一个杀毒软甲最核心的部分一个是病毒库一个是杀毒引擎,病毒库从服务器中获得,杀毒引擎实际上是判断程序中的包名和签名是否匹配病毒库中的包名和签名,如果匹配则为病毒,界面使用帧动画来显示。
思路:
1.从服务器端把病毒的版本库信息下载下来将解析的数据存放到List集合中
2.获取到手机中所有应用程序的包名以及程序的签名
3.将病毒库匹配手机应用程序包名及签名
4.用ScrollView标签进行自动滚动显示
关键代码如下:
特洛伊木马病毒库的信息:
[html] view plaincopy
- <?xml version="1.0" encoding="utf-8"?>
- <list>
- <virus>
- <name>tory.virus</name>
- <packname>
- cn.itcast.virus
- </packname>
- <description>
- 恶意软件,读取用户日志</description>
- <signature>
- 3082020730820170a00302010202044ea7598f300d06092a864886f70d010105050030483
- 10a30080603550406130131310a30080603550408130131310a3008060355040713013131
- 0a3008060355040a130131310a3008060355040b130131310a30080603550403130131301
- e170d3131313032363030353132375a170d3231313032333030353132375a3048310a3008
- 0603550406130131310a30080603550408130131310a30080603550407130131310a30080
- 60355040a130131310a3008060355040b130131310a3008060355040313013130819f300d
- 06092a864886f70d010101050003818d0030818902818100d915d7a98cde8bcd69b87ec52
- 11012ace847de42129a71bf679a059c2c55e893bc0ea886874432ab8b9097724211df6769
- eacd3381ccac779ab7422d8101320b1e0b14e06ac8ee095b20e52cbe6163e10a87dc410b8
- a91fb73d53c5bdb4a22d1295c61e04b8f8b68c475e69c1754a1dc35745e7c6ae0275c2620
- b863b0d9ea8f0203010001300d06092a864886f70d01010505000381810038e1119fbb710
- 4180fddba4bc8b2c275df63f0df418b7480d8eba2891da20d34d3d083cfed7bb3eb546863
- c76bc67cc93f2fa0e9377c470881c9a763c99cc035093184bb50f76e74155592eca3566a3
- 10af55e5fec19d6fdc1a74f226aef485f84389126e8e3f4b59fe2797cbfcac660b9f2cc81
- e6f3dcaa7cb2001ecc496a7b
- </signature>
- </virus>
- </list>
杀毒引擎:
[java] view plaincopy
- /*
- * 杀毒引擎(下载病毒库、获取程序的包名及签名并进行匹配)
- * (non-Javadoc)
- * @see android.app.Activity#onTouchEvent(android.view.MotionEvent)
- */
- @Override
- public boolean onTouchEvent(MotionEvent event) {
- packagenames = new ArrayList<String>();
- virusResult = new ArrayList<String>();
- infos = new ArrayList<ApplicationInfo>();
- animationDrawable.start();//播放扫描病毒的动画
- new Thread(){
- @Override
- public void run() {
- try {
- URL url = new URL("http://192.168.1.168:8080/virus.xml");
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- InputStream is = conn.getInputStream();
- //从服务器解析病毒库并获取到病毒库的集合
- virusbeans = VirusInfo.getVirusInfos(is);
- TaskInfo taskInfo = new TaskInfo(KillVirusActivity.this); //实例化包资源管理器
- //获取到当前手机里面所有的包名
- infos = pm.getInstalledApplications(0);
- for(ApplicationInfo info : infos ){
- packagenames.add(info.packageName);
- }
- int count=0;
- // 杀毒引擎 根据病毒库 比对当前系统里面的程序包名 签名进行 杀毒
- StringBuilder sb = new StringBuilder();
- for(String packname : packagenames){
- sb.append("正在扫描 "+ packname);
- sb.append("\n");
- Message msg = new Message();
- msg.what = SCANNING;
- msg.obj = sb;
- handler.sendMessage(msg);
- //检查当前的packname 和对应签名 是不是跟病毒库里面的信息一样
- for(VirusBean virusbean : virusbeans){
- if(packname.equals(virusbean.getPackname())&&
- taskInfo.getAppSignature(packname).equals(virusbean.getSignature()))
- {
- virusResult.add(packname);//添加一个病毒
- }
- }
- count ++;//记录病毒的总数
- }
- Message msg = new Message();
- msg.what = SCANNING_FINISH;
- msg.obj = count;
- handler.sendMessage(msg);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- }.start();
- return super.onTouchEvent(event);
- }
显示病毒扫描信息:
[java] view plaincopy
- Handler handler = new Handler(){
- @Override
- public void handleMessage(Message msg) {
- super.handleMessage(msg);
- switch (msg.what) {
- case SCANNING:
- StringBuilder sb = (StringBuilder) msg.obj;
- tv_killvirus_info.setText(sb.toString());
- sv.scrollBy(0, 25);//每次增加都会自动向下移动画面
- break;
- case SCANNING_FINISH:
- int i = (Integer) msg.obj;
- StringBuilder sb1 = new StringBuilder();
- sb1.append("扫描完毕 共扫描 "+ i+ " 个程序");
- if(virusResult.size()>0){
- sb1.append("发现病毒 \n");
- for(String packname : virusResult){
- sb1.append("病毒名"+ packname);
- sb1.append("\n");
- }
- }
- tv_killvirus_info.setText(sb1.toString());
- animationDrawable.stop();
- break;
- }
- }
- };
获取到程序的签名:
[java] view plaincopy
- /*
- * 获取程序的签名
- */
- public String getAppSignature(String packname){
- try {
- PackageInfo packinfo =pm.getPackageInfo(packname, PackageManager.GET_SIGNATURES);
- //获取到所有的权限
- return packinfo.signatures[0].toCharsString();
- } catch (NameNotFoundException e) {
- e.printStackTrace();
- return null;
- }
- }
显示扫描的文件页面并自动滚动:
[html] view plaincopy
- <ScrollView
- android:layout_width="wrap_content"
- android:layout_height="wrap_content"
- android:layout_below="@id/iv_killvirus_am"
- android:id="@+id/sv_killvirus"
- >
- <TextView
- android:layout_width="wrap_content"
- android:layout_height="wrap_content"
- android:id="@+id/tv_killvirus_info"
- ></TextView>
- </ScrollView>
时间: 2024-12-08 14:56:24