From 15edaf1127c188f3db493dbacb186187d2f14813 Mon Sep 17 00:00:00 2001
From: Kaustubh Kasadi <121484985+KK-Unify-1407@users.noreply.github.com>
Date: Tue, 14 Feb 2023 11:56:37 +0530
Subject: [PATCH 1/8] Add CORS function

---
 scan.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scan.go b/scan.go
index 3227466..4d44f57 100644
--- a/scan.go
+++ b/scan.go
@@ -189,6 +189,10 @@ func webService() {
 	log.Fatal(http.ListenAndServe(":3993", router))
 }
 
+func enableCors(w *http.ResponseWriter) {
+(*w).Header().Set("Access-Control-Allow-Origin", "*")
+}
+enableCors(&w)
 func webAvScan(w http.ResponseWriter, r *http.Request) {
 
 	r.ParseMultipartForm(32 << 20)

From 3728a8544e7a15f0ec96b9ff463561319a2f2a5c Mon Sep 17 00:00:00 2001
From: "DESKTOP-U4SI5VU\\UNIFY" <koistubhk@unifytech.com>
Date: Tue, 14 Feb 2023 19:40:34 +0530
Subject: [PATCH 2/8] fixed error

---
 scan.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scan.go b/scan.go
index 4d44f57..6635ef2 100644
--- a/scan.go
+++ b/scan.go
@@ -190,11 +190,11 @@ func webService() {
 }
 
 func enableCors(w *http.ResponseWriter) {
-(*w).Header().Set("Access-Control-Allow-Origin", "*")
+	(*w).Header().Set("Access-Control-Allow-Origin", "*")
 }
-enableCors(&w)
-func webAvScan(w http.ResponseWriter, r *http.Request) {
 
+func webAvScan(w http.ResponseWriter, r *http.Request) {
+	enableCors(&w)
 	r.ParseMultipartForm(32 << 20)
 	file, header, err := r.FormFile("malware")
 	if err != nil {

From d318a9c54730e5894923fdccc2012036ff2356c0 Mon Sep 17 00:00:00 2001
From: "DESKTOP-U4SI5VU\\UNIFY" <koistubhk@unifytech.com>
Date: Thu, 16 Feb 2023 13:36:21 +0530
Subject: [PATCH 3/8] Updated Changes with logging and required headers

---
 scan.go | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/scan.go b/scan.go
index 6635ef2..a9a4f5a 100644
--- a/scan.go
+++ b/scan.go
@@ -78,6 +78,8 @@ func assert(err error) {
 // AvScan performs antivirus scan
 func AvScan(timeout int) McAfee {
 
+	log.Info("---------Entered AvScan-----------------")
+
 	defer os.Remove("/tmp/" + hash + ".xml")
 
 	var results ResultsData
@@ -86,6 +88,7 @@ func AvScan(timeout int) McAfee {
 	defer cancel()
 
 	output, err := utils.RunCommand(ctx, "/usr/local/uvscan/uvscan_secure", path, "--xmlpath=/tmp/"+hash+".xml")
+	log.info(err)
 	assert(err)
 	results, err = ParseMcAfeeOutput(output)
 
@@ -180,6 +183,7 @@ func printStatus(resp gorequest.Response, body string, errs []error) {
 }
 
 func webService() {
+
 	router := mux.NewRouter().StrictSlash(true)
 	router.HandleFunc("/scan", webAvScan).Methods("POST")
 	log.WithFields(log.Fields{
@@ -191,12 +195,18 @@ func webService() {
 
 func enableCors(w *http.ResponseWriter) {
 	(*w).Header().Set("Access-Control-Allow-Origin", "*")
+	(*w).Header().Set("Access-Control-Allow-Origin", "*")
+	(*w).Header().Set("Access-Control-Allow-Headers", "Content-Type")
+	(*w).Header().Set("Access-Control-Allow-Methods", "*")
+	(*w).Header().Set("Content-Type", "application/json; charset=UTF-8")
+
 }
 
 func webAvScan(w http.ResponseWriter, r *http.Request) {
 	enableCors(&w)
 	r.ParseMultipartForm(32 << 20)
 	file, header, err := r.FormFile("malware")
+	log.Info("Corse Enabled-------")
 	if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
 		fmt.Fprintln(w, "Please supply a valid file to scan.")
@@ -206,7 +216,8 @@ func webAvScan(w http.ResponseWriter, r *http.Request) {
 		}).Error(err)
 	}
 	defer file.Close()
-
+	log.Info("------------------Preparing File for Scanning-----------------")
+	log.Info(header.Filename)
 	log.WithFields(log.Fields{
 		"plugin":   name,
 		"category": category,
@@ -225,7 +236,7 @@ func webAvScan(w http.ResponseWriter, r *http.Request) {
 	if err = tmpfile.Close(); err != nil {
 		assert(err)
 	}
-
+	log.Info("----------------- Scanning Started-----------------")
 	// Do AV scan
 	path = tmpfile.Name()
 	mcafee := AvScan(60)

