Hello guys and gals,
I was seeking for virus scanner addon for vBulletin 3.6.x , i found out one product for 3.5.8 Jafo232's addon (https://vborg.vbsupport.ru/showthread.php?t=101090) but it was using fprot which is needing license and not free. So i decided do make it for 3.6.x and using LibClamAV.
It works fine and it's simple.
Here you go.
Thanks Jafo232 for his addon and idea and cheesegrits for his sample.

What does this plugin do?
This plugin let you have virus scanner for your forum's attachment managing.

Installing
Open your admin control panel and then
Plugin System -> Manage Products -> [Add/Import Product] -> Select 'product-vscan.xml' from your computer then press 'Import'
This plugin uses ClamAV for scanning files there is two method available for scanning:
First method requires LibClamAV support on your php settings. You can check it on phpinfo. If you do not have ClamAV , You can download it free at here (http://www.clamav.net) and faster than second method.If you can not find php-clamav due to problems from its publisher server. You can download php-clamavlib-0.13-src.zip (https://vborg.vbsupport.ru/attachment.php?attachmentid=80926&d=1211170101) which i attached or you can download compiled version clamav.zip (https://vborg.vbsupport.ru/attachment.php?attachmentid=80927&d=1211170101) or if you are using Debian based system just type apt-get install php5-clamavlib on your shell.
Second method uses clamscan binary of ClamAV does not require LibClamAV just installing ClamAV enough for it but its a bit slower than first method.
Please feel free to ask any questions
This may be copied, reproduced or published anywhere without my permission.
Current version: 0.2a
File name: plugin-vscan2.xml
Change history:
0.2a: Added function for scanning file if php does not have ClamAV support this function uses clamscan and no need libclamav support just installing ClamAV enough for this somehow its a bit slower than php-clamav module, and installing php-clamav strongly suggested.Who is using 0.1a and having php-clamav on their system do not need update because there is no change for php-clamav support but if you want to feel better you can update it.
0.1a: Addon written based from Jafo232's old but changed scanning method for using libclamav

Thanks - I never thought of a virus scanner for attachments!

It's Great ..

I think, it will be better if you add some few things ..

1 - let's say, a note shows that the scanner is runing after the file uploaded ..
2 - send a PM. to the admin that this user tried to attach a virus ..

it will be perfect with these things .. :)

It's Great ..

I think, it will be better if you add some few things ..

1 - let's say, a note shows that the scanner is runing after the file uploaded ..
2 - send a PM. to the admin that this user tried to attach a virus ..

it will be perfect with these things .. :)

Both very good ideas indeed ! thanks for the mod to much appretiated.


Rick

Hic. Help me. When I attach file, Error: Fatal error: Call to undefined function cl_scanfile_ex() in ..../public_html/diendan/newattachment.php(160) : eval()'d code on line 19.

Hic. Help me. When I attach file, Error: Fatal error: Call to undefined function cl_scanfile_ex() in ..../public_html/diendan/newattachment.php(160) : eval()'d code on line 19.

This plugin requires LibClamAV support on your php settings. You can check it on phpinfo. If you do not have ClamAV , You can download it free at here (http://www.clamav.net)
If its not your machine ask your hosting for it
I will think about that ideas :)

Help me. Error: Fatal error: Call to undefined function cl_scanfile_ex() in ..../public_html/beyhan/newattachment.php(160) : eval()'d code on line 19.

Help me. Error: Fatal error: Call to undefined function cl_scanfile_ex() in ..../public_html/beyhan/newattachment.php(160) : eval()'d code on line 19.

Hello,
avsunforum you need LibClamAv support on your php, you need to install php-clamav module and it requires LibClamav.
If its not your machine and on some host ask your provider for it.
Clamav is free antivir for linux.
Selam,
avsunforum Libclamav desteğini phpnize kurmanız gerekmektedir.php-clamav mod?l?n? kurmalısınız buda libclamav desteği ister.
Eğer kullandığınız sunucu size ait değilse sunucu sağlayıcınızla g?r?ş?p isteğinizi belirtiniz.

