It is currently Wed Oct 28, 2020 6:49 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post subject: FPSubmit
PostPosted: Sun Jul 26, 2020 10:13 am 
Offline
User
User

Joined: Tue Mar 03, 2009 3:40 pm
Posts: 55
Location: france
FPSubmit : false positive sample submit to many virus scanner.

This application is intended for submission of exe sample to antivirus scanner.

The program send zip file to the list of adresses in the file avlist.txt .
If 7-zip.dll is present, he can zip the file.

Usage is simple : fill the stringgadget (login, password, mail box, port and select the file sample (in a zip), complete the message and click on Submit File.

Wait for confirmation of message send.

This code x86 = 7 false positive and x64 = 1 false positive.
Dont hésitate to update the adresses list.

Code:
EnableExplicit
;
InitNetwork()

;{- Enumerations / DataSections
;{ Windows
Enumeration
  #Window_0
EndEnumeration
;}
Enumeration
  #menu_window_0 
EndEnumeration
;
Enumeration
  #menu_window_0_infos
  #menu_window_0_quitter
EndEnumeration
;
Enumeration
  #StatusBar_Window_0
EndEnumeration

;{ Gadgets
Enumeration
  #Frame3D_0
  #String_user
  #Frame3D_2
  #String_pw
  #Frame3D_3
  #String_mail
  #Frame3D_4
  #String_smtp
  #Frame3D_6
  #String_port
  #Frame3D_8
  #String_mes
  #Frame3D_10
  #String_file
  #Button_filesel
  #button_zip
  #button_send
  #button_view
EndEnumeration
;}
Global NewList listav.s()
;}

Procedure.s zipfile(fn.s)
  Protected path7zip.s, OutputAnsi.s, CmdLine$, s.s, *cmd
  Protected namezipfile$, password.s,cp.s,typ.s
  ;
  s=LCase(GetExtensionPart(fn))
  If s="zip"
    ProcedureReturn
  EndIf
  ; 
  If fn=""   
    ProcedureReturn   
  EndIf
  ;
  CompilerIf #PB_Compiler_Processor=#PB_Processor_x86
    path7zip=GetPathPart(ProgramFilename())+"7-zip32.dll"
  CompilerElse
    path7zip=GetPathPart(ProgramFilename())+"7-zip64.dll"
  CompilerEndIf
  ;
  If OpenLibrary(0, Path7Zip)
    typ="zip"
    namezipfile$=GetPathPart(fn)+GetFilePart(fn,#PB_FileSystem_NoExtension)+".zip" 
    password="infected"
    cp="-mx9"
    CmdLine$ =  "a -t"+typ+" "+cp+" -p"+password+" -ir!" + #DQUOTE$ + fn + #DQUOTE$ + " " + #DQUOTE$ + namezipfile$+ #DQUOTE$
    ;
    OutputAnsi = Space(1024)
    *cmd=Ascii(cmdline$)
    CallFunction(0,"SevenZip",WindowID(#Window_0),*cmd,@OutputAnsi,1024)
    FreeMemory(*cmd)
    ;
    s=GetPathPart(fn)+GetFilePart(fn,#PB_FileSystem_NoExtension)+".zip"
    If FileSize(s)<>-1
      SetGadgetText(#String_file,s) 
    EndIf
   
    s=PeekS(@OutputAnsi,-1,#PB_Ascii) 
    MessageRequester("FPSubmit",s,#PB_MessageRequester_Info)
    ;
    CloseLibrary(0)
  EndIf
EndProcedure

