wepawet 0.1.3 → 0.1.5

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0270f5d735bd077fe47c04eb722ca1e1c1737dc0
+  data.tar.gz: f4814589bc399e38516eae93bdbeab8aa45637de
+SHA512:
+  metadata.gz: 2e4b42fffb14d295f47742cdaf33abc4e2470978f37f62de1dcf99bef7fadbd19715621f62f1e54472075d2097d980273cfb49180c9f28225bd398484841099e
+  data.tar.gz: ebab4e4ec1bdb3e5989eda1ee2be92c229450e469d234940ec17c18da6499c010450ba4eb9fe09d8f11025ff6f38b59551d3cc28a1adafef3fbf88a54538154a

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -1,14 +1,4 @@
-source "http://rubygems.org"
-# Add dependencies required to use your gem here.
-# Example:
-gem "multipart-post", ">= 1.1.0"
-gem "libxml-ruby", ">= 1.1.4"
+source 'https://rubygems.org'
 
-# Add dependencies to develop your gem here.
-# Include everything needed to run rake, tests, features, etc.
-group :development do
-  gem "shoulda", ">= 0"
-  gem "bundler", "~> 1.0.0"
-  gem "jeweler", "~> 1.5.2"
-  gem "rcov", ">= 0"
-end
+# Specify your gem's dependencies in wepawet.gemspec
+gemspec

data/LICENSE.txt

@@ -1,4 +1,6 @@
-Copyright (c) 2011 Chris Lee
+Copyright (c) 2013 chrislee35
+
+MIT License
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/{README.rdoc → README.md}

@@ -1,9 +1,26 @@
-= wepawet
+# Wepawet
 
 This gem provides an interface to UCSB's wepawet malicious URL analysis project
 Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files. http://wepawet.cs.ucsb.edu
 
-Example usage:
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'wepawet'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install wepawet
+
+## Usage
+
+	require 'wepawet'
+	
 	config = {
 		'wepawetSubmitUrl' => 'http://wepawet.cs.ucsb.edu/services/upload.php', 
 		'wepawetQueryUrl' => 'http://wepawet.cs.ucsb.edu/services/query.php',
@@ -20,18 +37,10 @@ Example usage:
 	resp = q.by_url("http://example.com") 
 	# => {"url"=>"http://example.com", "benign"=>"http://wepawet.cs.ucsb.edu/view.php?hash=a9b9f04336ce0181a08e774e01113b31&t=1303679363&type=js"}
 
-== Contributing to wepawet
- 
-* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
-* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
-* Fork the project
-* Start a feature/bugfix branch
-* Commit and push until you are happy with your contribution
-* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
-* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
-
-== Copyright
-
-Copyright (c) 2011 Chris Lee. See LICENSE.txt for
-further details.
+## Contributing
 
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -1,54 +1,12 @@
-require 'rubygems'
-require 'bundler'
-begin
-	Bundler.setup(:default, :development)
-rescue Bundler::BundlerError => e
-	$stderr.puts e.message
-	$stderr.puts "Run `bundle install` to install missing gems"
-	exit e.status_code
-end
-require 'rake'
-
-require 'jeweler'
-Jeweler::Tasks.new do |gem|
-	# gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
-	gem.name = "wepawet"
-	gem.homepage = "http://github.com/chrislee35/wepawet"
-	gem.license = "MIT"
-	gem.summary = %Q{provides an interface to UCSB's wepawet malicious URL analysis project}
-	gem.description = %Q{Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files. http://wepawet.cs.ucsb.edu}
-	gem.email = "rubygems@chrislee.dhs.org"
-	gem.authors = ["Chris Lee"]
-	gem.add_runtime_dependency "multipart-post", ">= 1.1.0"
-	gem.add_runtime_dependency "libxml-ruby", ">= 1.1.4"
-	gem.executables = ["wepawet"]
-	gem.signing_key = "#{File.dirname(__FILE__)}/../gem-private_key.pem"
-	gem.cert_chain  = ["#{File.dirname(__FILE__)}/../gem-public_cert.pem"]
-end
-Jeweler::RubygemsDotOrgTasks.new
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
 
 require 'rake/testtask'
-Rake::TestTask.new(:test) do |test|
-	test.libs << 'lib' << 'test'
-	test.pattern = 'test/**/test_*.rb'
-	test.verbose = true
-end
 
-require 'rcov/rcovtask'
-Rcov::RcovTask.new do |test|
-	test.libs << 'test'
-	test.pattern = 'test/**/test_*.rb'
-	test.verbose = true
+Rake::TestTask.new do |t|
+	t.libs << 'lib'
+	t.test_files = FileList['test/test_*.rb']
+	t.verbose = true
 end
 
-task :default => :test
-
-require 'rake/rdoctask'
-Rake::RDocTask.new do |rdoc|
-	version = File.exist?('VERSION') ? File.read('VERSION') : ""
-
-	rdoc.rdoc_dir = 'rdoc'
-	rdoc.title = "wepawet #{version}"
-	rdoc.rdoc_files.include('README*')
-	rdoc.rdoc_files.include('lib/**/*.rb')
-end
+task :default => :test

data/bin/wepawet

@@ -1,11 +1,6 @@
 #!/usr/bin/env ruby
 # DESCRIPTION: queries wepawet
-begin
-	require 'wepawet'
-rescue LoadError
-	require 'rubygems'
-	require 'wepawet'
-end
+require 'wepawet'
 require 'getoptlong'
 require 'configparser'
 require 'pp'

