Jump to content

VirusTotal API 2.0 UDF

Danyfirex

By Danyfirex
in AutoIt Example Scripts

 Share

Recommended Posts

Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted

@storme what do you mean? I can't understand...

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

  • Replies 51
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Danyfirex
Danyfirex

Hi mates, well this is my first contribution. a simple UDF to use Virustotal API v2.0 The response return is not parsed|splitted. requires >WinHttp UDF Functions List:   Update:   Now a Only Fu

guinness
guinness

A nice idea and UDF. May I provide some suggestions? ; Firstly, Global variables should be at the top a script and not in a function. ; Secondly, how about removing Global variables and doing someth

guinness
guinness

Awesome, you went with my design. Thanks for that.

guinness Universalist

guinness

Posted
Posted

Do you have a valid API key storme?

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

storme Universalist

storme

Posted
Posted

Do you have a valid API key storme?

Yep I've been singed up for quite a while.

Just couldn't work out the json stuff or I would have had a VT UDF out ages ago. :)

Also I wouldn't be able to get any results without a working key. :)

Some of my small contributions to AutoIt Browse for Folder Dialog - Automation SysTreeView32 | FileHippo Download and/or retrieve program information | Get installedpath from uninstall key in registry | RoboCopy function John Morrison aka Storm-E

storme Universalist

storme

Posted
Posted

@storme what do you mean? I can't understand...

If you have a look at the code I've got consolewrites and colons : around the VT interactions.

ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    ConsoleWrite(":" & VT($hVirusTotal, $fScan, $sFileName,$sVirusTotalAPIkey) & ":" & @CRLF)
    ConsoleWrite("@error = " & @error & @cr)
    ConsoleWrite("----------------------------------------------------------------------------------" & @cr)

According to the web site Link it should return something like this

 

:{"response_code": 1,

"verbose_msg": "Scan request successfully queued, come back later for the report",

"resource": "999f7d93aa3d4a1a94cccfb4ea96bc2e28fd48020a481aa2dc7e215f3ce27bc0",

"scan_id": "999f7d93aa3d4a1a94cccfb4ea96bc2e28fd48020a481aa2dc7e215f3ce27bc0-1324376258",

"permalink": "https://www.virustotal.com/file/999f7d93aa3d4a1a94cccfb4ea96bc2e28fd48020a481aa2dc7e215f3ce27bc0/analysis/1324376258/",

"sha256": "999f7d93aa3d4a1a94cccfb4ea96bc2e28fd48020a481aa2dc7e215f3ce27bc0",

"sha1": "2cc875bca8030d745adfd14388b8c001471c2474",

"md5": "4a00e1a3a14e4fec6f2b353b4f20bb73"}:

@error = 0

But we are getting nothing...and the @error is indicating everything is OK

::

@error = 0

The VT response should be between the ::

Some of my small contributions to AutoIt Browse for Folder Dialog - Automation SysTreeView32 | FileHippo Download and/or retrieve program information | Get installedpath from uninstall key in registry | RoboCopy function John Morrison aka Storm-E

Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted

@storme now I understand, for that I recommend you use some http debugger to see if the request is completed. Because for me is working, I've tried with many files.

saludos

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

guinness Universalist

guinness

Posted
Posted

Also I wouldn't be able to get any results without a working key.  :)

I though your problem was you weren't getting any results?

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

storme Universalist

storme

Posted
Posted

I though your problem was you weren't getting any results?

If the file has been scanned/loaded onto VT and I request the results it works perfectly.

 

The problem is the initial listing/upload/scan of a file.

It's supposed to return a report indicating that the file has been received.

Currently on "some" files I get nothing back from VT.(I'll have to check that as I've done so many runs I'm not sure any more...)

Looks like I'll have to do some debugging and add some error checking to the UDF to see if I can determine if it's getting there and not returning or never leaving the computer....sigh

Some of my small contributions to AutoIt Browse for Folder Dialog - Automation SysTreeView32 | FileHippo Download and/or retrieve program information | Get installedpath from uninstall key in registry | RoboCopy function John Morrison aka Storm-E

storme Universalist

storme

Posted
Posted

@storme now I understand, for that I recommend you use some http debugger to see if the request is completed. Because for me is working, I've tried with many files.

 

saludos

Could you post what you get back from a "new" submission? (i.e. VT($hVirusTotal, $fScan, $sFileName,$sVirusTotalAPIkey))

So I know what to expect back.

Some of my small contributions to AutoIt Browse for Folder Dialog - Automation SysTreeView32 | FileHippo Download and/or retrieve program information | Get installedpath from uninstall key in registry | RoboCopy function John Morrison aka Storm-E

Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted

Could you post what you get back from a "new" submission? (i.e. VT($hVirusTotal, $fScan, $sFileName,$sVirusTotalAPIkey))

So I know what to expect back.

 

You should get this: 

:{"scan_id": "c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a-1371648640", "sha1": "01fc1499d986a1593f51a40d8f4294b5b69e83d9", "resource": "c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a", "response_code": 1, "sha256": "c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a", "permalink": "https://www.virustotal.com/file/c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a/analysis/1371648640/", "md5": "e0efdfe49b64cf7c2fc191c969d2d29d", "verbose_msg": "Scan request successfully queued, come back later for the report"}:

 

saludos

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

storme Universalist

storme

Posted
Posted

That's what I thought I should be getting.

OK now I know what's supposed to be returned I'll start pulling things apart and see what I can find that isn't working or working too well....

Thanks!

John

Some of my small contributions to AutoIt Browse for Folder Dialog - Automation SysTreeView32 | FileHippo Download and/or retrieve program information | Get installedpath from uninstall key in registry | RoboCopy function John Morrison aka Storm-E

Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted

Hello,

nobody can help me?

proxy with a password?

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted

Hello,

yes a proxy with an user and password.

that is not VT's purpose. but You can use this 

saludos

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

  • 8 months later...
luger Wayfarer

luger

Posted
Posted (edited)

Hello,

I do not know english well. x64 file submit not working? The code used and the results:

$result=VT($hVirusTotal, $fScan, $sFilePath,$APIkey) & @CRLF)
MsgBox(0, "", $result) //-->$result=0

What do you think?

Edited by luger
Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted

@luger do you mean Runing your script under x64 or really sending a x64 file?

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

luger Wayfarer

luger

Posted
Posted (edited)

@Danyfirex:

My script is running on win 7 x64 systems. I want to send the x64 file to virus total.

I'm sorry if I misunderstood your question

Edited by luger
Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted (edited)

mmm Really the UDF was created over Windows 7 x86. I remember a day when a was playing with the Winhttp UDF, and get some error over x64. I think the problem is into Winhttp UDF. So as soon I'll be over Windows x64 at my work I'll try to see where the problem is...

 

Are you compiling Your Script as x64 or x86?

Saludos

Edited by Danyfirex

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

Danyfirex Universalist

Danyfirex

Posted
  • Author
Posted

@luger try to upload another file. create a txt file with some random caracters and tell me if it works.

 

Saludos

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...