def batch_query_bit9(new_hash_list): data = {} # : Break list into 1000 unit chunks for Bit9 bit9_batch_hash_list = list(split_seq(new_hash_list, 1000)) for thousand_hashes in bit9_batch_hash_list: result = bit9.lookup_hashinfo(thousand_hashes) if result['response_code'] == 200 and result['results']['hashinfos']: for hash_info in result['results']['hashinfos']: if hash_info['isfound']: data['md5'] = hash_info['fileinfo']['md5'].upper() else: data['md5'] = hash_info['requestmd5'].upper() hash_info['timestamp'] = r.now() # datetime.utcnow() data['Bit9'] = hash_info db_insert(data) data.clear() elif result['response_code'] == 404: for new_hash in new_hash_list: data = { 'md5': new_hash.upper(), 'Bit9': { 'timestamp': r.now(), # datetime.utcnow(), 'isfound': False, 'requestmd5': new_hash.upper() } } db_insert(data) data.clear()
def batch_query_bit9(new_hash_list): data = {} # : Break list into 1000 unit chunks for Bit9 bit9_batch_hash_list = list(split_seq(new_hash_list, 1000)) for thousand_hashes in bit9_batch_hash_list: result = bit9.lookup_hashinfo(thousand_hashes) if result['response_code'] == 200 and result['results']['hashinfos']: for hash_info in result['results']['hashinfos']: if hash_info['isfound']: data['md5'] = hash_info['fileinfo']['md5'].upper() else: data['md5'] = hash_info['requestmd5'].upper() hash_info['timestamp'] = r.now() # datetime.utcnow() data['Bit9'] = hash_info db_insert(data) data.clear() elif result['response_code'] == 404: for new_hash in new_hash_list: data = {'md5': new_hash.upper(), 'Bit9': {'timestamp': r.now(), # datetime.utcnow(), 'isfound': False, 'requestmd5': new_hash.upper()} } db_insert(data) data.clear()
def batch_query_virustotal(new_hash_list): data = {} #: Break list into 25 unit chuncks for VirusTotal vt_batch_hash_list = list(split_seq(new_hash_list, 25)) for twentyfive_hashes in vt_batch_hash_list: response = vt.get_file_report(list_to_string(twentyfive_hashes)) if hasattr(response, 'error'): flash(response['error']) else: vt_results = response['results'] for result in vt_results: if result['response_code']: # print "Evilness: %d" % result['positives'] data['md5'] = result['md5'].upper() else: data['md5'] = result['resource'].upper() result['timestamp'] = r.now() # datetime.utcnow() data['VirusTotal'] = result db_insert(data) data.clear()