Tenjin Icon

Implementing a Custom Virus Scan Plugin in Front Office

Front office supports the use of a custom virus scan plugin that can be used to do real-time virus scanning of Front Office file type (attachment) fields. The template solution contains example code that uses Windows Defender to run a scan and return a true/false result to Front Office. This example can be modified to use alternative virus scan applications as required.

This article covers the following topics:

Pre Requisites

  • The plugin must be built using MS Visual Studio 2019 or above.
  • The plugin must target MS .Net version “Standard 2.0”.
  • The target virus scanning software must be capable of scanning the file in real-time because it is initiated from the file upload dialog, therefore request forms are blocked until the scan has completed.

Build the Plugin

  1. Contact the Biomni support team via the Help Center at https://frontofficehelp.biomni.com/ and ask for a copy of the “Front Office custom virus scan plugin template”.
  2. Extract the contents of the ZIP file supplied to a local folder.
  3. Start MS Visual Studio and open the solution file: “ScannerPlugin.sln”.
  4. “Scanner.cs” contains a method called Scan:
    public ScanResult Scan(ItemtoScan itemtoScan)

    {

        bool infected = false; // Set to true if infected

        var fileBytes = itemtoScan.Data;

        //

        // Start the call to the virus scanning tool here

        // This example uses Windows Defender

        //

        // First write the file to the file system; for example: “c:\scanner”

        // Make sure the local group “IIS_IUSRS” has full control of this folder

        var fileName = "c:\\scanner\\" + itemtoScan.FileName;

        File.WriteAllBytes(fileName, fileBytes);

        // Call the Defender command line utility to perform an instant scan on the file

        var processStartInfo = new ProcessStartInfo() {

            FileName = "C:\\Program Files\\Windows Defender\\MpCmdRun.exe",

            Arguments = "-Scan -ScanType 3 -File " + fileName + " -DisableRemediation",

            CreateNoWindow = true,

            WindowStyle = ProcessWindowStyle.Hidden,

            UseShellExecute = false,

            RedirectStandardError = true,

            RedirectStandardOutput = true

        };

        var process = new Process();

        process.StartInfo = processStartInfo;

        var stdOutput = new StringBuilder();

        process.OutputDataReceived += (sender, args) => stdOutput.AppendLine(args.Data);

        string stdError = null;

        process.Start();

        process.BeginOutputReadLine();

        stdError = process.StandardError.ReadToEnd();

        process.WaitForExit();

        // Delete the file from the scanner folder

    File.Delete(fileName);

        // Check scan results

        if (process.ExitCode == 2) // Defender returns 0 if clean or 2 if infected

        {

            // The file is infected

            infected = true;

        }

        if (process.ExitCode !=0 && process.ExitCode !=2)

        {

            // Something has gone wrong, throw an error

            var message = new StringBuilder();

            if (!string.IsNullOrEmpty(stdError))

            {

                message.AppendLine(stdError);

            }

            if (stdOutput.Length != 0)

            {

                message.AppendLine("Std output:");

                message.AppendLine(stdOutput.ToString());

            }

            throw new Exception(fileName + " finished with exit code = " + process.ExitCode + ": "

                + message);

        }

        //

        // End of the call to the virus scanning tool

        //

        return new ScanResult() { IsInfected = infected };

    }
  5. If not using Windows Defender:
    a: Modify the code to call the target virus scanning software and get the result of the scan.
    b: Set the bool type variable “infected” to true if the file is infected
  6. If using Windows Defender as per the example, make sure the folder “c:\scanner” is created and that the local “IIS_IUSRS” group has full control of the folder. If using an alternative location, modify the source code accordingly.
  7. Build the solution.
  8. Once the build has been completed, the ScannerPlugin DLL will be in the “bin/release/netstandard2.0” folder (or “bin/debug/netstandard2.0” if in debug mode)

Install the Plugin

  1. Copy the “ScannerPlugin.dll” file to the “website/bin” folder within your Front Office installation.
  2. Update the Custom anti-virus plugin system setting to “ScannerPlugin.Scanner, ScannerPlugin”, as shown below.
    mceclip0.png

In Use

Once installed and configured, the custom virus scanner plugin will be called each time a user uploads a file. If the plugin detects an issue with the file, the user will see the error below.

mceclip1.png

Share this article

Comments

0 comments

Article is closed for comments.