We help IT Professionals succeed at work.

Scan for viruses while uploading file like image,doc etc in C# MVC

RadhaKrishnaKiJaya
on
Hi Experts,

How to scan for viruses while uploading file like image,doc etc .  I am using c# and MVC.
Any help is greatly appreciated.

Thanks in advance!
Comment
Watch Question

David FavorFractional CTO
Distinguished Expert 2019

Commented:
You won't use C# as a virus scanner, you'll use an existing virus scanner for this.

Virus scanners require continual database updates of virus signatures.

You'll only do what you say, if you're writing your own virus scanner + will be somehow maintaining your own signature database.
David Johnson, CDSimple Geek from the '70s
Distinguished Expert 2019

Commented:
A virus is an executable that has to be executed..  it could be using a .jpg vulnerability.. either way the file has to be fully uploaded before you can check it.  either by using your virus scanners on demand scan options
every antivirus will have different command line options and different return status codes.

Author

Commented:
Thank you for your suggestions!

When we try to upload any malicious files to gmail then it wouldn't allow you to do that. I need something like that. When somebody try to upload a file with malicious content then it should not go to the server. I am wondering of something like this is possible?

Thanks in advance.
Developer & EE Moderator
Fellow 2018
Most Valuable Expert 2013
Commented:
I think what you are looking for is a 3rd party api to do the scan before you place the file in a permanent place.

Research some of these options

http://www.attachmentscanner.com/
https://www.virustotal.com/en/documentation/public-api/
https://www.symantec.com/products/protection-engine
https://www.opswat.com/products/metadefender


attachmentscanner has easy documentation  https://attachmentscanner.docs.apiary.io/#reference/scans/scans/create-file-upload
/Common testing requirement. If you are consuming an API in a sandbox/test region, uncomment this line of code ONLY for non production uses.
//System.Net.ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

//Be sure to run "Install-Package Microsoft.Net.Http" from your nuget command line.
using System;
using System.Net.Http;

var baseAddress = new Uri("http://beta.attachmentscanner.com/v0.1/");

using (var httpClient = new HttpClient{ BaseAddress = baseAddress })
{

  httpClient.DefaultRequestHeaders.TryAddWithoutValidation("authorization", "Bearer API_TOKEN");
  
  
  httpClient.DefaultRequestHeaders.TryAddWithoutValidation("accept", "application/json");
  
    using (var content = new StringContent("--------------------------c0ae0e94164fac71
Content-Disposition: form-data; name=\"file\"; filename=\"eicar.com\"
Content-Type: application/octet-stream

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

--------------------------c0ae0e94164fac71--", System.Text.Encoding.Default, "multipart/form-data; boundary=------------------------c0ae0e94164fac71"))
    {
      using (var response = await httpClient.PostAsync("scans", content))
      {
        string responseData = await response.Content.ReadAsStringAsync();
      }
  }
}

Open in new window


You will get one of the responses below and you can develop your own rules on what to do with the upload based on the response.  I am not a .NET dev and if you have a specific question on code, perhaps open up a new question.  For now, I hope this gives you direction.

ok string
nothing was found.

found string
a match was found in the database, this file is likely a virus/malware. See the matches parameter for additional details.

pending string
scan is still in progress, fetch the scan again.

failed string
scan failed, more details may be available in the matches parameter.

Author

Commented:
Thank for all the options!! Still looking at them.