From c2089deb939b370a6e1f3acf6328672321fe0458 Mon Sep 17 00:00:00 2001
From: "DESKTOP-U4SI5VU\\UNIFY" <koistubhk@unifytech.com>
Date: Thu, 16 Feb 2023 14:32:35 +0530
Subject: [PATCH 4/8] Added Docker Changes Response Header and Request Header
 to accept all origins

---
 Dockerfile | 28 ++++++++++++++++------------
 scan.go    | 23 +++++++++++++++++------
 2 files changed, 33 insertions(+), 18 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a1781f0..51d58aa 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,17 +28,21 @@ RUN groupadd -r malice \
     && chown -R malice:malice /malware
 
 # Install McAfee AV
-RUN set -x \
-    && apt-get update \
-    && apt-get install -yq ca-certificates curl --no-install-recommends \
-    && echo "===> Install McAfee..." \
-    && mkdir -p /usr/local/uvscan \
-    && curl http://b2b-download.mcafee.com/products/evaluation/vcl/l64/vscl-l64-604-e.tar.gz \
-    | tar -xzf - -C /usr/local/uvscan \
-    && echo "===> Clean up unnecessary files..." \
-    && apt-get purge -y --auto-remove ca-certificates curl \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives /tmp/* /var/tmp/*
+#RUN set -x \
+#    && apt-get update \
+#    && apt-get install -yq ca-certificates curl unzip gzip libarchive-tools --no-install-recommends \
+#    && echo "===> Install McAfee..." \
+#    && mkdir -p /usr/local/uvscan \
+#    && curl http://b2b-download.mcafee.com/products/evaluation/vcl/l64/vscl-l64-604-e.tar.gz \
+#    | gzip -d vscl-l64-604-e.tar.gz \
+#    | tar -xzf vscl-l64-604-e.tar -C /usr/local/uvscan \
+#    && echo "===> Clean up unnecessary files..." \
+#    && apt-get purge -y --auto-remove ca-certificates curl \
+#    && apt-get clean \
+#    && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives /tmp/* /var/tmp/*
+RUN mkdir -p /usr/local/uvscan
+COPY ./cls-l64-703-e.tar.gz  /tmp/.
+RUN tar -xzf /tmp/cls-l64-703-e.tar.gz -C /usr/local/uvscan
 
 # Ensure ca-certificates is installed for elasticsearch to use https
 RUN apt-get update -qq && apt-get install -yq --no-install-recommends ca-certificates wget unzip \
@@ -56,4 +60,4 @@ COPY --from=go_builder /bin/avscan /bin/avscan
 WORKDIR /malware
 
 ENTRYPOINT ["/bin/avscan"]
-CMD ["--help"]
+CMD ["--help"]
\ No newline at end of file
diff --git a/scan.go b/scan.go
index a9a4f5a..9e15024 100644
--- a/scan.go
+++ b/scan.go
@@ -22,6 +22,7 @@ import (
 	"github.com/malice-plugins/pkgs/utils"
 	"github.com/parnurzeal/gorequest"
 	"github.com/pkg/errors"
+	"github.com/rs/cors"
 	"github.com/urfave/cli"
 )
 
@@ -88,7 +89,6 @@ func AvScan(timeout int) McAfee {
 	defer cancel()
 
 	output, err := utils.RunCommand(ctx, "/usr/local/uvscan/uvscan_secure", path, "--xmlpath=/tmp/"+hash+".xml")
-	log.info(err)
 	assert(err)
 	results, err = ParseMcAfeeOutput(output)
 
@@ -184,22 +184,26 @@ func printStatus(resp gorequest.Response, body string, errs []error) {
 
 func webService() {
 
+	fmt.Println("Settin up server, enabling CORS . . .")
+
+	c := cors.New(cors.Options{
+		AllowedOrigins: []string{"*"},    // All origins
+		AllowedMethods: []string{"POST"}, // Allowing only get, just an example
+	})
+
 	router := mux.NewRouter().StrictSlash(true)
 	router.HandleFunc("/scan", webAvScan).Methods("POST")
 	log.WithFields(log.Fields{
 		"plugin":   name,
 		"category": category,
 	}).Info("web service listening on port :3993")
-	log.Fatal(http.ListenAndServe(":3993", router))
+	log.Fatal(http.ListenAndServe(":3993", c.Handler(router)))
 }
 
