[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: outdated_scans.py
File is not writable. Editing disabled.
""" This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Copyright © 2019 Cloud Linux Software Inc. This software is also available under ImunifyAV commercial license, see <https://www.imunify360.com/legal/eula> """ import asyncio import os import time from datetime import datetime, timedelta from logging import getLogger from pathlib import Path from defence360agent.api import inactivity from defence360agent.contracts.messages import MessageType from defence360agent.contracts.plugins import Scope from defence360agent.internals.global_scope import g from defence360agent.mr_proper import BaseCleaner from defence360agent.subsys import persistent_state from defence360agent.utils import nice_iterator, split_for_chunk from imav.malwarelib.config import ( MalwareHitStatus, MalwareScanResourceType, MalwareScanType, ) from imav.malwarelib.model import MalwareHistory, MalwareHit, MalwareScan from imav.malwarelib.subsys.malware import MalwareAction from imav.subsys import realtime_av logger = getLogger(__name__) class OutdatedScansCleaner(BaseCleaner): PERIOD = timedelta(days=1).total_seconds() CLEANUP_LIMIT_DELTA = timedelta(days=30) LOCK_FILE = persistent_state.register_lock_file( "malware-scans-cleaner", Scope.AV_IM360 ) @classmethod async def cleanup(cls) -> None: cleanup_time_limit = int( (datetime.now() - cls.CLEANUP_LIMIT_DELTA).timestamp() ) deleted = ( MalwareScan.delete() .where(MalwareScan.started < cleanup_time_limit) .execute() ) logger.info("Cleaned %s outdated scans", deleted) class OutdatedHistoryCleaner(BaseCleaner): PERIOD = timedelta(days=1).total_seconds() CLEANUP_LIMIT_DELTA = timedelta(days=30) LOCK_FILE = persistent_state.register_lock_file( "malware-history-cleaner", Scope.AV_IM360 ) @classmethod async def cleanup(cls) -> None: keep_time_threshold = int( (datetime.now() - cls.CLEANUP_LIMIT_DELTA).timestamp() ) deleted = ( MalwareHistory.delete() .where(MalwareHistory.ctime < keep_time_threshold) .execute() ) logger.info("Cleaned %s outdated malware history", deleted) class OutdatedHitsCleaner(BaseCleaner): PERIOD = int( os.getenv( "IMUNIFY360_OUTDATED_HITS_CHECK_INTERVAL", timedelta(days=1).total_seconds(), ) ) FILE_NAME = os.getenv( "MALWARE_HITS_CLEANER_LOCK_FILE", "malware-hits-cleaner" ) LOCK_FILE = persistent_state.register_lock_file(FILE_NAME, Scope.AV_IM360) REALTIME_SCAN_THRESHOLD = timedelta(minutes=10).total_seconds() CHUNK_SIZE = 1000 @classmethod async def _cleanup(cls) -> None: """Rescan irrelevant malware hits""" to_rescan = [] not_exist_hits = [] # re-check only *malicious* hits hits = ( MalwareHit.select() .where( MalwareHit.status == MalwareHitStatus.FOUND, MalwareHit.resource_type == MalwareScanResourceType.FILE.value, MalwareHit.malicious == True, # noqa: E712 ) .order_by(MalwareHit.timestamp.asc()) ) async for hit in nice_iterator(hits, chunk_size=cls.CHUNK_SIZE): orig_file_path = Path(hit.orig_file) try: file_ctime = orig_file_path.stat().st_ctime if hit.timestamp < file_ctime: # rescan the modified files after scanning, # they may not be infected anymore realtime_threshold = ( time.time() - cls.REALTIME_SCAN_THRESHOLD ) # don't scan file twice if ( not realtime_av.should_be_running() or file_ctime < realtime_threshold ): to_rescan.append(hit.orig_file) except FileNotFoundError: not_exist_hits.append(hit.id) except OSError as exc: logger.warning("Can't check file due to %s", exc) if to_rescan: for files in split_for_chunk(to_rescan, chunk_size=cls.CHUNK_SIZE): logger.info("Rescan %s outdated malware files", len(files)) await g.sink.process_message( MessageType.MalwareRescanFiles( files=files, type=MalwareScanType.RESCAN_OUTDATED ) ) # delete db entries for non-existent files for hits_to_delete in split_for_chunk( not_exist_hits, chunk_size=cls.CHUNK_SIZE ): hits = list( MalwareHit.select() .where(MalwareHit.id.in_(hits_to_delete)) .where(MalwareHit.status == MalwareHitStatus.FOUND) .where(MalwareHit.malicious == True) # noqa: E712 ) deleted = ( MalwareHit.delete().where(MalwareHit.id.in_(hits)).execute() ) await MalwareAction.not_exist( hits, cause=MalwareScanType.RESCAN_OUTDATED ) logger.info("Deleted %s not exist malware hits", deleted) # don't block the whole loop for too long, # return control to the loop every iteration await asyncio.sleep(0) @classmethod async def cleanup(cls): with inactivity.track.task("malware hits relevance check"): await cls._cleanup()
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: premium264.web-hosting.com
Server IP: 69.57.162.13
PHP Version: 8.1.34
Server Software: LiteSpeed
System: Linux premium264.web-hosting.com 4.18.0-553.45.1.lve.el8.x86_64 #1 SMP Wed Mar 26 12:08:09 UTC 2025 x86_64
HDD Total: 97.87 GB
HDD Free: 73.58 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
No
pkexec:
No
git:
Yes
User Info
Username: kidscntx
User ID (UID): 1154
Group ID (GID): 1112
Script Owner UID: 1154
Current Dir Owner: N/A