The begining
This commit is contained in:
commit
dee311e709
71 changed files with 8349 additions and 0 deletions
82
commandes/scan.py
Executable file
82
commandes/scan.py
Executable file
|
|
@ -0,0 +1,82 @@
|
|||
# scan.py
|
||||
import discord
|
||||
from discord import app_commands
|
||||
from discord.ext import commands
|
||||
import hashlib
|
||||
import os
|
||||
import json
|
||||
import re
|
||||
|
||||
MALWARE_DB = "malware.json"
|
||||
SUSPICIOUS_EXTENSIONS = [".exe", ".scr", ".bat", ".js", ".vbs", ".cmd"]
|
||||
MALWARE_PATTERNS = [
|
||||
rb"powershell\s+-nop",
|
||||
rb"cmd\s+/c",
|
||||
rb"eval\(",
|
||||
rb"base64_decode\(",
|
||||
rb"CreateObject\(\"WScript\.Shell\"\)"
|
||||
]
|
||||
|
||||
def load_malware_db():
|
||||
if not os.path.isfile(MALWARE_DB):
|
||||
with open(MALWARE_DB, "w") as f:
|
||||
json.dump([], f)
|
||||
return []
|
||||
with open(MALWARE_DB, "r") as f:
|
||||
return json.load(f)
|
||||
|
||||
def get_file_hash(file_path):
|
||||
sha256_hash = hashlib.sha256()
|
||||
with open(file_path, "rb") as f:
|
||||
for byte_block in iter(lambda: f.read(4096), b""):
|
||||
sha256_hash.update(byte_block)
|
||||
return sha256_hash.hexdigest()
|
||||
|
||||
def scan_file(file_path):
|
||||
if not os.path.isfile(file_path):
|
||||
return {"error": "Fichier introuvable."}
|
||||
|
||||
file_hash = get_file_hash(file_path)
|
||||
malware_db = load_malware_db()
|
||||
|
||||
if file_hash in malware_db:
|
||||
return {"hash": file_hash, "malicious": True, "reason": "Hash connu dans la base malveillante."}
|
||||
|
||||
_, ext = os.path.splitext(file_path)
|
||||
if ext.lower() in SUSPICIOUS_EXTENSIONS:
|
||||
return {"hash": file_hash, "malicious": True, "reason": f"Extension suspecte : {ext}"}
|
||||
|
||||
with open(file_path, "rb") as f:
|
||||
content = f.read()
|
||||
for pattern in MALWARE_PATTERNS:
|
||||
if re.search(pattern, content):
|
||||
return {"hash": file_hash, "malicious": True, "reason": f"Pattern suspect détecté : {pattern.decode(errors='ignore')}"}
|
||||
|
||||
return {"hash": file_hash, "malicious": False, "reason": "Fichier sain."}
|
||||
|
||||
|
||||
class Scan(commands.Cog):
|
||||
def __init__(self, bot: commands.Bot):
|
||||
self.bot = bot
|
||||
|
||||
@app_commands.command(name="scan", description="Scanner un fichier pour détecter un malware.")
|
||||
async def scan(self, interaction: discord.Interaction, file: discord.Attachment):
|
||||
await interaction.response.defer() # Permet de prendre un peu de temps pour le scan
|
||||
|
||||
# Téléchargement temporaire du fichier
|
||||
tmp_path = f"tmp_{file.filename}"
|
||||
await file.save(tmp_path)
|
||||
|
||||
result = scan_file(tmp_path)
|
||||
os.remove(tmp_path) # Supprime le fichier temporaire
|
||||
|
||||
if result.get("error"):
|
||||
await interaction.followup.send(f"❌ Erreur : {result['error']}")
|
||||
elif result.get("malicious"):
|
||||
await interaction.followup.send(f"⚠️ Fichier malveillant détecté !\nRaison : {result['reason']}\nHash : `{result['hash']}`")
|
||||
else:
|
||||
await interaction.followup.send(f"✅ Fichier sain.\nHash : `{result['hash']}`")
|
||||
|
||||
|
||||
async def setup(bot: commands.Bot):
|
||||
await bot.add_cog(Scan(bot))
|
||||
Loading…
Add table
Add a link
Reference in a new issue