From 42f403ab2dff72b2b08055a2fc2b0e1689ec1083 Mon Sep 17 00:00:00 2001 From: Lisa Date: Wed, 12 Mar 2025 21:35:56 +0100 Subject: [PATCH] V1 release --- scanner.js | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 scanner.js diff --git a/scanner.js b/scanner.js new file mode 100644 index 0000000..ce6308d --- /dev/null +++ b/scanner.js @@ -0,0 +1,89 @@ +const fs = require('fs'); +const path = require('path'); +const axios = require('axios'); + +const patterns = JSON.parse(fs.readFileSync('patterns.json')).patterns; +const aiprompt = "You are AI Code Scanner, your task is to analyze code given by user explain what it does with leaking nearly nothing from it and fully decide whats going on there and if it is malicious! Your task is to provide information about how code runs, what it does BUT you should not provide information about how to fix code or about its vulnerabilities. BUT You should provide information about related files and if the code is potentially dangerous/malicious. I repeat, don't provide information about Security and Potential Issues BUT provide infos if it might be illegal code, breaking some Terms of Service, abusing files eg creating tons of files or doing any other dangerous thing which may harm system." +const pathtoscan = "./change/this" + +function scanDirectory(directory) { + fs.readdir(directory, (err, files) => { + if (err) { + console.error(`Error reading directory: ${err}`); + return; + } + + files.forEach(file => { + const filePath = path.join(directory, file); + fs.stat(filePath, (err, stats) => { + if (err) { + console.error(`Error getting stats for file: ${err}`); + return; + } + + if (stats.isDirectory()) { + scanDirectory(filePath); + } else { + scanFile(filePath); + } + }); + }); + }); +} + +function scanFile(filePath) { + fs.readFile(filePath, 'utf8', (err, data) => { + if (err) { + console.error(`Error reading file: ${err}`); + return; + } + + let foundMalicious = false; + + patterns.forEach(pattern => { + if (data.includes(pattern)) { + console.log(`Malicious code found in file: ${filePath} - Pattern: ${pattern}`); + foundMalicious = true; + } + }); + + if (foundMalicious) { + runAIScan(filePath); + } + }); +} + +async function runAIScan(filePath) { + + fs.readFile(filePath, 'utf8', async (err, data) => { + if (err) { + console.error(`Error reading file: ${err}`); + return; + } + const apiUrl = 'http://192.168.2.109:11434/api/chat'; + let input = { + "model": "llama3.2:1b", + "messages": [ + { + "role": "system", + "content": `${aiprompt}` + }, + { + "role": "user", + "content": `FILEPATH: ${filePath}, FILE: ${data}` + } + ], + "stream": false, + "raw": true + } + try { + const response = await axios.post(apiUrl, input); + console.log(`AI scan results for ${filePath}:\n${response.data.message.content}`); + } catch (error) { + console.log(error.response ? error.response.data : error.message) + console.error(`Error running AI scan: ${error.response ? error.response.data : error.message}`); + } + }); +} + +scanDirectory(pathtoscan);