Is this using the 3.7 hook to allow scanning?

Is this using the 3.7 hook to allow scanning?

Yes, its using hook newattachment_start and executing php-clamav's cl_scanfile_ex function on attached file and scanning it and as i know since 3.5 newattachment_start hook didnt change.

installed .,,,, but have no virus file to test it lol <<<<

any way maybe this will help you <<<

To install Clam AntiVirus (ClamAV), we are going to use the precompiled binaries from Dag Wieers RPM packages for Red Hat, RHEL, CentOS and Fedora (http://dag.wieers.com/rpm/). To do this, we are going to configure Yum to look for the ClamAV packages in Dag?s repository.

Adding Dag Wieers RPM Repository to Yum
1. Click Applications, select System Tools and click Terminal. This will launch the Terminal window. Type in the command cd /etc/yum.repos.d and press Enter. This will bring us to the Yum repository configuration directory.
2. From this directory download the Yum repository configuration file by typing in the command
wget http://www.linux-mail.info/files/dag-clamav.repo and press Enter. This is what the file dag-clamav.repo looks like.
Installing Clam AntiVirus
3. To install ClamAV AntiVirus, type in the command
yum install clamav clamav-devel clamd and press Enter. When asked to confirm download, type in y and press Enter.
Testing Clam AntiVirus
4. To test ClamAV AntiVirus, type in the command clamscan and press Enter.

You can use eicar test file for tests.
http://www.eicar.org/anti_virus_test_file.htm

Can't have it working. I've installed all 3 packages and keep getting blank page when uploading a file. My server has CentOS 5.1, Apache v2.2.3, PHP 5.1.6, MySQL 5.0.22. Did not install php-clamav cause i do not know how. Some help here would be appreciated, thanks.

i try to upload it ,,, but i have an error in attachments , function or hook i believe

what do i miss in installeing the clamav ?

For those who can not find php-clamav i'm uploading compiled version.Because it seems www.phpclamavlib.org having some problems nowadays.

extension=clamav.so
[clamav]
clamav.dbpath=/var/lib/clamav
clamav.maxreclevel=0
clamav.maxfiles=0
clamav.archivememlim=0
clamav.maxfilesize=0
clamav.maxratio=0

add this lines to your php.ini and change clamav.dbpath to your clamav database path if it's not /var/lib/clamav

i try to upload it ,,, but i have an error in attachments , function or hook i believe


what do i miss in installeing the clamav ?

If you can check php's error log we can understand whats wrong if you are getting blank page it must be module error or you didnt install php module.
More SS and log can help us find the main reason and if you can send me site address you are trying to use that module via pm i can help you more.
Also added php-clamav's source codes from debian lenny package.

many thanks for ur help dude ,,

works fine now .

Does not for me. :(

Does not for me. :(

Whats the problem you are facing?

Blank page.

Blank page.

Could you please PM me your site.

No need for PM, www.g6-team.com

great man

but why u don't add a condition (function_exists('cl_scanfile_ex')) for this plugin such as:

if ($_POST['do'] == 'manageattach')
to
if ($_POST['do'] == 'manageattach' AND function_exists('cl_scanfile_ex'))

.
or a cl_scanfile_ex isn't function ??

great man

but why u don't add a condition (function_exists('cl_scanfile_ex')) for this plugin such as:

if ($_POST['do'] == 'manageattach')
to
if ($_POST['do'] == 'manageattach' AND function_exists('cl_scanfile_ex'))

.
or a cl_scanfile_ex isn't function ??

ah yes :) but i worked on my system and give how to install and thats why i didnt do it.
I will try to write cl_scanfile_ex function with pure ssh command using clamscan if its not exist.

