Coding challenge 2

We’ve malicious URL. Your job is write modules to check if current URL is infected.

hooo
basically a tool that checks hidden iframes, malicious codes related to javascript or php, vulnerability exploits, infected files
thats hard

No just need to do the most basic thing: check the url only
This is 1 simple module for fast detection. And ofc this is fun challenge only
Also all malwares are binaries -> need to be downloaded

i think you need to do yourself haha

i did. i can’t create a challenge without my test.

can we get the code?

My code is really simple:

  1. We have a database, in this case is text file that contains information
  2. A module that parse database to save information into memory
  3. A loop to check URL
    This is a very simple example so there is no URL encode check or complex handle. A real world module will need more work.
  • core.nim
import strutils

const
  dbPath = "challenge2/db.txt"

type
  DBSig = object
    mURL: string
    mName: string


proc loadDb*(): seq[DBSig] =
  for line in lines(dbPath):
    var
      thisURL, thisName: string
    (thisURL, thisName) = line.split("|")
    var
      thisSignature = DBSig(
        mURL: thisURL,
        mName: thisName,
      )
    result.add(thisSignature)


proc scanURL*(url: string): bool = 
  let db = loadDb()
  for signature in db:
    if url == signature.mURL:
      echo "Infected by " & signature.mName
      return true
  return false
  • test.nim:
import core
import os


if paramCount() == 0:
  echo "[x] Enter at least 1 url"
else:
  for i in 1 .. paramCount():
    if scanURL(paramStr(i)):
      echo paramStr(i) & " is infected"
    else:
      echo paramStr(i) & " is cleaned"
  • db.txt
http://sv1.parrot.sh/foo/elf1.x86|unix.x86.mirai.generic
https://sv2.parrotsec.org/nix/iso/sudo|unix.x86.trojan.generic
http://sv3.eu.parrot.org/folder/passwd|unix.amd64.metasploit.hack-tool
1 Like

i get the idea what is done
thanks for the coede

The reason why it is that simple because it is fast and protection can have multiple layers.

1 Like