EICAR 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +8 -8
  2. data/{eicar.gemspec → EICAR.gemspec} +0 -0
  3. data/README.md +25 -3
  4. data/images/eicar-success-mse.png +0 -0
  5. data/lib/eicar.rb +38 -3
  6. data/lib/eicar/version.rb +1 -1
  7. metadata +4 -3
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- YWNjZTEyOWNkYTY3NmNkOWVjYTVkZTkwYWU2NDdmNzQwNGI4ZGY5ZA==
4
+ ZjlhMmQxY2JiY2ZkM2RhOGVhMmU5YWY2NzA0NDI4NTdlMDVkOWY5Yw==
5
5
  data.tar.gz: !binary |-
6
- ZTA0OWI5ZjM2OWU4ZmQwNGMzYTdiYmZhYWU3M2Y5MzkwMzYyZDg1Ng==
6
+ NDRmNzcxZDA4NzI4NDUzMjVkMGE1ZDY5YzY4NGNjZDk4N2UwY2I5Nw==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- MGY4YmM1NmRkYjc4ZjRlZDAxMzUyNDNlNDgwYTdhZDMwMTYwOWYxZTIzNzNm
10
- ZDkyY2FmMGFlYTQwZDlmMjE2Zjg1MTM4NGVlNmIyNjlhOWEwNjkxNzFmODYz
11
- MTdkZDcyYzMyOThmZDhiZTgwN2I1OTU2MDcyM2IxOGEyMTM2NTg=
9
+ ODdmYzVjODJiYjc5N2U1NTRlNjM3ZGI1NTVhY2QyOTk1NDY0NWJlNmU0NDIx
10
+ ODU1ODg0ODJmOGFlNWJlNzJmZjU1MGY0ZWM0ZTIxZTgwYjBlYWUwM2Y0YzBk
11
+ MGNhYTIxNDdkOWZkOTg1NGQzOGMyNzc0YWU1Mjg1M2RjZGRhNDI=
12
12
  data.tar.gz: !binary |-
13
- MGY2YzRiMDFiNWQzM2YyNTU0MTA3MzMxYjQxNWI2YTM1OWNjYWIxZDBjZjc2
14
- ZWYyODU5NzM5OTc1ZGZlYTA5MWU1NWQ0Mjg0NjEyODM5YThmMTM0NDQxYWU3
15
- MTFmOTAwZjViYmEwMDY0ODVjYWI2OWRjNDFkMjVlZTEwM2JlMWQ=
13
+ YmI4ZDc0MDRiYTMyNjNiMmE3MzUyMDE2MWJmZDQ5ODAxMmNkYTk0NTk5YmY4
14
+ MGFiMGI0MzYyNWYzZmJiMzAyYzYwMjdmYThmOTc0Nzg1ZGU0MmQxYjgwMGI3
15
+ YTExM2I3YmNkM2MyYmE5MTZiNzdkNzQ5NzdmMjdjNzQ4OTA3YzU=
data/{eicar.gemspec → EICAR.gemspec} RENAMED
File without changes
data/README.md CHANGED
@@ -1,7 +1,10 @@
1
- eicar
1
+ EICAR
2
2
  =====
3
3
 
4
- EICAR test string for anti-virus functionality detection
4
+ The EICAR gem provides the [EICAR test
5
+ file](https://en.wikipedia.org/wiki/EICAR_test_file) as
6
+ [bin/eicar.com](bin/eicar.com),
7
+ used to test anti-virus detection functionality.
5
8
 
6
9
  Usage
7
10
  =====
@@ -19,7 +22,7 @@ load. I know, it's a little backwards.
19
22
 
