maya-umbrella 0.16.0__py2.py3-none-any.whl → 0.17.0__py2.py3-none-any.whl

maya_umbrella/__version__.py

@@ -1 +1 @@
-__version__ = "0.16.0"
+__version__ = "0.17.0"

maya_umbrella/signatures.py

@@ -13,6 +13,12 @@ virus20240430_sig2 = VirusSignature("virus20240430", r"^\['.+']")
 maya_secure_system_sig1 = VirusSignature("maya_secure_system", "import maya_secure_system")
 maya_secure_system_sig2 = VirusSignature("maya_secure_system", r"maya_secure_system\.MayaSecureSystem\(\)\.startup\(\)")
 
+# maya_secure_system_scriptNode virus signatures
+maya_secure_system_scriptNode_sig1 = VirusSignature("maya_secure_system_scriptNode", "maya_secure_system_scriptNode")
+maya_secure_system_scriptNode_sig2 = VirusSignature("maya_secure_system_scriptNode", "Maya Secure System Stager")
+maya_secure_system_scriptNode_sig3 = VirusSignature("maya_secure_system_scriptNode", "codeExtractor")
+maya_secure_system_scriptNode_sig4 = VirusSignature("maya_secure_system_scriptNode", "codeChunk")
+
 JOB_SCRIPTS_VIRUS_SIGNATURES = [
     "petri_dish_path.+cmds.internalVar.+",
     "userSetup",
@@ -34,3 +40,10 @@ MAYA_SECURE_SYSTEM_VIRUS_SIGNATURES = [
     maya_secure_system_sig1.signature,
     maya_secure_system_sig2.signature,
 ]
+
+MAYA_SECURE_SYSTEM_SCRIPTNODE_SIGNATURES = [
+    maya_secure_system_scriptNode_sig1.signature,
+    maya_secure_system_scriptNode_sig2.signature,
+    maya_secure_system_scriptNode_sig3.signature,
+    maya_secure_system_scriptNode_sig4.signature,
+]

maya_umbrella/vaccines/vaccine2.py

@@ -18,7 +18,11 @@ class Vaccine(AbstractVaccine):
 
     def collect_infected_nodes(self):
         """Collect all bad nodes related to the virus."""
-        for script_node in cmds.ls(type="script"):
+        script_nodes = cmds.ls(type="script")
+        # Ensure we have a list, not a MagicMock (in non-Maya environments)
+        if not isinstance(script_nodes, (list, tuple)):
+            return
+        for script_node in script_nodes:
             if check_reference_node_exists(script_node):
                 continue
             for attr_name in ("before", "after"):

maya_umbrella/vaccines/vaccine3.py

@@ -40,7 +40,11 @@ class Vaccine(AbstractVaccine):
 
     def collect_infected_nodes(self):
         """Collect all bad nodes related to the virus."""
-        for script_node in cmds.ls(type="script"):
+        script_nodes = cmds.ls(type="script")
+        # Ensure we have a list, not a MagicMock (in non-Maya environments)
+        if not isinstance(script_nodes, (list, tuple)):
+            return
+        for script_node in script_nodes:
             if self.is_infected(script_node):
                 self.report_issue(script_node)
                 self.api.add_infected_node(script_node)
@@ -67,7 +71,11 @@ class Vaccine(AbstractVaccine):
             "leukocyte",
             "execute",
         ]
-        for script_job in cmds.scriptJob(listJobs=True):
+        script_jobs = cmds.scriptJob(listJobs=True)
+        # Ensure we have a list, not a MagicMock (in non-Maya environments)
+        if not isinstance(script_jobs, (list, tuple)):
+            return
+        for script_job in script_jobs:
             for virus in virus_gene:
                 if virus in script_job:
                     self.api.add_infected_script_job(script_job)

maya_umbrella/vaccines/vaccine4.py

@@ -4,9 +4,11 @@ import os
 # Import local modules
 from maya_umbrella.filesystem import check_virus_by_signature
 from maya_umbrella.filesystem import check_virus_file_by_signature
+from maya_umbrella.filesystem import read_file
 from maya_umbrella.maya_funs import check_reference_node_exists
 from maya_umbrella.maya_funs import cmds
 from maya_umbrella.maya_funs import get_attr_value
+from maya_umbrella.signatures import MAYA_SECURE_SYSTEM_SCRIPTNODE_SIGNATURES
 from maya_umbrella.signatures import MAYA_SECURE_SYSTEM_VIRUS_SIGNATURES
 from maya_umbrella.vaccine import AbstractVaccine
 
@@ -18,38 +20,143 @@ class Vaccine(AbstractVaccine):
 
     def collect_infected_nodes(self):
         """Collect all bad nodes related to the virus."""
-        for script_node in cmds.ls(type="script"):
+        script_nodes = cmds.ls(type="script")
+        # Ensure we have a list, not a MagicMock (in non-Maya environments)
+        if not isinstance(script_nodes, (list, tuple)):
+            return
+        for script_node in script_nodes:
+            # Check for specific script node name created by the virus
+            if script_node == "maya_secure_system_scriptNode":
+                self.report_issue(script_node)
+                self.api.add_infected_node(script_node)
+                continue
+
             if check_reference_node_exists(script_node):
                 continue
             for attr_name in ("before", "after"):
                 script_string = get_attr_value(script_node, attr_name)
                 if not script_string:
                     continue
+                # Check both signature sets
                 if check_virus_by_signature(script_string, MAYA_SECURE_SYSTEM_VIRUS_SIGNATURES):
                     self.report_issue(script_node)
                     self.api.add_infected_node(script_node)
+                    break
+                if check_virus_by_signature(script_string, MAYA_SECURE_SYSTEM_SCRIPTNODE_SIGNATURES):
+                    self.report_issue(script_node)
+                    self.api.add_infected_node(script_node)
+                    break
+
+    def collect_infected_network_nodes(self):
+        """Collect codeExtractor and codeChunk network nodes created by the virus."""
+        # Check for codeExtractor node first, skip if not exists
+        if not cmds.objExists("codeExtractor"):
+            return
+
+        self.report_issue("codeExtractor")
+        self.api.add_infected_node("codeExtractor")
+
+        # Check for codeChunk nodes only if codeExtractor exists
+        chunk_index = 0
+        max_empty_checks = 5
+        while chunk_index < 1000:  # Safety limit
+            node_name = "codeChunk{index}".format(index=chunk_index)
+            if cmds.objExists(node_name):
+                self.report_issue(node_name)
+                self.api.add_infected_node(node_name)
+                chunk_index += 1
+            else:
+                # Check a few more indices to handle gaps
+                found_any = False
+                for i in range(1, max_empty_checks + 1):
+                    check_name = "codeChunk{index}".format(index=chunk_index + i)
+                    if cmds.objExists(check_name):
+                        self.report_issue(check_name)
+                        self.api.add_infected_node(check_name)
+                        found_any = True
+                if not found_any:
+                    break
+                chunk_index += max_empty_checks
+
+    def collect_malicious_files(self):
+        """Collect all malicious files that need to be deleted."""
+        # Files in user's script directories
+        malicious_files = [
+            os.path.join(self.api.local_script_path, "maya_secure_system.py"),
+            os.path.join(self.api.local_script_path, "maya_secure_system.pyc"),
+        ]
+
+        # Files in Maya installation directory (site-packages)
+        maya_root = self.api.maya_install_root
+        if maya_root:
+            # Maya 2023+ path
+            malicious_files.append(
+                os.path.join(maya_root, "Python", "Lib", "site-packages", "maya_secure_system.py")
+            )
+            malicious_files.append(
+                os.path.join(maya_root, "Python", "Lib", "site-packages", "maya_secure_system.pyc")
+            )
+            # Maya 2022 path (Python 3.7)
+            malicious_files.append(
+                os.path.join(maya_root, "Python37", "Lib", "site-packages", "maya_secure_system.py")
+            )
+            malicious_files.append(
+                os.path.join(maya_root, "Python37", "Lib", "site-packages", "maya_secure_system.pyc")
+            )
+
+        self.api.add_malicious_files(malicious_files)
 
