def report_dom(self, dom: str):
self.api_repd.fulluri = self.api_repd.fullurl + dom
self.api_repd.param = self.get_apikey()
data, _ = request(self.api_repd)
data = frmt.jsontree(data)
# web.openurl(data["permalink"])
return out.pformat(data)
def report_ip(self, ip: str):
self.api_repi.fulluri = self.api_repi.fullurl + ip
self.api_repi.param = self.get_apikey()
data, _ = request(self.api_repi)
data = frmt.jsontree(data)
# web.openurl(data["permalink"])
return out.pformat(data)
def submit_file(self, file: File):
self.api_subf.file = {"file[]": file.fd()}
self.api_subf.data = {**self.get_apikey(), "QUICKSAND_RERUN": 1}
# {"QUICKSAND_BRUTE": 1, "QUICKSAND_LOOKAHEAD": 1}
data, _ = request(self.api_subf)
data = frmt.jsontree(data)
return out.pformat(data)
def report_file(self, hash: Hash):
self.api_repf.data = {**self.get_apikey(), "resource": hash.hash}
data, _ = request(self.api_repf)
data = frmt.jsontree(data, depth=1)
# data = frmt.jsonvert(data["scans"])
# openurl(data["permalink"])
return out.pformat(data)
def submit_file(self, file: File):
# HTTP 404 Not Found
self.api_subf.cookie = self.get_apikey()
self.api_subf.file = {"file": file.fd()}
data, _ = request(self.api_subf)
data = frmt.jsonvert(data)
return out.pformat(data)
def report_dom(self, dom: str):
self.api_repd.param = {"domain": dom}
data, _ = request(self.api_repd)
data = frmt.jsontree(data)
if data == []:
return f"domain \"{dom}\" not found"
return out.pformat(data)
def submit_file(self, file: File):
# HTTP 405 Method Not Allowed
self.api_subf.data = {**self.get_apikey(), "shared": "yes"}
self.api_subf.file = {"file": (file.name, file.fd())}
data, _ = request(self.api_subf)
data = frmt.jsontree(data)
return out.pformat(data)
def submit_url(self, url: str):
self.api_subu.data = {**self.get_apikey(),
"report_radio-platform": "WINDOWS7",
"report_radio-url": url}
data, _ = request(self.api_subu)
data = frmt.jsontree(data)
return out.pformat(data)
def report_ip(self, ip: str):
self.api_repi.param = {**self.get_apikey(),
"ip": ip,
"limit": self.limit}
data, _ = request(self.api_repi)
data = frmt.jsontree(data)
return out.pformat(data)
def report_file(self, hash: Hash):
# hash.hash + "?overview=false§ion=pe"
self.api_repf.fulluri = self.api_repf.fullurl + hash.hash
self.api_repf.cookie = self.get_apikey()
data, _ = request(self.api_repf)
data = frmt.jsontree(data)
return out.pformat(data)
def report_file(self, hash: Hash):
self.api_repf.param = {
**self.get_apikey(), "action": "details",
"hash": hash.hash
}
data, _ = request(self.api_repf)
# data = frmt.jsontree(data)
return out.pformat(data)
def report_app(self, hash: Hash):
self.api_repa.header = \
{"Authorization":
" ".join(f"{kn} {k}" for kn, k in self.get_apikey().items())}
self.api_repa.fulluri = self.api_repa.fullurl + hash.hash
data, _ = request(self.api_repa)
data = frmt.jsontree(data)
return out.pformat(data)
def report_url(self, url: str):
self.api_repu.param = {**self.get_apikey(),
"limit": self.limit,
"type": "url",
"value": url}
data, _ = request(self.api_repu)
data = frmt.jsontree(data)
return out.pformat(data)
def report_dom(self, dom: str):
self.api_repd.param = {**self.get_apikey(),
"limit": self.limit,
"type": "domain",
"value": dom}
data, _ = request(self.api_repd)
data = frmt.jsontree(data)
return out.pformat(data)
def submit_file(self, file: File):
self.api_subf.file = {"sample[]": file.fd()}
self.api_subf.data = {"type": "json", "message": "", "email": ""}
data, _ = request(self.api_subf)
if " is not a PDF file. Not processed." in data:
return f"{file} is not a PDF file"
data = frmt.jsontree(data)
return out.pformat(data)
def report_url(self, url: str):
self.api_repu.data = {
"url": quoteurl(url),
"format": "json",
