0 Usuarios y 1 Visitante están viendo este tema.
#include <Crypt.au3>#include "VT.au3"Example()Func Example() _Crypt_Startup() Local $sFilePath = @WindowsDir & "\Explorer.exe" Local $bHash = _Crypt_HashFile($sFilePath, $CALG_MD5) _Crypt_Shutdown() Local $hVirusTotal = VT_Open() Local $APIkey='Your API key' ConsoleWrite(VT($hVirusTotal, $fReport, '20c83c1c5d1289f177bc222d248dab261a62529b19352d7c0f965039168c0654',$APIkey) & @CRLF) ConsoleWrite(VT($hVirusTotal, $fScan, $sFilePath,$APIkey) & @CRLF) ConsoleWrite(VT($hVirusTotal, $fRescan, hex($bHash),$APIkey) & @CRLF) ConsoleWrite(VT($hVirusTotal, $uReport, "http://www.virustotal.com",$APIkey) & @CRLF) ConsoleWrite(VT($hVirusTotal, $uScan, "http://www.google.com",$APIkey) & @CRLF) ConsoleWrite(VT($hVirusTotal, $Comment, hex($bHash) ,$APIkey,"Hello Word | Hola Mundo") & @CRLF) VT_Close($hVirusTotal) ;EndFunc ;==>Example
#include-once #include "WinHttp.au3"; #INDEX# =================================================================================================; Title .........: VT.au3; AutoIt Version : 3.3.8.1; Language ......: English; Description ...: VirusTotal public API version 2.0 implementation in Autoit;thanks to: trancexx|ProgAndy "WinHttp.au3" ||| guinness "Suggestions+Snippets ||| www.virustotal.com;Reference https://www.virustotal.com/es/documentation/public-api;Written by Danyfirex;Date 12/05/2013 | Update 03/06/2013; #FUNCTION# =============================================================================================;===================CONSTANTS/CONSTANTES=======================Global Const $__sVirusTotal_Page = 'www.virustotal.com'Global Enum $eAPI_HttpOpen, $eAPI_HttpConnectGlobal Enum $fReport,$fScan,$fRescan,$uReport,$uScan,$CommentGlobal Const $tURL[6]=['/vtapi/v2/file/report','/vtapi/v2/file/scan','/vtapi/v2/file/rescan', _ '/vtapi/v2/url/report','/vtapi/v2/url/scan','/vtapi/v2/comments/put'];==============================================================; #FUNCTIONS/FUNCIONES# =======================================;VT() ;Use respective flag($Type);VT(ByRef $aAPI, $Type, $sResource, $sAPIkey,$Comments="");flags($Type);$fReport = retrieve a scan report on a given file;$fScan = submit a file for Scanning;$fRescan = Rescan files in VirusTotal's file store;$uReport = retrieve a scan report on a given URL;$uScan = submit a URL for Scanning;$Comment = Make a commnet on files and URLs; ==============================================================; #FUNCTION# =============================================================================================; Name...........: VT_Open; Description ...: Initialize and get session handle & connection handle; Syntax.........: VT_Open(); guinness; #FUNCTION# =============================================================================================Func VT_Open() Local $aAPI[2] = [0, 0] $aAPI[$eAPI_HttpOpen] = _WinHttpOpen() If @error Then $aAPI[$eAPI_HttpOpen] = -1 $aAPI[$eAPI_HttpConnect] = _WinHttpConnect($aAPI[$eAPI_HttpOpen], $__sVirusTotal_Page) If @error Then $aAPI[$eAPI_HttpConnect] = -1 Return $aAPIEndFunc ;==>VT_Open; #FUNCTION# =============================================================================================; Name...........: VT_Close; Description ...: Close handles; Syntax.........: VT_Close($handle);guinness; #FUNCTION# =============================================================================================Func VT_Close(ByRef Const $aAPI) _WinHttpCloseHandle($aAPI[$eAPI_HttpOpen]) _WinHttpCloseHandle($aAPI[$eAPI_HttpConnect]) Return TrueEndFunc ;==>VT_Close; #FUNCTION# =============================================================================================; Name...........: VT; Syntax.........: VT(ByRef $aAPI, $Type, $sResource, $sAPIkey,$Comments="");VT($hVirusTotal, $fReport, '20c83c1c5d1289f177bc222d248dab261a62529b19352d7c0f965039168c0654',$APIkey);VT($hVirusTotal, $fScan, "C:\file.exe",$APIkey);VT($hVirusTotal, $fRescan, hex($bHash),$APIkey);VT($hVirusTotal, $uReport, "http://www.virustotal.com",$APIkey);VT($hVirusTotal, $uScan, "http://www.google.com",$APIkey);VT($hVirusTotal, $Comment, hex($bHash) ,$APIkey,"Hello Word | Hola Mundo"); Parameters....: $Resource - md5/sha1/sha256/scan_id | filename | Url | respectively for flag($Type); $APIkey - your API key.; $Comments - your Comments;Return.........; response format is a JSON object; #FUNCTION# =============================================================================================Func VT(ByRef $aAPI, $Type, $sResource, $sAPIkey,$Comments="") If $aAPI[$eAPI_HttpConnect] = -1 Then $aAPI = VT_Open() Select ;$fReport,$fScan,$fRescan,$uReport,$uScan,$Comment Case $Type = $fReport Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], 'POST', $tURL[$Type], Default, 'resource=' & $sResource & '&key=' & $sAPIkey) Case $Type = $fScan Local $sBoundary="--------Boundary" Local $sHeaders = "Content-Type: multipart/form-data; boundary=" & $sBoundary & @CRLF Local $sData = '' $sData &= "--" & $sBoundary & @CRLF $sData &= 'Content-Disposition: form-data; name="apikey"' & @CRLF & @CRLF & $sAPIkey & @CRLF $sData &= "--" & $sBoundary & @CRLF $sData &= __WinHttpFileContent("", "file", $sResource,$sBoundary) $sData &= "--" & $sBoundary & "--" & @CRLF Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], "POST", $tURL[$Type], Default, StringToBinary($sData,0), $sHeaders) Case $Type = $fRescan Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], "POST", "/vtapi/v2/file/rescan", Default, "resource=" & $sResource &"&key=" & $sAPIkey) Case $Type = $uReport Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], 'POST', $tURL[$Type], Default, 'resource=' & $sResource & '&key=' & $sAPIkey) Case $Type = $uScan Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], 'POST', $tURL[$Type], Default, 'url=' & $sResource & '&key=' & $sAPIkey) Case $Type = $Comment return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], "POST", "/vtapi/v2/comments/put", Default, "resource=" & $sResource & _ "&comment=" & $Comments & "&key=" & $sAPIkey) Case Else SetError(3)EndSelectEndFunc ;==>VT
