Mailing List Archive

plz help me!!
Hi everyone,
I am pursuing masters degree. I am doing my project in enhancing clamav
application . can anyone state me, list of enhancement that can be added in
clamav . I will be grateful to you if you can help me as early as possible.
Thanks in advance.

Regards,
Infant Deepak
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: plz help me!! [ In reply to ]
On Tue, 31 Jan 2012 14:51:19 +0530 infant deepak <deeeps.inf@gmail.com>
wrote:
> Hi everyone,
> I am pursuing masters degree. I am doing my project in enhancing clamav
> application . can anyone state me, list of enhancement that can be added in
> clamav . I will be grateful to you if you can help me as early as possible.
> Thanks in advance.

You can find some ideas here:

http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011

--
oo ..... Tomasz Kojm <tkojm@clamav.net>
(\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
\..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Tue Jan 31 13:33:01 CET 2012
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: plz help me!! [ In reply to ]
On 31/01/2012 19:34, Tomasz Kojm wrote:
> On Tue, 31 Jan 2012 14:51:19 +0530 infant deepak<deeeps.inf@gmail.com>
> wrote:
>
>> Hi everyone,
>> I am pursuing masters degree. I am doing my project in enhancing clamav
>> application . can anyone state me, list of enhancement that can be added in
>> clamav . I will be grateful to you if you can help me as early as possible.
>> Thanks in advance.
>>
>
Hello All,

If you need start up project with clamav, You should download code and
setting up projects in Visual Studio ( M$) or GCC ( Linux ).
Debug mode of the VSC++ available for newbie user because you can use
the mouse set break points in line of codes and It's can see stack trace
of call function when you debug clamav programs. GDB debug tool runs on
Linux suitable of some experience of developing project in Linux
based. I attach link of setting project of clamav in Linux. Please see
at link
[http://www.agents.chatsiri.com/conculsion-on-init-step-of-clamav]. It's
hope can help you :D

Chatsiri Rattana
> You can find some ideas here:
>
> http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
>
>

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: plz help me!! [ In reply to ]
Dear Tomasz & chatsiri ...thank you so much for your help..

On 2/1/12, clamav-devel-request@lists.clamav.net
<clamav-devel-request@lists.clamav.net> wrote:
> Send clamav-devel mailing list submissions to
> clamav-devel@lists.clamav.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-devel
> or, via email, send a message with subject or body 'help' to
> clamav-devel-request@lists.clamav.net
>
> You can reach the person managing the list at
> clamav-devel-owner@lists.clamav.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of clamav-devel digest..."
>
>
> Today's Topics:
>
> 1. Re: plz help me!! (Tomasz Kojm)
> 2. Re: plz help me!! (chatsiri)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 31 Jan 2012 13:34:24 +0100
> From: Tomasz Kojm <tkojm@clamav.net>
> Subject: Re: [Clamav-devel] plz help me!!
> To: ClamAV Development <clamav-devel@lists.clamav.net>
> Message-ID: <4F27DFD0.5070600@clamav.net>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On Tue, 31 Jan 2012 14:51:19 +0530 infant deepak <deeeps.inf@gmail.com>
> wrote:
>> Hi everyone,
>> I am pursuing masters degree. I am doing my project in enhancing clamav
>> application . can anyone state me, list of enhancement that can be added
>> in
>> clamav . I will be grateful to you if you can help me as early as
>> possible.
>> Thanks in advance.
>
> You can find some ideas here:
>
> http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
>
> --
> oo ..... Tomasz Kojm <tkojm@clamav.net>
> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
> \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
> //\ /\ Tue Jan 31 13:33:01 CET 2012
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 01 Feb 2012 09:52:01 +0700
> From: chatsiri <chatsiri@chatsiri.com>
> Subject: Re: [Clamav-devel] plz help me!!
> To: ClamAV Development <clamav-devel@lists.clamav.net>
> Message-ID: <4F28A8D1.2090208@chatsiri.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 31/01/2012 19:34, Tomasz Kojm wrote:
>> On Tue, 31 Jan 2012 14:51:19 +0530 infant deepak<deeeps.inf@gmail.com>
>> wrote:
>>
>>> Hi everyone,
>>> I am pursuing masters degree. I am doing my project in enhancing clamav
>>> application . can anyone state me, list of enhancement that can be added
>>> in
>>> clamav . I will be grateful to you if you can help me as early as
>>> possible.
>>> Thanks in advance.
>>>
>>
> Hello All,
>
> If you need start up project with clamav, You should download code and
> setting up projects in Visual Studio ( M$) or GCC ( Linux ).
> Debug mode of the VSC++ available for newbie user because you can use
> the mouse set break points in line of codes and It's can see stack trace
> of call function when you debug clamav programs. GDB debug tool runs on
> Linux suitable of some experience of developing project in Linux
> based. I attach link of setting project of clamav in Linux. Please see
> at link
> [http://www.agents.chatsiri.com/conculsion-on-init-step-of-clamav]. It's
> hope can help you :D
>
> Chatsiri Rattana
>> You can find some ideas here:
>>
>> http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
>>
>>
>
>
>
> ------------------------------
>
> _______________________________________________
> clamav-devel mailing list
> clamav-devel@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-devel
>
>
> End of clamav-devel Digest, Vol 87, Issue 1
> *******************************************
>
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Plz help me!! [ In reply to ]
Hi,

I am doing project on clamAV . I have chosen from

http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
4. DOCX

Add support for parsing docx based MS Office files.

