Browse Source

Version 4.1

master XvirusSDK_4.1
Dani Santos 2 years ago
parent
commit
f644f4b1d7
  1. 52
      README.md
  2. BIN
      bin/Ijwhost.dll
  3. BIN
      bin/Linux/XvirusSDK.so
  4. 0
      bin/Linux/errorlog.txt
  5. BIN
      bin/Linux/libFastTreeNative.so
  6. BIN
      bin/Linux/libLdaNative.so
  7. 0
      bin/Linux/settings.json
  8. BIN
      bin/Microsoft.ML.Core.dll
  9. BIN
      bin/Microsoft.ML.CpuMath.dll
  10. BIN
      bin/Microsoft.ML.Data.dll
  11. BIN
      bin/Microsoft.ML.DataView.dll
  12. BIN
      bin/Microsoft.ML.FastTree.dll
  13. BIN
      bin/Microsoft.ML.KMeansClustering.dll
  14. BIN
      bin/Microsoft.ML.PCA.dll
  15. BIN
      bin/Microsoft.ML.StandardTrainers.dll
  16. BIN
      bin/Microsoft.ML.Transforms.dll
  17. BIN
      bin/Microsoft.ML.dll
  18. BIN
      bin/Newtonsoft.Json.dll
  19. BIN
      bin/PeNet.Asn1.dll
  20. BIN
      bin/PeNet.dll
  21. BIN
      bin/System.CodeDom.dll
  22. BIN
      bin/System.Security.Cryptography.Pkcs.dll
  23. BIN
      bin/Validation.dll
  24. BIN
      bin/Windows/BaseLibrary.pdb
  25. 0
      bin/Windows/FastTreeNative.dll
  26. 0
      bin/Windows/LdaNative.dll
  27. BIN
      bin/Windows/XvirusSDK.dll
  28. BIN
      bin/Windows/XvirusSDK.pdb
  29. 0
      bin/Windows/errorlog.txt
  30. 15
      bin/Windows/settings.json
  31. 2097
      bin/XescSDK.deps.json
  32. BIN
      bin/XescSDK.dll
  33. 12
      bin/XescSDK.runtimeconfig.json
  34. BIN
      bin/Xunit.SkippableFact.dll
  35. BIN
      bin/xunit.abstractions.dll
  36. BIN
      bin/xunit.core.dll
  37. BIN
      bin/xunit.execution.dotnet.dll
  38. 169
      bin/xvneng.deps.json
  39. BIN
      bin/xvneng.dll
  40. BIN
      bin/xvneng.exp
  41. BIN
      bin/xvneng.lib
  42. 12
      bin/xvneng.runtimeconfig.json
  43. 33
      example/xvbdc.cpp
  44. 8
      example/xvbdc.vcxproj
  45. 38
      example/xvneng.h
  46. BIN
      example/xvneng.lib
  47. BIN
      functions.JPG
  48. 38
      headers/xvneng.h