**self.get_apikey()
}
data, _ = request(self.api_repu)
data = frmt.jsontree(data)
return out.pformat(data)
def report_ip(self, ip: str):
self.api_repi.header = {
"Authorization":
" ".join(f"{kn} {k}" for kn, k in self.get_apikey().items())
}
self.api_repi.fulluri = self.api_repi.fullurl + ip
data, _ = request(self.api_repi)
data = frmt.jsontree(data)
return out.pformat(data)
def search(self, srch: str):
from re import escape
srch = escape(srch)
self.api_srch.param = {**self.get_apikey(),
"limit": self.limit,
"value__regexp": f".*{srch}.*"}
# self.api_srch.param = {**self.get_apikey(), "value": srch}
data, _ = request(self.api_srch)
data = frmt.jsontree(data)
return out.pformat(data)
def report_file(self, hash: Hash):
if hash.alg == HASH_MD5 or hash.alg == HASH_SHA1:
self.api_repf.param = {**self.get_apikey(),
"type": "md5", # MD5 or SHA-1
"value": hash.hash,
"limit": self.limit}
data, _ = request(self.api_repf)
data = frmt.jsontree(data)
return out.pformat(data)
else:
return f"{hash.alg} is not MD5 or SHA1"
def search(self, srch: str):
from requests.exceptions import HTTPError
self.api_srch.fulluri = self.api_srch.fullurl % \
("breachedaccount", srch)
try:
data, _ = request(self.api_srch)
except HTTPError as e:
if e.response.status_code == 404:
return f"account \"{srch}\" not found"
raise HTTPError(e)
data = frmt.jsontree(data)
return out.pformat(data)
def report_file(self, hash: Hash):
matches = self.search(hash.hash)
if not matches:
return None
# pick one of the analyses
webid = matches[-1]["webid"]
self.api_repa.data = {
"webid": webid,
"type": "irjsonfixed",
**self.get_apikey()
}
data, _ = request(self.api_repa, json=True)
return out.pformat(data["analysis"])
def report_url(self, url: str):
self.api_repu.param = self.get_apikey()
self.api_repu.header = {'Content-Type': 'application/json'}
self.api_repu.json = {
"client": {
"clientId": MALSUB_NAME,
"clientVersion": MALSUB_VERSION
},
"threatInfo": {
# "POTENTIALLY_HARMFUL_APPLICATION"
# "THREAT_TYPE_UNSPECIFIED"
# "UNWANTED_SOFTWARE"
"threatTypes": ["MALWARE", "SOCIAL_ENGINEERING"],
"platformTypes": ["ALL_PLATFORMS"],
"threatEntryTypes": ["URL"],
"threatEntries": [{
"url": url
}]
}
}
data, _ = request(self.api_repu)
data = frmt.jsontree(data)
return out.pformat(data)
def search(self, srch: str):
self.api_srch.param = {"antivirus": srch}
data, _ = request(self.api_srch)
data = frmt.jsontree(data)
return out.pformat(data)
def report_ip(self, ip: str):
self.api_repi.param = {"ip": ip}
data, _ = request(self.api_repi)
data = frmt.jsontree(data)
return out.pformat(data)
def report_dom(self, dom: str):
self.api_repd.param = {"domain": dom}
data, _ = request(self.api_repd)
data = frmt.jsontree(data)
return out.pformat(data)
def submit_file(self, file: File):
self.api_subf.header = self.get_apikey()
self.api_subf.file = {"file": file.fd()}
data, _ = request(self.api_subf)
data = frmt.jsontree(data)
return out.pformat(data)
def report_file(self, hash: Hash):
self.api_repf.header = self.get_apikey()
self.api_repf.fulluri = self.api_repf.fullurl + hash.hash
data, _ = request(self.api_repf)
# data = frmt.jsontree(data)
return out.pformat(data)
def search(self, srch: str):
self.api_srch.param = self.get_apikey()
self.api_srch.header = {'Content-Type': 'application/json'}
data, _ = request(self.api_srch)
data = frmt.jsontree(data)
return out.pformat(data)
def report_file(self, hash: Hash):
self.api_repf.data = {**self.get_apikey(), "query": hash.hash}
data, _ = request(self.api_repf)
data = frmt.jsontree(data)
return out.pformat(data)
def search(self, srch: str):
self.api_repd.data = {"string": srch, **self.get_apikey()}
data, _ = request(self.api_repd)
# data = frmt.jsontree(data)
return out.pformat(data)