Main purpose is extracting embedded files. You will need to parse the XML,
locate the embedded data, then decode(base64/OLE?) / and decompress
(deflate?) it.

So I did analysis of how clamAV currently scanning a .DOCX file . From my
understanding it treats as a ZIP file and extracts to a temporary folder,
and scanning each xml file and inserted media files such pictures,video
etc.(If I am not correct, kindly explain me).

After that, I tried embedding a EICAR test virus in a picture file by using
Steghide tool. Then I scanned that picture file ,but clamav didnt recognize
it. Reason may be steghide encrypts the virus file.

So I like to know following things,

1. Why clamav didnt recognize encrypted virus?

2.Anyone help me to start my project?(Still now I gone through the source
code using gdb, so I have little knowledge about code)

Awaiting for response.

Regards,

Infant Deepak.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: Plz help me!! [ In reply to ]
On 02/11/2012 06:16 PM, infant deepak wrote:
> Hi,
>
> I am doing project on clamAV . I have chosen from
>
> http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
> 4. DOCX
>
> Add support for parsing docx based MS Office files.
>
> Main purpose is extracting embedded files. You will need to parse the XML,
> locate the embedded data, then decode(base64/OLE?) / and decompress
> (deflate?) it.
>
> So I did analysis of how clamAV currently scanning a .DOCX file . From my
> understanding it treats as a ZIP file and extracts to a temporary folder,
> and scanning each xml file and inserted media files such pictures,video
> etc.(If I am not correct, kindly explain me).
>
> After that, I tried embedding a EICAR test virus in a picture file by using
> Steghide tool. Then I scanned that picture file ,but clamav didnt recognize
> it. Reason may be steghide encrypts the virus file.
>
> So I like to know following things,
>
> 1. Why clamav didnt recognize encrypted virus?

Because once you've hidden it inside an image with steghide it is no longer executable,
and no longer capable of infecting.

You should embed/insert the EICAR as is inside a .DOCX, not hide it inside a picture!
i.e. when you double click on the EICAR inside the DOCX you should get the eicar executed.

Best regards,
--Edwin
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: Plz help me!! [ In reply to ]
On Sat, Feb 11, 2012 at 11:16 PM, infant deepak <deeeps.inf@gmail.com>wrote:

> Hi,
>
> I am doing project on clamAV . I have chosen from
>
> http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
> 4. DOCX
>
> Add support for parsing docx based MS Office files.
>
> Main purpose is extracting embedded files. You will need to parse the XML,
> locate the embedded data, then decode(base64/OLE?) / and decompress
> (deflate?) it.
>
> So I did analysis of how clamAV currently scanning a .DOCX file . From my
> understanding it treats as a ZIP file and extracts to a temporary folder,
> and scanning each xml file and inserted media files such pictures,video
> etc.(If I am not correct, kindly explain me).
>
> After that, I tried embedding a EICAR test virus in a picture file by using
> Steghide tool. Then I scanned that picture file ,but clamav didnt recognize
> it. Reason may be steghide encrypts the virus file.
>
> So I like to know following things,
>
> 1. Why clamav didnt recognize encrypted virus?

2.Anyone help me to start my project?(Still now I gone through the source
> code using gdb, so I have little knowledge about code)
>
You should set parameter type ( ac mode, bm mode,etc) for scanning only
one file( Read more at clamav document). Parameter define on Clamscan is
good example for debug programs. If you run Clamav in full scan mode,It
will give you cannot gain or concentrate with break point debug a code.

Best Regards,
Chatsiri Rattana.


>
> Awaiting for response.
>
> Regards,
>
> Infant Deepak.
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>



--
:--------------------------------------------------------
http://about.me/chatsiri.ratana
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: Plz help me!! [ In reply to ]
Hi there,

On Sun, 12 Feb 2012, infant deepak wrote:

> I am doing project on clamAV . I have chosen from
>
> http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
> 4. DOCX
>
> Add support for parsing docx based MS Office files.
>
> Main purpose is extracting embedded files. You will need to parse the XML,
> locate the embedded data, then decode(base64/OLE?) / and decompress
> (deflate?) it.

Your teacher asked YOU to do this. Not us.

--

73,
Ged.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net