52
README.md

@ -1,6 +1,6 @@
# Xvirus SDK C++ # Xvirus SDK C++
Xvirus SDK 4.0.5 C++ bindings. Xvirus SDK 4.1 C++ bindings.
## Table of Contents ## Table of Contents
@ -17,38 +17,44 @@ Xvirus SDK 4.0.5 C++ bindings.
## Minimum Requirements ## Minimum Requirements
To run Xvirus SDK you need: No minimum requirements needed!
- .NET 5 Runtime - [download](https://dotnet.microsoft.com/download/dotnet/thank-you/runtime-5.0.11-windows-x64-installer)
- Visual C++ Redistributable 2019 - [download](https://aka.ms/vs/16/release/vc_redist.x64.exe)
## Changelog ## Changelog
- Completely redone in .NET 5 - Version **4.1**:
- Now supports Linux (CLI and C# bindings only)
- Added XvirusAI scan engine (BETA) - Upgraded from .NET 5 to .NET 7
- Scan speed is up to 2x faster - C++ bindings now also support Linux
- Fixed memory usage spike when scanning large files - Removed Minimum Requirements on C++ bindings and CLI
- Removed file size limit for scanned files by default - Changed how exceptions are handled in C++ bindings
- The checkUpdate function can now check for SDK updates
- Added 3 new settings "EnableAIScan", "MaxScanLength" and "DatabaseVersion" - Version **4.0**:
- Completely redone in .NET 5
- Now supports Linux (CLI and C# bindings only)
- Added XvirusAI scan engine (BETA)
- Scan speed is up to 2x faster
- Fixed memory usage spike when scanning large files
- Removed file size limit for scanned files by default
- The checkUpdate function can now check for SDK updates
- Added 3 new settings "EnableAIScan", "MaxScanLength" and "DatabaseVersion"
## Known Issues ## Known Issues
- XvirusAI engine is still in BETA. It is not recomended to use in production yet. - XvirusAI engine is still in BETA. It is not recomended to use in production yet.
- XvirusAI engine does not work in C++ bindings.
- The checkUpdate function can now check for SDK updates but can't update it - The checkUpdate function can now check for SDK updates but can't update it
## Get Started ## Get Started
The "`example`" folder contains an example project on how to import and use Xvirus SDK in C++. The "`example`" folder contains an example project on how to import and use Xvirus SDK in C++.
This project shows you how to statically load Xvirus SDK using `xvneng.lib`, you can also dinamically load `xvneng.dll` like any other dll, [see](https://stackoverflow.com/questions/8696653/dynamically-load-a-function-from-a-dll). This project shows you how to dynamically load Xvirus SDK (`XvirusSDK.dll`) for both Windows and Linux and call a function. You can also read more [here](https://stackoverflow.com/questions/8696653/dynamically-load-a-function-from-a-dll).
You can run it by building it, copying the files from the `bin` folder to the output folder of the build and then running `xvbdc.exe`. You can run it by building it, copying the files from the `bin` folder to the output folder of the build and then running `xvbdc.exe`.
## Avaiable Functions ## Avaiable Functions
You can find the declaration of all functions and structs in the file `xvneng.h` located in the "headers" folder. You can find the definition of all functions and structs in the file `xvneng.h` located in the "headers" folder.
- **load** - Loads Xvirus Scan Engine into memory, if set `force`=true it will reload the scan engine, even if it is already loaded. - **load** - Loads Xvirus Scan Engine into memory, if set `force`=true it will reload the scan engine, even if it is already loaded.
- **unload** - Unloads Xvirus Scan Engine from memory. - **unload** - Unloads Xvirus Scan Engine from memory.
@ -76,9 +82,21 @@ The `scan` function returns a struct `ScanResult` with the following properties:
```c++ ```c++
struct ScanResult { struct ScanResult {
bool sucess; // true if scan was sucessful
bool isMalware; // true if malware bool isMalware; // true if malware
double score; // between 0 and 1, higher score means more likely to be malware, -1 if there was an error double score; // between 0 and 1, higher score means more likely to be malware, -1 if there was an error
char* name; // detection name wchar_t* name; // detection name
wchar_t* error; // error message, only has value if success=false
};
```
All other functions return a struct `ActionResult` with the following properties:
```c++
struct ActionResult {
bool sucess; // true if action was sucessful
wchar_t* result; // result message, only has value if success=true
wchar_t* error; // error message, only has value if success=false
}; };
``` ```
@ -113,6 +131,6 @@ Example of a `settings.json` file:
## Exceptions ## Exceptions
If any of the functions fail it may return an [exception](https://www.cplusplus.com/doc/tutorial/exceptions/). If any of the functions fails the `success` property returns `false` and the `error` property contains the error message.
All exceptions are logged in the `errorlog.txt` file. All exceptions are logged in the `errorlog.txt` file.

BIN
bin/Ijwhost.dll

Binary file not shown.

BIN
bin/Linux/XvirusSDK.so

Binary file not shown.

0
bin/errorlog.txt → bin/Linux/errorlog.txt

BIN
bin/Linux/libFastTreeNative.so

Binary file not shown.

BIN
bin/Linux/libLdaNative.so

Binary file not shown.

0
bin/settings.json → bin/Linux/settings.json

BIN
bin/Microsoft.ML.Core.dll

Binary file not shown.

