uirusu 0.0.5 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/NEWS.markdown +6 -0
- data/README.markdown +12 -3
- data/Rakefile +9 -1
- data/TODO.markdown +1 -1
- data/lib/uirusu.rb +4 -3
- data/lib/uirusu/cli/application.rb +13 -0
- data/lib/uirusu/scanner.rb +74 -0
- data/lib/uirusu/vtresult.rb +14 -8
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bc132e4e12a2eb719f8141899b88c13f78fbd7de
|
4
|
+
data.tar.gz: 76e35c93a4ba875b471fa5713a47dffa84fa4f26
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0546700722bcfae8842c4b94784b179d8a3b44d314c93715830ac94a8639fea190f1d6468a134ac5c094b64d7361131bda4bfa8f3b5c4803ce47952b050fc2b9
|
7
|
+
data.tar.gz: 018ff9713f99141ff6240ff0d23ece1890176077d774cb0bb5cd23f06748eb9129a8a2e298952fa435ad81c2b06e9117ab6a021acad0731b085f863dae684b56
|
data/NEWS.markdown
CHANGED
@@ -1,5 +1,11 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
+
# 0.0.6 (September)
|
4
|
+
- Added support for hashing a directory and submitting it to the hash scan[request from myne-us]
|
5
|
+
- -d DIRECTORY will invoke this, all files will be hashed and submitted to the hash array to be hashed
|
6
|
+
- Minor tweaks
|
7
|
+
- Fixed the lack of a hash on 'file not found' results
|
8
|
+
|
3
9
|
# 0.0.5 (June 14, 2013)
|
4
10
|
- Merged Pull request from [jfx41]
|
5
11
|
- Lots of cleanup from jfx41
|
data/README.markdown
CHANGED
@@ -2,14 +2,13 @@
|
|
2
2
|
|
3
3
|
uirusu is an [Virustotal](http://www.virustotal.com) automation and convenience tool for hash, file and URL submission.
|
4
4
|
|
5
|
-
The current version is 0.0.
|
5
|
+
The current version is 0.0.6.
|
6
6
|
|
7
7
|
## Requirements
|
8
8
|
|
9
|
-
* ruby
|
9
|
+
* ruby 1.9+
|
10
10
|
* json
|
11
11
|
* rest-client
|
12
|
-
|
13
12
|
* **public api key from [virustotal.com](http://www.virustotal.com)**
|
14
13
|
|
15
14
|
## Installation
|
@@ -17,6 +16,14 @@ The current version is 0.0.4.
|
|
17
16
|
% gem install uirusu
|
18
17
|
% uirusu [options]
|
19
18
|
|
19
|
+
## Setup is fairly easy
|
20
|
+
|
21
|
+
### Create your configuration file
|
22
|
+
% uirusu --create-config
|
23
|
+
|
24
|
+
### Edit your configuration file with API key
|
25
|
+
% $EDITOR ~/.uirusu
|
26
|
+
|
20
27
|
## Usage
|
21
28
|
|
22
29
|
### Searching a file of hashes
|
@@ -39,6 +46,8 @@ The current version is 0.0.4.
|
|
39
46
|
### Saving results to a file
|
40
47
|
% uirusu -s "http://www.google.com" --yaml-output > file.yaml
|
41
48
|
|
49
|
+
### Scan a directory and have them searched and save the results as json
|
50
|
+
% uirusu -d /bin/ --json-output > file.json
|
42
51
|
|
43
52
|
## API Usage
|
44
53
|
```ruby
|
data/Rakefile
CHANGED
@@ -37,7 +37,15 @@ task :build do
|
|
37
37
|
system "gem build #{Uirusu::APP_NAME}.gemspec"
|
38
38
|
end
|
39
39
|
|
40
|
-
task :
|
40
|
+
task :tag_and_bag do
|
41
|
+
system "git tag -a v#{Uirusu::VERSION} -m 'version #{Uirusu::VERSION}'"
|
42
|
+
system "git push --tags"
|
43
|
+
system "git checkout master"
|
44
|
+
system "git merge #{Uirusu::VERSION}"
|
45
|
+
system "git push"
|
46
|
+
end
|
47
|
+
|
48
|
+
task :release => [:tag_and_bag, :build] do
|
41
49
|
system "gem push #{Uirusu::APP_NAME}-#{Uirusu::VERSION}.gem"
|
42
50
|
puts "Just released #{Uirusu::APP_NAME} v#{Uirusu::VERSION}. #{Uirusu::APP_NAME} is rubygem for using the Virustotal web service! More information at http://arxopia.com/projects/uirusu/"
|
43
51
|
end
|
data/TODO.markdown
CHANGED
data/lib/uirusu.rb
CHANGED
@@ -28,10 +28,10 @@
|
|
28
28
|
|
29
29
|
module Uirusu
|
30
30
|
APP_NAME = "uirusu"
|
31
|
-
VERSION = "0.0.
