本文整理汇总了Python中virus_total_apis.PublicApi.scan_file方法的典型用法代码示例。如果您正苦于以下问题:Python PublicApi.scan_file方法的具体用法?Python PublicApi.scan_file怎么用?Python PublicApi.scan_file使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类virus_total_apis.PublicApi的用法示例。
在下文中一共展示了PublicApi.scan_file方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_scan_file_stream
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
def test_scan_file_stream(self):
vt = PublicApi(API_KEY)
try:
print(json.dumps(vt.scan_file(EICAR, from_disk=False), sort_keys=False, indent=4))
except Exception as e:
self.fail(e)示例2: test_scan_file_binary
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
def test_scan_file_binary(self):
vt = PublicApi(API_KEY)
try:
print(json.dumps(vt.scan_file('virus_total_apis/test/test.exe'), sort_keys=False, indent=4))
except Exception as e:
self.fail(e)示例3: test_scan_file_stringio
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
def test_scan_file_stringio(self):
vt = PublicApi(API_KEY)
try:
print json.dumps(vt.scan_file(StringIO.StringIO(EICAR)), sort_keys=False, indent=4)
except Exception as e:
self.fail(e)示例4: submit2vt
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
def submit2vt(filename):
"""Submit a new file to VT for scanning"""
# Check VT score
vt = VirusTotalPublicApi(config['apiKey'])
response = vt.scan_file(filename)
# DEBUG
fp = open('/tmp/vt.debug', 'a')
fp.write(json.dumps(response, sort_keys=False, indent=4))
fp.close()
if config['esServer']:
# Save results to Elasticsearch
try:
response['@timestamp'] = time.strftime("%Y-%m-%dT%H:%M:%S+01:00")
res = es.index(index=config['esIndex'], doc_type="VTresult", body=json.dumps(response))
except:
writeLog("Cannot index to Elasticsearch")
return示例5: VirusTotalPublicApi
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
pass
shutil.copy( 'install\\CrossMgrVideo_Setup.exe', 'install\\' + newExeName )
six.print_( 'executable copied to: ' + newExeName )
# Create comprssed executable.
os.chdir( 'install' )
newExeName = os.path.basename( newExeName )
newZipName = newExeName.replace( '.exe', '.zip' )
try:
os.remove( newZipName )
except:
pass
z = zipfile.ZipFile(newZipName, "w")
z.write( newExeName )
z.close()
six.print_( 'executable compressed.' )
shutil.copy( newZipName, googleDrive )
from virus_total_apis import PublicApi as VirusTotalPublicApi
API_KEY = '64b7960464d4dbeed26ffa51cb2d3d2588cb95b1ab52fafd82fb8a5820b44779'
vt = VirusTotalPublicApi(API_KEY)
print ( 'VirusTotal Scan' )
vt.scan_file( os.path.abspath(newExeName) )
示例6: App
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
#.........这里部分代码省略.........
size = stat(join(self.dlfolder, i)).st_size
sleep(1)
if stat(join(self.dlfolder, i)).st_size != size:
continue
with open(join(self.dlfolder, i), "rb") as h:
# Hash file in dl folder and look if it's known
hashit = sha256()
hashit.update(h.read())
if hashit.hexdigest() in hashlist.keys():
# Just remove already known files
logging.info("Found already known file "+hashlist[hashit.hexdigest()])
remove(join(self.dlfolder, i))
else:
# Save and scan unknown files and remember the hash
hashdigest = hashit.hexdigest()
hashlist[hashdigest] = join(datestring, i)
hash_handler.write(hashdigest+" > "+join(datestring, i)+"\n")
hash_handler.flush()
if not isdir(join(self.stfolder, datestring)):
makedirs(join(self.stfolder, datestring))
move(join(self.dlfolder, i), join(self.stfolder, datestring, i))
response = self.scan(hashdigest, join(self.stfolder, datestring, i), today)
if not isdir(join(self.stfolder, "reports", datestring)):
makedirs(join(self.stfolder, "reports", datestring))
open(join(self.stfolder, "reports", datestring, i), "a").close()
with open(join(self.stfolder, "reports", datestring, i), "r+") as report:
report.write(dumps(response, sort_keys=False, indent=4))
report.flush()
def scan(self, hashdigest, filepath, today):
scan_flag = True
while True:
# First look if file is known to VirusTotal
response = self.vt.get_file_report(hashdigest)
if response["response_code"] == 204:
logging.info("Submission limit reached. I'll sleep for 60 seconds")
sleep(60)
elif response["results"]["response_code"] == 1:
