Add a scanner script

author: Julien Voisin 2015-03-10 13:59:34 +0100
committer: Julien Voisin 2015-03-10 13:59:34 +0100
commit: a113aa63fa45497b6393ed3cc87f6f1ef35c8e6e (patch)
tree: 2e87cd21828e7e12867a7df62594ec0ed7b2fab3
parent: fb036bea2f4855ff65ed9c60f826b970218f19d5 (diff)
1 files changed, 48 insertions, 0 deletions
diff --git a/scan.sh b/scan.sh
new file mode 100644
index 0000000..f817866
--- /dev/null
+++ b/scan.sh
@@ -0,0 +1,48 @@
+#/bin/bash
+diff_folder=false
+SCAN_CMD='./yara -r ./malwares.yara -f'
+show_help() {
+    cat << EOF
+Usage ${0##*/} [-dhw]
+    -d  Path to the diff folder
+    -h  Show this help message
+    -w  Provide a whitelist file, containing one path per line
+EOF
+}
+OPTIND=1
+while getopts "hw:d:" opt; do
+    case "$opt" in
+        h)
+            show_help
+            exit 0
+            ;;
+        d)
+            diff_folder="$OPTARG"
+            ;;
+        '?')
+            show_help
+            exit 1
+            ;;
+    esac
+done
+shift "$((OPTIND-1))"
+if [ ! -d "$diff_folder" ]; then
+    echo "[-] Invalid previous_scan directory: " "$diff_folder"
+    exit 1
+fi
+previous_scan="$(ls -t "$diff_folder" | head -1)"
+if [ -z "$previous_scan" ]; then
+    echo "[*] No previous scan found: This will be the first one."
+    $SCAN_CMD "$@" | sort | tee > "$diff_folder/$(date +%s)"
+    exit 0
+fi
+diff <($SCAN_CMD "$@" | sort | tee "$diff_folder/$(date +%s)") <(cat "$diff_folder"/"$previous_scan")
+exit 0
author	Julien Voisin	2015-03-10 13:59:34 +0100
committer	Julien Voisin	2015-03-10 13:59:34 +0100
commit	a113aa63fa45497b6393ed3cc87f6f1ef35c8e6e (patch)
tree	2e87cd21828e7e12867a7df62594ec0ed7b2fab3
parent	fb036bea2f4855ff65ed9c60f826b970218f19d5 (diff)

diff --git a/scan.sh b/scan.sh new file mode 100644 index 0000000..f817866 --- /dev/null +++ b/scan.sh
@@ -0,0 +1,48 @@
	1	#/bin/bash
	2
	3	diff_folder=false
	4
	5	SCAN_CMD='./yara -r ./malwares.yara -f'
	6
	7	show_help() {
	8	cat << EOF
	9	Usage ${0##*/} [-dhw]
	10	-d Path to the diff folder
	11	-h Show this help message
	12	-w Provide a whitelist file, containing one path per line
	13	EOF
	14	}
	15
	16	OPTIND=1
	17	while getopts "hw:d:" opt; do
	18	case "$opt" in
	19	h)
	20	show_help
	21	exit 0
	22	;;
	23	d)
	24	diff_folder="$OPTARG"
	25	;;
	26	'?')
	27	show_help
	28	exit 1
	29	;;
	30	esac
	31	done
	32	shift "$((OPTIND-1))"
	33
	34	if [ ! -d "$diff_folder" ]; then
	35	echo "[-] Invalid previous_scan directory: " "$diff_folder"
	36	exit 1
	37	fi
	38
	39	previous_scan="$(ls -t "$diff_folder" \| head -1)"
	40	if [ -z "$previous_scan" ]; then
	41	echo "[*] No previous scan found: This will be the first one."
	42	$SCAN_CMD "$@" \| sort \| tee > "$diff_folder/$(date +%s)"
	43	exit 0
	44	fi
	45
	46	diff <($SCAN_CMD "$@" \| sort \| tee "$diff_folder/$(date +%s)") <(cat "$diff_folder"/"$previous_scan")
	47
	48	exit 0