Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(scoop-virustotal): Migrate to VirusTotal API v3 #4983

Merged
merged 30 commits into from
Jun 15, 2022
Merged

feat(scoop-virustotal): Migrate to VirusTotal API v3 #4983

Changes from 1 commit
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
37f448b
feat(scoop-virustotal): migrate to virustotal api v3, improve flows, …
Jun 10, 2022
94bacbc
remove unused codes
Jun 11, 2022
bc6fa8c
fix bug
Jun 11, 2022
8a497fa
adjust output
Jun 11, 2022
5f5eb32
fix
Jun 11, 2022
81e759e
fix output
Jun 11, 2022
1a40167
Adjust output
Jun 12, 2022
8737f9e
show vendors directly if malicious/suspicious != 0
Jun 12, 2022
e4207f4
adjust output
Jun 13, 2022
e3249ed
fix for some rare cases
Jun 13, 2022
301c7e9
add '--passthru' parameter
Jun 13, 2022
a925252
feat(scoop-virustotal): migrate to virustotal api v3, improve flows, …
Jun 10, 2022
aa830bd
remove unused codes
Jun 11, 2022
331f134
fix bug
Jun 11, 2022
20d5f47
adjust output
Jun 11, 2022
5a20a6c
fix
Jun 11, 2022
1fc1cbb
fix output
Jun 11, 2022
9d9fc9c
Adjust output
Jun 12, 2022
36d5ce3
show vendors directly if malicious/suspicious != 0
Jun 12, 2022
152f21a
adjust output
Jun 13, 2022
dd797d6
fix for some rare cases
Jun 13, 2022
08e81c7
add '--passthru' parameter
Jun 13, 2022
3b293df
Merge branch 'virustotal' of https://github.com/ClassicDarkChocolate/…
Jun 13, 2022
3bdd4f5
add '-p' parameter
Jun 13, 2022
c60558d
fix special cases
Jun 14, 2022
92e481c
fix help message
ClassicDarkChocolate Jun 14, 2022
1d05ea3
add API Key hint
ClassicDarkChocolate Jun 14, 2022
593a968
Merge branch 'develop' into virustotal
ClassicDarkChocolate Jun 14, 2022
0d88679
update changelog
Jun 14, 2022
6ced2c3
fix case
Jun 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Adjust output
  • Loading branch information
ClassicDarkChocolate committed Jun 13, 2022
commit 9d9fc9cd1cd73fc348275728d953245bf03b1dad
58 changes: 29 additions & 29 deletions libexec/scoop-virustotal.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ $architecture = ensure_architecture ($opt.a + $opt.arch)

if (is_scoop_outdated) {
if ($opt.u -or $opt.'no-update-scoop') {
warn 'Scoop is out of date.'
Write-Warning 'Scoop is out of date.'
} else {
scoop update
}
Expand Down Expand Up @@ -109,18 +109,16 @@ Function Get-VirusTotalResultByHash ($hash, $app) {
[int]$undetected = json_path $stats '$.undetected'
[int]$unsafe = $malicious + $suspicious
[int]$total = $unsafe + $undetected
$fileSize = ([System.Convert]::ToDouble((json_path $result '$.data.attributes.size')) / 1048576)
$report_url = "https://www.virustotal.com/gui/file/$hash"
if ($total -eq 0) {
Write-Information "INFO : $app`: Analysis is in progress."
Write-Information "INFO : $app`: Analysis in progress." -InformationAction 'Continue'
[PSCustomObject] @{
'App.Name' = $app
'App.Hash' = $hash
FileReport = $report_url
Malicious = $null
Suspicious = $null
Timeout = $null
Undetected = $null
UrlReport = $null
'App.Name' = $app
'App.Hash' = $hash
'App.Size (MB)' = $fileSize.ToString('0.00')
FileReport = $report_url
UrlReport = $null
}
} else {
switch ($unsafe) {
Expand All @@ -138,14 +136,15 @@ Function Get-VirusTotalResultByHash ($hash, $app) {
}
}
[PSCustomObject] @{
'App.Name' = $app
'App.Hash' = $hash
FileReport = $report_url
Malicious = $malicious
Suspicious = $suspicious
Timeout = $timeout
Undetected = $undetected
UrlReport = $null
'App.Name' = $app
'App.Hash' = $hash
'App.Size (MB)' = $fileSize.ToString('0.00')
FileReport = $report_url
Malicious = $malicious
Suspicious = $suspicious
Timeout = $timeout
Undetected = $undetected
UrlReport = $null
}
}
if ($unsafe -gt 0) {
Expand All @@ -170,11 +169,8 @@ Function Get-VirusTotalResultByUrl ($url, $app) {
Write-Warning "$app`: Manual file upload is required (instead of url submission)."
[PSCustomObject] @{
'App.Name' = $app
'App.Hash' = $null
FileReport = $null
Malicious = $null
Suspicious = $null
Timeout = $null
Undetected = $null
UrlReport = $url_report_url
}
} else {
Expand All @@ -183,10 +179,6 @@ Function Get-VirusTotalResultByUrl ($url, $app) {
'App.Name' = $app
'App.Hash' = $hash
FileReport = $null
Malicious = $null
Suspicious = $null
Timeout = $null
Undetected = $null
UrlReport = $url_report_url
}
}
Expand All @@ -204,7 +196,7 @@ Function Get-VirusTotalResultByUrl ($url, $app) {
# overflow) if the submission keeps failing.
Function Submit-ToVirusTotal ($url, $app, $do_scan, $retrying = $False) {
if (!$do_scan) {
warn "$app`: not found`: you can manually submit $url"
Write-Warning "$app`: not found`: you can manually submit $url"
return
}

Expand All @@ -228,6 +220,12 @@ Function Submit-ToVirusTotal ($url, $app, $do_scan, $retrying = $False) {
Write-Information "INFO : $app`: Remote file size: $($fileSize.ToString('0.00 MB')). Large files might require manual file upload instead of url submission." -InformationAction 'Continue'
}
Write-Information "INFO : $app`: Analysis in progress." -InformationAction 'Continue'
[PSCustomObject] @{
'App.Name' = $app
'App.Size (MB)' = $fileSize.ToString('0.00')
FileReport = $null
UrlReport = $url_report_url
}
return
}

Expand Down Expand Up @@ -286,7 +284,8 @@ $reports = $apps | ForEach-Object {
Write-Warning "$app`: File report not found. Will search by url instead."
} else {
if ($_.Exception.Response.StatusCode -in 204, 429) {
abort "$app`: VirusTotal request failed`: $($_.Exception.Message)", $exit_code
Write-Error "$app`: VirusTotal request failed`: $($_.Exception.Message)"
exit $exit_code
}
Write-Warning "$app`: VirusTotal request failed`: $($_.Exception.Message)"
return
Expand All @@ -310,7 +309,8 @@ $reports = $apps | ForEach-Object {
Submit-ToVirusTotal $url $app ($opt.scan -or $opt.s)
} else {
if ($_.Exception.Response.StatusCode -in 204, 429) {
abort "$app`: VirusTotal request failed`: $($_.Exception.Message)", $exit_code
Write-Error "$app`: VirusTotal request failed`: $($_.Exception.Message)"
exit $exit_code
}
Write-Warning "$app`: VirusTotal request failed`: $($_.Exception.Message)"
return
Expand Down