Ok i wrote function for who does not have php-clamav on their system. You can download it.It is using system function of PHP , if your host/server disabled it, ask them for any enabled function like system (passthru,exec or kinda) and modify source for that allowed function.

good work man

but I see you have to use this function (system) in function (cl_scanfile_ex) !

this function is disabled in most hosting that were not all ..

is there an alternative solution ?

good work man

but I see you have to use this function (system) in function (cl_scanfile_ex) !

this function is disabled in most hosting that were not all ..

is there an alternative solution ?

Well as i wrote in previous message you need to execute it, and ask for hosting if there is any active command like system.If its good hosting believe me they will choose adding clamav support on php.

Hi,
Thanks for the very good Product.
Installation was easy on Debian.

Christian

It seems to be that your Hack you offer, exactly what I need. Two day ago my Server has been hacked. See vB Germany Thread Server Hacked? (http://www.vbulletin-germany.com/forum/showthread.php?t=36626) I really have no clue what happened exactly, but I got always some strange pishing files in misc dir's. One of them was the aracde directory and the other one was attachments directory. Since today in the morning the Server is finally clean, but how long? I guess the security problem were also the allowed attachment extensions (avi/doc/mpeg/zip/rar) So I decided to remove them. Right now I have only the really needed (gif/jpg/jpeg/pdf) for the members.

Back to topic: I'd like to install you hack but I'm no Server expert. How difficult is it to install it on my Server? If interested here's the PHP Info (http://www.honda-legend.com/vbulletin/phpinfo.php). I do hope your Hack is that what I need. We will see. Anyways thank you very much for your sharing. I clicked Installed :)

It seems to be that your Hack you offer, exactly what I need. Two day ago my Server has been hacked. See vB Germany Thread Server Hacked? (http://www.vbulletin-germany.com/forum/showthread.php?t=36626) I really have no clue what happened exactly, but I got always some strange pishing files in misc dir's. One of them was the aracde directory and the other one was attachments directory. Since today in the morning the Server is finally clean, but how long? I guess the security problem were also the allowed attachment extensions (avi/doc/mpeg/zip/rar) So I decided to remove them. Right now I have only the really needed (gif/jpg/jpeg/pdf) for the members.

Back to topic: I'd like to install you hack but I'm no Server expert. How difficult is it to install it on my Server? If interested here's the PHP Info (http://www.honda-legend.com/vbulletin/phpinfo.php). I do hope your Hack is that what I need. We will see. Anyways thank you very much for your sharing. I clicked Installed :)

Hello , it seems you are on under attack and some people exploited your system. It is not about attachment but its about attachments directory because it is in mod 777 and so every people can write files to there.
I read that topic and it seems you are using debian like me but sadly there was a security flaws annouced by debian about SSH like Andreas give links. My suggestion is run this commands from your shell as a root
apt-get update
apt-get upgrade
Maybe you did it and you know them but I'm writing it for as a remind. :)
For installing clamav follow that step under debian.
apt-get install clamav clamav-freshclam clamav-base libclamav3 php5-clamavlib
and reset your webserver it will loaded automaticly

its going to excess bandwith and cause load on server ? as it uses few more applications around

could u plz support this new phplibclamav
version .6 which support last version of clamav because the the version that used for supporting clamav has an error with clamav .93

http://trickie.org/code/phplibclamav.php

thanks

Does this work in 3.7.3 PL1, and the post above me, it would be cool if there's an update to support that?

Does this work in 3.7.3 PL1, and the post above me, it would be cool if there's an update to support that?

Hello,
I was on holiday and now busy with registration on new season of school. I'll look for 3.7.3 PL1 but i think its compatible with it about other phpclamavlib i think it can be easy to add support for it too.

i get a security token error any chance on some info on where to put it?

Can someone explain how to get this running on windows box ?

3.8.4 anyone?

Thanks for this mod.
It installs and works fine on 3.8.4 PL1 :)

Anyway use this scanner to avatar and profile pic uploads as well ?

I installed this but it does nothing? I installed both clamav and the php extension.
It won't show any virus even there is a virus in the attachment.