# Rescan needed?
#scan_date = datetime.strptime(response["results"]["scan_date"][:10],
#"%Y-%m-%d")
#if abs((today-scan_date).days) >= 30:
#self.vt.rescan_file(hashdigest)
#continue
# Send report for unknown file
msg = """From: %s
To: %s
Subject: Virustotal report
%s""" % (self.from_, self.to, dumps(response, sort_keys=False, indent=4))
self.send(msg)
logging.info("Sent report for "+filepath)
return response
else:
# Submit the unknown file
if scan_flag:
# Workaround for download bug
# Another test for unfinished downloads
# Sadly as the file is already moved
# the file is lost for analysis :(
with open(filepath, "rb") as h:
hashit = sha256()
hashit.update(h.read())
if hashit.hexdigest() != hashdigest:
logging.info("File for submission has another hash as in download folder!")
logging.info("Filepath is %s" % (filepath))
break
response = self.vt.scan_file(filepath)
msg = """From: %s
To: %s
Subject: Virustotal submit
Submitted unknown file %s with hash %s for scan.
%s""" % (self.from_, self.to, filepath, hashdigest, dumps(response, sort_keys=False, indent=4))
self.send(msg)
logging.info("Submitted unknown file "+filepath+" with hash "+hashdigest+" for scan")
logging.info("I will sleep know for 60 seconds and try to receive the result after that")
sleep(60)
scan_flag = False
else:
logging.info("Scan seems not finished. Will sleep for another 30 seconds")
sleep(30)
def send(self, msg):
smtp = smtplib.SMTP(self.host, self.port)
smtp.starttls()
smtp.login(self.username, self.password)
smtp.sendmail(self.from_, self.to, msg)示例7: ajax_handler
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
#.........这里部分代码省略.........
db.update_session(session_id, new_sess)
return render(request, 'hive_details.html', {'hive_details': hive_details})
if command == 'dottree':
session_id = request.POST['session_id']
session = db.get_session(ObjectId(session_id))
vol_int = RunVol(session['session_profile'], session['session_path'])
results = vol_int.run_plugin('pstree', output_style='dot')
return HttpResponse(results)
if command == 'timeline':
logger.debug('Running Timeline')
session_id = request.POST['session_id']
session = db.get_session(ObjectId(session_id))
vol_int = RunVol(session['session_profile'], session['session_path'])
results = vol_int.run_plugin('timeliner', output_style='dot')
return HttpResponse(results)
if command == 'virustotal':
if not config.api_key or not VT_LIB:
logger.error('No Virustotal key provided in volutitliy.conf')
return HttpResponse("Unable to use Virus Total. No Key or Library Missing. Check the Console for details")
if 'file_id' in request.POST:
file_id = request.POST['file_id']
file_object = db.get_filebyid(ObjectId(file_id))
sha256 = file_object.sha256
vt = PublicApi(config.api_key)
if 'upload' in request.POST:
response = vt.scan_file(file_object.read(), filename=file_object.filename, from_disk=False)
if response['results']['response_code'] == 1:
return render(request, 'file_details_vt.html', {'state': 'pending',
'vt_results': '',
'file_id': file_id})
else:
return render(request, 'file_details_vt.html', {'state': 'error',
'vt_results': '',
'file_id': file_id})
else:
response = vt.get_file_report(sha256)
vt_fields = {}
if response['results']['response_code'] == 1:
vt_fields['permalink'] = response['results']['permalink']
vt_fields['total'] = response['results']['total']
vt_fields['positives'] = response['results']['positives']
vt_fields['scandate'] = response['results']['scan_date']
vt_fields['scans'] = response['results']['scans']
