  
331. /*
332. the function free matriza
333. input:the matriza and the size for free
334. .
335. output: nane
336. .
337. */
338. void freeMatriza(char** arrOfStr, int size)
339. {
340. int i = 0;
341. for (i = 0; i < size; i++)
342. {
343. free(arrOfStr[i]);
344. }
345. free(arrOfStr);
346.  
347. }