elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Entrar al Canal Oficial Telegram de elhacker.net


+  Foro de elhacker.net
|-+  Programación
| |-+  Scripting
| | |-+  [AutoIt] VirusTotal API 2.0 UDF
0 Usuarios y 1 Visitante están viendo este tema.
Páginas: [1] Ir Abajo Respuesta Imprimir
Autor Tema: [AutoIt] VirusTotal API 2.0 UDF  (Leído 3,825 veces)
Danyfirex


Desconectado Desconectado

Mensajes: 493


My Dear Mizuho


Ver Perfil
[AutoIt] VirusTotal API 2.0 UDF
« en: 4 Junio 2013, 13:40 pm »

Bueno aquí una una UDF que tenias hace unos días lita pero ayer me decidí a actualizarla.  ;D


Requiere  winhttp

http://www.autoitscript.com/forum/topic/84133-winhttp-functions/?hl=winhttp


Ejemplo:

Código
  1. #include <Crypt.au3>
  2. #include "VT.au3"
  3.  
  4. Example()
  5.  
  6. Func Example()
  7.  
  8.    _Crypt_Startup()
  9.    Local $sFilePath = @WindowsDir & "\Explorer.exe"
  10.  
  11.    Local $bHash = _Crypt_HashFile($sFilePath, $CALG_MD5)
  12.   _Crypt_Shutdown()
  13.    Local $hVirusTotal = VT_Open()
  14.    Local $APIkey='Your API key'
  15.    ConsoleWrite(VT($hVirusTotal, $fReport, '20c83c1c5d1289f177bc222d248dab261a62529b19352d7c0f965039168c0654',$APIkey) & @CRLF)
  16.    ConsoleWrite(VT($hVirusTotal, $fScan, $sFilePath,$APIkey) & @CRLF)
  17.    ConsoleWrite(VT($hVirusTotal, $fRescan, hex($bHash),$APIkey) & @CRLF)
  18.    ConsoleWrite(VT($hVirusTotal, $uReport, "http://www.virustotal.com",$APIkey) & @CRLF)
  19.    ConsoleWrite(VT($hVirusTotal, $uScan, "http://www.google.com",$APIkey) & @CRLF)
  20.    ConsoleWrite(VT($hVirusTotal, $Comment, hex($bHash) ,$APIkey,"Hello Word | Hola Mundo") & @CRLF)
  21.    VT_Close($hVirusTotal) ;
  22. EndFunc   ;==>Example
  23.  


VT.au3 UDF

Código
  1. #include-once
  2. #include "WinHttp.au3"
  3.  
  4. ; #INDEX# =================================================================================================
  5. ; Title .........: VT.au3
  6. ; AutoIt Version : 3.3.8.1
  7. ; Language ......: English
  8. ; Description ...: VirusTotal public API version 2.0 implementation in Autoit
  9. ;thanks to: trancexx|ProgAndy "WinHttp.au3"  ||| guinness "Suggestions+Snippets ||| www.virustotal.com
  10. ;Reference https://www.virustotal.com/es/documentation/public-api
  11. ;Written by Danyfirex
  12. ;Date 12/05/2013 | Update 03/06/2013
  13. ; #FUNCTION# =============================================================================================
  14.  
  15.  
  16.  
  17.  
  18. ;===================CONSTANTS/CONSTANTES=======================
  19. Global Const $__sVirusTotal_Page = 'www.virustotal.com'
  20. Global Enum $eAPI_HttpOpen, $eAPI_HttpConnect
  21. Global Enum $fReport,$fScan,$fRescan,$uReport,$uScan,$Comment
  22. Global Const $tURL[6]=['/vtapi/v2/file/report','/vtapi/v2/file/scan','/vtapi/v2/file/rescan', _
  23.                       '/vtapi/v2/url/report','/vtapi/v2/url/scan','/vtapi/v2/comments/put']
  24. ;==============================================================
  25.  
  26.  
  27. ; #FUNCTIONS/FUNCIONES# =======================================
  28. ;VT() ;Use respective flag($Type)
  29. ;VT(ByRef $aAPI, $Type, $sResource, $sAPIkey,$Comments="")
  30. ;flags($Type)
  31. ;$fReport = retrieve a scan report on a given file
  32. ;$fScan   = submit a file for Scanning
  33. ;$fRescan = Rescan files in VirusTotal's file store
  34. ;$uReport = retrieve a scan report on a given URL
  35. ;$uScan   = submit a URL for Scanning
  36. ;$Comment = Make a commnet on files and URLs
  37. ; ==============================================================
  38.  
  39.  
  40.  
  41. ; #FUNCTION# =============================================================================================
  42. ; Name...........: VT_Open
  43. ; Description ...: Initialize and get session handle & connection handle
  44. ; Syntax.........: VT_Open()
  45. ; guinness
  46. ; #FUNCTION# =============================================================================================
  47. Func VT_Open()
  48.    Local $aAPI[2] = [0, 0]
  49.    $aAPI[$eAPI_HttpOpen] = _WinHttpOpen()
  50.    If @error Then $aAPI[$eAPI_HttpOpen] = -1
  51.    $aAPI[$eAPI_HttpConnect] = _WinHttpConnect($aAPI[$eAPI_HttpOpen], $__sVirusTotal_Page)
  52.    If @error Then $aAPI[$eAPI_HttpConnect] = -1
  53.    Return $aAPI
  54. EndFunc   ;==>VT_Open
  55.  
  56.  
  57. ; #FUNCTION# =============================================================================================
  58. ; Name...........: VT_Close
  59. ; Description ...: Close handles
  60. ; Syntax.........: VT_Close($handle)
  61. ;guinness
  62. ; #FUNCTION# =============================================================================================
  63. Func VT_Close(ByRef Const $aAPI)
  64.    _WinHttpCloseHandle($aAPI[$eAPI_HttpOpen])
  65.    _WinHttpCloseHandle($aAPI[$eAPI_HttpConnect])
  66.    Return True
  67. EndFunc   ;==>VT_Close
  68.  
  69.  
  70.  
  71. ; #FUNCTION# =============================================================================================
  72. ; Name...........: VT
  73. ; Syntax.........: VT(ByRef $aAPI, $Type, $sResource, $sAPIkey,$Comments="")
  74. ;VT($hVirusTotal, $fReport, '20c83c1c5d1289f177bc222d248dab261a62529b19352d7c0f965039168c0654',$APIkey)
  75. ;VT($hVirusTotal, $fScan, "C:\file.exe",$APIkey)
  76. ;VT($hVirusTotal, $fRescan, hex($bHash),$APIkey)
  77. ;VT($hVirusTotal, $uReport, "http://www.virustotal.com",$APIkey)
  78. ;VT($hVirusTotal, $uScan, "http://www.google.com",$APIkey)
  79. ;VT($hVirusTotal, $Comment, hex($bHash) ,$APIkey,"Hello Word | Hola Mundo")
  80. ; Parameters....: $Resource - md5/sha1/sha256/scan_id | filename | Url | respectively for flag($Type)
  81. ;                 $APIkey -  your API key.
  82. ;                 $Comments - your Comments
  83. ;Return.........; response format is a JSON object
  84. ; #FUNCTION# =============================================================================================
  85. Func VT(ByRef $aAPI, $Type, $sResource, $sAPIkey,$Comments="")
  86.  
  87.    If $aAPI[$eAPI_HttpConnect] = -1 Then $aAPI = VT_Open()
  88.  
  89. Select ;$fReport,$fScan,$fRescan,$uReport,$uScan,$Comment
  90.    Case $Type = $fReport
  91.         Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], 'POST', $tURL[$Type], Default, 'resource=' & $sResource & '&key=' & $sAPIkey)
  92.  
  93. Case $Type = $fScan
  94.  Local $sBoundary="--------Boundary"
  95.  Local $sHeaders = "Content-Type: multipart/form-data; boundary=" & $sBoundary & @CRLF
  96.  Local $sData = ''
  97.    $sData &= "--" & $sBoundary & @CRLF
  98. $sData &= 'Content-Disposition: form-data; name="apikey"' & @CRLF & @CRLF & $sAPIkey & @CRLF
  99. $sData &= "--" & $sBoundary & @CRLF
  100. $sData &= __WinHttpFileContent("", "file", $sResource,$sBoundary)
  101. $sData &= "--" & $sBoundary & "--" & @CRLF
  102. Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], "POST", $tURL[$Type], Default, StringToBinary($sData,0), $sHeaders)
  103.  
  104. Case $Type = $fRescan
  105.         Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], "POST", "/vtapi/v2/file/rescan", Default, "resource=" & $sResource &"&key=" & $sAPIkey)
  106.  
  107. Case $Type = $uReport
  108.         Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], 'POST', $tURL[$Type], Default, 'resource=' & $sResource & '&key=' & $sAPIkey)
  109.  
  110. Case $Type = $uScan
  111.         Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], 'POST', $tURL[$Type], Default, 'url=' & $sResource & '&key=' & $sAPIkey)
  112.  
  113. Case $Type = $Comment
  114.         return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], "POST", "/vtapi/v2/comments/put", Default, "resource=" & $sResource & _
  115. "&comment=" & $Comments & "&key=" & $sAPIkey)
  116.  
  117.    Case Else
  118.        SetError(3)
  119. EndSelect
  120.  
  121. EndFunc   ;==>VT
  122.  


Saludos


« Última modificación: 4 Junio 2013, 14:29 pm por EleKtro H@cker » En línea

Páginas: [1] Ir Arriba Respuesta Imprimir 

Ir a:  

Mensajes similares
Asunto Iniciado por Respuestas Vistas Último mensaje
no puedo entrar a virustotal.com
Redes
javirojas 1 3,765 Último mensaje 2 Mayo 2010, 18:50 pm
por Banker25
WTF!? Es posible!?(Virustotal) « 1 2 »
Seguridad
CAR3S? 15 10,373 Último mensaje 23 Octubre 2011, 18:36 pm
por 2Fac3R
[Perl] VirusTotal Scanner 0.1
Scripting
BigBear 4 3,260 Último mensaje 17 Mayo 2013, 18:43 pm
por BigBear
VirusTotal es seguro ?
Seguridad
xpuns 2 3,889 Último mensaje 18 Noviembre 2015, 00:57 am
por boy-ka
alternativa a virustotal
Análisis y Diseño de Malware
Flamer 3 3,263 Último mensaje 21 Noviembre 2018, 22:51 pm
por rub'n
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines