// VirusTotal Scanner 0.1
// (C) Doddy Hackman 2013
unit virus;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, sSkinManager, IdBaseComponent, IdComponent, IdTCPConnection,
IdTCPClient, IdHTTP, StdCtrls, sButton, sMemo, IdMultipartFormData, DBXJSON,
PerlRegEx, IdHashMessageDigest, idHash, sEdit, sGroupBox, ComCtrls, sListView,
sStatusBar, acPNG, ExtCtrls;
type
TForm1 = class(TForm)
IdHTTP1: TIdHTTP;
sSkinManager1: TsSkinManager;
PerlRegEx1: TPerlRegEx;
sGroupBox1: TsGroupBox;
sEdit1: TsEdit;
OpenDialog1: TOpenDialog;
sGroupBox2: TsGroupBox;
sListView1: TsListView;
sStatusBar1: TsStatusBar;
sGroupBox3: TsGroupBox;
sMemo1: TsMemo;
sGroupBox4: TsGroupBox;
sButton1: TsButton;
sButton2: TsButton;
sButton4: TsButton;
sButton5: TsButton;
Image1: TImage;
procedure FormCreate(Sender: TObject);
procedure sButton1Click(Sender: TObject);
procedure sButton2Click(Sender: TObject);
procedure sButton4Click(Sender: TObject);
procedure sButton5Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
function convertirmd5(const archivo: string): string;
var
valormd5: TIdHashMessageDigest5;
archivox: TFileStream;
begin
valormd5 := TIdHashMessageDigest5.Create;
archivox := TFileStream.Create(archivo, fmOpenRead);
Result := valormd5.HashStreamAsHex(archivox)
end;
procedure TForm1.FormCreate(Sender: TObject);
var
dir: string;
begin
sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
sSkinManager1.SkinName := 'falloutstyle';
sSkinManager1.Active := True;
end;
procedure TForm1.sButton1Click(Sender: TObject);
begin
OpenDialog1.InitialDir := GetCurrentDir;
if OpenDialog1.Execute then
begin
sEdit1.Text := OpenDialog1.filename;
end;
end;
procedure TForm1.sButton2Click(Sender: TObject);
var
datos: TIdMultiPartFormDataStream;
code: string;
antivirus: string;
resultado: string;
html: string;
begin
if FileExists(sEdit1.Text) then
begin
sMemo1.Clear;
sListView1.Clear;
sStatusBar1.Panels[0].Text := '[+] Scanning ...';
Form1.sStatusBar1.Update;
datos := TIdMultiPartFormDataStream.Create;
datos.AddFormField('resource', convertirmd5(sEdit1.Text));
datos.AddFormField('apikey',
'fuck you');
code := IdHTTP1.Post('http://www.virustotal.com/vtapi/v2/file/report',
datos);
code := StringReplace(code, '{"scans":', '', [rfReplaceAll, rfIgnoreCase]);
PerlRegEx1.Regex :=
'"(.*?)": {"detected": (.*?), "version": (.*?), "result": (.*?), "update": (.*?)}';
PerlRegEx1.Subject := code;
while PerlRegEx1.MatchAgain do
begin
antivirus := PerlRegEx1.SubExpressions[1];
resultado := PerlRegEx1.SubExpressions[4];
resultado := StringReplace
(resultado, '"', '', [rfReplaceAll, rfIgnoreCase]);
with sListView1.Items.Add do
begin
Caption := antivirus;
if (resultado = 'null') then
begin
SubItems.Add('Clean');
end
else
begin
SubItems.Add(resultado);
end;
end;
end;
PerlRegEx1.Regex := '"scan_id": "(.*?)"';
PerlRegEx1.Subject := code;
if PerlRegEx1.Match then
begin
sMemo1.Lines.Add('[+] Scan_ID : ' + PerlRegEx1.SubExpressions[1]);
end;
PerlRegEx1.Regex := '"scan_date": "(.*?)"';
PerlRegEx1.Subject := code;
if PerlRegEx1.Match then
begin
sMemo1.Lines.Add('[+] Scan_Date : ' + PerlRegEx1.SubExpressions[1]);
end;
PerlRegEx1.Regex := '"permalink": "(.*?)"';
PerlRegEx1.Subject := code;
if PerlRegEx1.Match then
begin
sMemo1.Lines.Add('[+] PermaLink : ' + PerlRegEx1.SubExpressions[1]);
end;
PerlRegEx1.Regex :=
'"verbose_msg": "(.*?)", "total": (.*?), "positives": (.*?),';
PerlRegEx1.Subject := code;
if PerlRegEx1.Match then
begin
sMemo1.Lines.Add('[+] Founds : ' + PerlRegEx1.SubExpressions[3]
+ '/' + PerlRegEx1.SubExpressions[2]);
end;
sStatusBar1.Panels[0].Text := '[+] Done';
Form1.sStatusBar1.Update;
end
else
begin
sStatusBar1.Panels[0].Text := '[-] File Not Found';
Form1.sStatusBar1.Update;
end;
end;
procedure TForm1.sButton4Click(Sender: TObject);
begin
ShowMessage('Contact to lepuke[at]hotmail[com]');
end;
procedure TForm1.sButton5Click(Sender: TObject);
begin
Form1.Close();
end;
end.
// The End ?