Procedure mail()
  Protected progress, result, body.s
  Protected mail.s,smtp.s,port,user.s,pw.s, file.s
  ;
  mail=GetGadgetText(#String_mail)
  body=GetGadgetText(#String_mes)
  smtp=GetGadgetText(#String_smtp)
  port=Val(GetGadgetText(#String_port))
  user=GetGadgetText(#String_user)
  pw=GetGadgetText(#String_pw)
  file=GetGadgetText(#String_file)
  ;
  If mail="" Or body="" Or smtp="" Or port=0 Or user="" Or pw="" Or file=""
    MessageRequester("FPSubmit","Missing parameter : cant send sample !",#PB_MessageRequester_Error)
    ProcedureReturn
  EndIf
  ;
  If LCase(GetExtensionPart(file))<>"zip"
   MessageRequester("FPSubmit","Send only zip file !",#PB_MessageRequester_Error)
   ProcedureReturn   
  EndIf
  ;
  If CreateMail(0, mail, "Suspicious File Submission")
    SetMailBody(0,body)
    ;
    If AddMailAttachment(0,"Sample file",file,"application/zip")=0
      MessageRequester("FPSubmit","File not find !",#PB_MessageRequester_Error)
      FreeMail(0)
      ProcedureReturn
    EndIf
    ;
    ForEach listav()
      AddMailRecipient(0, listav(), #PB_Mail_To)
    Next
    ; Set the SMTP server to use
    ;
    If port=465
      Result = SendMail(0, smtp, port,#PB_Mail_Asynchronous|#PB_Mail_UseSSL, user, pw)
    Else
      Result = SendMail(0, smtp, port,#PB_Mail_Asynchronous)
    EndIf
    ;
    Repeat
      Progress = MailProgress(0)
      Delay(300)
    Until Progress = #PB_Mail_Finished Or Progress = #PB_Mail_Error
   
    If Progress = #PB_Mail_Finished
      MessageRequester("FPSubmit", "Mail correctly sent !",#PB_MessageRequester_Info)
    Else
      MessageRequester("FPSubmit", "Can't sent the mail !",#PB_MessageRequester_Error)
    EndIf
    FreeMail(0)
  EndIf
 
EndProcedure

Procedure saveini()
  Protected fnme.s
  fnme=GetPathPart(ProgramFilename())+GetFilePart(ProgramFilename(),#PB_FileSystem_NoExtension)+".ini"
  If FileSize(fnme)=-1
    CreatePreferences(fnme)
  Else
    OpenPreferences(fnme)
  EndIf
  ;
  If GetWindowState(#Window_0)<> #PB_Window_Normal 
    SetWindowState(#Window_0,#PB_Window_Normal)
  EndIf
  PreferenceGroup("window")
  WritePreferenceInteger("top",WindowX(#window_0))
  WritePreferenceInteger("left",WindowY(#window_0))
  ;
  PreferenceGroup("user")
  WritePreferenceString("username",GetGadgetText(#String_user))
  WritePreferenceString("pw",GetGadgetText(#String_pw))
  WritePreferenceString("mail",GetGadgetText(#String_mail))
  WritePreferenceString("smtp",GetGadgetText(#String_smtp))
  WritePreferenceString("port",GetGadgetText(#String_port))
  ;
  ClosePreferences() 
EndProcedure

Procedure loadini()
  Protected fnme.s,x.i,y.i,z.s
  fnme=GetPathPart(ProgramFilename())+GetFilePart(ProgramFilename(),#PB_FileSystem_NoExtension)+".ini"
  ;
  OpenPreferences(fnme)
  ;
  PreferenceGroup("window")
  x=ReadPreferenceInteger("top",-1)
  y=ReadPreferenceInteger("left",-1)
  If x<>-1 Or y<>-1
    ResizeWindow(#window_0,x,y,#PB_Ignore,#PB_Ignore)
  EndIf
  ;
  PreferenceGroup("user")
  z=ReadPreferenceString("username","")
  If z<>""
    SetGadgetText(#String_user,z)
  EndIf
  z=ReadPreferenceString("pw","")
  If z<>""
    SetGadgetText(#String_pw,z)
  EndIf
  z=ReadPreferenceString("mail","")
  If z<>""
    SetGadgetText(#String_mail,z)
  EndIf
  z=ReadPreferenceString("smtp","")
  If z<>""
    SetGadgetText(#String_smtp,z)
  EndIf
  ;
  z=ReadPreferenceString("port","")
  If z<>""
    SetGadgetText(#String_port,z)
  EndIf
  ;
  ClosePreferences()
  ;
  HideWindow(#window_0,0) 
EndProcedure

