晋太元中,武陵人捕鱼为业。缘溪行,忘路之远近。忽逢桃花林,夹岸数百步,中无杂树,芳草鲜美,落英缤纷。渔人甚异之,复前行,欲穷其林。   林尽水源,便得一山,山有小口,仿佛若有光。便舍船,从口入。初极狭,才通人。复行数十步,豁然开朗。土地平旷,屋舍俨然,有良田、美池、桑竹之属。阡陌交通,鸡犬相闻。其中往来种作,男女衣着,悉如外人。黄发垂髫,并怡然自乐。   见渔人,乃大惊,问所从来。具答之。便要还家,设酒杀鸡作食。村中闻有此人,咸来问讯。自云先世避秦时乱,率妻子邑人来此绝境,不复出焉,遂与外人间隔。问今是何世,乃不知有汉,无论魏晋。此人一一为具言所闻,皆叹惋。余人各复延至其家,皆出酒食。停数日,辞去。此中人语云:“不足为外人道也。”(间隔 一作:隔绝)   既出,得其船,便扶向路,处处志之。及郡下,诣太守,说如此。太守即遣人随其往,寻向所志,遂迷,不复得路。   南阳刘子骥,高尚士也,闻之,欣然规往。未果,寻病终。后遂无问津者。 .
Prv8 Shell
Server : Apache
System : Linux srv.rainic.com 4.18.0-553.47.1.el8_10.x86_64 #1 SMP Wed Apr 2 05:45:37 EDT 2025 x86_64
User : rainic ( 1014)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
Directory :  /opt/imunify360/venv/lib/python3.11/site-packages/imav/malwarelib/plugins/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //opt/imunify360/venv/lib/python3.11/site-packages/imav/malwarelib/plugins/mrs_uploader.py
"""
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
"""
import re
from logging import getLogger
from typing import List

from defence360agent.contracts.config import Malware as Config
from defence360agent.contracts.license import LicenseError
from defence360agent.contracts.messages import MessageType
from defence360agent.contracts.plugins import (
    MessageSink,
    MessageSource,
    expect,
)
from imav.malwarelib.utils import malware_response

logger = getLogger(__name__)


class MRSUploader(MessageSink, MessageSource):
    ERR_MSG = "Failed to submit a file"
    SUSP_PATTERN = re.compile(r"(?:suspicious\..+|[CS]MW-SUS-.+|SMW-HEUR-ELF)")

    async def create_source(self, loop, sink):
        self._sink = sink
        self._loop = loop

    async def create_sink(self, loop):
        pass

    def _separate_hits_by_type(self, results) -> tuple:
        malicious = []
        suspicious = []
        extended_suspicious = []
        for file, data in results.items():
            is_extended_suspicious = False
            is_suspicious = False
            is_malicious = False
            for hit in data["hits"]:
                is_extended_suspicious |= hit.get("extended_suspicious", False)
                is_suspicious |= bool(
                    hit["suspicious"]
                    and self.SUSP_PATTERN.match(hit["matches"])
                )
                is_malicious |= not hit["suspicious"]
            hit_info = malware_response.HitInfo(file, data["hash"])
            if is_extended_suspicious:
                extended_suspicious.append(hit_info)
            elif is_suspicious:
                suspicious.append(hit_info)
            elif is_malicious:
                malicious.append(hit_info)
        return malicious, suspicious, extended_suspicious

    @expect(MessageType.MalwareScan)
    async def process_scan(self, message):
        results = message["results"]
        if results is None:
            return
        if not Config.SEND_FILES:
            logger.info("Uploading files to MRS is disabled")
            return
        (
            malicious_hits,
            suspicious_hits,
            extended_suspicious_hits,
        ) = self._separate_hits_by_type(results)
        if malicious_hits:
            await self._sink.process_message(
                MessageType.MalwareMRSUpload(
                    hits=malicious_hits, upload_reason="malicious"
                )
            )

        if suspicious_hits:
            # Move uploading to another task
            await self._sink.process_message(
                MessageType.MalwareMRSUpload(
                    hits=suspicious_hits, upload_reason="suspicious"
                )
            )
        if extended_suspicious_hits:  # pragma: no cover
            await self._sink.process_message(
                MessageType.MalwareMRSUpload(
                    hits=extended_suspicious_hits,
                    upload_reason="extended-suspicious",
                )
            )
        errors = message["summary"].get("errors")
        if errors:
            error_hits = [
                malware_response.HitInfo(hit["file"], hit["hash"])
                for hit in errors
            ]
            await self._sink.process_message(
                MessageType.MalwareMRSUpload(
                    hits=error_hits, upload_reason="scan_error"
                )
            )

    @expect(MessageType.MalwareMRSUpload)
    async def process_hits(self, message):
        hits: List[malware_response.HitInfo] = message["hits"]
        upload_reason = message.get("upload_reason", "suspicious")

        unknown_hashes = await malware_response.check_known_hashes(
            self._loop, (hit.hash for hit in hits), upload_reason
        )
        if not unknown_hashes:
            logger.info("All files are known to MRS. Skipping uploading...")
            return

        files = (hit.file for hit in hits if hit.hash in unknown_hashes)
        for file in files:
            try:
                await malware_response.upload_with_retries(
                    file,
                    upload_reason=upload_reason,
                )
            except LicenseError as e:
                logger.warning("Cannot process message %s: %s", message, e)
                break
            except FileNotFoundError as e:
                err = "{}. {}".format(self.ERR_MSG, e.strerror)
                logger.warning("%s: %s", err, e.filename)

haha - 2025