20
23
  Code exercising this might look like this:
21
24
 
22
- ````
25
+ ````ruby
23
26
  #!/usr/bin/env ruby
24
27
 
25
28
  begin
@@ -29,6 +32,25 @@ rescue EICAR::EICARReadError
29
32
  end
30
33
  ````
31
34
 
35
+ If A/V is later enabled, an application can monitor its status. Here's a
36
+ simplistic example:
37
+
38
+ ````ruby
39
+ until EICAR.antivirus_active? do
40
+ sleep 1
41
+ puts "A/V hasn't caught EICAR yet"
42
+ end
43
+ puts "A/V is active in #{ENV['GEM_HOME']}."
44
+ ````
45
+
46
+ Expected Results
47
+ ================
48
+
49
+ Below is a screenshot from Microsoft Security Essentials successfully
50
+ detecting [bin/eicar.com](bin/eicar.com) and placing it in quarantine.
51
+
52
+ ![MSE Screenshot](images/eicar-success-mse.png)
53
+
32
54
  TODO
33
55
  ====
34
56
 
data/images/eicar-success-mse.png ADDED
Binary file
data/lib/eicar.rb CHANGED
@@ -2,6 +2,9 @@ require 'eicar/version'
2
2
 
3
3
  module EICAR
4
4
 
5
+ # Antivirus should /not/ pick this up, ever.
6
+ ROT13_DOWNCASE_EICAR = "k5b!c%@nc[4cmk54(c^)7pp)7}$rvpne-fgnaqneq-nagvivehf-grfg-svyr!$u+u*"
7
+
5
8
  def self.version
6
9
  EICAR::VERSION
7
10
  end
@@ -12,17 +15,49 @@ module EICAR
12
15
  class EICARReadError < Error
13
16
  end
14
17
 
15
- def self.test_string
18
+ class EICARWriteError < Error
19
+ end
20
+
21
+ def self.test_file_path
16
22
  lib_path = File.expand_path(File.dirname(__FILE__))
17
23
  bin_path = File.expand_path(File.join(lib_path, "..", "bin"))
18
- com_file = File.join(bin_path, "eicar.com")
24
+ File.join(bin_path, "eicar.com")
25
+ end
26
+
27
+ def self.test_string
19
28
  begin
20
- data = File.open(com_file, "rb") {|f| f.read f.stat.size}
29
+ data = File.open(self.test_file_path, "rb") {|f| f.read f.stat.size}
21
30
  rescue SystemCallError
22
31
  raise EICAR::EICARReadError
23
32
  end
24
33
  end
25
34
 
35
+ def self.antivirus_active?
36
+ begin
37
+ self.test_string
38
+ rescue EICAR::EICARReadError
39
+ return true
40
+ end
41
+ return false
42
+ end
43
+
44
+ def self.rot13(str)
45
+ str.tr "A-Za-z", "N-ZA-Mn-za-m"
46
+ end
47
+
48
+ # Returns a TrueClass if the file was created and is readable in the
49
+ # expected path. For system-wide gem installs, this will usually need
50
+ # to be run as root, or else you'll raise.
51
+ def self.create
52
+ data = self.rot13(ROT13_DOWNCASE_EICAR).upcase
53
+ begin
54
+ File.open(self.test_file_path, "wb") {|f| f.write data}
55
+ rescue SystemCallError
56
+ raise EICAR::EICARWriteError
57
+ end
58
+ File.readable? self.test_file_path
59
+ end
60
+
26
61
  end
27
62
 
28
63
  EICAR.test_string
data/lib/eicar/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EICAR
2
- VERSION = '0.0.1'
2
+ VERSION = '0.0.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: EICAR
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tod Beardsley
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-12-30 00:00:00.000000000 Z
11
+ date: 2013-12-31 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: ! "\n This gem is designed to fail in the face of anti-virus coverage\n
14
14
  \ of your gem path. If you are running anti-virus systemwide, this\n gem will
@@ -22,12 +22,13 @@ files:
22
22
  - .gitignore
23
23
  - .ruby-gemset
24
24
  - .ruby-version
25
+ - EICAR.gemspec
25
26
  - Gemfile
26
27
  - Gemfile.lock
27
28
  - LICENSE
28
29
  - README.md
29
30
  - bin/eicar.com
30
- - eicar.gemspec
31
+ - images/eicar-success-mse.png
31
32
  - lib/eicar.rb
32
33
  - lib/eicar/version.rb
33
34
  homepage: https://github.com/todb-r7/eicar