Jump to content

VirusTotal API 2.0 UDF


Danyfirex
 Share

Recommended Posts

  • 8 months later...

I'm not thinking in improve it. If You want to improve it. the door is open. :)

Saludos

Link to comment
Share on other sites

  • 6 months later...
  • 3 weeks later...

Hi Danyfirex,

i am really new to Autoit,

i need to use your script for scanning exe in VT.

care to explain i can i use your script?

​Look the code I've left in the post here. the $fScan flag is what you need.

Sorry for a late reply the notifications does not notificate me till today :S

Saludos

Link to comment
Share on other sites

  • 1 year later...
8 minutes ago, cu0x said:

Hello Guys,

 

does someone know how to get a  Virus total API key

I do a lot of stuff with AutoIT and need to automate the commits for False-Positives... Thanks a lot!

check here.

 

Saludos

Link to comment
Share on other sites

On 13.5.2013 at 6:17 AM, Danyfirex said:

Hi mates, well this is my first contribution. a simple UDF to use Virustotal API v2.0 The response return is not parsed|splitted. requires >WinHttp UDF

Functions List:

 

Update:
 
Now a Only Function using a flags for respective mode.
 
VT() Use respective flag($Type)
VT(ByRef $aAPI, $Type, $sResource, $sAPIkey,$Comments="")
flags($Type)
$fReport = retrieve a scan report on a given file
$fScan   = submit a file for Scanning
$fRescan = Rescan files in VirusTotal's file store
$uReport = retrieve a scan report on a given URL
$uScan   = submit a URL for Scanning
$Comment = Make a commnet on files and URLs
 
 
Example:
 
 
#include <Crypt.au3>
#include "VT.au3"

Example()

Func Example()

    _Crypt_Startup()
    Local $sFilePath = @WindowsDir & "\Explorer.exe" 

    Local $bHash = _Crypt_HashFile($sFilePath, $CALG_MD5)
   _Crypt_Shutdown()
    Local $hVirusTotal = VT_Open()
    Local $APIkey='Your API key'
    ConsoleWrite(VT($hVirusTotal, $fReport, '20c83c1c5d1289f177bc222d248dab261a62529b19352d7c0f965039168c0654',$APIkey) & @CRLF)
    ConsoleWrite(VT($hVirusTotal, $fScan, $sFilePath,$APIkey) & @CRLF)
    ConsoleWrite(VT($hVirusTotal, $fRescan, hex($bHash),$APIkey) & @CRLF)
    ConsoleWrite(VT($hVirusTotal, $uReport, "http://www.virustotal.com",$APIkey) & @CRLF)
    ConsoleWrite(VT($hVirusTotal, $uScan, "http://www.google.com",$APIkey) & @CRLF)
    ConsoleWrite(VT($hVirusTotal, $Comment, hex($bHash) ,$APIkey,"Hello Word | Hola Mundo") & @CRLF)
    VT_Close($hVirusTotal) ;
EndFunc   ;==>Example

Saludos

Hi I reveice an empty string while $hVirusTotal = VT_Open(), do you know why?
 
 
 
 

VT.au3

 

Link to comment
Share on other sites

  • 1 year later...

okay, it looks like its not only exe files, but all bigger files, I was able to send about 6MB txt file, bet when it got to around 7.5mb got response 0. It's strange because according to VirusTotal, you can send files up to 32MB :/

Edited by Flax
Link to comment
Share on other sites

  • 1 year later...

If you have problems with uploading larger files, you need to increase http timeouts.

Change VT_Open() function to this:
 

; #FUNCTION# =============================================================================================
; Name...........: VT_Open
; Description ...: Initialize and get session handle & connection handle
; Syntax.........: VT_Open()
; guinness
; #FUNCTION# =============================================================================================
Func VT_Open()
    Local $aAPI[2] = [0, 0]
    $aAPI[$eAPI_HttpOpen] = _WinHttpOpen()
    If @error Then $aAPI[$eAPI_HttpOpen] = -1
    _WinHttpSetTimeouts($aAPI[$eAPI_HttpOpen], 9900, 60000, 31000, 90000)
    $aAPI[$eAPI_HttpConnect] = _WinHttpConnect($aAPI[$eAPI_HttpOpen], $__sVirusTotal_Page)
    If @error Then $aAPI[$eAPI_HttpConnect] = -1
    Return $aAPI
EndFunc   ;==>VT_Open

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...