Procedure selfile()
  Protected slf.s,filtre.s
  Static fdef.s
  Filtre = "Exe (*.exe)|*.exe|All files (*.*)|*.*"
  If fdef=""
    fdef=GetPathPart(ProgramFilename())
  EndIf
 
  slf= OpenFileRequester("Select file", fdef, Filtre, 0)
  If slf<>""
    fdef=GetPathPart(slf)
    SetGadgetText(#String_file,slf)   
  EndIf
 
EndProcedure

Procedure sizew()
  Protected x,y
  x=WindowWidth(#Window_0)
  y=WindowHeight(#Window_0)
  ResizeGadget(#Frame3d_3,#PB_Ignore,#PB_Ignore,x-100,#PB_Ignore)
  ResizeGadget(#String_mail,#PB_Ignore,#PB_Ignore,x-120,#PB_Ignore)
  ResizeGadget(#Frame3d_10,#PB_Ignore,#PB_Ignore,x-15,#PB_Ignore)
  ResizeGadget(#String_file,#PB_Ignore,#PB_Ignore,x-110,#PB_Ignore)
  ResizeGadget(#Button_filesel,x-80,#PB_Ignore,#PB_Ignore,#PB_Ignore)
  ResizeGadget(#button_zip,x-45,#PB_Ignore,#PB_Ignore,#PB_Ignore)
  ResizeGadget(#Frame3d_8,#PB_Ignore,#PB_Ignore,x-15,y-300)
  ResizeGadget(#String_mes,#PB_Ignore,#PB_Ignore,x-30,y-325)
  ResizeGadget(#button_send,#PB_Ignore,y-70,#PB_Ignore,#PB_Ignore)
EndProcedure

Procedure closew()
  If GetWindowState(#Window_0)=#PB_Window_Minimize
    PostEvent(#PB_Event_CloseWindow)
  EndIf
EndProcedure

Procedure OpenWindow_Window_0()
  Protected s.s
  If OpenWindow(#Window_0, 421, 192, 400, 450, "FPSubmit 1.0", #PB_Window_SystemMenu|#PB_Window_SizeGadget|#PB_Window_MinimizeGadget|#PB_Window_TitleBar|#PB_Window_ScreenCentered|#PB_Window_Invisible)
    If CreateImageMenu(#Menu_Window_0, WindowID(#Window_0),#PB_Menu_ModernLook)
      MenuTitle("&Options")
      MenuItem(#Menu_Window_0_Infos, "&Infos")
      MenuBar()
      MenuItem(#Menu_Window_0_Quitter, "&Quit")
    EndIf
    If CreateStatusBar(#StatusBar_Window_0, WindowID(#Window_0))
      AddStatusBarField(100)
    EndIf
    FrameGadget(#Frame3D_0, 5, 15, 180, 45, "Login")
    StringGadget(#String_user, 15, 32, 160, 22, "")
    FrameGadget(#Frame3D_2, 190, 15, 200, 45, "Password")
    StringGadget(#String_pw, 200, 32, 140, 22, "", #PB_String_Password)
    ButtonGadget(#button_view, 350, 30, 30, 25, "^",#PB_Button_Toggle   )
    GadgetToolTip(#button_view,"Show password")
    FrameGadget(#Frame3D_3, 5, 60, 300, 45, "Sender Mail")
    StringGadget(#String_mail, 15, 78, 280, 22, "")
    FrameGadget(#Frame3D_4, 5, 115, 260, 45, "SMTP")
    StringGadget(#String_smtp, 15, 130, 240, 22, "")
    FrameGadget(#Frame3D_6, 280, 115, 110, 45, "Port")
    StringGadget(#String_port, 290, 130, 90, 22, "", #PB_String_Numeric   )
    FrameGadget(#Frame3D_8, 5, 220, 385, 155, "Message")
    StringGadget(#String_mes, 15, 240, 370, 125, "", #ES_MULTILINE|#WS_VSCROLL|#WS_HSCROLL|#ES_AUTOVSCROLL)
    s="The sample is in a password protected ZIP file."+#CRLF$+"The password for the attachment is : infected."+#CRLF$+"This file is FALSE positive !"+#CRLF$+"Sample sender by FPSubmit"
    SetGadgetText(#String_mes,s)
    FrameGadget(#Frame3D_10, 5, 165, 385, 45, "File to submit")
    StringGadget(#String_file, 15, 182, 290, 22, "")
    EnableGadgetDrop(#String_file,#PB_Drop_Files, #PB_Drag_Copy)
    ButtonGadget(#Button_filesel, 320, 180, 30, 25, "...")
    GadgetToolTip(#Button_filesel,"File selector")
    ButtonGadget(#Button_zip, 355, 180, 30, 25, "ZIP")
    GadgetToolTip(#Button_zip,"Zip file")
    ButtonGadget(#button_send, 15, 380, 100, 25, "Submit File")
    GadgetToolTip(#Button_send,"Send mail")
    ;
    WindowBounds(#Window_0,400,440,#PB_Ignore,#PB_Ignore)
    BindEvent(#PB_Event_SizeWindow,@sizew())
    BindEvent(#PB_Event_CloseWindow,@closew()) 
   
