Module: Uirusu::VTFile

Defined in:
lib/uirusu/vtfile.rb

Overview

Module for Accessing the File scan and report functionalities of the Virustotal.com public API

Constant Summary collapse

SCAN_URL = 
Uirusu::VT_API + "/file/scan"
RESCAN_URL = 
Uirusu::VT_API + "/file/rescan"
REPORT_URL = 
Uirusu::VT_API + "/file/report"

Class Method Summary collapse

Class Method Details

.query_report(api_key, resource) ⇒ JSON

Queries a report from Virustotal.com

Parameters:

  • api_key

    Virustotal.com API key

  • resource

    MD5/sha1/sha256/scan_id to search for

Returns:

  • (JSON)

    Parsed response



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/uirusu/vtfile.rb', line 42

def VTFile.query_report(api_key, resource)
	if api_key == nil
		raise "Invalid API Key"
	end

	if resource == nil
		raise "Invalid resource, must be md5/sha1/sha256/scan_id"
	end

	response = RestClient.post REPORT_URL, :apikey => api_key, :resource => resource

	case response.code
		when 429, 204
			raise "Virustotal limit reached. Try again later."
		when 403
			raise "Invalid privileges, please check your API key."
		when 200
			JSON.parse(response)
		when 500
			nil
		else
			raise "Unknown Server error."
	end
end

.rescan_file(api_key, resource) ⇒ JSON

Requests an existing file to be rescanned.

Parameters:

  • api_key

    Virustotal.com API key

  • resource

    MD5/sha1/sha256/scan_id to rescan

Returns:

  • (JSON)

    Parsed response



102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
# File 'lib/uirusu/vtfile.rb', line 102

def self.rescan_file(api_key, resource)
	if api_key == nil
		raise "Invalid API Key"
	end

	if resource == nil
		raise "Invalid resource, must be md5/sha1/sha256/scan_id"
	end

	response = RestClient.post RESCAN_URL, :apikey => api_key, :resource => resource

	case response.code
		when 429, 204
			raise "Virustotal limit reached. Try again later."
		when 403
			raise "Invalid privileges, please check your API key."
		when 200
			JSON.parse(response)
		when 500
			nil
		else
			raise "Unknown Server error."
	end
end

.scan_file(api_key, path_to_file) ⇒ JSON

Submits a file to Virustotal.com for analysis

Parameters:

  • api_key

    Virustotal.com API key

  • path_to_file

    Path to file on disk to upload

Returns:

  • (JSON)

    Parsed response



73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'lib/uirusu/vtfile.rb', line 73

def self.scan_file(api_key, path_to_file)
	if !File.exists?(path_to_file)
		raise Errno::ENOENT
	end

	if api_key == nil
		raise "Invalid API Key"
	end

	response = RestClient.post SCAN_URL, :apikey => api_key, :filename=> path_to_file, :file => File.new(path_to_file, 'rb')

	case response.code
		when 429, 204
			raise "Virustotal limit reached. Try again later."
		when 403
			raise "Invalid privileges, please check your API key."
		when 200
			JSON.parse(response)
		else
			raise "Unknown Server error."
	end
end