func main() {
flag.Parse()
if domain == "" {
fmt.Println("-domain=<domainname> fehlt!")
os.Exit(1)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get a domain report (passive dns info)
d, err := c.GetDomainReport(domain)
check(err)
j, err := json.MarshalIndent(d, "", " ")
fmt.Printf("DomainReport: ")
os.Stdout.Write(j)
}
func main() {
flag.Parse()
if ip == "" {
fmt.Println("-ip=<ip> fehlt!")
os.Exit(1)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get a file report
r, err := c.GetIpReport(ip)
check(err)
j, err := json.MarshalIndent(r, "", " ")
fmt.Printf("IP Report: ")
os.Stdout.Write(j)
}
func main() {
flag.Parse()
if url == "" {
fmt.Println("-url=<url> fehlt!")
os.Exit(1)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get an URL report
r, err := c.ScanUrl(url)
check(err)
fmt.Printf("r: %s\n", r)
j, err := json.MarshalIndent(r, "", " ")
fmt.Printf("UrlReport: ")
os.Stdout.Write(j)
}
func main() {
flag.Parse()
apikey := getApiKeyFromEnv()
c := govt.Client{Apikey: apikey, Url: apiurl}
r, err := c.GetFileReport(rsrc)
check(err)
if r.ResponseCode == 0 {
//fmt.Println( r.VerboseMsg )
fmt.Println(rsrc + " NOT KNOWN by VirusTotal")
} else {
//fmt.Println(rsrc + "["+r.Positives+"/"+r.Total+"] IS KNOWN by VirusTotal")
fmt.Printf("%s [%d/%d] IS KNOWN by VirusTotal\n", rsrc, r.Positives, r.Total)
//j, err := json.MarshalIndent(r, "", " ")
//fmt.Printf("FileReport: ")
//os.Stdout.Write(j)
}
}
func main() {
flag.Parse()
if rsrc == "" {
fmt.Println("-rsrc=<md5|sha1|sha2> fehlt!")
os.Exit(1)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get a file report
r, err := c.RescanFile(rsrc)
check(err)
//fmt.Printf("r: %s\n", r)
j, err := json.MarshalIndent(r, "", " ")
fmt.Printf("FileReport: ")
os.Stdout.Write(j)
}
func main() {
flag.Parse()
if file == "" {
fmt.Println("-file=<fileToScan.ext> fehlt!")
os.Exit(1)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get a file report
r, err := c.ScanFile(file)
check(err)
//fmt.Printf("r: %s\n", r)
j, err := json.MarshalIndent(r, "", " ")
fmt.Printf("FileReport: ")
os.Stdout.Write(j)
}
func fetch(url string, mode bool) {
fmt.Println("inside of fetch")
var ip string
file := "report.txt"
if mode {
fmt.Print("Analyzing URL(s):\n")
}
ip_addr, err := net.LookupIP(url)
if mode {
fmt.Print("Finished Domain Lookup\n")
}
if err != nil {
fmt.Sprintf("ip lookup failed %s %v", ip_addr, err)
}
for i := 0; i < len(ip_addr); i++ {
ip = ip_addr[i].String()
}
if mode {
fmt.Print("Sending to VirusTotal: Awaiting Results\n")
}
if ip == "" {
fmt.Println("-ip=<ip> fehlt!")
os.Exit(1)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get a file report
r, err := c.GetIpReport(ip)
check(err)
j, err := json.MarshalIndent(r, "", " ")
if _, err := os.Stat(file); err == nil {
fmt.Println("File Exists")
ioutil.WriteFile("test.txt", j, 0664)
}
ioutil.WriteFile("report.txt", j, 0664)
check(err)
if mode {
fmt.Print("Report Generated\n")
fmt.Println("IP Report:")
}
}
func main() {
flag.Parse()
if rsrc == "" {
fmt.Println("-rsrc=<md5|sha-1|sha-2> not given!")
os.Exit(1)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get a file report
r, err := c.GetFileNetworkTraffic(rsrc)
check(err)
//fmt.Printf("r: %s\n", r)
j, err := json.MarshalIndent(r, "", " ")
fmt.Printf("File Network Traffic: ")
os.Stdout.Write(j)
//fmt.Printf("%d %s \t%s \t%s \t%d/%d\n", r.Status.ResponseCode, r.Status.VerboseMsg, r.Resource, r.ScanDate, r.Positives, r.Total)
err = ioutil.WriteFile(rsrc+".pcap", r.Content, 0600)
fmt.Printf("file %s has been written.\n", rsrc+".pcap")
check(err)
}
func fetch(url string, mode bool) {
var ip string
file := "report.txt"
if mode {
fmt.Print("Analyzing URL(s):\n")
fmt.Print("Resolving URL:")
}
if govalidator.IsURL(url) {
ipAddr, err := net.LookupIP(url)
if mode {
fmt.Print("Finished Domain Lookup\n")
}
if err != nil {
fmt.Sprintf("ip lookup failed %s %v", ipAddr, err)
}
for i := 0; i < len(ipAddr); i++ {
ip = ipAddr[i].String()
}
if mode {
fmt.Print("Sending to VirusTotal: Awaiting Results\n")
}
if ip == "" {
fmt.Println("-ip=<ip> fehlt!")
os.Exit(0)
}
c := govt.Client{Apikey: apikey, Url: apiurl}
// get a file report
r, err := c.GetIpReport(ip)
check(err)
j, err := json.MarshalIndent(r, "", " ")
if err != nil {
fmt.Println("Formatting Error")
return
}
// currDir, err := os.Getwd()
if _, err := os.Stat(file); err == nil {
if mode {
fmt.Println("File Exists Moving to Reports Directory")
}
os.Mkdir("report", 0760)
ioutil.WriteFile("report/"+url+"-report", j, 0664)
} else {
ioutil.WriteFile("report.txt", j, 0664)
}
check(err)
if mode {
fmt.Print("Report Generated\n")
fmt.Println("IP Report:")
}
} else {
fmt.Println("Invalid URL")
os.Exit(-1)
}
}
func main() {
flag.Parse()
//log.Printf("flags parsed")
if file != "" {
//log.Printf("param 'file' is set")
md5s := &bytes.Buffer{}
w := bufio.NewWriter(md5s)
//bw, err := fmt.Fprintf(w, "%x", calcMd5(file) )
_, err := fmt.Fprintf(w, "%x", calcMd5(file))
w.Flush()
check(err)
//fmt.Printf("%d bytes written to buffer\n", bw)
//fmt.Printf("buffer as string: '%s'\n", md5s.String() )
//fmt.Println("md5s.String():", md5s.String() )
//os.Exit(1)
rsrc = md5s.String()
} else {
//log.Printf("param 'file' not set")
file = "/path/to/" + rsrc
}
apikey := getApiKeyFromEnv()
//log.Printf("APIKEY is: %s", apikey)
c := govt.Client{Apikey: apikey, Url: apiurl}
r, err := c.GetFileReport(rsrc)
check(err)
//log.Printf("GetFile response was: %s", r.VerboseMsg)
//log.Printf("GetFile response was: %#v", r)
if r.ResponseCode == 0 {
//log.Println("ResponseCode was '0'")
//fmt.Println( r.VerboseMsg )
fmt.Println(rsrc + " NOT KNOWN by VirusTotal")
if vtUpload == true {
r, err := c.ScanFile(file)
check(err)
j, err := json.MarshalIndent(r, "", " ")
fmt.Printf("FileReport: ")
os.Stdout.Write(j)
} else {
fmt.Println("For uploading to VT use vtFileScan -file=" + file)
}
} else {
//log.Println("ResponseCode was NOT '0'")
//fmt.Println(rsrc +" IS KNOWN by VirusTotal")
sr := r.Scans["Symantec"]
if sr.Detected == true {
fmt.Printf("%s detected by Symantec Version %s as %s since update %s\n", rsrc, sr.Version, sr.Result, sr.Update)
} else {
fmt.Printf("%s NOT detected by Symantec; Detection Rate: [%d/%d]\n", rsrc, r.Positives, r.Total)
fmt.Printf("If you want to upload this file to VT use: 'vtFileScan -file=%s'\n", file)
fmt.Printf("If you want to submit it to Symantec use: 'symantecUpload -file=%s'\n", file)
for s := range r.Scans {
if r.Scans[s].Detected == true {
//log.Printf("detected by: '%s'\n", s)
} else {
continue
}
}
}
//j, err := json.MarshalIndent(r, "", " ")
//fmt.Printf("FileReport: ")
//os.Stdout.Write(j)
}
//log.Println("End of Execution")
}