  EndIf
EndProcedure

Procedure readadd()
  If ReadFile(0, "avlist.txt")
    While Eof(0) = 0           
      AddElement(listav())
      listav()=ReadString(0)
    Wend
    CloseFile(0) 
    StatusBarText(#StatusBar_Window_0,0,"AV list : "+Str(ListSize(listav())),#PB_StatusBar_Center) 
  Else
    MessageRequester("FPSubmit","File avlist.txt missing !",#PB_MessageRequester_Error)
    DisableGadget(#button_send,#True)
  EndIf
  ; 
EndProcedure


;- begin loop

Define s.s
OpenWindow_Window_0()
loadini()
readadd()
;
CompilerIf #PB_Compiler_Processor=#PB_Processor_x86
  s=GetPathPart(ProgramFilename())+"7-zip32.dll"
CompilerElse
  s=GetPathPart(ProgramFilename())+"7-zip64.dll"     
CompilerEndIf
If FileSize(s)=-1
  DisableGadget(#button_zip,#True)     
EndIf
;
;{- Event loop
Repeat   
  Select WaitWindowEvent()
      ; ///////////////////
    Case #PB_Event_GadgetDrop
      If EventDropType()=#PB_Drop_Files 
        SetGadgetText(#String_file,StringField(EventDropFiles(),1,Chr(10))) 
      EndIf 
    Case #PB_Event_Gadget
      Select EventGadget()
        Case #button_send
          mail()
        Case #Button_filesel
          selfile()
        Case #button_zip
          zipfile(GetGadgetText(#String_file))
        Case #button_view
          StringGadget(#String_pw, 200, 32, 140, 22, GetGadgetText(#String_pw),#PB_String_Password-GetGadgetState(#button_view)<<5)
      EndSelect
      ; ////////////////////////
    Case #PB_Event_Menu
      Select EventMenu()
        Case #menu_window_0_infos
          s="FP Submit "+#pb_editor_fileversion
          CompilerIf #PB_Compiler_Processor= #PB_Processor_x64
            s+" - x64"
          CompilerElse
            s+" - x86"
          CompilerEndIf
          s+" - PB :"+#PB_Compiler_Version
          s+#CRLF$+"False positive sample submit"+#CRLF$
          s+#CRLF$+"by DrGolf @"+Year(Date())+#CRLF$
          s+#CRLF$+"FREEWare"
          MessageRequester("FPSubmit",s,#MB_ICONINFORMATION)   
        Case #menu_window_0_quitter 
          PostEvent(#PB_Event_CloseWindow)
      EndSelect
      ; 
    Case #PB_Event_CloseWindow
      Select EventWindow()
        Case #Window_0
          FreeList(listav())
          saveini()
          CloseWindow(#Window_0)
          Break
      EndSelect
  EndSelect
ForEver
;
;}



and the list of mail for virus scanner (save as avlist.txt) :