# Store the results in datastore
store_data = {}
store_data['file_id'] = ObjectId(file_id)
store_data['vt'] = vt_fields
update = db.create_datastore(store_data)
return render(request, 'file_details_vt.html', {'state': 'complete',
'vt_results': vt_fields,
'file_id': file_id})
elif response['results']['response_code'] == -2:示例8: open
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
f = open(sample_file, "rb")
sample_file_content = f.read()
f.close()
sample_file_md5 = hashlib.md5(sample_file_content).hexdigest()
if collection.find({'results.md5':sample_file_md5}).count() == 0:
vt_response = vt.get_file_report(sample_file_md5)
if vt_response['response_code'] == 200 and vt_response['results']['response_code'] == 1:
collection.insert(vt_response)
print "Sample " + sample_file_md5 + " added to database"
print
elif vt_response['response_code'] == 204:
print "Hit API Limit; cooling off for 15 seconds"
print "The standard VirusTotal API Key allows 4 requests per minute"
file_list.append(sample_file)
sleep(15)
print
else:
print 'Sample not found; submitting to VirusTotal'
vt_response = vt.scan_file(sample_file)
if vt_response['response_code'] == 200 and vt_response['results']['response_code'] == 1:
print "Sample submiited successfully; checking back later"
file_list.insert(0,sample_file)
print
else:
print "Sample submit failed; try again later"
print
else:
print "Sample " + sample_file_md5 + " already exists in database"
print
示例9: run
# 需要导入模块: from virus_total_apis import PublicApi [as 别名]
# 或者: from virus_total_apis.PublicApi import scan_file [as 别名]
def run(self):
db = Database()
if 'file_id' in self.request.POST:
# Get file object from DB
file_id = self.request.POST['file_id']
file_object = db.get_filebyid(file_id)
sha256 = file_object.sha256
print self.config['virustotal']['api_key'], type(self.config['virustotal']['api_key'])
if self.config['virustotal']['api_key'] == 'None':
state = 'error'
vt_results = 'No API Key set in volutility.conf'
else:
# Init the API with key from config
vt = PublicApi(self.config['virustotal']['api_key'])
# If we upload
if 'upload' in self.request.POST:
response = vt.scan_file(file_object.read(), filename=file_object.filename, from_disk=False)
if response['results']['response_code'] == 1 and 'Scan request successfully queued' in response['results']['verbose_msg']:
print "File Uploaded and pending"
state = 'pending'
else:
print response
state = 'error'
vt_results = None
# Else just get the results
else:
# get results from VT
response = vt.get_file_report(sha256)
vt_results = {}
# Valid response
if response['response_code'] == 200:
print "Valid Response from server"
# Not present in data set prompt to uploads
if response['results']['response_code'] == 0:
state = 'missing'
# Still Pending
elif response['results']['response_code'] == -2:
# Still Pending
state = 'pending'
# Results availiable
elif response['results']['response_code'] == 1:
vt_results['permalink'] = response['results']['permalink']
vt_results['total'] = response['results']['total']
vt_results['positives'] = response['results']['positives']
vt_results['scandate'] = response['results']['scan_date']
vt_results['scans'] = response['results']['scans']
# Store the results in datastore
state = 'complete'
store_data = {'file_id': file_id, 'vt': vt_results}
db.create_datastore(store_data)
self.render_type = 'file'
self.render_data = {'VirusTotalSearch': {'state': state, 'vt_results': vt_results, 'file_id': file_id}}