def get_av_result(file_id): #buscar si ya existe mdc=MetaController() analysis_result=mdc.search_av_analysis(file_id) if analysis_result==None: print("Buscando analysis de %s en VT" % file_id) analysis_result=get_vt_av_result(file_id) #guardar en la base de datos if(analysis_result==None): return None mdc.save_av_analysis(file_id,analysis_result) scans=analysis_result.get("scans") for s in scans: av_name=s.get("name") if(av_name=="ESET-NOD32" or av_name=="NOD32" or av_name=="NOD32v2"): type=s.get("result") positives=analysis_result.get("positives") total=analysis_result.get("total") return (type,positives,total) return None
def get_av_result(file_id): mdc = MetaController() analysis_result = mdc.search_av_analysis(file_id) #analysis_result = None #while we test VT function if analysis_result == None: print("Searching analysis of %s in VT" % file_id) analysis_result = parse_vt_response(get_vt_av_result(file_id)) # Save in mongo if (analysis_result == None): return None mdc.save_av_analysis(file_id, analysis_result) scans = analysis_result.get("scans") for s in scans: av_name = s.get("name") if (av_name == "ESET-NOD32" or av_name == "NOD32" or av_name == "NOD32v2"): type = s.get("result") positives = analysis_result.get("positives") total = analysis_result.get("total") return (type, positives, total) return None
def get_av_result(file_id,priority="low"): if not valid_hash(file_id): raise ValueError("Invalid hash") mdc=MetaController() analysis_result=mdc.search_av_analysis(file_id) added=False status = None if analysis_result==None: logging.info("Searching analysis of %s in VT" % file_id) vt_av_result = get_vt_av_result(file_id,priority) status = vt_av_result.get('status') if vt_av_result.get('status') == "ok": vt_av_result_response = vt_av_result.get('response') analysis_result=parse_vt_response(vt_av_result_response) # Save in mongo if(analysis_result is not None): logging.info( "saving vt av from "+str(file_id)+ " in mongo") mdc.save_av_analysis(file_id,analysis_result) status = "added" elif vt_av_result.get('status') == "error": return {"scans": None, "hash": file_id, "status": "error", "error_message": vt_av_result.get('error_message')} else: status = "already_had_it" if analysis_result is not None: scans=analysis_result.get("scans") positives = analysis_result.get('positives') total = analysis_result.get('total') else: positives = 0 total = 0 scans = None response = {"scans": scans, "positives": positives, "total": total, "hash": file_id, "status": status} return response
def get_av_result(file_id, priority="low"): if not valid_hash(file_id): raise ValueError("Invalid hash") mdc = MetaController() analysis_result = mdc.search_av_analysis(file_id) added = False status = None if analysis_result is None: logging.info("Searching analysis of %s in VT" % file_id) vt_av_result = get_vt_av_result(file_id, priority) status = vt_av_result.get('status') if vt_av_result.get('status') == "ok": vt_av_result_response = vt_av_result.get('response') analysis_result = parse_vt_response(vt_av_result_response) # Save in mongo if(analysis_result is not None): logging.info("saving vt av from " + str(file_id) + " in mongo") mdc.save_av_analysis(file_id, analysis_result) status = "added" elif vt_av_result.get('status') == "error": return {"scans": None, "hash": file_id, "status": "error", "error_message": vt_av_result.get('error_message')} else: status = "already_had_it" if analysis_result is not None: scans = analysis_result.get("scans") positives = analysis_result.get('positives') total = analysis_result.get('total') else: positives = 0 total = 0 scans = None response = {"scans": scans, "positives": positives, "total": total, "hash": file_id, "status": status} return response