Open in app

Sign in

Write

Sign in

How to Check Files for Malicious Executable Content using Go

Cloudmersive
2 min readJun 14, 2023

--

Executable file uploads are often bad news for our system. Threat actors can easily use executable file formats to inject malware onto our device, so it’s best we identify and delete these files as quickly as possible.

You can easily check files for executables, viruses and malware in a single API request using the ready-to-run Go code examples below. The underlying security service will perform in-depth content verification to identify executable file contents, making it possible to block executable files by setting the (“allowexecutables”, “<boolean>”) request parameter to “False.” This policy will trigger a “CleanResult: False” response for executable file uploads, making it easy to delete these files or quarantine them in subsequent steps.

To take advantage of this API, copy and paste the below examples and configure the content threat detection policies to your needs:

package main

import (
     "fmt"
     "bytes"
     "mime/multipart"
     "os"
     "path/filepath"
     "io"
     "net/http"
     "io/ioutil"
)

func main() {

     url := "https://api.cloudmersive.com/virus/scan/file/advanced"
     method := "POST"

     payload := &bytes.Buffer{}
     writer := multipart.NewWriter(payload)
     file, errFile1 := os.Open("/path/to/file")
     defer file.Close()
     part1,
         errFile1 := writer.CreateFormFile("inputFile",filepath.Base("/path/to/file"))
     _, errFile1 = io.Copy(part1, file)
     if errFile1 != nil {
          fmt.Println(errFile1)
          return
     }
     err := writer.Close()
     if err != nil {
          fmt.Println(err)
          return
     }


     client := &http.Client {
     }
     req, err := http.NewRequest(method, url, payload)

     if err != nil {
          fmt.Println(err)
          return
     }
     req.Header.Add("allowExecutables", "<boolean>")
     req.Header.Add("allowInvalidFiles", "<boolean>")
     req.Header.Add("allowScripts", "<boolean>")
     req.Header.Add("allowPasswordProtectedFiles", "<boolean>")
     req.Header.Add("allowMacros", "<boolean>")
     req.Header.Add("allowXmlExternalEntities", "<boolean>")
     req.Header.Add("allowInsecureDeserialization", "<boolean>")
     req.Header.Add("allowHtml", "<boolean>")
     req.Header.Add("restrictFileTypes", "<string>")
     req.Header.Add("Content-Type", "multipart/form-data")
     req.Header.Add("Apikey", "YOUR-API-KEY-HERE")

     req.Header.Set("Content-Type", writer.FormDataContentType())
     res, err := client.Do(req)
     if err != nil {
          fmt.Println(err)
          return
     }
     defer res.Body.Close()

     body, err := ioutil.ReadAll(res.Body)
     if err != nil {
          fmt.Println(err)
          return
     }
     fmt.Println(string(body))
}

Now you can easily check file uploads for millions of virus and malware signatures and keep your system safe from hidden threats. Nice and easy!

Golang
Executable
Virus Scan
File Upload Vulnerability
Content Verification

--

--

Cloudmersive
Cloudmersive

Written by Cloudmersive

682 Followers
10 Following

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams