Here are my two scripts for install and scan with MalwareBytes on Casper.
First one is to download, install and register MBBR:
#/bin/sh
# MBBR Scanner
# Ray Qiu
# Feb 2, 2017
# Download Installer
cd /tmp
curl -LOk http://xxx.com/tools/mbbr-mac.zip
sudo unzip -o mbbr-mac.zip# Install
sudo installer -pkg “/tmp/mbbr-mac.pkg” -target /
# Registeration
MBBR_LICENSE=’xxx’
MPATH=’/usr/local/bin’
cd $MPATH
./mbbr register -key:$MBBR_LICENSE
Second one is to update Malwarebytes Database, rename existing log to old.log, and then scan the mac.
Once it is done with the scanning, casper will check if the log file has any viruses entry inside, and then email to specific mailbox for result.
#!/bin/bash
# Ray Qiu
# Feb 8, 2017HOST=$(hostname)
count=0# Rename old log file
MBBRPATH=’/usr/local/bin’
cd $MBBRPATH
MACHINEID=$(./mbbr register | sed -nE ‘s/Machine ID:[[:space:]]*([0-9A-Z]*)/\1/p’)
INFILE=”${MBBRPATH}/mbbr-logs/${MACHINEID}log.txt”
[ -f $INFILE ] && mv $INFILE $MBBRPATH/mbbr-logs/Old.log# Start Scanning
./mbbr update
SCANRESULTS=$(./mbbr scan -remove -noreboot -stdout:detail)# Check Result
egrep -iq ‘[-0-9 :]*(OSX|Trojan)\.|[-0-9 :]*Adware\.|[-0-9 :]*PUP\.’ $INFILE
if [ $? -eq 0 ] ; then
count=$((count+1))
fiecho $count
if [ $count -eq 0 ] ; then
RESULT=”Casper MBBR Scanner: No Virus Found on $HOST”
else
RESULT=”Casper MBBR Scanner: Virus Found on $HOST”
fiecho $RESULT
mail -s “$RESULT” [email protected] [email protected] < $INFILE