PERL : virustotal api v2 - uploader doesn't work.
by ////// from LinuxQuestions.org on (#5DZC4)
hello again.
i am writing perl program that automatically submits to virustotal files from suricatas filestore.
i have written it mostly, just need to make it prettier :study:, i'm just having problem with error message :
Code:[root@arch vile]# perl /home/vile/Documents/upload.pl
Use of uninitialized value $v in concatenation (.) or string at /usr/share/perl5/site_perl/Net/HTTP/Methods.pm line 161.
https://www.virustotal.com/vtapi/v2/file/scan error: 403 Forbidden at /home/vile/Documents/upload.pl line 61.
[root@arch vile]#here is full example of it :
Code:#!/usr/bin/perl
use warnings;
use strict;
use File::Find;
use LWP::UserAgent;
use JSON;
use vars qw( @directories_list @dirs $dir $path $file $testfile $shafile $pathtofile $dirname $dir00 $dir0a $fh );
my @directories_list = qw( 00 0a );
# make temp directories.
$dirname ="/tmp/testdir";
mkdir $dirname, 0755;
$dir00 ="/tmp/testdir/00";
mkdir $dir00, 0755;
$dir0a ="/tmp/testdir/0a";
mkdir $dir0a, 0755;
$path = "/tmp/testdir/";
@dirs = split /\ /, "@directories_list";
for $dir (@dirs) {
# write test file '00cd8531e2d74a39ab5df9883bd57cde7a9b6fc0c3cbe8b5600206997ae2f377' sha256sum of file is its name.
open $fh, '>', "$path$dir/00cd8531e2d74a39ab5df9883bd57cde7a9b6fc0c3cbe8b5600206997ae2f377";
print {$fh} 'foooooooooooo';
print {$fh} 'bAAAAAAAAAAAAr';
print {$fh} 'DDDDDDDDDDDDD';
close $fh;
#print "$path";
#print "$dir\n";
$pathtofile = "$path$dir";
find(\&testfile, $pathtofile);
}
sub testfile {
if ($File::Find::name =~ /[a-z0-9]{64}$/) { # <-- matches sha256sum
#print "$File::Find::name\n" ;
submitter("$File::Find::name\n");
}
}
sub submitter {
$shafile = $_[0];
#print " SUBMITTER $shafile\n";
sleep(20);
my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 1 });
my $url='https://www.virustotal.com/vtapi/v2/file/scan';
# key 'ee6e69074a21711e1125bbe678b595e40b2cc82ff3f82cd923a9100f7d50e77b' is valid key.
my $key='ee6e69074a21711e1125bbe678b595e40b2cc82ff3f82cd923a9100f7d50e77b';
my $response = $ua->post( $url,
Content_Type => 'multipart/form-data',
Content => ['apikey'] => $key,
'file' => ['$shafile']
);
die "$url error: ", $response->status_line
unless $response->is_success;
my $results=$response->content;
#pulls the sha256 value out of the JSON response
#Note: there are many other values that could also be pulled out
my $json = JSON->new->allow_nonref;
my $decjson = $json->decode( $results);
my $sha=$decjson->{"sha256"};
print $sha ."\n\n";
#Code to retrieve the results that pertain to a submitted file by hash value
$url='https://www.virustotal.com/vtapi/v2/file/report';
$response = $ua->post( $url,
['apikey' => $key,
'resource' => $sha]
);
die "$url error: ", $response->status_line
unless $response->is_success;
$results=$response->content;
#processes the JSON to see how many AV products consider the file a virus
$json = JSON->new->allow_nonref;
$decjson = $json->decode( $results);
print $decjson->{"positives"};
}hoping that this problem is easy one :)
i am not experienced enough to fix it myself so i posted here, any hints about how i should fix it are welcomed.
thanks.
i am writing perl program that automatically submits to virustotal files from suricatas filestore.
i have written it mostly, just need to make it prettier :study:, i'm just having problem with error message :
Code:[root@arch vile]# perl /home/vile/Documents/upload.pl
Use of uninitialized value $v in concatenation (.) or string at /usr/share/perl5/site_perl/Net/HTTP/Methods.pm line 161.
https://www.virustotal.com/vtapi/v2/file/scan error: 403 Forbidden at /home/vile/Documents/upload.pl line 61.
[root@arch vile]#here is full example of it :
Code:#!/usr/bin/perl
use warnings;
use strict;
use File::Find;
use LWP::UserAgent;
use JSON;
use vars qw( @directories_list @dirs $dir $path $file $testfile $shafile $pathtofile $dirname $dir00 $dir0a $fh );
my @directories_list = qw( 00 0a );
# make temp directories.
$dirname ="/tmp/testdir";
mkdir $dirname, 0755;
$dir00 ="/tmp/testdir/00";
mkdir $dir00, 0755;
$dir0a ="/tmp/testdir/0a";
mkdir $dir0a, 0755;
$path = "/tmp/testdir/";
@dirs = split /\ /, "@directories_list";
for $dir (@dirs) {
# write test file '00cd8531e2d74a39ab5df9883bd57cde7a9b6fc0c3cbe8b5600206997ae2f377' sha256sum of file is its name.
open $fh, '>', "$path$dir/00cd8531e2d74a39ab5df9883bd57cde7a9b6fc0c3cbe8b5600206997ae2f377";
print {$fh} 'foooooooooooo';
print {$fh} 'bAAAAAAAAAAAAr';
print {$fh} 'DDDDDDDDDDDDD';
close $fh;
#print "$path";
#print "$dir\n";
$pathtofile = "$path$dir";
find(\&testfile, $pathtofile);
}
sub testfile {
if ($File::Find::name =~ /[a-z0-9]{64}$/) { # <-- matches sha256sum
#print "$File::Find::name\n" ;
submitter("$File::Find::name\n");
}
}
sub submitter {
$shafile = $_[0];
#print " SUBMITTER $shafile\n";
sleep(20);
my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 1 });
my $url='https://www.virustotal.com/vtapi/v2/file/scan';
# key 'ee6e69074a21711e1125bbe678b595e40b2cc82ff3f82cd923a9100f7d50e77b' is valid key.
my $key='ee6e69074a21711e1125bbe678b595e40b2cc82ff3f82cd923a9100f7d50e77b';
my $response = $ua->post( $url,
Content_Type => 'multipart/form-data',
Content => ['apikey'] => $key,
'file' => ['$shafile']
);
die "$url error: ", $response->status_line
unless $response->is_success;
my $results=$response->content;
#pulls the sha256 value out of the JSON response
#Note: there are many other values that could also be pulled out
my $json = JSON->new->allow_nonref;
my $decjson = $json->decode( $results);
my $sha=$decjson->{"sha256"};
print $sha ."\n\n";
#Code to retrieve the results that pertain to a submitted file by hash value
$url='https://www.virustotal.com/vtapi/v2/file/report';
$response = $ua->post( $url,
['apikey' => $key,
'resource' => $sha]
);
die "$url error: ", $response->status_line
unless $response->is_success;
$results=$response->content;
#processes the JSON to see how many AV products consider the file a virus
$json = JSON->new->allow_nonref;
$decjson = $json->decode( $results);
print $decjson->{"positives"};
}hoping that this problem is easy one :)
i am not experienced enough to fix it myself so i posted here, any hints about how i should fix it are welcomed.
thanks.