Module: Uirusu::VTFile

Defined in:
lib/uirusu/vtfile.rb

Overview

Module for Accessing the File scan and report functionalities of the Virustotal.com public API

Constant Summary collapse

SCAN_URL = 
Uirusu::VT_API + "/file/scan"
RESCAN_URL = 
Uirusu::VT_API + "/file/rescan"
REPORT_URL = 
Uirusu::VT_API + "/file/report"

Class Method Summary collapse

Class Method Details

.query_report(api_key, resource) ⇒ JSON

Queries a report from Virustotal.com

Parameters:

  • api_key

    Virustotal.com API key

  • resource

    MD5/sha1/sha256/scan_id to search for

Returns:

  • (JSON)

    Parsed response



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/uirusu/vtfile.rb', line 36

def VTFile.query_report(api_key, resource)
	if api_key == nil
		raise "Invalid API Key"
	end

	if resource == nil
		raise "Invalid resource, must be md5/sha1/sha256/scan_id"
	end

	response = RestClient.post REPORT_URL, :apikey => api_key, :resource => resource

	case response.code
		when 429, 204
			raise "Virustotal limit reached. Try again later."
		when 403
			raise "Invalid privileges, please check your API key."
		when 200
			JSON.parse(response)
		when 500
			nil
		else
			raise "Unknown Server error."
	end
end

.rescan_file(api_key, resource) ⇒ JSON

Requests an existing file to be rescanned.

Parameters:

  • api_key

    Virustotal.com API key

  • resource

    MD5/sha1/sha256/scan_id to rescan

Returns:

  • (JSON)

    Parsed response



96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/uirusu/vtfile.rb', line 96

def self.rescan_file(api_key, resource)
	if api_key == nil
		raise "Invalid API Key"
	end

	if resource == nil
		raise "Invalid resource, must be md5/sha1/sha256/scan_id"
	end

	response = RestClient.post RESCAN_URL, :apikey => api_key, :resource => resource

	case response.code
		when 429, 204
			raise "Virustotal limit reached. Try again later."
		when 403
			raise "Invalid privileges, please check your API key."
		when 200
			JSON.parse(response)
		when 500
			nil
		else
			raise "Unknown Server error."
	end
end

.scan_file(api_key, path_to_file) ⇒ JSON

Submits a file to Virustotal.com for analysis

Parameters:

  • api_key

    Virustotal.com API key

  • path_to_file

    Path to file on disk to upload

Returns:

  • (JSON)

    Parsed response



67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
# File 'lib/uirusu/vtfile.rb', line 67

def self.scan_file(api_key, path_to_file)
	if !File.exists?(path_to_file)
		raise Errno::ENOENT
	end

	if api_key == nil
		raise "Invalid API Key"
	end

	response = RestClient.post SCAN_URL, :apikey => api_key, :filename=> path_to_file, :file => File.new(path_to_file, 'rb')

	case response.code
		when 429, 204
			raise "Virustotal limit reached. Try again later."
		when 403
			raise "Invalid privileges, please check your API key."
		when 200
			JSON.parse(response)
		else
			raise "Unknown Server error."
	end
end