print("[ ] Processing %s ..." % filePath) fileData = getFileData(filePath) hashes = generateHashes(fileData) # Add the results as a line for processing lines.append("{0} {1}".format(hashes["sha256"], filePath)) except Exception as e: traceback.print_exc() # Missing operation mode if not args.web and not args.cli and not args.f and not args.s: print("[E] Use at least one of the options -f file, -s directory, --web or --cli") sys.exit(1) # Write a CSV header if not args.nocsv and not alreadyExists: writeCSVHeader(resultFile) # Process the input lines try: processLines(lines, resultFile, args.nocsv, args.debug) except UnicodeEncodeError as e: print("[E] Error while processing some of the values due to unicode decode errors. " "Try using python3 instead of version 2.") # Write Cache if not args.nocsv: print("\n[+] Results written to file {0}".format(resultFile)) print("\n[+] Saving {0} cache entries to file {1}".format(len(cache), args.c)) # Don't save cache if cache shouldn't be used if not args.nocache:
def main(): init(autoreset=False) print(Style.RESET_ALL) print(Fore.BLACK + Back.WHITE) print(" _ _ _ _ ______ _____ ______ ".ljust(80)) print(" | | | | | | | | | | ____ | | | | \ \ (.\\ ".ljust(80)) print(" | |--| | | | | | | | | | | | | | | | |/(\\ ".ljust(80)) print(" |_| |_| \_|__|_| |_|__|_| _|_|_ |_| |_| \\ \\\\".ljust(80)) print( " \" \"'\\ ".ljust(80)) print(" ".ljust(80)) print(" Result Checker for Virustotal Retrohunts".ljust(80)) print((" " + __AUTHOR__ + " - " + __VERSION__ + "").ljust(80)) print(" ".ljust(80) + Style.RESET_ALL) print(Style.RESET_ALL + " ") parser = argparse.ArgumentParser(description='Retrohunt Checker') parser.add_argument('-r', help='Name for the queried retrohunt', metavar='retrohunt-name', default='') parser.add_argument('-i', help='Name of the ini file that holds the VT API key', metavar='ini-file', default=os.path.dirname(os.path.abspath(__file__)) + '/munin.ini') parser.add_argument('--csv-path', help='Write a CSV with the results', default='retrohunt_results.csv') parser.add_argument('--debug', action='store_true', default=False, help='Debug output') parser.add_argument('--comments', help='Download VirusTotal comments', action='store_true', default=False) parser.add_argument( '--no-comments', help='Deprecated - set by default, doesn\'t do anything', default=False) args = parser.parse_args() # PyMISP error handling > into Nirvana logger = logging.getLogger("pymisp") logger.setLevel(logging.CRITICAL) if args.debug: logger.setLevel(logging.DEBUG) # Read the config file config = configparser.ConfigParser() try: config.read(args.i) munin_vt.VT_PUBLIC_API_KEY = config['DEFAULT']['VT_PUBLIC_API_KEY'] try: connections.setProxy(config['DEFAULT']['PROXY']) except KeyError as e: print( "[E] Your config misses the PROXY field - check the new munin.ini template and add it to your " "config to avoid this error.") except Exception as e: traceback.print_exc() print( "[E] Config file '%s' not found or missing field - check the template munin.ini if fields have " "changed" % args.i) print("[+] Retrieving Retrohunt results ...") found_files = munin_vt.getRetrohuntResults(args.r, not args.comments, args.debug) print("[+] Retrohunt results retrieved") csv_filename = args.csv_path writeCSVHeader(csv_filename) for i, file_info in enumerate(found_files): printResult(file_info, i, len(found_files)) writeCSV(file_info, csv_filename)