search

KnugiHK / WhatsApp-Chat-Exporter

A customizable Android and iOS/iPadOS WhatsApp database parser that will give you the history of your WhatsApp conversations in HTML and JSON. Android Backup Crypt12, Crypt14, Crypt15, and new schema supported.
https://wts.knugi.dev/
MIT License
586 stars 85 forks source link

Is there a virus in the pre-built binaries? #43

Closed Lehnemann closed 1 year ago

Lehnemann commented 1 year ago

I don't know much about your code but Bitdefender warns me and I throw the exe file in virustotal.com and It said this to me... image

Is it a false positive?

KnugiHK commented 1 year ago

TLDR: It is probably a false positive.

I compile the program with Nuitka in GitHub Action environment. A Python program packed/compiled into a binary is often easily detected as a virus. I checked some issues on Nuitka. Compiling the thing right without being falsely detected is behind their paywall.

I also checked the result from VirusTotal, no detection on Linux and MacOS binaries. Most of the threat detected in Windows's binary is "Lazy", and the sandbox analysis seems fine to me, with no evidence of the binary getting infected by other viruses.

The compiling is done automatically in GitHub Action. To further prevent tampering on the binaries after they are downloaded from the Artifact, I told the workflow to calculate the SHA256 checksum right after the binary is compiled (see commit). The hash will then displayed in the workflow. This (some kind of) security measure will goes into effect starting from next release.

Anyway, when in doubt, you can always review the code (which I always encourage people to do so before using someone else's software) and install the exporter with pip install ..

Lehnemann commented 1 year ago

Thanks.