def batch_query_bit9(new_hash_list):
data = {}
# : Break list into 1000 unit chunks for Bit9
bit9_batch_hash_list = list(split_seq(new_hash_list, 1000))
for thousand_hashes in bit9_batch_hash_list:
result = bit9.lookup_hashinfo(thousand_hashes)
if result['response_code'] == 200 and result['results']['hashinfos']:
for hash_info in result['results']['hashinfos']:
if hash_info['isfound']:
data['md5'] = hash_info['fileinfo']['md5'].upper()
else:
data['md5'] = hash_info['requestmd5'].upper()
hash_info['timestamp'] = r.now() # datetime.utcnow()
data['Bit9'] = hash_info
db_insert(data)
data.clear()
elif result['response_code'] == 404:
for new_hash in new_hash_list:
data = {
'md5': new_hash.upper(),
'Bit9': {
'timestamp': r.now(), # datetime.utcnow(),
'isfound': False,
'requestmd5': new_hash.upper()
}
}
db_insert(data)
data.clear()
def batch_query_bit9(new_hash_list):
data = {}
# : Break list into 1000 unit chunks for Bit9
bit9_batch_hash_list = list(split_seq(new_hash_list, 1000))
for thousand_hashes in bit9_batch_hash_list:
result = bit9.lookup_hashinfo(thousand_hashes)
if result['response_code'] == 200 and result['results']['hashinfos']:
for hash_info in result['results']['hashinfos']:
if hash_info['isfound']:
data['md5'] = hash_info['fileinfo']['md5'].upper()
else:
data['md5'] = hash_info['requestmd5'].upper()
hash_info['timestamp'] = r.now() # datetime.utcnow()
data['Bit9'] = hash_info
db_insert(data)
data.clear()
elif result['response_code'] == 404:
for new_hash in new_hash_list:
data = {'md5': new_hash.upper(),
'Bit9': {'timestamp': r.now(), # datetime.utcnow(),
'isfound': False,
'requestmd5': new_hash.upper()}
}
db_insert(data)
data.clear()
def batch_query_virustotal(new_hash_list):
data = {}
#: Break list into 25 unit chuncks for VirusTotal
vt_batch_hash_list = list(split_seq(new_hash_list, 25))
for twentyfive_hashes in vt_batch_hash_list:
response = vt.get_file_report(list_to_string(twentyfive_hashes))
if hasattr(response, 'error'):
flash(response['error'])
else:
vt_results = response['results']
for result in vt_results:
if result['response_code']:
# print "Evilness: %d" % result['positives']
data['md5'] = result['md5'].upper()
else:
data['md5'] = result['resource'].upper()
result['timestamp'] = r.now() # datetime.utcnow()
data['VirusTotal'] = result
db_insert(data)
data.clear()
def batch_query_virustotal(new_hash_list):
data = {}
#: Break list into 25 unit chuncks for VirusTotal
vt_batch_hash_list = list(split_seq(new_hash_list, 25))
for twentyfive_hashes in vt_batch_hash_list:
response = vt.get_file_report(list_to_string(twentyfive_hashes))
if hasattr(response, 'error'):
flash(response['error'])
else:
vt_results = response['results']
for result in vt_results:
if result['response_code']:
# print "Evilness: %d" % result['positives']
data['md5'] = result['md5'].upper()
else:
data['md5'] = result['resource'].upper()
result['timestamp'] = r.now() # datetime.utcnow()
data['VirusTotal'] = result
db_insert(data)
data.clear()
