コード例 #1
0
ファイル: utils.py プロジェクト: PaloAltoNetworks/pan-stix
def get_malware_subject_from_report(**kwargs):
    hash = kwargs.get('hash', None)

    if 'report' in kwargs:
        if hasattr(kwargs['report'], 'read'):
            report = lxml.etree.parse(kwargs['report']).getroot()
        else:
            f = open(kwargs['report'], 'rb')
            report = lxml.etree.parse(f).getroot()
            f.close()
        if hash is None:
            hash = report.xpath('file_info/sha256/text()')
            if len(hash) != 0:
                hash = hash[0].strip()
            else:
                hash = None
    elif 'hash' in kwargs and \
         'tag' in kwargs:
        import pan.wfapi

        # retrieve wildfire report
        wfapi = pan.wfapi.PanWFapi(tag=kwargs['tag'])
        wfapi.report(hash=kwargs['hash'])
        if (wfapi.response_body is None):
            raise PanWfReportError('no report from wildfire')

        report = lxml.etree.fromstring(wfapi.response_body.encode('utf-8'))
    else:
        raise PanWfReportError(
            'wrong set of arguments to get_malware_subject_from_report'
        )

    if report.tag != 'wildfire':
        raise PanWfReportError('invalid root tag in wildfire report: %s' %
                               report.tag)

    if 'pcap' in kwargs:
        p = kwargs['pcap']
        if p == 'network':
            if 'tag' not in kwargs:
                raise PanWfReportError('pcap from network, '
                                       'but no tag specified')
            pcap = __get_wfpcap_network_funcgenerator(kwargs['tag'], hash)
        elif isinstance(p, basestring):
            pcap = __get_wfpcap_file_funcgenerator(p, hash)
        else:
            pcap = None
    else:
        pcap = None

    return __create_malware_subject_from_report(
        report,
        pcap=pcap,
        evidence=kwargs.get('evidence', None)
    )
コード例 #2
0
ファイル: utils.py プロジェクト: niemesrw/pan-stix
def get_malware_subject_from_report(**kwargs):
    hash = kwargs.get('hash', None)

    if 'report' in kwargs:
        if hasattr(kwargs['report'], 'read'):
            report = lxml.etree.parse(kwargs['report']).getroot()
        else:
            f = open(kwargs['report'], 'rb')
            report = lxml.etree.parse(f).getroot()
            f.close()
        if hash is None:
            hash = report.xpath('file_info/sha256/text()')
            if len(hash) != 0:
                hash = hash[0].strip()
            else:
                hash = None
    elif 'hash' in kwargs and \
         'tag' in kwargs:
        import pan.wfapi

        # retrieve wildfire report
        wfapi = pan.wfapi.PanWFapi(tag=kwargs['tag'])
        wfapi.report(hash=kwargs['hash'])
        if (wfapi.response_body is None):
            raise PanWfReportError('no report from wildfire')

        report = lxml.etree.fromstring(wfapi.response_body.encode('utf-8'))
    else:
        raise PanWfReportError(
            'wrong set of arguments to get_malware_subject_from_report')

    if report.tag != 'wildfire':
        raise PanWfReportError('invalid root tag in wildfire report: %s' %
                               report.tag)

    if 'pcap' in kwargs:
        p = kwargs['pcap']
        if p == 'network':
            if 'tag' not in kwargs:
                raise PanWfReportError('pcap from network, '
                                       'but no tag specified')
            pcap = __get_wfpcap_network_funcgenerator(kwargs['tag'], hash)
        elif isinstance(p, basestring):
            pcap = __get_wfpcap_file_funcgenerator(p, hash)
        else:
            pcap = None
    else:
        pcap = None

    return __create_malware_subject_from_report(report,
                                                pcap=pcap,
                                                evidence=kwargs.get(
                                                    'evidence', None))
コード例 #3
0
ファイル: utils.py プロジェクト: giannidaprile/pan-stix
def get_malware_subject_from_report(**kwargs):
    hash = kwargs.get("hash", None)

    if "report" in kwargs:
        if hasattr(kwargs["report"], "read"):
            report = lxml.etree.parse(kwargs["report"]).getroot()
        else:
            f = open(kwargs["report"], "rb")
            report = lxml.etree.parse(f).getroot()
            f.close()
        if hash is None:
            hash = report.xpath("file_info/sha256/text()")
            if len(hash) != 0:
                hash = hash[0].strip()
            else:
                hash = None
    elif "hash" in kwargs and "tag" in kwargs:
        import pan.wfapi

