如何为URL使用VT api脚本 [英] How to use VT api script for URL
问题描述
这是我正在处理的代码:
import 请求
import argparse
import os
import time
def checkkey(kee):
尝试:
如果 len(kee)== 64 :
return kee
else :
print 您的密钥有问题。不是64位字母数字字符。
exit()
除了例外,e:
print e
def checkhash(hsh):
尝试:
如果 len(hsh)== 32 :
return hsh
elif len()== 40 :
return hsh
elif len(hsh)== 64 :
return hsh
else :
print 哈希输入看似无效。
exit()
除了例外,e :
print e
def fileexists(filepath):
尝试:
如果 os.path.isfile(filepath):
return filepath
else :
print 没有文件位于: + filepath
exit()
< span class =code-keyword> except 例外,e:
print e
def main():
parser = argparse.ArgumentParser(description = 对病毒总数进行查询哈希。)
parser.add_argument(' - i' ,' - input',type = fileexists,required = False,help = < span class =code-string>' 输入文件位置EX:/Desktop/Somewhere/input.txt')
parser.add_argument (' - o' ,' - output',required = True,help = ' 输出文件位置EX:/Desktop/Somewhere/output.txt')
parser.add_argument(' - H',' - hash',type = checkhash,required = False,help = ' Single Hash EX:d41d8cd98f00b204e9800998ecf8427e ')
parser.add_argument(' - k',' - key',type = checkkey,required = True,help = ' VT API密钥EX:ASDFADSFDSFASDFADSFDSFADSF')
parser.add_argument('' - u',' - unlimited',action = ' store_const' ,const = 1,required = False,help = ' 将26秒睡眠定时器更改为1。 )
args = parser.parse_args()
# 运行单个哈希+密钥
如果 args.hash 和 args.key:
file = open(args.output,' w +')
file.write(' 以下是已识别的恶意文件。\ nn \ n' )
file.close()
VT_Request(args.key,args.hash.rstrip(),args.output)
# 运行输入文件+密钥
elif args.input 和 args.key:
file = open(args.output,' < span class =code-string> w +')
file.write(' 下面是已识别的恶意文件。\ nn \ n')
file.close()
打开(args。输入) as o:
行 in o.readlines():
VT_Request(args.key,line.rstrip(),args.output)
if args .unlimited == 1 :
time.sleep( 1 )
else :
time.sleep( 26 )
def VT_Request(密钥,哈希,输出):
params = {' apikey':key,' resource':hash}
url = requests.get(' https://www.virustotal.com/vtapi/v2/file/report',params = params)
json_response = url.json()
print json_response
response = int(json_response.get (' response_code'))
if response == 0 :
print hash + ' 不在病毒总计'
file = open(输出,' a')
file.write(hash + ' 不在病毒总计')
file.write(' \ n')
file.close()
elif response == 1 :
positives = int(json_response.get(' positives' ))
如果 positives == 0 :
print hash + ' 不是恶意的'
file = open(输出,' a')
file.write(hash + ' 不是恶意')
file.write(' \ n')
file.close()
else :
print hash + ' 是恶意的'
file = open(输出,' a')
file.write(hash + ' 是恶意的。命中数:' + str(正数))
file.write(' \ n ')
file.close()
else :
print 无法搜索hash + ' 。请稍后再试。'
# 执行程序
如果 __name__ == ' __ main __':
main()
此代码返回病毒总数检查的哈希的信誉。我希望它用于URL。
我尝试了什么:
将它用于URL I将checkhash函数名称更改为checkurl,因为名称包含它。此外,VT用于返回URL分数值的URL更改为
url = requests.get(' https://www.virustotal.com/vtapi/v2/file/report',params = params)
to
https:/ /www.virustotal.com/vtapi/v2/url/scan
。
我还修改了函数来检查哈希的长度。< br $> b $ b
def checkhash( hsh):
尝试:
如果 len(hsh)== 32 :
return hsh
elif len()== 40 :
return hsh
elif len(hsh)== 64 :
return hsh
else :
print 哈希输入看似无效。
exit()
除了例外,e:
print e
删除所有逻辑和定义的checkurl。
我在这些更改后收到错误。请帮助
len()只取一个参数(0给定)
但是我修改了函数
checkhash
并删除了.Earlier如下:
def checkhash():
尝试:
if len(hsh )== 32:
返回hsh
elif len()== 40:
返回hsh
elif len(hsh)== 64:
返回hsh
else:
print(哈希输入看似无效。)
exit()
除了例外e:
print(e)
我已经删除了所有这些东西,因为我在这里检查你的情人所以不需要检查长度
This is the code I am working onto:
import requests
import argparse
import os
import time
def checkkey(kee):
try:
if len(kee) == 64:
return kee
else:
print "There is something wrong with your key. Not 64 Alpha Numeric characters."