BIN
bin/Microsoft.ML.CpuMath.dll

Binary file not shown.

BIN
bin/Microsoft.ML.Data.dll

Binary file not shown.

BIN
bin/Microsoft.ML.DataView.dll

Binary file not shown.

BIN
bin/Microsoft.ML.FastTree.dll

Binary file not shown.

BIN
bin/Microsoft.ML.KMeansClustering.dll

Binary file not shown.

BIN
bin/Microsoft.ML.PCA.dll

Binary file not shown.

BIN
bin/Microsoft.ML.StandardTrainers.dll

Binary file not shown.

BIN
bin/Microsoft.ML.Transforms.dll

Binary file not shown.

BIN
bin/Microsoft.ML.dll

Binary file not shown.

BIN
bin/Newtonsoft.Json.dll

Binary file not shown.

BIN
bin/PeNet.Asn1.dll

Binary file not shown.

BIN
bin/PeNet.dll

Binary file not shown.

BIN
bin/System.CodeDom.dll

Binary file not shown.

BIN
bin/System.Security.Cryptography.Pkcs.dll

Binary file not shown.

BIN
bin/Validation.dll

Binary file not shown.

BIN
bin/Windows/BaseLibrary.pdb

Binary file not shown.

0
bin/FastTreeNative.dll → bin/Windows/FastTreeNative.dll

0
bin/LdaNative.dll → bin/Windows/LdaNative.dll

BIN
bin/Windows/XvirusSDK.dll

Binary file not shown.

BIN
bin/Windows/XvirusSDK.pdb

Binary file not shown.

0
bin/Windows/errorlog.txt

15
bin/Windows/settings.json

@ -0,0 +1,15 @@
{
"EnableHeuristics": true,
"EnableAIScan": false,
"MaxScanLength": null,
"DatabaseVersion": {
"AIModel": 0,
"MainDB": 0,
"DailyDB": 0,
"WhiteDB": 0,
"DailywlDB": 0,
"HeurDB": 0,
"HeurDB2": 0,
"MalvendorDB": 0
}
}

2097
bin/XescSDK.deps.json

File diff suppressed because it is too large

BIN
bin/XescSDK.dll

Binary file not shown.

12
bin/XescSDK.runtimeconfig.json

@ -1,12 +0,0 @@
{
"runtimeOptions": {
"tfm": "net5.0",
"framework": {
"name": "Microsoft.NETCore.App",
"version": "5.0.0"
},
"configProperties": {
"System.Reflection.Metadata.MetadataUpdater.IsSupported": false
}
}
}

BIN
bin/Xunit.SkippableFact.dll

Binary file not shown.

BIN
bin/xunit.abstractions.dll

Binary file not shown.

BIN
bin/xunit.core.dll

Binary file not shown.

BIN
bin/xunit.execution.dotnet.dll

Binary file not shown.

