sock.pl

一个使用诺顿病毒库的病毒扫描的例子程序

#!/usr/bin/perl

use IO::Socket;
use strict;
$|=1;

my $response;
my $sockname = $ARGV[0] || die "Usage: $0 <trophie_socket>\n";

print "INPUT PATH (FILENAME) TO SCAN: ";
my $path = <STDIN>;
#$path =~ s/[\r\n]//g;

socket(\*sock, AF_UNIX, SOCK_STREAM, 0) || die "Couldn't create socket ($!)\n";
connect(\*sock, pack_sockaddr_un $sockname) || die "Couldn't connect() to the socket ($!)\n";

syswrite(\*sock, $path, length($path));
sysread(\*sock, $response, 256);
close(\*sock);

if ($response =~ m/^1/)
{
	print "FILE INFECTED : [$path]\n";
	if ($response =~ m/^1:.*$/)
	{
		my ($virus) = ($response =~ m/^1:(.*)$/);
		print "VIRUS FOUND   : [$virus]\n";
	}
}
elsif ($response == -1)
{
	print "UNKNOWN STATUS: [$path]\n";
}
elsif ($response == 0)
{
	print "FILE IS CLEAN : [$path]\n";
}
else
{
	print "OOOOOUPS!     : [$path]\n";
}