Home > Uncategorized > Script: Non working Python to pull down the TrendMicro virus definition file

Script: Non working Python to pull down the TrendMicro virus definition file

Here’s an unfinished script that was attempting to automatically pull down TrendMicro virus definition files for use with vscanwin32.com.

You still might be able to just implement another module to obtain the web page, and make it work. Right now, I just don’t have time.

import urllib, sys, zipfile, time, os, subprocess, optparse

parser = optparse.OptionParser()
parser.add_option("-d", "--drive", dest="driveletter", help="comma seperated list of drive letter to scan. \"d:\" ")
parser.add_option("-e", "--email", dest="emailaddrlist", help="comma seperated list of email addresses to send report.")
parser.add_option("-k", "--keepzip", dest="deletezip", help="to immediately delete the virus defitions zip once expanded.", default=True)

(options, args) = parser.parse_args()

if options.driveletter == None or options.emailaddrlist == None:
    parser.print_help()
    sys.exit()
print options.driveletter
print options.emailaddrlist

raw_input = ("foresheeez")
def main():
    WebPageToSearch = "http://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=1&regs=NABU&lang_loc=1" 
    ToFind_start = "http://www.trendmicro.com/ftp/products/aupattern/ent95/lpt" 
    ToFind_end = ".zip" 

    LocalVirusDefPath = r"C:\Program Files\Trend Micro\Client Server Security Agent" + "\\" 

    AntiVirusExec = r"C:\Program Files\Trend Micro\Client Server Security Agent\vscanwin32.com" 

    AntiVirusArgs = ["/S","/C","/Q","/LD"]

    AntiVirusDriveToScan = str(options.driveletter).split(",")

    if os.path.exists("detect.log"):
        os.remove("detect.log")

    TrendMicroDefURL = urllib.urlopen(WebPageToSearch).read()

    VirusDefURL = "" 
    for i in range(TrendMicroDefURL.find(ToFind_start),TrendMicroDefURL.find(ToFind_end) + 4):
            VirusDefURL = VirusDefURL + TrendMicroDefURL[i]

    #http://www.trendmicro.com/ftp/products/pattern/lpt795.zip
    Filename = VirusDefURL.split("/")
    Filename = Filename[len(Filename)-1]
    LocalPath = LocalVirusDefPath + Filename

    if os.path.exists(LocalVirusDefPath + Filename):
        print "File exists: " + LocalVirusDefPath + Filename
    else:
        print "Retriving " + VirusDefURL + " to " + LocalPath + "..." 
        urllib.urlretrieve(VirusDefURL, LocalPath)

    DefFile = LocalVirusDefPath + "lpt$vpn." + Filename[3:Filename.find(".zip")]

    if os.path.exists(DefFile):
        print "File exists: " + DefFile
    else:
        print "Extracting..." 
        zipFile = zipfile.ZipFile(LocalPath, 'r')
        zipFile.extractall(LocalVirusDefPath)
        for name in zipFile.namelist():
            print name

        zipFile = None
        if deletezip == True:
            os.remove(DefFile)
            print "" 
            print DefFile + " has been deleted." 

    for drive in AntiVirusDriveToScan:
        print "" 
        print "Performing virus scan on the " + drive + " drive..." 
        cmd = [AntiVirusExec, AntiVirusArgs, drive]
        procexec = subprocess.Popen( cmd )

    TaskListCheck( "vscanwin32", True )
    EnumerateFile ( "detect.log" )
    print "Report will be emailed to yourface@externaldomain.com" 

def TaskListCheck( passSearchStr, ShallIWait ):
    cmd = r"c:\windows\system32\tasklist.exe" 
    TaskListCheck = True

    if ShallIWait == True:
        while TaskListCheck:
            procexec = subprocess.Popen ( cmd, stdout=subprocess.PIPE, universal_newlines=True)
            stdout_value = (procexec.communicate()[0]).lower()
            if stdout_value.find(passSearchStr) > 0:
                time.sleep(5)
            else:
                TaskListCheck = False
    else:
        procexec = subprocess.Popen ( cmd, stdout=subprocess.PIPE, universal_newlines=True)
        stdout_value = (procexec.communicate()[0]).lower()
        if stdout_value.find(passSearchStr) > 0:
            TaskListCheck = True
        else:
            TaskListCheck = False

def EnumerateFile( passFileName ):
    objFile = open ( passFileName )

    MailMsg = "Scan completed.  The following is a list of infected files:\n\n" 

    for line in objFile:
        MailMsg = MailMsg + line
    objFile.close

    from socket import gethostname
    Mailer( "yourface@externaldomain.com", options.emailaddrlist, "Virus Scan Results for " + gethostname(), MailMsg)

def Mailer( passFromAddr, passToAddr, passSubject, passMessage ):

    import smtplib

    FROM = passFromAddr
    TO = passToAddr
    SUBJECT = passSubject
    TEXT = passMessage

    message = "From: %s\r\nTo: %s\r\nSubject: %s\r\n\r\n %s" % (FROM, TO, SUBJECT, TEXT)

    server = smtplib.SMTP( "smtpserver.com" )
    errStatus = server.sendmail(FROM, TO, message)
    for errorItem in errStatus:
        print "" 
        print "SMTP Error: " + errorItem
    server.quit()
    return

main()
Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: