metascan 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/metascan.rb +119 -0
  3. metadata +72 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: ef3bca447dda61607d61ce407a66fe8a87cd1b0e
4
+ data.tar.gz: f7c01b0c3cc710864aa86ecb7a02a89dbae82f0a
5
+ SHA512:
6
+ metadata.gz: 985594e081de4084d684ac4d6261a1995759bd6f3e9626a31489248c5f6c0f8c8f23ea83139dd1ca882aa50e1f1af6178661aa63bc7fdd0b0bcc82a05179459b
7
+ data.tar.gz: 4cdf9e857fa9ae41531f8322e0a1a8dc1dab5db2d658cfa89fd4c1e6bcb82af371f681a403a6523c415e762c3a25fe916887d451aa3a94d71591f352f07f8bae
data/lib/metascan.rb ADDED
@@ -0,0 +1,119 @@
1
+ module Metascan
2
+
3
+ require 'typhoeus'
4
+ require 'json'
5
+
6
+ # Constants like paths and stuff.
7
+ PATHS = {
8
+ :scan_file => "https://api.metascan-online.com/v1/file",
9
+ :results_by_data_id => "https://api.metascan-online.com/v1/file/",
10
+ :results_by_file_hash => "https://api.metascan-online.com/v1/hash/"
11
+ }
12
+
13
+ # A single scan on the Metascan service.
14
+ # Initialized with the parameters to scan,
15
+ # exposes methods to inspect the scan results.
16
+ class Scan
17
+ def initialize(filename, client, archivepwd: nil)
18
+ @filename = filename
19
+ @client = client
20
+ @archivepwd = archivepwd
21
+ end
22
+
23
+ # Initiate a scan of @filename
24
+ def run
25
+ request = Typhoeus::Request.new(
26
+ Metascan::PATHS[:scan_file],
27
+ headers: {
28
+ 'filename' => @filename,
29
+ 'archivepwd' => @archivepwd,
30
+ 'apikey' => @client.api_key
31
+ }.select { |k, v| !v.nil? },
32
+ method: :post,
33
+ body: { file: File.open(@filename, "r") }
34
+ )
35
+
36
+ request.on_complete do |r|
37
+ @data_id = JSON.parse(r.body)["data_id"]
38
+ retrieve_results
39
+ end
40
+
41
+ request.run
42
+ end
43
+
44
+ # Is my file clean?
45
+ def clean?
46
+ self.results["scan_results"]["scan_all_result_i"] == 0
47
+ end
48
+
49
+ # Only useful for testing.
50
+ def results=(results)
51
+ @results = results
52
+ end
53
+
54
+ # Return the results of my scan.
55
+ # If the optional argument "poll" is set to true, then attempt
56
+ # to requery Metascan for the results before returning them.
57
+ def results(poll: true)
58
+ if !@results or
59
+ (poll and @results["scan_results"]["progress_percentage"] < 100) then
60
+ @results = retrieve_results
61
+ end
62
+ @results
63
+ end
64
+
65
+ def data_id
66
+ @data_id
67
+ end
68
+
69
+ def retrieve_results
70
+ request = Typhoeus::Request.new(
71
+ Metascan::PATHS[:results_by_data_id] + @data_id,
72
+ headers: {
73
+ 'apikey' => @client.api_key
74
+ },
75
+ method: :get
76
+ )
77
+
78
+ response = request.run
79
+ JSON.parse(response.body)
80
+ end
81
+ end
82
+
83
+ # The Client object, which stores an API key and has a (currently not used)
84
+ # Typhoeus::Hydra for when you have a lot of requests to make at once.
85
+ class Client
86
+ # An API key is required. Free at www.metascan-online.com
87
+ def initialize(api_key)
88
+ @api_key = api_key
89
+ @hydra = Typhoeus::Hydra.hydra
90
+ end
91
+
92
+ def api_key
93
+ @api_key
94
+ end
95
+
96
+ # A Typhoeus Hydra manages parallel HTTP requests.
97
+ def hydra
98
+ if !@hydra
99
+ @hydra = Typhoeus::Hydra.hydra
100
+ end
101
+ @hydra
102
+ end
103
+
104
+ # Returns a Scan object
105
+ # Sample usage:
106
+ #
107
+ # scanner = Metascan::Client.new(MY_API_KEY)
108
+ # filename = "/etc/unwise-backups/passwd.rar" # FULLY QUALIFIED
109
+ # scanner.scan_file(filename, archivepwd: "the eagle has left the nest")
110
+ # => <Metascan::Scan ... >
111
+ #
112
+ # https://www.metascan-online.com/en/public-api
113
+ def scan_file(filename, archivepwd: nil)
114
+ scan = Metascan::Scan.new(filename, self)
115
+ scan.run
116
+ scan
117
+ end
118
+ end
119
+ end
metadata ADDED
@@ -0,0 +1,72 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: metascan
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Grayson Chao
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-04-18 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rspec
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: typhoeus
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: 0.6.8
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: 0.6.8
41
+ description: Allows scanning files using the Metascan public API. https://www.metascan-online.com/en/public-api
42
+ email: graysonchao@berkeley.edu
43
+ executables: []
44
+ extensions: []
45
+ extra_rdoc_files: []
46
+ files:
47
+ - lib/metascan.rb
48
+ homepage: http://rubygems.org/gems/metascan
49
+ licenses:
50
+ - MIT
51
+ metadata: {}
52
+ post_install_message:
53
+ rdoc_options: []
54
+ require_paths:
55
+ - lib
56
+ required_ruby_version: !ruby/object:Gem::Requirement
57
+ requirements:
58
+ - - '>='
59
+ - !ruby/object:Gem::Version
60
+ version: '0'
61
+ required_rubygems_version: !ruby/object:Gem::Requirement
62
+ requirements:
63
+ - - '>='
64
+ - !ruby/object:Gem::Version
65
+ version: '0'
66
+ requirements: []
67
+ rubyforge_project:
68
+ rubygems_version: 2.0.3
69
+ signing_key:
70
+ specification_version: 4
71
+ summary: Scan files using the Metascan public API.
72
+ test_files: []