Top
 Profile  
Reply with quote  
 Post subject: Re: FPSubmit
PostPosted: Sun Jul 26, 2020 10:19 am 
Offline
Addict
Addict

Joined: Thu Apr 18, 2019 8:17 am
Posts: 1043
Looks interesting, but #pb_editor_fileversion is not found so it won't compile.


Top
 Profile  
Reply with quote  
 Post subject: Re: FPSubmit
PostPosted: Sun Jul 26, 2020 10:23 am 
Offline
User
User

Joined: Tue Mar 03, 2009 3:40 pm
Posts: 55
Location: france
#pb_editor_fileversion : is for windows.

Rem the line...

Some adjustements for compiling on LINUX or OSX.


Top
 Profile  
Reply with quote  
 Post subject: Re: FPSubmit
PostPosted: Sun Jul 26, 2020 10:29 am 
Offline
Addict
Addict

Joined: Thu Apr 18, 2019 8:17 am
Posts: 1043
drgolf wrote:
#pb_editor_fileversion : is for windows.

I've removed it now, but it's not in my PureBasic install for Windows. Even this won't compile:

Code:
Debug #pb_editor_fileversion

Image


Top
 Profile  
Reply with quote  
 Post subject: Re: FPSubmit
PostPosted: Sun Jul 26, 2020 10:36 am 
Offline
User
User

Joined: Tue Mar 03, 2009 3:40 pm
Posts: 55
Location: france
The code compile fine on pb 5.72 x86 and x64 on windows 10.
YOU need to include version information on the compiler options.

Code:
Case #menu_window_0_infos
          s="FP Submit ";+#pb_editor_fileversion
          CompilerIf #PB_Compiler_Processor= #PB_Processor_x64
            s+" - x64"
          CompilerElse
            s+" - x86"
          CompilerEndIf
          s+" - PB :"+#PB_Compiler_Version
          s+#CRLF$+"False positive sample submit"+#CRLF$
          s+#CRLF$+"by Roger @"+Year(Date())+#CRLF$
          s+#CRLF$+"FREEWare"
          MessageRequester("FPSubmit",s,#MB_ICONINFORMATION)



Top
 Profile  
Reply with quote  
 Post subject: Re: FPSubmit
PostPosted: Sun Jul 26, 2020 10:43 am 
Offline
Addict
Addict

Joined: Thu Apr 18, 2019 8:17 am
Posts: 1043
Oh, right. Thanks for explaining.


Top
 Profile  
Reply with quote  
 Post subject: Re: FPSubmit
PostPosted: Sun Jul 26, 2020 2:34 pm 
Offline
PureBasic Expert
PureBasic Expert
User avatar

Joined: Fri Apr 25, 2003 4:34 pm
Posts: 997
Location: Canada
Quote:
FPSubmit : false positive sample submit to many virus scanner.

Wouldn't it make more sense to have the avlist.txt load into a ListIconGadget and you check off the appropriate email address you wish to send the False Positive submission to?

What happens if you submit your EXE to an AV company that is not flagging it as a potential virus?

_________________
Image Image


Top
 Profile  
Reply with quote  
 Post subject: Re: FPSubmit
PostPosted: Sun Jul 26, 2020 3:33 pm 
Offline
User
User

Joined: Tue Mar 03, 2009 3:40 pm
Posts: 55
Location: france
You are free to complete the source with a list icon checkbox.

In the actual context where the politic is : no more individual dev, i think its important to submit.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

 


Powered by phpBB © 2008 phpBB Group
subSilver+ theme by Canver Software, sponsor Sanal Modifiye