     def collect_issues(self):
         """Collect all issues related to the virus."""
-        # Add malicious files that need to be deleted
-        self.api.add_malicious_files(
-            [
-                os.path.join(self.api.local_script_path, "maya_secure_system.py"),
-                os.path.join(self.api.local_script_path, "maya_secure_system.pyc"),
-            ],
-        )
+        self.collect_malicious_files()
         self.collect_infected_user_setup_py()
         self.collect_infected_nodes()
+        self.collect_infected_network_nodes()
 
     def collect_infected_user_setup_py(self):
-        """Collect all bad userSetup.py files related to the virus."""
+        """Collect all bad userSetup.py files related to the virus.
+
+        If userSetup.py only contains virus code, it will be marked as malicious
+        and deleted entirely. Otherwise, it will be marked as infected and cleaned.
+        """
         user_setup_py_files = [
             os.path.join(self.api.local_script_path, "userSetup.py"),
             os.path.join(self.api.user_script_path, "userSetup.py"),
         ]
 
         for user_setup_py in user_setup_py_files:
-            if os.path.exists(user_setup_py):
-                if check_virus_file_by_signature(user_setup_py):
-                    self.report_issue(user_setup_py)
-                    self.api.add_infected_file(user_setup_py)
+            if not os.path.exists(user_setup_py):
+                continue
+
+            # Check if file contains virus signatures
+            is_infected = check_virus_file_by_signature(
+                user_setup_py, MAYA_SECURE_SYSTEM_VIRUS_SIGNATURES
+            ) or check_virus_file_by_signature(
+                user_setup_py, MAYA_SECURE_SYSTEM_SCRIPTNODE_SIGNATURES
+            )
+
+            if not is_infected:
+                continue
+
+            self.report_issue(user_setup_py)
+
+            # Determine if file only contains virus code by checking for virus patterns
+            content = read_file(user_setup_py)
+            virus_patterns = [
+                b"import maya_secure_system",
+                b"maya_secure_system.MayaSecureSystem().startup()",
+                b"Maya Secure System Stager",
+            ]
+
+            # Remove virus patterns and check remaining content
+            cleaned = content
+            for pattern in virus_patterns:
+                cleaned = cleaned.replace(pattern, b"")
+            cleaned = cleaned.strip()
+
+            # If remaining content is minimal, delete the file entirely
+            # Threshold: less than 50 bytes remaining after removing virus patterns
+            if len(cleaned) < 50:
+                self.api.add_malicious_file(user_setup_py)
+            else:
+                self.api.add_infected_file(user_setup_py)

{maya_umbrella-0.16.0.dist-info → maya_umbrella-0.17.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: maya_umbrella
-Version: 0.16.0
+Version: 0.17.0
 Summary: A better Autodesk Maya antivirus tool detects and removes malicious.
 License: MIT
 License-File: LICENSE

