.net Core Cli to Scan Uploaded Files

This article volition demonstrate virtually the what is the easiest mode to protect our files/documents from viruses before they got uploaded to a storage location. Usually, without performing anti-virus scanning or other content checking against the uploaded file, there might exist a chance that attackers could target other users of the application by uploading malware to the server.

In today's article, we will perform filtering and content checking on whatsoever files which are uploaded to the server. Files should be thoroughly scanned and validated confronting an anti-virus scanner with upwards-to-date virus signatures before existence made available to other users. Any files flagged as malicious should be discarded or deleted immediately.

Prerequisites

I've been using the .Cyberspace 5.0 template to perform this operation and hither I'chiliad sharing the link to install the SDK,

Create a Web API projection with a .Net 5.0 Template.

Step 2

Install the Parcel which will be used for the virus when uploading whatsoever document to the API endpoint.

For more than details almost nclam & Clam Av, yous can cheque here.

Step iii

There are two possible ways in which we can use this Clam AV Server in our projection,

1. Running the Clam Av Server under the Docker image
2. Using their own Clam Av Ip accost to browse our files (If clam server is already installed in our machine)

Running the Mollusk Av Server under the Docker image

Setup the Mollusk server - in local using Docker

1. Click here to install the docker.
2. Use the below commands in command prompt to setup the clam Av server locally

• docker run -d -p 3310:3310 mkodockx/docker-clamav:alpine
• docker run -d -p 3310:3310 mk0x/docker-clamav
• docker ps

Once this setup is washed, let'south create an endpoint and the necessary configuration to scan our files under that mollusk Av server by docker epitome. Add the Mollusk Av port configuration in the appsettings.json file.

appsettings.json

1. {
2. "Logging" : {
3. "LogLevel" : {
4. "Default" : "Information" ,
5. "Microsoft" : "Warning" ,
6. "Microsoft.Hosting.Lifetime" : "Information"
7.     }
8.   },
9. "AllowedHosts" : "*" ,
10. "ClamAVServer" : {
11. "URL" : "localhost" ,
12. "Port" : "3310"
13.   }
14. }

Create an endpoint and read the file from the file upload endpoint and convert the file to a byte array. ClamClient scan result returns with ClamScanResult enum values which tells you that your browse was make clean or a virus was detected.

Here is some sample lawmaking,

FileController.cs

1. using  Microsoft.AspNetCore.Http;
2. using  Microsoft.AspNetCore.Mvc;
3. using  Microsoft.Extensions.Configuration;
4. using  Microsoft.Extensions.Logging;
5. using  nClam;
6. using  Organization;
7. using  Organisation.Collections.Generic;
8. using  Organization.IO;
9. using  Organization.Linq;
10. using  System.Net;
11. using  Organisation.Threading.Tasks;
13. namespace  ScanFiles_AntiVirus.Controllers
14. {
15.     [Route("api/[controller]" )]
16.     [ApiController]
17. public grade  FileUploadController : ControllerBase
18.     {
19. private  readonly IConfiguration _configuration;
20. public  FileUploadController(
21.             IConfiguration configuration)
22.         {
23.             _configuration = configuration;
24.         }
26.         [HttpPost]
27. public  async Task<IActionResult> UploadFile(IFormFile file)
28.         {
29. if  (file == nix || file.Length == 0)
30. return  Content( "file not selected" );
32.             var ms =new  MemoryStream();
33.             file.OpenReadStream().CopyTo(ms);
34.             byte[] fileBytes = ms.ToArray();
35.             string Result = cord.Empty;
36. attempt
37.             {
38.                 var mollusk =new  ClamClient( this ._configuration[ "ClamAVServer:URL" ],
39.                 Catechumen.ToInt32(this ._configuration[ "ClamAVServer:Port" ]));
40.                 var scanResult = await clam.SendAndScanFileAsync(fileBytes);
43.                 Result =  scanResult.Resultswitch
44.                 {
45.                     ClamScanResults.Clean =>"Clean" ,
46.                     ClamScanResults.VirusDetected =>"Virus Detected" ,
47.                     ClamScanResults.Mistake =>"Error in File" ,
48.                     ClamScanResults.Unknown =>"Unknown File" ,
49.                           _ =>"No instance available"
50.                 };
51.             }
52. catch  (Exception ex)
53.             {
54. throw  ex;
55.             }
57. render  Ok(Result);
58.         }
59.     }
60. }

Run and Test with Valid File,

Test with Anti-malware File

As a POC, the EICAR file was uploaded. This is a sample file used to test the response of anti-virus software. You can download a sample file from this Site. You may demand to pause your antivirus protection on your device to perform this activity.

Using their ain Clam Av Ip address to scan our files

To browse the documents without docker image and if the clam av server is already installed in our machine we need to change a bit of code in the API level instead of going with docker port.

Hither is the following lawmaking,

FileController.cs

1. using  Microsoft.AspNetCore.Http;
2. using  Microsoft.AspNetCore.Mvc;
3. using  Microsoft.Extensions.Configuration;
4. using  Microsoft.Extensions.Logging;
5. using  nClam;
6. using  Organisation;
7. using  Arrangement.Collections.Generic;
8. using  Arrangement.IO;
9. using  System.Linq;
10. using  System.Net;
11. using  System.Threading.Tasks;
13. namespace  ScanFiles_AntiVirus.Controllers
14. {
15.     [Route("api/[controller]" )]
16.     [ApiController]
17. public class  FileUploadController : ControllerBase
18.     {
19. private  readonly IConfiguration _configuration;
20. public  FileUploadController(
21.             IConfiguration configuration)
22.         {
23.             _configuration = configuration;
24.         }
26.         [HttpPost]
27. public  async Job<IActionResult> UploadFile(IFormFile file)
28.         {
29. if  (file == null || file.Length == 0)
30. return  Content( "file non selected" );
32.             var ms =new  MemoryStream();
33.             file.OpenReadStream().CopyTo(ms);
34.             byte[] fileBytes = ms.ToArray();
35.             string Effect = string.Empty;
36. effort
37.             {
43. var clam = new  ClamClient(IPAddress.Parse( "127.0.0.ane" ), 3310);
44.                 var scanResult = await mollusk.SendAndScanFileAsync(fileBytes);
47.                 Result =  scanResult.Resultswitch
48.                 {
49.                     ClamScanResults.Clean =>"Make clean" ,
50.                     ClamScanResults.VirusDetected =>"Virus Detected" ,
51.                     ClamScanResults.Error =>"Error in File" ,
52.                     ClamScanResults.Unknown =>"Unknown File" ,
53.                           _ =>"No case bachelor"
54.                 };
55.             }
56. take hold of  (Exception ex)
57.             {
58. throw  ex;
59.             }
61. render  Ok(Result);
62.         }
63.     }
64. }

Conclusion

Thank you for reading, delight let me know your questions, thoughts, or feedback in the comments section. I appreciate your feedback and encouragement.

keep learning....!

reyesmamrainy1941.blogspot.com

Source: https://www.c-sharpcorner.com/article/antivirus-protection-scan-on-document-upload-in-net/