def run(self): while True: md5 = self.tasks.get() if md5: self.md5 = md5 resp, error = Req().request(self.app.config['malware.lu']['apiurl'] + '/download', { 'hash': self.md5, 'apikey': self.app.config['malware.lu']['apikey'] }) if not error: resp.save(self.app.downloads, progressfn = self.process, postfix = '.part') self.done()
def searchOnVT(self, text): ret = {} resp, error = Req().request(self.app.config['googlesearch'] % quote('site:virustotal.com "%s"' % text)) if not error: for item in re.findall(r'<li class="g">.*?</li>', resp.read()): url, date = item.split('</h3>') date = re.search(r'(\d{1,2}\s+\w{3}\s+\d{2,4})|(\d)\s+days?\s+ago', date, re.I) url = re.search(r'resource=([a-f0-9]{32,})|file/([a-f0-9]{32,})|scan/([a-f0-9]{32,})|analisis/([a-f0-9]{32,})', unquote(url), re.I) if url and date: url = filter(lambda u: u != None, url.groups())[0].lower() if not ret.has_key(url): ret[url] = self.__dateFormat(date.groups()) items = [i[0] for i in sorted(ret.iteritems(), key = operator.itemgetter(1))[::-1]][:self.app.config['googlemaxresults']] return (self.searchInDB(items), resp.response.code) else: return ('Unable to connect to www.google.com. ' + error, 503)
def updatedb(self): print 'Trying to update database of samples' r = Req() head, error = r.request(self.dburl, head = True) if not error: size = int(head.header('Content-length', '0')) if size == self.dbfilesize: print 'Already updated' else: if self.dbfilesize: size = size - self.dbfilesize - 2 r['Range'] = 'bytes=%d-%d' % (0, size) resp, error = r.request(self.dburl) if not error: print 'Complete' if resp.saveRange(self.dbfilepath, end = False, progressfn = self.__updateprogress) else 'Fail' else: raise Exception(error) else: raise Exception('Unable to connect to www.malware.lu. Error: ' + error)
def __readJSON(self, url, data = {}): resp, error = Req().request(url, data) if not error: data = resp.read() return (json.loads(data) if self.parseJSON else data, resp.response.code) return (error, 503)