MyBB Community Forums

Full Version: Virus Check
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Please tell me is there any method to check Is the attached file contains any kind of virus, malware or trojan in it ?

if the attached file contain any kind of virus then email to Admin with the attached file name and the user name who is trying to do so.

I was using a Mod (Virus Total Scanner) But the problem with this mod is that when my forum users attached a .pdf file they get a message from Total Virus Scanner that virus contains. But this is just a .pdf file. No any kind of virus in it. I checked by myself with just a one page .pdf file, And i getting the same message.

So, if there is any other way to check the attached file then kindly tell me.
You could modify the plugin to let pdf files bypass the check. To be honest your best method is moderation and user judgment. You shouldn't have to worry about users uploading viruses unless your forum has questionable content.
(2013-01-09, 06:31 PM)Nathan Malcolm Wrote: [ -> ]You could modify the plugin to let pdf files bypass the check. To be honest your best method is moderation and user judgment. You shouldn't have to worry about users uploading viruses unless your forum has questionable content.

I disagree with you on that point. I mean it doesn't matter what kind of forum it is, people are looking for sites to spread their viruses and they will always pick a site that doesn't have a lot of experienced hackers or people who are malware experts. Ex: If I spread my virus on ubers then the members would report me as soon they download it because they deal with such stuff everyday. I know some people that have targeted wweforums.net and have successful infected WWEFs members. Why have they picked that very site? It's a wrestling forum with majority of -18 members that aren't aware of types of viruses and how they can bypass virus scanners.
(2013-01-09, 08:09 PM)kamz89 Wrote: [ -> ]
(2013-01-09, 06:31 PM)Nathan Malcolm Wrote: [ -> ]You could modify the plugin to let pdf files bypass the check. To be honest your best method is moderation and user judgment. You shouldn't have to worry about users uploading viruses unless your forum has questionable content.

I disagree with you on that point. I mean it doesn't matter what kind of forum it is, people are looking for sites to spread their viruses and they will always pick a site that doesn't have a lot of experienced hackers or people who are malware experts. Ex: If I spread my virus on ubers then the members would report me as soon they download it because they deal with such stuff everyday. I know some people that have targeted wweforums.net and have successful infected WWEFs members. Why have they picked that very site? It's a wrestling forum with majority of -18 members that aren't aware of types of viruses and how they can bypass virus scanners.

Questionable content also includes questionable users. I never said anything about the niche. If there are users coming to your forum from hacking forums and such, you should be wary of the possible dangers. We've even had it here when we've had the same person from the middle east create account after account posting download links to "face book.exe" and other not-so-creatively-named files which are trojans. Other staff members doesn't have the same security background I do but they've been educated to spot something which doesn't look quite right.
(2013-01-09, 08:37 PM)Nathan Malcolm Wrote: [ -> ]
(2013-01-09, 08:09 PM)kamz89 Wrote: [ -> ]
(2013-01-09, 06:31 PM)Nathan Malcolm Wrote: [ -> ]You could modify the plugin to let pdf files bypass the check. To be honest your best method is moderation and user judgment. You shouldn't have to worry about users uploading viruses unless your forum has questionable content.

I disagree with you on that point. I mean it doesn't matter what kind of forum it is, people are looking for sites to spread their viruses and they will always pick a site that doesn't have a lot of experienced hackers or people who are malware experts. Ex: If I spread my virus on ubers then the members would report me as soon they download it because they deal with such stuff everyday. I know some people that have targeted wweforums.net and have successful infected WWEFs members. Why have they picked that very site? It's a wrestling forum with majority of -18 members that aren't aware of types of viruses and how they can bypass virus scanners.

Questionable content also includes questionable users. I never said anything about the niche. If there are users coming to your forum from hacking forums and such, you should be wary of the possible dangers. We've even had it here when we've had the same person from the middle east create account after account posting download links to "face book.exe" and other not-so-creatively-named files which are trojans. Other staff members doesn't have the same security background I do but they've been educated to spot something which doesn't look quite right.

If that's the case then MyBB should have a built-in scanner or maybe a plugin which scans through the attachments once in a while or w.e the case may be. I think it's a good idea to keep one just to be on the safe side. By the way, can shells be uploaded through attachments or we have a setting to allow certain extensions?
(2013-01-09, 11:44 PM)kamz89 Wrote: [ -> ]If that's the case then MyBB should have a built-in scanner or maybe a plugin which scans through the attachments once in a while or w.e the case may be. I think it's a good idea to keep one just to be on the safe side.

In our case it was via third party file sharing sites but the point still remains. You can't really rely on those virus scanners either. It's something best left for the administrator to implement if they feel the need.

(2013-01-09, 11:44 PM)kamz89 Wrote: [ -> ]By the way, can shells be uploaded through attachments or we have a setting to allow certain extensions?

Images and text files are output to the browser, any other files are forced to be downloaded so nothing will ever get executed on the server.
(2013-01-09, 11:53 PM)Nathan Malcolm Wrote: [ -> ]
(2013-01-09, 11:44 PM)kamz89 Wrote: [ -> ]If that's the case then MyBB should have a built-in scanner or maybe a plugin which scans through the attachments once in a while or w.e the case may be. I think it's a good idea to keep one just to be on the safe side.

In our case it was via third party file sharing sites but the point still remains. You can't really rely on those virus scanners either. It's something best left for the administrator to implement if they feel the need.

(2013-01-09, 11:44 PM)kamz89 Wrote: [ -> ]By the way, can shells be uploaded through attachments or we have a setting to allow certain extensions?

Images and text files are output to the browser, any other files are forced to be downloaded so nothing will ever get executed on the server.

Oh right but as for the scanner, there aren't any mods I think that have attachments scanner so it would be better if an experienced MyBB developer could make one which I doubt will be for free but it's worth paying.
Be smart about file types which can be uploaded. MyBB should have the capability to process uploads (eg. scan for viruses or store in the DB).