Una imagen :
El codigo :
Código
// VirusTotal Scanner 0.1 // (C) Doddy Hackman 2013 unit virus; interface uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs, sSkinManager, IdBaseComponent, IdComponent, IdTCPConnection, IdTCPClient, IdHTTP, StdCtrls, sButton, sMemo, IdMultipartFormData, DBXJSON, PerlRegEx, IdHashMessageDigest, idHash, sEdit, sGroupBox, ComCtrls, sListView, sStatusBar, acPNG, ExtCtrls; type TForm1 = class(TForm) IdHTTP1: TIdHTTP; sSkinManager1: TsSkinManager; PerlRegEx1: TPerlRegEx; sGroupBox1: TsGroupBox; sEdit1: TsEdit; OpenDialog1: TOpenDialog; sGroupBox2: TsGroupBox; sListView1: TsListView; sStatusBar1: TsStatusBar; sGroupBox3: TsGroupBox; sMemo1: TsMemo; sGroupBox4: TsGroupBox; sButton1: TsButton; sButton2: TsButton; sButton4: TsButton; sButton5: TsButton; Image1: TImage; procedure FormCreate(Sender: TObject); procedure sButton1Click(Sender: TObject); procedure sButton2Click(Sender: TObject); procedure sButton4Click(Sender: TObject); procedure sButton5Click(Sender: TObject); private { Private declarations } public { Public declarations } end; var Form1: TForm1; implementation {$R *.dfm} function convertirmd5(const archivo: string): string; var valormd5: TIdHashMessageDigest5; archivox: TFileStream; begin valormd5 := TIdHashMessageDigest5.Create; archivox := TFileStream.Create(archivo, fmOpenRead); Result := valormd5.HashStreamAsHex(archivox) end; procedure TForm1.FormCreate(Sender: TObject); var dir: string; begin sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data'; sSkinManager1.SkinName := 'falloutstyle'; sSkinManager1.Active := True; end; procedure TForm1.sButton1Click(Sender: TObject); begin OpenDialog1.InitialDir := GetCurrentDir; if OpenDialog1.Execute then begin sEdit1.Text := OpenDialog1.filename; end; end; procedure TForm1.sButton2Click(Sender: TObject); var datos: TIdMultiPartFormDataStream; code: string; antivirus: string; resultado: string; html: string; begin if FileExists(sEdit1.Text) then begin sMemo1.Clear; sListView1.Clear; sStatusBar1.Panels[0].Text := '[+] Scanning ...'; Form1.sStatusBar1.Update; datos := TIdMultiPartFormDataStream.Create; datos.AddFormField('resource', convertirmd5(sEdit1.Text)); datos.AddFormField('apikey', 'fuck you'); code := IdHTTP1.Post('http://www.virustotal.com/vtapi/v2/file/report', datos); code := StringReplace(code, '{"scans":', '', [rfReplaceAll, rfIgnoreCase]); PerlRegEx1.Regex := '"(.*?)": {"detected": (.*?), "version": (.*?), "result": (.*?), "update": (.*?)}'; PerlRegEx1.Subject := code; while PerlRegEx1.MatchAgain do begin antivirus := PerlRegEx1.SubExpressions[1]; resultado := PerlRegEx1.SubExpressions[4]; resultado := StringReplace (resultado, '"', '', [rfReplaceAll, rfIgnoreCase]); with sListView1.Items.Add do begin Caption := antivirus; if (resultado = 'null') then begin SubItems.Add('Clean'); end else begin SubItems.Add(resultado); end; end; end; PerlRegEx1.Regex := '"scan_id": "(.*?)"'; PerlRegEx1.Subject := code; if PerlRegEx1.Match then begin sMemo1.Lines.Add('[+] Scan_ID : ' + PerlRegEx1.SubExpressions[1]); end; PerlRegEx1.Regex := '"scan_date": "(.*?)"'; PerlRegEx1.Subject := code; if PerlRegEx1.Match then begin sMemo1.Lines.Add('[+] Scan_Date : ' + PerlRegEx1.SubExpressions[1]); end; PerlRegEx1.Regex := '"permalink": "(.*?)"'; PerlRegEx1.Subject := code; if PerlRegEx1.Match then begin sMemo1.Lines.Add('[+] PermaLink : ' + PerlRegEx1.SubExpressions[1]); end; PerlRegEx1.Regex := '"verbose_msg": "(.*?)", "total": (.*?), "positives": (.*?),'; PerlRegEx1.Subject := code; if PerlRegEx1.Match then begin sMemo1.Lines.Add('[+] Founds : ' + PerlRegEx1.SubExpressions[3] + '/' + PerlRegEx1.SubExpressions[2]); end; sStatusBar1.Panels[0].Text := '[+] Done'; Form1.sStatusBar1.Update; end else begin sStatusBar1.Panels[0].Text := '[-] File Not Found'; Form1.sStatusBar1.Update; end; end; procedure TForm1.sButton4Click(Sender: TObject); begin ShowMessage('Contact to lepuke[at]hotmail[com]'); end; procedure TForm1.sButton5Click(Sender: TObject); begin Form1.Close(); end; end. // The End ?
Si lo quieren bajar lo pueden hacer de aca.