        # retrieve wildfire report
        wfapi = pan.wfapi.PanWFapi(tag=kwargs["tag"])
        wfapi.report(hash=kwargs["hash"])
        if wfapi.response_body is None:
            raise PanWfReportError("no report from wildfire")

        report = lxml.etree.fromstring(wfapi.response_body.encode("utf-8"))
    else:
        raise PanWfReportError("wrong set of arguments to get_malware_subject_from_report")

    if report.tag != "wildfire":
        raise PanWfReportError("invalid root tag in wildfire report: %s" % report.tag)

    if "pcap" in kwargs:
        p = kwargs["pcap"]
        if p == "network":
            if "tag" not in kwargs:
                raise PanWfReportError("pcap from network, " "but no tag specified")
            pcap = __get_wfpcap_network_funcgenerator(kwargs["tag"], hash)
        elif isinstance(p, basestring):
            pcap = __get_wfpcap_file_funcgenerator(p, hash)
        else:
            pcap = None
    else:
        pcap = None

    return __create_malware_subject_from_report(report, pcap=pcap, evidence=kwargs.get("evidence", None))
コード例 #4
0
ファイル: panwfapi.py プロジェクト: kyilmaz80/paloalto
def main():
    try:
        signal.signal(signal.SIGPIPE, signal.SIG_DFL)
    except AttributeError:
        # Windows
        pass

#    set_encoding()
    options = parse_opts()

    if options['debug']:
        logger = logging.getLogger()
        if options['debug'] == 3:
            logger.setLevel(pan.wfapi.DEBUG3)
        elif options['debug'] == 2:
            logger.setLevel(pan.wfapi.DEBUG2)
        elif options['debug'] == 1:
            logger.setLevel(pan.wfapi.DEBUG1)

#        log_format = '%(levelname)s %(name)s %(message)s'
        log_format = '%(message)s'
        handler = logging.StreamHandler()
        formatter = logging.Formatter(log_format)
        handler.setFormatter(formatter)
        logger.addHandler(handler)

    try:
        wfapi = pan.wfapi.PanWFapi(tag=options['tag'],
                                   api_key=options['api_key'],
                                   hostname=options['hostname'],
                                   timeout=options['timeout'],
                                   http=options['http'],
                                   cacloud=options['cacloud'],
                                   cafile=options['cafile'],
                                   capath=options['capath'])

    except pan.wfapi.PanWFapiError as msg:
        print('pan.wfapi.PanWFapi:', msg, file=sys.stderr)
        sys.exit(1)

    if options['debug'] > 2:
        print('wfapi.__str__()===>\n', wfapi, '\n<===',
              sep='', file=sys.stderr)

    try:
        hashes = process_hashes(options['hash'])

        if options['submit'] is not None:
            action = 'submit'
            kwargs = {}
            if os.path.isfile(options['submit']):
                kwargs['file'] = options['submit']
            else:
                o = urlparse(options['submit'])
                if options['debug']:
                    print(o, file=sys.stderr)
                if o.scheme == 'file':
                    if o.path and os.path.isfile(o.path):
                        kwargs['file'] = o.path
                    else:
                        print('Invalid URL: file not found:',
                              options['submit'], file=sys.stderr)
                        sys.exit(1)
                else:
                    if o.scheme in ['http', 'https', 'ftp']:
                        kwargs['url'] = options['submit']
                    else:
                        print('Invalid file or URL:',
                              options['submit'], file=sys.stderr)
                        sys.exit(1)

            wfapi.submit(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['submit-link'] is not None:
            action = 'submit'
            kwargs = {}
            kwargs['links'] = process_arg(options['submit-link'], list=True)

            wfapi.submit(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['change-request']:
            action = 'change-request'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]
            if options['new-verdict'] is not None:
                kwargs['verdict'] = process_verdict(options['new-verdict'])
            if options['email'] is not None:
                kwargs['email'] = options['email']
            if options['comment'] is not None:
                kwargs['comment'] = process_arg(options['comment'])

            wfapi.change_request(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['report']:
            action = 'report'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]
            if options['format'] is not None:
                kwargs['format'] = options['format']

            wfapi.report(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['verdict']:
            kwargs = {}
            if len(hashes) == 1:
                action = 'verdict'
                kwargs['hash'] = hashes[0]
                wfapi.verdict(**kwargs)
            elif len(hashes) > 1:
                action = 'verdicts'
                kwargs['hashes'] = hashes
                wfapi.verdicts(**kwargs)
            else:
                action = 'verdict'
                wfapi.verdict(**kwargs)

            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['sample']:
            action = 'sample'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]

            wfapi.sample(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['pcap']:
            action = 'pcap'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]
            if options['platform'] is not None:
                kwargs['platform'] = options['platform']

            wfapi.pcap(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['changed']:
            action = 'verdicts_changed'
            kwargs = {}
            if options['date'] is not None:
                kwargs['date'] = options['date']
                try:
                    x = int(options['date'])
                except ValueError:
                    pass
                else:
                    if x < 1:
                        d = date.today()
                        d = d - timedelta(-x)
                        kwargs['date'] = d.isoformat()
                        if options['debug']:
                            print('relative date(%d): %s' % (x, kwargs['date']),
                                  file=sys.stderr)

            wfapi.verdicts_changed(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['testfile']:
            action = 'testfile'

            wfapi.testfile()
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

    except pan.wfapi.PanWFapiError as msg:
        print_status(wfapi, action, msg)
        print_response(wfapi, options)
        sys.exit(1)

    sys.exit(0)
コード例 #5
0
ファイル: wfapi.py プロジェクト: kevinsteves/pan-python
        return bio.getvalue()


if __name__ == '__main__':
    # python -m pan.wfapi [tag] [sha256]
    import pan.wfapi

    tag = None
    sha256 = '5f31d8658a41aa138ada548b7fb2fc758219d40b557aaeab80681d314f739f92'

    if len(sys.argv) > 1 and sys.argv[1]:
        tag = sys.argv[1]
    if len(sys.argv) > 2:
        hash = sys.argv[2]

    try:
        wfapi = pan.wfapi.PanWFapi(tag=tag)
    except pan.wfapi.PanWFapiError as msg:
        print('pan.wfapi.PanWFapi:', msg, file=sys.stderr)
        sys.exit(1)

    try:
        wfapi.report(hash=sha256)

    except pan.wfapi.PanWFapiError as msg:
        print('report: %s' % msg, file=sys.stderr)
        sys.exit(1)

    if (wfapi.response_body is not None):
        print(wfapi.response_body)
コード例 #6
0
def main():
    try:
        signal.signal(signal.SIGPIPE, signal.SIG_DFL)
    except AttributeError:
        # Windows
        pass

#    set_encoding()
    options = parse_opts()

    if options['debug']:
        logger = logging.getLogger()
        if options['debug'] == 3:
            logger.setLevel(pan.wfapi.DEBUG3)
        elif options['debug'] == 2:
            logger.setLevel(pan.wfapi.DEBUG2)
        elif options['debug'] == 1:
            logger.setLevel(pan.wfapi.DEBUG1)

#        log_format = '%(levelname)s %(name)s %(message)s'
        log_format = '%(message)s'
        handler = logging.StreamHandler()
        formatter = logging.Formatter(log_format)
        handler.setFormatter(formatter)
        logger.addHandler(handler)

    if options['cafile'] or options['capath'] or options['ssl']:
        ssl_context = create_ssl_context(options['cafile'],
                                         options['capath'],
                                         options['ssl'])
    else:
        ssl_context = None

    try:
        wfapi = pan.wfapi.PanWFapi(tag=options['tag'],
                                   api_key=options['api_key'],
                                   hostname=options['hostname'],
                                   timeout=options['timeout'],
                                   http=options['http'],
                                   ssl_context=ssl_context)

    except pan.wfapi.PanWFapiError as msg:
        print('pan.wfapi.PanWFapi:', msg, file=sys.stderr)
        sys.exit(1)

    if options['debug'] > 2:
        print('wfapi.__str__()===>\n', wfapi, '\n<===',
              sep='', file=sys.stderr)

    try:
        hashes = process_hashes(options['hash'])

        if options['submit'] is not None:
            action = 'submit'
            kwargs = {}
            if os.path.isfile(options['submit']):
                kwargs['file'] = options['submit']
            else:
                o = urlparse(options['submit'])
                if options['debug']:
                    print(o, file=sys.stderr)
                if o.scheme == 'file':
                    if o.path and os.path.isfile(o.path):
                        kwargs['file'] = o.path
                    else:
                        print('Invalid URL: file not found:',
                              options['submit'], file=sys.stderr)
                        sys.exit(1)
                else:
                    if o.scheme in ['http', 'https', 'ftp']:
                        kwargs['url'] = options['submit']
                    else:
                        print('Invalid file or URL:',
                              options['submit'], file=sys.stderr)
                        sys.exit(1)

            wfapi.submit(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['submit-link'] is not None:
            action = 'submit'
            kwargs = {}
            kwargs['links'] = process_arg(options['submit-link'], list=True)

            wfapi.submit(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['change-request']:
            action = 'change-request'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]
            if options['new-verdict'] is not None:
                kwargs['verdict'] = process_verdict(options['new-verdict'])
            if options['email'] is not None:
                kwargs['email'] = options['email']
            if options['comment'] is not None:
                kwargs['comment'] = process_arg(options['comment'])

            wfapi.change_request(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['report']:
            action = 'report'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]
            if options['format'] is not None:
                kwargs['format'] = options['format']

            wfapi.report(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['verdict']:
            kwargs = {}
            if len(hashes) == 1:
                action = 'verdict'
                kwargs['hash'] = hashes[0]
                wfapi.verdict(**kwargs)
            elif len(hashes) > 1:
                action = 'verdicts'
                kwargs['hashes'] = hashes
                wfapi.verdicts(**kwargs)
            else:
                action = 'verdict'
                wfapi.verdict(**kwargs)

            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['sample']:
            action = 'sample'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]

            wfapi.sample(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['pcap']:
            action = 'pcap'
            kwargs = {}
            if len(hashes) > 1:
                print('Only 1 hash allowed for %s' % action, file=sys.stderr)
                sys.exit(1)
            if len(hashes) == 1:
                kwargs['hash'] = hashes[0]
            if options['platform'] is not None:
                kwargs['platform'] = options['platform']

            wfapi.pcap(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['changed']:
            action = 'verdicts_changed'
            kwargs = {}
            if options['date'] is not None:
                kwargs['date'] = options['date']
                try:
                    x = int(options['date'])
                except ValueError:
                    pass
                else:
                    if x < 1:
                        d = date.today()
                        d = d - timedelta(-x)
                        kwargs['date'] = d.isoformat()
                        if options['debug']:
                            print('relative date(%d): %s' %
                                  (x, kwargs['date']), file=sys.stderr)

            wfapi.verdicts_changed(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['testfile']:
            action = 'testfile'

            wfapi.testfile(options['type'])
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

    except pan.wfapi.PanWFapiError as msg:
        print_status(wfapi, action, msg)
        print_response(wfapi, options)
        sys.exit(1)

    sys.exit(0)
コード例 #7
0
ファイル: wfapi.py プロジェクト: ashwathmurthy/pan-python
if __name__ == '__main__':
    # python -m pan.wfapi [tag] [sha256] [0-3]
    import pan.wfapi

    tag = None
    sha256 = '5f31d8658a41aa138ada548b7fb2fc758219d40b557aaeab80681d314f739f92'
    debug = 0

    if len(sys.argv) > 1 and sys.argv[1]:
        tag = sys.argv[1]
    if len(sys.argv) > 2:
        hash = sys.argv[2]
    if len(sys.argv) > 3 and int(sys.argv[3]):
        debug = int(sys.argv[3])

    try:
        wfapi = pan.wfapi.PanWFapi(debug=debug, tag=tag)
    except pan.wfapi.PanWFapiError as msg:
        print('pan.wfapi.PanWFapi:', msg, file=sys.stderr)
        sys.exit(1)

    try:
        wfapi.report(hash=sha256)

    except pan.wfapi.PanWFapiError as msg:
        print('report: %s' % msg, file=sys.stderr)
        sys.exit(1)

    if (wfapi.response_body is not None):
        print(wfapi.response_body)
コード例 #8
0
ファイル: panwfapi.py プロジェクト: ashwathmurthy/pan-python
def main():
    signal.signal(signal.SIGPIPE, signal.SIG_DFL)
#    set_encoding()
    options = parse_opts()

    try:
        wfapi = pan.wfapi.PanWFapi(debug=options['debug'],
                                   tag=options['tag'],
                                   api_key=options['api_key'],
                                   hostname=options['hostname'],
                                   timeout=options['timeout'],
                                   http=options['http'],
                                   cacloud=options['cacloud'],
                                   cafile=options['cafile'],
                                   capath=options['capath'])

    except pan.wfapi.PanWFapiError as msg:
        print('pan.wfapi.PanWFapi:', msg, file=sys.stderr)
        sys.exit(1)

    if options['debug'] > 2:
        print('wfapi.__str__()===>\n', wfapi, '\n<===',
              sep='', file=sys.stderr)

    try:
        if options['submit'] is not None:
            action = 'submit'
            kwargs = {}
            if os.path.isfile(options['submit']):
                kwargs['file'] = options['submit']
            else:
                o = urlparse(options['submit'])
                if options['debug']:
                    print(o, file=sys.stderr)
                if o.scheme == 'file':
                    if o.path and os.path.isfile(o.path):
                        kwargs['file'] = o.path
                    else:
                        print('Invalid URL: file not found:',
                              options['submit'], file=sys.stderr)
                        sys.exit(1)
                else:
                    if o.scheme in ['http', 'https', 'ftp']:
                        kwargs['url'] = options['submit']
                    else:
                        print('Invalid file or URL:',
                              options['submit'], file=sys.stderr)
                        sys.exit(1)

