EICAR 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- YWNjZTEyOWNkYTY3NmNkOWVjYTVkZTkwYWU2NDdmNzQwNGI4ZGY5ZA==
4
+ ZjlhMmQxY2JiY2ZkM2RhOGVhMmU5YWY2NzA0NDI4NTdlMDVkOWY5Yw==
5
5
  data.tar.gz: !binary |-
6
- ZTA0OWI5ZjM2OWU4ZmQwNGMzYTdiYmZhYWU3M2Y5MzkwMzYyZDg1Ng==
6
+ NDRmNzcxZDA4NzI4NDUzMjVkMGE1ZDY5YzY4NGNjZDk4N2UwY2I5Nw==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- MGY4YmM1NmRkYjc4ZjRlZDAxMzUyNDNlNDgwYTdhZDMwMTYwOWYxZTIzNzNm
10
- ZDkyY2FmMGFlYTQwZDlmMjE2Zjg1MTM4NGVlNmIyNjlhOWEwNjkxNzFmODYz
11
- MTdkZDcyYzMyOThmZDhiZTgwN2I1OTU2MDcyM2IxOGEyMTM2NTg=
9
+ ODdmYzVjODJiYjc5N2U1NTRlNjM3ZGI1NTVhY2QyOTk1NDY0NWJlNmU0NDIx
10
+ ODU1ODg0ODJmOGFlNWJlNzJmZjU1MGY0ZWM0ZTIxZTgwYjBlYWUwM2Y0YzBk
11
+ MGNhYTIxNDdkOWZkOTg1NGQzOGMyNzc0YWU1Mjg1M2RjZGRhNDI=
12
12
  data.tar.gz: !binary |-
13
- MGY2YzRiMDFiNWQzM2YyNTU0MTA3MzMxYjQxNWI2YTM1OWNjYWIxZDBjZjc2
14
- ZWYyODU5NzM5OTc1ZGZlYTA5MWU1NWQ0Mjg0NjEyODM5YThmMTM0NDQxYWU3
15
- MTFmOTAwZjViYmEwMDY0ODVjYWI2OWRjNDFkMjVlZTEwM2JlMWQ=
13
+ YmI4ZDc0MDRiYTMyNjNiMmE3MzUyMDE2MWJmZDQ5ODAxMmNkYTk0NTk5YmY4
14
+ MGFiMGI0MzYyNWYzZmJiMzAyYzYwMjdmYThmOTc0Nzg1ZGU0MmQxYjgwMGI3
15
+ YTExM2I3YmNkM2MyYmE5MTZiNzdkNzQ5NzdmMjdjNzQ4OTA3YzU=
File without changes
data/README.md CHANGED
@@ -1,7 +1,10 @@
1
- eicar
1
+ EICAR
2
2
  =====
3
3
 
4
- EICAR test string for anti-virus functionality detection
4
+ The EICAR gem provides the [EICAR test
5
+ file](https://en.wikipedia.org/wiki/EICAR_test_file) as
6
+ [bin/eicar.com](bin/eicar.com),
7
+ used to test anti-virus detection functionality.
5
8
 
6
9
  Usage
7
10
  =====
@@ -19,7 +22,7 @@ load. I know, it's a little backwards.
19
22
 
20
23
  Code exercising this might look like this:
21
24
 
22
- ````
25
+ ````ruby
23
26
  #!/usr/bin/env ruby
24
27
 
25
28
  begin
@@ -29,6 +32,25 @@ rescue EICAR::EICARReadError
29
32
  end
30
33
  ````
31
34
 
35
+ If A/V is later enabled, an application can monitor its status. Here's a
36
+ simplistic example:
37
+
38
+ ````ruby
39
+ until EICAR.antivirus_active? do
40
+ sleep 1
41
+ puts "A/V hasn't caught EICAR yet"
42
+ end
43
+ puts "A/V is active in #{ENV['GEM_HOME']}."
44
+ ````
45
+
46
+ Expected Results
47
+ ================
48
+
49
+ Below is a screenshot from Microsoft Security Essentials successfully
50
+ detecting [bin/eicar.com](bin/eicar.com) and placing it in quarantine.
51
+
52
+ ![MSE Screenshot](images/eicar-success-mse.png)
53
+
32
54
  TODO
33
55
  ====
34
56
 
Binary file
data/lib/eicar.rb CHANGED
@@ -2,6 +2,9 @@ require 'eicar/version'
2
2
 
3
3
  module EICAR
4
4
 
5
+ # Antivirus should /not/ pick this up, ever.
6
+ ROT13_DOWNCASE_EICAR = "k5b!c%@nc[4cmk54(c^)7pp)7}$rvpne-fgnaqneq-nagvivehf-grfg-svyr!$u+u*"
7
+
5
8
  def self.version
6
9
  EICAR::VERSION
7
10
  end
@@ -12,17 +15,49 @@ module EICAR
12
15
  class EICARReadError < Error
13
16
  end
14
17
 
15
- def self.test_string
18
+ class EICARWriteError < Error
19
+ end
20
+
21
+ def self.test_file_path
16
22
  lib_path = File.expand_path(File.dirname(__FILE__))
17
23
  bin_path = File.expand_path(File.join(lib_path, "..", "bin"))
18
- com_file = File.join(bin_path, "eicar.com")
24
+ File.join(bin_path, "eicar.com")
25
+ end
26
+
27
+ def self.test_string
19
28
  begin
20
- data = File.open(com_file, "rb") {|f| f.read f.stat.size}
29
+ data = File.open(self.test_file_path, "rb") {|f| f.read f.stat.size}
21
30
  rescue SystemCallError
22
31
  raise EICAR::EICARReadError
23
32
  end
24
33
  end
25
34
 
35
+ def self.antivirus_active?
36
+ begin
37
+ self.test_string
38
+ rescue EICAR::EICARReadError
39
+ return true
40
+ end
41
+ return false
42
+ end
43
+
44
+ def self.rot13(str)
45
+ str.tr "A-Za-z", "N-ZA-Mn-za-m"
46
+ end
47
+
48
+ # Returns a TrueClass if the file was created and is readable in the
49
+ # expected path. For system-wide gem installs, this will usually need
50
+ # to be run as root, or else you'll raise.
51
+ def self.create
52
+ data = self.rot13(ROT13_DOWNCASE_EICAR).upcase
53
+ begin
54
+ File.open(self.test_file_path, "wb") {|f| f.write data}
55
+ rescue SystemCallError
56
+ raise EICAR::EICARWriteError
57
+ end
58
+ File.readable? self.test_file_path
59
+ end
60
+
26
61
  end
27
62
 
28
63
  EICAR.test_string
data/lib/eicar/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EICAR
2
- VERSION = '0.0.1'
2
+ VERSION = '0.0.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: EICAR
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tod Beardsley
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-12-30 00:00:00.000000000 Z
11
+ date: 2013-12-31 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: ! "\n This gem is designed to fail in the face of anti-virus coverage\n
14
14
  \ of your gem path. If you are running anti-virus systemwide, this\n gem will
@@ -22,12 +22,13 @@ files:
22
22
  - .gitignore
23
23
  - .ruby-gemset
24
24
  - .ruby-version
25
+ - EICAR.gemspec
25
26
  - Gemfile
26
27
  - Gemfile.lock
27
28
  - LICENSE
28
29
  - README.md
29
30
  - bin/eicar.com
30
- - eicar.gemspec
31
+ - images/eicar-success-mse.png
31
32
  - lib/eicar.rb
32
33
  - lib/eicar/version.rb
33
34
  homepage: https://github.com/todb-r7/eicar