exit()
except Exception, e:
print e
def checkhash(hsh):
try:
if len(hsh) == 32:
return hsh
elif len() == 40:
return hsh
elif len(hsh) == 64:
return hsh
else:
print "The Hash input does not appear valid."
exit()
except Exception, e:
print e
def fileexists(filepath):
try:
if os.path.isfile(filepath):
return filepath
else:
print "There is no file at:" + filepath
exit()
except Exception, e:
print e
def main():
parser = argparse.ArgumentParser(description="Query hashes against Virus Total.")
parser.add_argument('-i', '--input', type=fileexists, required=False, help='Input File Location EX: /Desktop/Somewhere/input.txt')
parser.add_argument('-o', '--output', required=True, help='Output File Location EX: /Desktop/Somewhere/output.txt ')
parser.add_argument('-H', '--hash', type=checkhash, required=False, help='Single Hash EX: d41d8cd98f00b204e9800998ecf8427e')
parser.add_argument('-k', '--key', type=checkkey, required=True, help='VT API Key EX: ASDFADSFDSFASDFADSFDSFADSF')
parser.add_argument('-u', '--unlimited', action='store_const', const=1, required=False, help='Changes the 26 second sleep timer to 1.')
args = parser.parse_args()
#Run for a single hash + key
if args.hash and args.key:
file = open(args.output,'w+')
file.write('Below is the identified malicious file.\n\n')
file.close()
VT_Request(args.key, args.hash.rstrip(), args.output)
#Run for an input file + key
elif args.input and args.key:
file = open(args.output,'w+')
file.write('Below are the identified malicious files.\n\n')
file.close()
with open(args.input) as o:
for line in o.readlines():
VT_Request(args.key, line.rstrip(), args.output)
if args.unlimited == 1:
time.sleep(1)
else:
time.sleep(26)
def VT_Request(key, hash, output):
params = {'apikey': key, 'resource': hash}
url = requests.get('https://www.virustotal.com/vtapi/v2/file/report', params=params)
json_response = url.json()
print json_response
response = int(json_response.get('response_code'))
if response == 0:
print hash + ' is not in Virus Total'
file = open(output,'a')
file.write(hash + ' is not in Virus Total')
file.write('\n')
file.close()
elif response == 1:
positives = int(json_response.get('positives'))
if positives == 0:
print hash + ' is not malicious'
file = open(output,'a')
file.write(hash + ' is not malicious')
file.write('\n')
file.close()
else:
print hash + ' is malicious'
file = open(output,'a')
file.write(hash + ' is malicious. Hit Count:' + str(positives))
file.write('\n')
file.close()
else:
print hash + ' could not be searched. Please try again later.'
# execute the program
if __name__ == '__main__':
main()
This code returns reputation for the hash checked at virus total .I want it to use for URL .
What I have tried:
For using it for URL I changed the checkhash function name to checkurl as the name has it.Also the URL used by VT for returning the value of URL score is changed in
url = requests.get('https://www.virustotal.com/vtapi/v2/file/report', params=params)
to
https://www.virustotal.com/vtapi/v2/url/scan
.
I also modified the function to check length of hash.
def checkhash(hsh):
try:
if len(hsh) == 32:
return hsh
elif len() == 40:
return hsh
elif len(hsh) == 64:
return hsh
else:
print "The Hash input does not appear valid."
exit()
except Exception, e:
print e
Removed all the logic and defined checkurl only .
I am getting error after these changes.Please help
Error I am facing is :
len() takes exactly one argument (0 given)
However I have modified functioncheckhashand removed.Earlier is was as follows:
def checkhash():
try: if len(hsh) == 32: return hsh elif len() == 40: return hsh elif len(hsh) == 64: return hsh else: print ("The Hash input does not appear valid.") exit() except Exception as e: print (e)
I have removed all this stuff as I am checking ur lover here so no need to check the length
这篇关于如何为URL使用VT api脚本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!