|
32
|
-
CONFIG_FILE = "
|
31
|
+
VERSION = "0.0.6"
|
32
|
+
CONFIG_FILE = Dir.home + "/.uirusu"
|
33
33
|
VT_API = "https://www.virustotal.com/vtapi/v2"
|
34
|
-
RESULT_FIELDS = [ :hash, :scanner, :version, :detected, :result, :md5, :sha1, :sha256, :update, :permalink
|
34
|
+
RESULT_FIELDS = [ :hash, :scanner, :version, :detected, :result, :md5, :sha1, :sha256, :update, :permalink]
|
35
35
|
end
|
36
36
|
|
37
37
|
require 'json'
|
@@ -43,4 +43,5 @@ require 'uirusu/vtfile'
|
|
43
43
|
require 'uirusu/vturl'
|
44
44
|
require 'uirusu/vtcomment'
|
45
45
|
require 'uirusu/vtresult'
|
46
|
+
require 'uirusu/scanner'
|
46
47
|
require 'uirusu/cli/application'
|
@@ -50,6 +50,7 @@ module Uirusu
|
|
50
50
|
@options['verbose'] = false
|
51
51
|
@options['rescan'] = false
|
52
52
|
@options[:timeout] = 25
|
53
|
+
@options[:directory] = nil
|
53
54
|
|
54
55
|
opt = OptionParser.new do |opt|
|
55
56
|
opt.banner = "#{APP_NAME} v#{VERSION}\nJacob Hammack\nhttp://www.arxopia.com\n\n"
|
@@ -127,6 +128,10 @@ module Uirusu
|
|
127
128
|
end
|
128
129
|
end
|
129
130
|
|
131
|
+
opt.on('-d DIRECTORY', '--directory', 'Scans a directory recursively for files and submits the hashes') do |directory|
|
132
|
+
@options[:directory] = directory
|
133
|
+
end
|
134
|
+
|
130
135
|
opt.on('-p PROXY', '--proxy-server', 'Uses a specified proxy server') do |proxy|
|
131
136
|
@options['proxy'] = proxy
|
132
137
|
end
|
@@ -274,6 +279,14 @@ module Uirusu
|
|
274
279
|
RestClient.proxy = @options['proxy']
|
275
280
|
end
|
276
281
|
|
282
|
+
if @options[:directory] != nil
|
283
|
+
hashes = Uirusu::Scanner.scan(@options[:directory])
|
284
|
+
|
285
|
+
hashes.each do |hash|
|
286
|
+
@hashes.push hash
|
287
|
+
end
|
288
|
+
end
|
289
|
+
|
277
290
|
if @files_of_hashes != nil
|
278
291
|
@files_of_hashes.each do |file|
|
279
292
|
f = File.open(file, 'r')
|
@@ -0,0 +1,74 @@
|
|
1
|
+
# Copyright (c) 2012-2013 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# Redistributions of source code must retain the above copyright notice,
