def run(self):
while True:
md5 = self.tasks.get()
if md5:
self.md5 = md5
resp, error = Req().request(self.app.config['malware.lu']['apiurl'] + '/download', {
'hash': self.md5,
'apikey': self.app.config['malware.lu']['apikey']
})
if not error:
resp.save(self.app.downloads, progressfn = self.process, postfix = '.part')
self.done()
def searchOnVT(self, text):
ret = {}
resp, error = Req().request(self.app.config['googlesearch'] % quote('site:virustotal.com "%s"' % text))
if not error:
for item in re.findall(r'<li class="g">.*?</li>', resp.read()):
url, date = item.split('</h3>')
date = re.search(r'(\d{1,2}\s+\w{3}\s+\d{2,4})|(\d)\s+days?\s+ago', date, re.I)
url = re.search(r'resource=([a-f0-9]{32,})|file/([a-f0-9]{32,})|scan/([a-f0-9]{32,})|analisis/([a-f0-9]{32,})', unquote(url), re.I)
if url and date:
url = filter(lambda u: u != None, url.groups())[0].lower()
if not ret.has_key(url):
ret[url] = self.__dateFormat(date.groups())
items = [i[0] for i in sorted(ret.iteritems(), key = operator.itemgetter(1))[::-1]][:self.app.config['googlemaxresults']]
return (self.searchInDB(items), resp.response.code)
else:
return ('Unable to connect to www.google.com. ' + error, 503)
def updatedb(self):
print 'Trying to update database of samples'
r = Req()
head, error = r.request(self.dburl, head = True)
if not error:
size = int(head.header('Content-length', '0'))
if size == self.dbfilesize:
print 'Already updated'
else:
if self.dbfilesize:
size = size - self.dbfilesize - 2
r['Range'] = 'bytes=%d-%d' % (0, size)
resp, error = r.request(self.dburl)
if not error:
print 'Complete' if resp.saveRange(self.dbfilepath, end = False, progressfn = self.__updateprogress) else 'Fail'
else:
raise Exception(error)
else:
raise Exception('Unable to connect to www.malware.lu. Error: ' + error)
def __readJSON(self, url, data = {}):
resp, error = Req().request(url, data)
if not error:
data = resp.read()
return (json.loads(data) if self.parseJSON else data, resp.response.code)
return (error, 503)
