Maya MA file security plugin

:warning: If you are worried about .ma file viruses and are looking for the Maya MA file scanner, you can get the latest version here:

unzip_into_modules_folder.zip (563.8 KB)

Manik can be operated as a standalone file scanner, or it can be incorporated directly into your Maya environment. Most users will probably want to try both: the standalone method is the only efficient way to audit large numbers of existing files, while incorporating Manik into your Maya environment offers more-or-less real time protection when opening MA files.

Installing

Unzip the file into your MAYA_MODULE_PATH, typically /Documents/Maya/20XX/Modules. The zip contains a complete Maya Module so it should be visible at your next Maya startup.

You’ll be able to control the plugin from the Maya Plugin Manager window – it’s best to set the plugin to auto-load.

Runtime protection

This should add a callback to all file open operations which will warn on unsafe MA files. You can test this by restarting Maya with the plugin activated and opening the safety_check.ma file. You should see this dialog:

image

If you see this dialog in production, It’s best to choose Do Not Open and manually inspect the file (the dialog will give you a hint as to where to look, although a smart attack is probably spread out in multiple places).

Commands

The plugin also exposes two MEL commands:

manik "filename" will run a scan of a file, logging any suspcious items to the listener
manik "foldername" will run a scan of all the files in folder, logging any suspcious items to the listener

manik_callback 1 will enable on-file-open protection
manik_callback 0 will disable on-file-open protection for the duration of this Maya session, or until you call manik_callback 1


:exclamation: If you’re interested in helping with the project, contact @theodox or @bobw for an invite to the github team


For more background see these threads:

4 Likes

I’ve never heard of viruses inside of ma files. What are we talking about exactly?

Details in the other threads. Basically, people inserting code that executes silently on file open. Most of the known examples aren’t too scary but scary options abound.

1 Like