|
8
|
+
# this list of conditions and the following disclaimer.
|
9
|
+
#
|
10
|
+
# Redistributions in binary form must reproduce the above copyright notice,
|
11
|
+
# this list of conditions and the following disclaimer in the documentation
|
12
|
+
# and/or other materials provided with the distribution.
|
13
|
+
#
|
14
|
+
# Neither the name of the project's author nor the names of its contributors
|
15
|
+
# may be used to endorse or promote products derived from this software
|
16
|
+
# without specific prior written permission.
|
17
|
+
#
|
18
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND
|
19
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
20
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
21
|
+
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY
|
22
|
+
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
23
|
+
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
24
|
+
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
25
|
+
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
26
|
+
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
27
|
+
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
28
|
+
|
29
|
+
require 'pathname'
|
30
|
+
require 'digest/md5'
|
31
|
+
|
32
|
+
module Uirusu
|
33
|
+
|
34
|
+
module Scanner
|
35
|
+
@hash_list = Array.new
|
36
|
+
|
37
|
+
# Recursively lists all files in a directory
|
38
|
+
# calling process_file on each file
|
39
|
+
#
|
40
|
+
def Scanner.recurse (file_name)
|
41
|
+
Dir.new("#{file_name}").each do |file|
|
42
|
+
next if file.match(/^\.+/)
|
43
|
+
path = "#{file_name}/#{file}"
|
44
|
+
|
45
|
+
if FileTest.directory?("#{path}")
|
46
|
+
recurse("#{path}")
|
47
|
+
else
|
48
|
+
process_file(path)
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
# Processes a file, hashing it with MD5
|
54
|
+
#
|
55
|
+
def Scanner.process_file (file)
|
56
|
+
begin
|
57
|
+
digest = Digest::MD5.hexdigest(File.read(file))
|
58
|
+
@hash_list << digest
|
59
|
+
|
60
|
+
rescue Exception => e
|
61
|
+
puts "[!] Cannot read #{file}"
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
# Enumerates a directory recursively then returns the hash list
|
66
|
+
#
|
67
|
+
# @return [Array] Hash List
|
68
|
+
def Scanner.scan directory
|
69
|
+
recurse(directory)
|
70
|
+
|
71
|
+
return @hash_list
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
data/lib/uirusu/vtresult.rb
CHANGED
@@ -53,6 +53,7 @@ module Uirusu
|
|
53
53
|
if result['response_code'] == 0
|
54
54
|
res = Hash.new
|
55
55
|
RESULT_FIELDS.each{|field| res[field] = '-' }
|
56
|
+
res[:hash] = hash
|
56
57
|
res['result'] = result['verbose_msg']
|
57
58
|
@results.push res
|
58
59
|
|
@@ -64,7 +65,7 @@ module Uirusu
|
|
64
65
|
md5 = result['md5']
|
65
66
|
sha1 = result['sha1']
|
66
67
|
sha256 = result['sha256']
|
67
|
-
|
68
|
+
|
68
69
|
result['scans'].each do |scanner, value|
|
69
70
|
if value != ''
|
70
71
|
res = Hash.new
|
@@ -75,16 +76,16 @@ module Uirusu
|
|
75
76
|
res[:scanner] = scanner
|
76
77
|
res[:detected] = value['detected']
|
77
78
|
res[:version] = value['version']
|
78
|
-
|
79
|
+
|
79
80
|
if value['result'] == nil
|
80
81
|
res[:result] = "Nothing detected"
|
81
82
|
else
|
82
83
|
res[:result] = value['result']
|
83
84
|
end
|
84
|
-
|
85
|
+
|
85
86
|
res[:update] = value['update']
|
86
87
|
res[:permalink] = permalink unless permalink == nil
|
87
|
-
|
88
|
+
|
88
89
|
@results.push res
|
89
90
|
end
|
90
91
|
end
|
@@ -95,13 +96,15 @@ module Uirusu
|
|
95
96
|
if @results.size == 0
|
96
97
|
res = Hash.new
|
97
98
|
RESULT_FIELDS.each{|field| res[field] = '-' }
|
99
|
+
res[:hash] = hash
|
98
100
|
res['result'] = result['verbose_msg']
|
99
101
|
@results.push res
|
100
102
|
end
|
101
103
|
end
|
102
104
|
|
105
|
+
# Outputs the result to STDOUT
|
103
106
|
#
|
104
|
-
#
|
107
|
+
# @return [String] Pretty text printable representation of the result
|
105
108
|
def to_stdout
|
106
109
|
result_string = String.new
|
107
110
|
hashes = Array.new
|
@@ -117,20 +120,23 @@ module Uirusu
|
|
117
120
|
result_string
|
118
121
|
end
|
119
122
|
|
123
|
+
# Outputs the result to JSON
|
120
124
|
#
|
121
|
-
#
|
125
|
+
# @return [String] JSON representation of the result
|
122
126
|
def to_json
|
123
127
|
JSON::pretty_generate(@results.map{|entry| { :vtresult => entry } })
|
124
128
|
end
|
125
129
|
|
130
|
+
# Outputs the result to YAML
|
126
131
|
#
|
127
|
-
#
|
132
|
+
# @return [String] YAML representation of the result
|
128
133
|
def to_yaml
|
129
134
|
@results.map{|entry| { :vtresult => entry } }.to_yaml
|
130
135
|
end
|
131
136
|
|
137
|
+
# Outputs the result to XML
|
132
138
|
#
|
133
|
-
#
|
139
|
+
# @return [String] XML representation of the result
|
134
140
|
def to_xml
|
135
141
|
result_string = String.new
|
136
142
|
result_string << "<results>\n"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: uirusu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jacob Hammack
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-
|
11
|
+
date: 2013-09-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: json
|
@@ -57,6 +57,7 @@ files:
|
|
57
57
|
- lib/uirusu.rb
|
58
58
|
- lib/uirusu/cli/application.rb
|
59
59
|
- lib/uirusu/vtresult.rb
|
60
|
+
- lib/uirusu/scanner.rb
|
60
61
|
- lib/uirusu/vtcomment.rb
|
61
62
|
- lib/uirusu/vtfile.rb
|
62
63
|
- lib/uirusu/vturl.rb
|
@@ -82,7 +83,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
82
83
|
version: 1.8.16
|
83
84
|
requirements: []
|
84
85
|
rubyforge_project:
|
85
|
-
rubygems_version: 2.0.
|
86
|
+
rubygems_version: 2.0.3
|
86
87
|
signing_key:
|
87
88
|
specification_version: 4
|
88
89
|
summary: uirusu
|