 func enableCors(w *http.ResponseWriter) {
+
 	(*w).Header().Set("Access-Control-Allow-Origin", "*")
-	(*w).Header().Set("Access-Control-Allow-Origin", "*")
-	(*w).Header().Set("Access-Control-Allow-Headers", "Content-Type")
 	(*w).Header().Set("Access-Control-Allow-Methods", "*")
-	(*w).Header().Set("Content-Type", "application/json; charset=UTF-8")
-
 }
 
 func webAvScan(w http.ResponseWriter, r *http.Request) {
@@ -240,7 +244,14 @@ func webAvScan(w http.ResponseWriter, r *http.Request) {
 	// Do AV scan
 	path = tmpfile.Name()
 	mcafee := AvScan(60)
+	log.Info("----------------- Scanning Complelted-----------------")
+
+	log.Info("File is: ")
+	log.Info(mcafee.Results.Infected)
+
+	log.Info("-----------------Creating Response-----------------")
 
+	w.Header().Set("Access-Control-Allow-Origin", "*")
 	w.Header().Set("Content-Type", "application/json; charset=UTF-8")
 	w.WriteHeader(http.StatusOK)
 

From 67373b4589d2f9c922f7d2a238a9da2229c04bc3 Mon Sep 17 00:00:00 2001
From: "DESKTOP-U4SI5VU\\UNIFY" <koistubhk@unifytech.com>
Date: Thu, 16 Feb 2023 15:04:29 +0530
Subject: [PATCH 5/8] Updated Headers

---
 scan.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scan.go b/scan.go
index 9e15024..853b6dc 100644
--- a/scan.go
+++ b/scan.go
@@ -187,8 +187,9 @@ func webService() {
 	fmt.Println("Settin up server, enabling CORS . . .")
 
 	c := cors.New(cors.Options{
-		AllowedOrigins: []string{"*"},    // All origins
-		AllowedMethods: []string{"POST"}, // Allowing only get, just an example
+		AllowedOrigins: []string{"*"}, // All origins
+		AllowedMethods: []string{"*"}, // All methods
+		allowedHeaders: []string{"*"},
 	})
 
 	router := mux.NewRouter().StrictSlash(true)

From fd469f191a5269907ce80c13d2f4a4c8c50d6ed9 Mon Sep 17 00:00:00 2001
From: "DESKTOP-U4SI5VU\\UNIFY" <koistubhk@unifytech.com>
Date: Thu, 16 Feb 2023 15:24:14 +0530
Subject: [PATCH 6/8] corrected header

---
 scan.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scan.go b/scan.go
index 853b6dc..d1ee3f1 100644
--- a/scan.go
+++ b/scan.go
@@ -189,7 +189,7 @@ func webService() {
 	c := cors.New(cors.Options{
 		AllowedOrigins: []string{"*"}, // All origins
 		AllowedMethods: []string{"*"}, // All methods
-		allowedHeaders: []string{"*"},
+		AllowedHeaders: []string{"*"},
 	})
 
 	router := mux.NewRouter().StrictSlash(true)

From 4b4dd1477ab998a55930affab549f355ef7cd7ac Mon Sep 17 00:00:00 2001
From: "DESKTOP-U4SI5VU\\UNIFY" <koistubhk@unifytech.com>
Date: Thu, 16 Feb 2023 16:40:42 +0530
Subject: [PATCH 7/8] added options method

---
 scan.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scan.go b/scan.go
index d1ee3f1..dd32560 100644
--- a/scan.go
+++ b/scan.go
@@ -193,7 +193,7 @@ func webService() {
 	})
 
 	router := mux.NewRouter().StrictSlash(true)
-	router.HandleFunc("/scan", webAvScan).Methods("POST")
+	router.HandleFunc("/scan", webAvScan).Methods("POST", "OPTIONS")
 	log.WithFields(log.Fields{
 		"plugin":   name,
 		"category": category,

From 870f7ed01beeed0b7f483a4ddf2de548916aade9 Mon Sep 17 00:00:00 2001
From: "DESKTOP-U4SI5VU\\UNIFY" <koistubhk@unifytech.com>
Date: Thu, 16 Feb 2023 17:15:54 +0530
Subject: [PATCH 8/8] reverted options changes

---
 scan.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scan.go b/scan.go
index dd32560..6057858 100644
--- a/scan.go
+++ b/scan.go
@@ -192,8 +192,8 @@ func webService() {
 		AllowedHeaders: []string{"*"},
 	})
 
-	router := mux.NewRouter().StrictSlash(true)
-	router.HandleFunc("/scan", webAvScan).Methods("POST", "OPTIONS")
+	router := mux.NewRouter()
+	router.HandleFunc("/scan", webAvScan).Methods("POST")
 	log.WithFields(log.Fields{
 		"plugin":   name,
 		"category": category,