Example #1
0
func main() {
	flag.Parse()
	if domain == "" {
		fmt.Println("-domain=<domainname> fehlt!")
		os.Exit(1)
	}
	c := govt.Client{Apikey: apikey, Url: apiurl}

	// get a domain report (passive dns info)
	d, err := c.GetDomainReport(domain)
	check(err)
	j, err := json.MarshalIndent(d, "", "  ")
	fmt.Printf("DomainReport: ")
	os.Stdout.Write(j)
}
Example #2
0
func main() {
	flag.Parse()
	if ip == "" {
		fmt.Println("-ip=<ip> fehlt!")
		os.Exit(1)
	}
	c := govt.Client{Apikey: apikey, Url: apiurl}

	// get a file report
	r, err := c.GetIpReport(ip)
	check(err)
	j, err := json.MarshalIndent(r, "", "    ")
	fmt.Printf("IP Report: ")
	os.Stdout.Write(j)

}
Example #3
0
func main() {
	flag.Parse()
	if url == "" {
		fmt.Println("-url=<url> fehlt!")
		os.Exit(1)
	}
	c := govt.Client{Apikey: apikey, Url: apiurl}

	// get an URL report
	r, err := c.ScanUrl(url)
	check(err)
	fmt.Printf("r: %s\n", r)
	j, err := json.MarshalIndent(r, "", "    ")
	fmt.Printf("UrlReport: ")
	os.Stdout.Write(j)

}
Example #4
0
func main() {
	flag.Parse()
	apikey := getApiKeyFromEnv()
	c := govt.Client{Apikey: apikey, Url: apiurl}
	r, err := c.GetFileReport(rsrc)
	check(err)
	if r.ResponseCode == 0 {
		//fmt.Println( r.VerboseMsg )
		fmt.Println(rsrc + " NOT KNOWN by VirusTotal")
	} else {
		//fmt.Println(rsrc + "["+r.Positives+"/"+r.Total+"] IS KNOWN by VirusTotal")
		fmt.Printf("%s [%d/%d] IS KNOWN by VirusTotal\n", rsrc, r.Positives, r.Total)
		//j, err := json.MarshalIndent(r, "", "    ")
		//fmt.Printf("FileReport: ")
		//os.Stdout.Write(j)
	}
}
Example #5
0
func main() {
	flag.Parse()
	if rsrc == "" {
		fmt.Println("-rsrc=<md5|sha1|sha2> fehlt!")
		os.Exit(1)
	}
	c := govt.Client{Apikey: apikey, Url: apiurl}

	// get a file report
	r, err := c.RescanFile(rsrc)
	check(err)
	//fmt.Printf("r: %s\n", r)
	j, err := json.MarshalIndent(r, "", "    ")
	fmt.Printf("FileReport: ")
	os.Stdout.Write(j)

}
Example #6
0
func main() {
	flag.Parse()
	if file == "" {
		fmt.Println("-file=<fileToScan.ext> fehlt!")
		os.Exit(1)
	}
	c := govt.Client{Apikey: apikey, Url: apiurl}

	// get a file report
	r, err := c.ScanFile(file)
	check(err)
	//fmt.Printf("r: %s\n", r)
	j, err := json.MarshalIndent(r, "", "    ")
	fmt.Printf("FileReport: ")
	os.Stdout.Write(j)

}
Example #7
0
func fetch(url string, mode bool) {
	fmt.Println("inside of fetch")
	var ip string
	file := "report.txt"
	if mode {
		fmt.Print("Analyzing URL(s):\n")
	}
	ip_addr, err := net.LookupIP(url)
	if mode {
		fmt.Print("Finished Domain Lookup\n")
	}
	if err != nil {
		fmt.Sprintf("ip lookup failed %s %v", ip_addr, err)
	}
	for i := 0; i < len(ip_addr); i++ {
		ip = ip_addr[i].String()
	}
	if mode {
		fmt.Print("Sending to VirusTotal: Awaiting Results\n")
	}
	if ip == "" {
		fmt.Println("-ip=<ip> fehlt!")
		os.Exit(1)
	}
	c := govt.Client{Apikey: apikey, Url: apiurl}

	// get a file report
	r, err := c.GetIpReport(ip)
	check(err)
	j, err := json.MarshalIndent(r, "", "    ")
	if _, err := os.Stat(file); err == nil {
		fmt.Println("File Exists")
		ioutil.WriteFile("test.txt", j, 0664)
	}
	ioutil.WriteFile("report.txt", j, 0664)
	check(err)

	if mode {
		fmt.Print("Report Generated\n")
		fmt.Println("IP Report:")
	}
}
Example #8
0
func main() {
	flag.Parse()
	if rsrc == "" {
		fmt.Println("-rsrc=<md5|sha-1|sha-2> not given!")
		os.Exit(1)
	}
	c := govt.Client{Apikey: apikey, Url: apiurl}

	// get a file report
	r, err := c.GetFileNetworkTraffic(rsrc)
	check(err)
	//fmt.Printf("r: %s\n", r)
	j, err := json.MarshalIndent(r, "", "    ")
	fmt.Printf("File Network Traffic: ")
	os.Stdout.Write(j)
	//fmt.Printf("%d %s \t%s \t%s \t%d/%d\n", r.Status.ResponseCode, r.Status.VerboseMsg, r.Resource, r.ScanDate, r.Positives, r.Total)

	err = ioutil.WriteFile(rsrc+".pcap", r.Content, 0600)
	fmt.Printf("file %s has been written.\n", rsrc+".pcap")
	check(err)
}
Example #9
0
func fetch(url string, mode bool) {
	var ip string
	file := "report.txt"

	if mode {
		fmt.Print("Analyzing URL(s):\n")
		fmt.Print("Resolving URL:")
	}
	if govalidator.IsURL(url) {

		ipAddr, err := net.LookupIP(url)
		if mode {
			fmt.Print("Finished Domain Lookup\n")
		}
		if err != nil {
			fmt.Sprintf("ip lookup failed %s %v", ipAddr, err)
		}
		for i := 0; i < len(ipAddr); i++ {
			ip = ipAddr[i].String()
		}
		if mode {
			fmt.Print("Sending to VirusTotal: Awaiting Results\n")
		}
		if ip == "" {
			fmt.Println("-ip=<ip> fehlt!")
			os.Exit(0)
		}
		c := govt.Client{Apikey: apikey, Url: apiurl}

		// get a file report
		r, err := c.GetIpReport(ip)
		check(err)

		j, err := json.MarshalIndent(r, "", "    ")
		if err != nil {
			fmt.Println("Formatting Error")
			return
		}
		//		currDir, err := os.Getwd()
		if _, err := os.Stat(file); err == nil {
			if mode {
				fmt.Println("File Exists Moving to Reports Directory")
			}
			os.Mkdir("report", 0760)
			ioutil.WriteFile("report/"+url+"-report", j, 0664)
		} else {
			ioutil.WriteFile("report.txt", j, 0664)
		}
		check(err)

		if mode {
			fmt.Print("Report Generated\n")
			fmt.Println("IP Report:")
		}
	} else {
		fmt.Println("Invalid URL")
		os.Exit(-1)

	}

}
Example #10
0
func main() {
	flag.Parse()
	//log.Printf("flags parsed")
	if file != "" {
		//log.Printf("param 'file' is set")
		md5s := &bytes.Buffer{}
		w := bufio.NewWriter(md5s)
		//bw, err := fmt.Fprintf(w, "%x", calcMd5(file) )
		_, err := fmt.Fprintf(w, "%x", calcMd5(file))
		w.Flush()
		check(err)
		//fmt.Printf("%d bytes written to buffer\n", bw)
		//fmt.Printf("buffer as string: '%s'\n", md5s.String() )
		//fmt.Println("md5s.String():", md5s.String() )
		//os.Exit(1)
		rsrc = md5s.String()
	} else {
		//log.Printf("param 'file' not set")
		file = "/path/to/" + rsrc
	}
	apikey := getApiKeyFromEnv()
	//log.Printf("APIKEY is: %s", apikey)
	c := govt.Client{Apikey: apikey, Url: apiurl}
	r, err := c.GetFileReport(rsrc)
	check(err)
	//log.Printf("GetFile response was: %s", r.VerboseMsg)
	//log.Printf("GetFile response was: %#v", r)
	if r.ResponseCode == 0 {
		//log.Println("ResponseCode was '0'")
		//fmt.Println( r.VerboseMsg )
		fmt.Println(rsrc + " NOT KNOWN by VirusTotal")
		if vtUpload == true {
			r, err := c.ScanFile(file)
			check(err)
			j, err := json.MarshalIndent(r, "", "    ")
			fmt.Printf("FileReport: ")
			os.Stdout.Write(j)
		} else {
			fmt.Println("For uploading to VT use vtFileScan -file=" + file)
		}
	} else {
		//log.Println("ResponseCode was NOT '0'")
		//fmt.Println(rsrc +" IS KNOWN by VirusTotal")
		sr := r.Scans["Symantec"]
		if sr.Detected == true {
			fmt.Printf("%s detected by Symantec Version %s as %s since update %s\n", rsrc, sr.Version, sr.Result, sr.Update)
		} else {
			fmt.Printf("%s NOT detected by Symantec; Detection Rate: [%d/%d]\n", rsrc, r.Positives, r.Total)
			fmt.Printf("If you want to upload this file to VT use: 'vtFileScan -file=%s'\n", file)
			fmt.Printf("If you want to submit it to Symantec use: 'symantecUpload -file=%s'\n", file)
			for s := range r.Scans {
				if r.Scans[s].Detected == true {
					//log.Printf("detected by: '%s'\n", s)
				} else {
					continue
				}
			}
		}
		//j, err := json.MarshalIndent(r, "", "    ")
		//fmt.Printf("FileReport: ")
		//os.Stdout.Write(j)
	}
	//log.Println("End of Execution")
}