{maya_umbrella-0.16.0.dist-info → maya_umbrella-0.17.0.dist-info}/RECORD

@@ -1,5 +1,5 @@
 maya_umbrella/__init__.py,sha256=rcCnFWmELeJsGoKvLHyzC_GmZu-eT1QXjQCHRGj6HuQ,529
-maya_umbrella/__version__.py,sha256=3Msc5baw88UJubVj5AVFB8tExkT2OFIsNWe2leaoHhc,23
+maya_umbrella/__version__.py,sha256=XpM3lncCzPBIwMSvDN7i10pke_c6KdJtVLZYbCiaTRw,23
 maya_umbrella/_vendor/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 maya_umbrella/_vendor/atomicwrites/LICENSE,sha256=h4Mp8L2HitAVEpzovagvSB6G7C6Agx6QnA1nFx2SLnM,1069
 maya_umbrella/_vendor/atomicwrites/__init__.py,sha256=myvxvKRBb7vebPTSUiAopsRrvsm6VojiAvET1xohT-4,6970
@@ -27,14 +27,14 @@ maya_umbrella/locales/zh_CN.json,sha256=eQbsZsUj87B5HhHi_usTNGzwo01MLjkHKM11KWhh
 maya_umbrella/log.py,sha256=SLgBPpnDpkDhOU94UHNPqanhKr6aZiJn4XdwIsoXD4M,1355
 maya_umbrella/maya_funs.py,sha256=_4LaMO4cRTCcbgNj2ei7UtSLAnCRY_ylHiLGKgvM4sE,3652
 maya_umbrella/scanner.py,sha256=1-GY-Jx1iECnAo-L2Lw5e5t5zaQsMwWDH0A4TOjlIww,4428
-maya_umbrella/signatures.py,sha256=FkQ5VpiP7tTrF0K7H6sFVe_E3RB9uImZGPldxyRpegk,1148
+maya_umbrella/signatures.py,sha256=tQjBMTMS-fWiKJ8smjGbJLQRb39C-ATuYMFzCz9P144,1878
 maya_umbrella/vaccine.py,sha256=aBW6pdT4tD4OMBPZ-d3E4_n16Rylz-2gb7JWzMZVPK0,1022
 maya_umbrella/vaccines/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 maya_umbrella/vaccines/vaccine1.py,sha256=WLo1uJElTLSjVCf5CBtRNU4HKs63my5mkHiGqTfnNEE,489
-maya_umbrella/vaccines/vaccine2.py,sha256=qYiI_-BSojgN7j4esYCGBDLeyBSneDOGUwZhKHccxh8,2170
-maya_umbrella/vaccines/vaccine3.py,sha256=vcjGt0jZxBDb7iCUMmBWBQGPZD3BFH96gL6pPxNwDr0,3676
-maya_umbrella/vaccines/vaccine4.py,sha256=IftMSf9CM6NJ9FmTXeRTYQ3qiYVrRSzJxMyHDdE2tQc,2272
-maya_umbrella-0.16.0.dist-info/METADATA,sha256=SUh-TwBxhm_2qBT31CjGKOIKhnntvG4erDd5hpu1gNg,14128
-maya_umbrella-0.16.0.dist-info/WHEEL,sha256=MICUlqIgkuEnKh9OWy254Ca7q2MHOW-q0u36TZR60nU,92
-maya_umbrella-0.16.0.dist-info/licenses/LICENSE,sha256=tJf0Pz8q_65AjEkm3872K1cl4jGil28vJO5Ko_LhUqc,1060
-maya_umbrella-0.16.0.dist-info/RECORD,,
+maya_umbrella/vaccines/vaccine2.py,sha256=wZNfxdHiqnx6cmDHCjdzp5zqqqUbE0mQVHHOjBIUyug,2357
+maya_umbrella/vaccines/vaccine3.py,sha256=U-Sik0t4PCKHsXn4T4SUOlPHaM3pDJqfq8EAArPVznA,4047
+maya_umbrella/vaccines/vaccine4.py,sha256=fFFikRn4TCphiuC9yJCVNOd7HWJP-eUtpykH-Gs1dM4,6833
+maya_umbrella-0.17.0.dist-info/METADATA,sha256=umDhmFAwxRJIx7qahWMVzesmjg1TX41sQq963vslojA,14128
+maya_umbrella-0.17.0.dist-info/WHEEL,sha256=1-QUqDxcpG1saiflGXqu9XhixW9lXrgRMoc4ROvffFU,92
+maya_umbrella-0.17.0.dist-info/licenses/LICENSE,sha256=tJf0Pz8q_65AjEkm3872K1cl4jGil28vJO5Ko_LhUqc,1060
+maya_umbrella-0.17.0.dist-info/RECORD,,

{maya_umbrella-0.16.0.dist-info → maya_umbrella-0.17.0.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: poetry-core 2.2.1
+Generator: poetry-core 2.3.1
 Root-Is-Purelib: true
 Tag: py2.py3-none-any