metascan 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/metascan.rb +119 -0
  3. metadata +72 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: ef3bca447dda61607d61ce407a66fe8a87cd1b0e
4
+ data.tar.gz: f7c01b0c3cc710864aa86ecb7a02a89dbae82f0a
5
+ SHA512:
6
+ metadata.gz: 985594e081de4084d684ac4d6261a1995759bd6f3e9626a31489248c5f6c0f8c8f23ea83139dd1ca882aa50e1f1af6178661aa63bc7fdd0b0bcc82a05179459b
7
+ data.tar.gz: 4cdf9e857fa9ae41531f8322e0a1a8dc1dab5db2d658cfa89fd4c1e6bcb82af371f681a403a6523c415e762c3a25fe916887d451aa3a94d71591f352f07f8bae
data/lib/metascan.rb ADDED
@@ -0,0 +1,119 @@
1
+ module Metascan
2
+
3
+ require 'typhoeus'
4
+ require 'json'
5
+
6
+ # Constants like paths and stuff.
7
+ PATHS = {
8
+ :scan_file => "https://api.metascan-online.com/v1/file",
9
+ :results_by_data_id => "https://api.metascan-online.com/v1/file/",
10
+ :results_by_file_hash => "https://api.metascan-online.com/v1/hash/"
11
+ }
12
+
13
+ # A single scan on the Metascan service.
14
+ # Initialized with the parameters to scan,
15
+ # exposes methods to inspect the scan results.
16
+ class Scan
17
+ def initialize(filename, client, archivepwd: nil)
18
+ @filename = filename
19
+ @client = client
20
+ @archivepwd = archivepwd
21
+ end
22
+
23
+ # Initiate a scan of @filename
24
+ def run
25
+ request = Typhoeus::Request.new(
26
+ Metascan::PATHS[:scan_file],
27
+ headers: {
28
+ 'filename' => @filename,
29
+ 'archivepwd' => @archivepwd,
30
+ 'apikey' => @client.api_key
31
+ }.select { |k, v| !v.nil? },
32
+ method: :post,
33
+ body: { file: File.open(@filename, "r") }
34
+ )
35
+
36
+ request.on_complete do |r|
37
+ @data_id = JSON.parse(r.body)["data_id"]
38
+ retrieve_results
39
+ end
40
+
41
+ request.run
42
+ end
43
+
44
+ # Is my file clean?
45
+ def clean?
46
+ self.results["scan_results"]["scan_all_result_i"] == 0
47
+ end
48
+
49
+ # Only useful for testing.
50
+ def results=(results)
51
+ @results = results
52
+ end
53
+
54
+ # Return the results of my scan.
55
+ # If the optional argument "poll" is set to true, then attempt
56
+ # to requery Metascan for the results before returning them.
57
+ def results(poll: true)
58
+ if !@results or
59
+ (poll and @results["scan_results"]["progress_percentage"] < 100) then
60
+ @results = retrieve_results
61
+ end
62
+ @results
63
+ end
64
+
65
+ def data_id
66
+ @data_id
67
+ end
68
+
69
+ def retrieve_results
70
+ request = Typhoeus::Request.new(
71
+ Metascan::PATHS[:results_by_data_id] + @data_id,
72
+ headers: {
73
+ 'apikey' => @client.api_key
74
+ },
75
+ method: :get
76
+ )
77
+
78
+ response = request.run
79
+ JSON.parse(response.body)
80
+ end
81
+ end
82
+
83
+ # The Client object, which stores an API key and has a (currently not used)
84
+ # Typhoeus::Hydra for when you have a lot of requests to make at once.
85
+ class Client
86
+ # An API key is required. Free at www.metascan-online.com
87
+ def initialize(api_key)
88
+ @api_key = api_key
89
+ @hydra = Typhoeus::Hydra.hydra
90
+ end
91
+
92
+ def api_key
93
+ @api_key
94
+ end
95
+
96
+ # A Typhoeus Hydra manages parallel HTTP requests.
97
+ def hydra
98
+ if !@hydra
99
+ @hydra = Typhoeus::Hydra.hydra
100
+ end
101
+ @hydra
102
+ end
103
+
104
+ # Returns a Scan object
105
+ # Sample usage:
106
+ #
107
+ # scanner = Metascan::Client.new(MY_API_KEY)
108
+ # filename = "/etc/unwise-backups/passwd.rar" # FULLY QUALIFIED
109
+ # scanner.scan_file(filename, archivepwd: "the eagle has left the nest")
110
+ # => <Metascan::Scan ... >
111
+ #
112
+ # https://www.metascan-online.com/en/public-api
113
+ def scan_file(filename, archivepwd: nil)
114
+ scan = Metascan::Scan.new(filename, self)
115
+ scan.run
116
+ scan
117
+ end
118
+ end
119
+ end
metadata ADDED
@@ -0,0 +1,72 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: metascan
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Grayson Chao
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-04-18 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rspec
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: typhoeus
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: 0.6.8
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: 0.6.8
41
+ description: Allows scanning files using the Metascan public API. https://www.metascan-online.com/en/public-api
42
+ email: graysonchao@berkeley.edu
43
+ executables: []
44
+ extensions: []
45
+ extra_rdoc_files: []
46
+ files:
47
+ - lib/metascan.rb
48
+ homepage: http://rubygems.org/gems/metascan
49
+ licenses:
50
+ - MIT
51
+ metadata: {}
52
+ post_install_message:
53
+ rdoc_options: []
54
+ require_paths:
55
+ - lib
56
+ required_ruby_version: !ruby/object:Gem::Requirement
57
+ requirements:
58
+ - - '>='
59
+ - !ruby/object:Gem::Version
60
+ version: '0'
61
+ required_rubygems_version: !ruby/object:Gem::Requirement
62
+ requirements:
63
+ - - '>='
64
+ - !ruby/object:Gem::Version
65
+ version: '0'
66
+ requirements: []
67
+ rubyforge_project:
68
+ rubygems_version: 2.0.3
69
+ signing_key:
70
+ specification_version: 4
71
+ summary: Scan files using the Metascan public API.
72
+ test_files: []