169
bin/xvneng.deps.json

@ -1,169 +0,0 @@
{
"runtimeTarget": {
"name": "net5.0",
"signature": ""
},
"compilationOptions": {},
"targets": {
"net5.0": {
"xvneng/1.0.0": {
"dependencies": {
"XescSDK": "4.0.5.0"
},
"runtime": {
"xvneng.dll": {}
}
},
"XescSDK/4.0.5.0": {
"runtime": {
"XescSDK.dll": {
"assemblyVersion": "4.0.5.0",
"fileVersion": "4.0.5.0"
}
}
},
"Microsoft.ML.Data/1.0.0.0": {
"runtime": {
"Microsoft.ML.Data.dll": {
"assemblyVersion": "1.0.0.0",
"fileVersion": "1.700.122.15804"
}
}
},
"Microsoft.ML.Core/1.0.0.0": {
"runtime": {
"Microsoft.ML.Core.dll": {
"assemblyVersion": "1.0.0.0",
"fileVersion": "1.700.122.15804"
}
}
},
"Microsoft.ML.DataView/1.0.0.0": {
"runtime": {
"Microsoft.ML.DataView.dll": {
"assemblyVersion": "1.0.0.0",
"fileVersion": "1.700.122.15804"
}
}
},
"PeNet/1.6.1.0": {
"runtime": {
"PeNet.dll": {
"assemblyVersion": "1.6.1.0",
"fileVersion": "1.6.1.0"
}
}
},
"Microsoft.ML.Transforms/1.0.0.0": {
"runtime": {
"Microsoft.ML.Transforms.dll": {
"assemblyVersion": "1.0.0.0",
"fileVersion": "1.700.122.15804"
}
}
},
"Microsoft.ML.FastTree/1.0.0.0": {
"runtime": {
"Microsoft.ML.FastTree.dll": {
"assemblyVersion": "1.0.0.0",
"fileVersion": "1.700.122.15804"
}
}
},
"Microsoft.ML.StandardTrainers/1.0.0.0": {
"runtime": {
"Microsoft.ML.StandardTrainers.dll": {
"assemblyVersion": "1.0.0.0",
"fileVersion": "1.700.122.15804"
}
}
},
"Newtonsoft.Json/10.0.0.0": {
"runtime": {
"Newtonsoft.Json.dll": {
"assemblyVersion": "10.0.0.0",
"fileVersion": "10.0.3.21018"
}
}
},
"Microsoft.ML.CpuMath/1.0.0.0": {
"runtime": {
"Microsoft.ML.CpuMath.dll": {
"assemblyVersion": "1.0.0.0",
"fileVersion": "1.700.122.15804"
}
}
},
"PeNet.Asn1/1.3.3.0": {
"runtime": {
"PeNet.Asn1.dll": {
"assemblyVersion": "1.3.3.0",
"fileVersion": "1.3.3.0"
}
}
}
}
},
"libraries": {
"xvneng/1.0.0": {
"type": "project",
"serviceable": false,
"sha512": ""
},
"XescSDK/4.0.5.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Microsoft.ML.Data/1.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Microsoft.ML.Core/1.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Microsoft.ML.DataView/1.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"PeNet/1.6.1.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Microsoft.ML.Transforms/1.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Microsoft.ML.FastTree/1.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Microsoft.ML.StandardTrainers/1.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Newtonsoft.Json/10.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"Microsoft.ML.CpuMath/1.0.0.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
},
"PeNet.Asn1/1.3.3.0": {
"type": "reference",
"serviceable": false,
"sha512": ""
}
}
}

BIN
bin/xvneng.dll

Binary file not shown.

BIN
bin/xvneng.exp

Binary file not shown.

BIN
bin/xvneng.lib

Binary file not shown.

12
bin/xvneng.runtimeconfig.json

@ -1,12 +0,0 @@
{
"runtimeOptions": {
"tfm": "net5.0",
"framework": {
"name": "Microsoft.NETCore.App",
"version": "5.0.0"
},
"configProperties": {
"System.Reflection.Metadata.MetadataUpdater.IsSupported": false
}
}
}

33
example/xvbdc.cpp

@ -1,7 +1,14 @@
#include <iostream> #include <iostream>
#include "xvneng.h" #include "xvneng.h"
#ifdef _WIN32
#include "windows.h"
#define symLoad GetProcAddress
#else
#include "dlfcn.h"
#define symLoad dlsym
#endif
using namespace std; using namespace std;
int main ( int main (
@ -9,27 +16,25 @@ int main (
char* argv[] char* argv[]
) )
{ {
string info = string ( version () ); #ifdef _WIN32
HINSTANCE handle = LoadLibrary(L"C:\\XvirusSDK\\bin\\Windows\\XvirusSDK.dll"); // changed this to the path of the dll
#else
void* handle = dlopen("C:\\XvirusSDK\\bin\\Linux\\XvirusSDK.so", RTLD_LAZY); // changed this to the path of the so
#endif
try VersionFn version = (VersionFn) symLoad(handle, VersionFnKey);
{ wstring info = wstring(version());
load(false);
}
catch (const std::exception& e )
{
cout << e.what() << endl;
}
if ( info.length () ) if ( info.length() )
{ {
cout << info.c_str () << endl; wcout << info.c_str() << endl;
} }
else else
{ {
cout << "N/A" << endl; wcout << L"N/A" << endl;
} }
(void) getchar (); (void) getchar();
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }

8
example/xvbdc.vcxproj

@ -29,26 +29,26 @@
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries> <UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset> <PlatformToolset>v143</PlatformToolset>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries> <UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset> <PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization> <WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries> <UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset> <PlatformToolset>v143</PlatformToolset>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries> <UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset> <PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization> <WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>

38
example/xvneng.h

@ -2,20 +2,36 @@
#ifndef _XVNENG_H #ifndef _XVNENG_H
#define _XVNENG_H #define _XVNENG_H
#pragma comment ( lib, "xvneng.lib" ) #define LoadFnKey "load"
#define UnloadFnKey "unload"
#define ScanFnKey "scan"
#define ScanAsStringFnKey "scanAsString"
#define CheckUpdatesFnKey "checkUpdates"
#define GetSettingsFnKey "getSettings"
#define VersionFnKey "version"
struct ScanResult { struct ActionResult
{
bool sucess;
wchar_t* result;
wchar_t* error;
};
struct ScanResult
{
bool sucess;
bool isMalware; bool isMalware;
double score; double score;
char* name; wchar_t* name;
wchar_t* error;
}; };
__declspec(dllimport) void load(bool force); typedef ActionResult(*LoadFn)(bool force);
__declspec(dllimport) void unload(); typedef ActionResult(*UnloadFn)();
__declspec(dllimport) ScanResult scan(const wchar_t* filepath); typedef ScanResult(*ScanFn)(const wchar_t* filepath);
__declspec(dllimport) char* scanAsString(const wchar_t* filepath); typedef ActionResult(*ScanAsStringFn)(const wchar_t* filepath);
__declspec(dllimport) char* checkUpdates(bool checkSDKUpdates, bool loadDBAfterUpdate); typedef ActionResult(*CheckUpdatesFn)(bool checkSDKUpdates, bool loadDBAfterUpdate);
__declspec(dllimport) char* getSettings(); typedef ActionResult(*GetSettingsFn)();
__declspec(dllimport) char* version(); typedef wchar_t* (*VersionFn)();
#endif // _XVNENG_H #endif // _XVNENG_H

BIN
example/xvneng.lib

Binary file not shown.

BIN
functions.JPG

Binary file not shown.

Before

Width:  |  Height:  |  Size: 19 KiB

After

Width:  |  Height:  |  Size: 61 KiB

38
headers/xvneng.h

@ -2,20 +2,36 @@
#ifndef _XVNENG_H #ifndef _XVNENG_H
#define _XVNENG_H #define _XVNENG_H
#pragma comment ( lib, "xvneng.lib" ) #define LoadFnKey "load"
#define UnloadFnKey "unload"
#define ScanFnKey "scan"
#define ScanAsStringFnKey "scanAsString"
#define CheckUpdatesFnKey "checkUpdates"
#define GetSettingsFnKey "getSettings"
#define VersionFnKey "version"
struct ScanResult { struct ActionResult
{
bool sucess;
wchar_t *result;
wchar_t *error;
};
struct ScanResult
{
bool sucess;
bool isMalware; bool isMalware;
double score; double score;
char* name; wchar_t *name;
wchar_t *error;
}; };
__declspec(dllimport) void load(bool force); typedef ActionResult (*LoadFn)(bool force);
__declspec(dllimport) void unload(); typedef ActionResult (*UnloadFn)();
__declspec(dllimport) ScanResult scan(const wchar_t* filepath); typedef ScanResult (*ScanFn)(const wchar_t *filepath);
__declspec(dllimport) char* scanAsString(const wchar_t* filepath); typedef ActionResult (*ScanAsStringFn)(const wchar_t *filepath);
__declspec(dllimport) char* checkUpdates(bool checkSDKUpdates, bool loadDBAfterUpdate); typedef ActionResult (*CheckUpdatesFn)(bool checkSDKUpdates, bool loadDBAfterUpdate);
__declspec(dllimport) char* getSettings(); typedef ActionResult (*GetSettingsFn)();
__declspec(dllimport) char* version(); typedef wchar_t *(*VersionFn)();
#endif // _XVNENG_H #endif // _XVNENG_H

Loading…
Cancel
Save