            wfapi.submit(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['report']:
            action = 'report'
            kwargs = {}
            if options['hash'] is not None:
                validate_hash(options['hash'])
                kwargs['hash'] = options['hash']

            if options['format'] is not None:
                kwargs['format'] = options['format']

            wfapi.report(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['sample']:
            action = 'sample'
            kwargs = {}
            if options['hash'] is not None:
                validate_hash(options['hash'])
                kwargs['hash'] = options['hash']

            wfapi.sample(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['pcap']:
            action = 'pcap'
            kwargs = {}
            if options['hash'] is not None:
                validate_hash(options['hash'])
                kwargs['hash'] = options['hash']
            if options['platform'] is not None:
                kwargs['platform'] = options['platform']

            wfapi.pcap(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['testfile']:
            action = 'testfile'

            wfapi.testfile()
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

    except pan.wfapi.PanWFapiError as msg:
        print_status(wfapi, action, msg)
        print_response(wfapi, options)
        sys.exit(1)

    sys.exit(0)
コード例 #9
0
def retrieveWildFireData(apikey, file_digest):
    wfapi = pan.wfapi.PanWFapi(api_key=apikey)
    wfapi.report(file_digest)
    return wfapi.response_body
def retrieveWildFireData(apikey, file_digest):
    wfapi = pan.wfapi.PanWFapi(api_key=apikey)
    wfapi.report(file_digest)
    return wfapi.response_body
コード例 #11
0
ファイル: panwfapi.py プロジェクト: ashwathmurthy/pan-python
def main():
    signal.signal(signal.SIGPIPE, signal.SIG_DFL)
    #    set_encoding()
    options = parse_opts()

    try:
        wfapi = pan.wfapi.PanWFapi(debug=options['debug'],
                                   tag=options['tag'],
                                   api_key=options['api_key'],
                                   hostname=options['hostname'],
                                   timeout=options['timeout'],
                                   http=options['http'],
                                   cacloud=options['cacloud'],
                                   cafile=options['cafile'],
                                   capath=options['capath'])

    except pan.wfapi.PanWFapiError as msg:
        print('pan.wfapi.PanWFapi:', msg, file=sys.stderr)
        sys.exit(1)

    if options['debug'] > 2:
        print('wfapi.__str__()===>\n',
              wfapi,
              '\n<===',
              sep='',
              file=sys.stderr)

    try:
        if options['submit'] is not None:
            action = 'submit'
            kwargs = {}
            if os.path.isfile(options['submit']):
                kwargs['file'] = options['submit']
            else:
                o = urlparse(options['submit'])
                if options['debug']:
                    print(o, file=sys.stderr)
                if o.scheme == 'file':
                    if o.path and os.path.isfile(o.path):
                        kwargs['file'] = o.path
                    else:
                        print('Invalid URL: file not found:',
                              options['submit'],
                              file=sys.stderr)
                        sys.exit(1)
                else:
                    if o.scheme in ['http', 'https', 'ftp']:
                        kwargs['url'] = options['submit']
                    else:
                        print('Invalid file or URL:',
                              options['submit'],
                              file=sys.stderr)
                        sys.exit(1)

            wfapi.submit(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)

        if options['report']:
            action = 'report'
            kwargs = {}
            if options['hash'] is not None:
                validate_hash(options['hash'])
                kwargs['hash'] = options['hash']

            if options['format'] is not None:
                kwargs['format'] = options['format']

            wfapi.report(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['sample']:
            action = 'sample'
            kwargs = {}
            if options['hash'] is not None:
                validate_hash(options['hash'])
                kwargs['hash'] = options['hash']

            wfapi.sample(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['pcap']:
            action = 'pcap'
            kwargs = {}
            if options['hash'] is not None:
                validate_hash(options['hash'])
                kwargs['hash'] = options['hash']
            if options['platform'] is not None:
                kwargs['platform'] = options['platform']

            wfapi.pcap(**kwargs)
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

        if options['testfile']:
            action = 'testfile'

            wfapi.testfile()
            print_status(wfapi, action)
            print_response(wfapi, options)
            save_file(wfapi, options)

    except pan.wfapi.PanWFapiError as msg:
        print_status(wfapi, action, msg)
        print_response(wfapi, options)
        sys.exit(1)

    sys.exit(0)