data/lib/wepawet.rb

@@ -1 +1,116 @@
-require 'wepawet/wepawet'
+require "wepawet/version"
+require 'net/http'
+require 'net/https'
+require 'uri'
+require 'net/http/post/multipart'
+require 'xml'
+require 'cgi'
+
+# The Wepawet module contains all the query and submission classes for wepawet
+module Wepawet
+	
+	# Wepawet::Submit is used to submit new files and/or URLs into the wepawet system.
+	class Submit
+		def initialize(config = {
+			'wepawetSubmitUrl' => 'http://wepawet.cs.ucsb.edu/services/upload.php', 
+			'wepawetQueryUrl' => 'http://wepawet.cs.ucsb.edu/services/query.php',
+			'wepawetDomainUrl' => 'http://wepawet.cs.ucsb.edu/services/domain.php',
+			'wepawetUrlUrl' => 'http://wepawet.cs.ucsb.edu/services/url.php',
+		})
+			@config = config
+		end
+		
+		def submit_file(filename, resource_type='js')
+			params = {'resource_type' => resource_type}
+			['user','passwd','referer'].each do |opt|
+				params[opt] = @config[opt] if @config[opt]
+			end
+			file = File.open(filename)
+			params['file'] = UploadIO.new(file, "application/octet-stream", File.basename(filename))
+			uri = URI.parse(@config['wepawetSubmitUrl'])
+			http = Net::HTTP.new(uri.host, uri.port)
+			http.use_ssl = (uri.scheme == 'https')
+			http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+			request = Net::HTTP::Post::Multipart.new(uri.path, params)
+			request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} wepawet gem v#{Wepawet::VERSION}")
+			response = http.request(request)
+			parse_response(response.body)
+		end
+		
+		# Wepawet::Submit#submit_url(url) submits a new URL to the wepawet system and returns a task ID (a hash).
+		def submit_url(url, resource_type='js')
+			params = {'resource_type' => resource_type, 'url' => url}
+			['user','passwd','referer'].each do |opt|
+				params[opt] = @config[opt] if @config[opt]
+			end
+			uri = URI.parse(@config['wepawetSubmitUrl'])
+			http = Net::HTTP.new(uri.host, uri.port)
+			http.use_ssl = (uri.scheme == 'https')
+			http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+			request = Net::HTTP::Post.new(uri.path)
+			request.set_form_data(params)
+			request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} wepawet gem v#{Wepawet::VERSION}")
+			response = http.request(request)
+			parse_response(response.body)
+		end
+		
+		def parse_response(doc)
+			xml = XML::Document.string(doc)
+			h = xml.find("hash")
+			h[0].child.to_s
+		rescue Exception
+			return nil
+		end
+	end
+	
+	class Query
+		def initialize(config = {
+			'wepawetSubmitUrl' => 'http://wepawet.cs.ucsb.edu/services/upload.php', 
+			'wepawetQueryUrl' => 'http://wepawet.cs.ucsb.edu/services/query.php',
+			'wepawetDomainUrl' => 'http://wepawet.cs.ucsb.edu/services/domain.php',
+			'wepawetUrlUrl' => 'http://wepawet.cs.ucsb.edu/services/url.php',
+		})
+			@config = config
+		end
+		
+		def by_whatever(whatever, value)
+			params = {'resource_type' => 'js', whatever => value}
+			urlkey = (whatever == 'hash') ? 'wepawetQueryUrl' : (whatever == 'domain') ? 'wepawetDomainUrl' : (whatever == 'url') ? 'wepawetUrlUrl' : 'wepawetQueryUrl'
+			uri = URI.parse(@config[urlkey]+"?"+params.map{|k,v| "#{k}=#{v}"}.join("&"))
+			http = Net::HTTP.new(uri.host, uri.port)
+			http.use_ssl = (uri.scheme == 'https')
+			http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+			request = Net::HTTP::Get.new(uri.path+"?"+uri.query)
+			request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} wepawet gem v#{Wepawet::VERSION}")
+			response = http.request(request)
+			_parse_response(response.body)
+		end
+		
+		def by_taskid(taskid)
+			by_whatever('hash',taskid)
+		end
+		
+		alias :by_hash :by_taskid
+		
+		def by_domain(domain)
+			by_whatever('domain',domain)
+		end
+		
+		def by_url(url)
+			by_whatever('url', CGI.escape(url))
+		end
+		
+		def _parse_response(doc)
+			xml = XML::Document.string(doc)
+			hash = {}
+			xml.child.children.each do |node|
+				if node.name =~ /\w/ and node.child
+					hash[node.name] = node.child.content
+				end
+			end
+			hash
+		rescue Exception
+			return nil
+		end
+	end
+end

data/lib/wepawet/version.rb

@@ -0,0 +1,3 @@
+module Wepawet
+  VERSION = "0.1.5"
+end

data/test/helper.rb

@@ -1,18 +1,2 @@
-require 'rubygems'
-require 'bundler'
-begin
-  Bundler.setup(:default, :development)
-rescue Bundler::BundlerError => e
-  $stderr.puts e.message
-  $stderr.puts "Run `bundle install` to install missing gems"
-  exit e.status_code
-end
 require 'test/unit'
-require 'shoulda'
-
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
-$LOAD_PATH.unshift(File.dirname(__FILE__))
-require 'wepawet'
-
-class Test::Unit::TestCase
-end
+require File.expand_path('../../lib/wepawet.rb', __FILE__)

data/test/test_wepawet.rb

@@ -1,7 +1,15 @@
-require 'helper'
-require 'pp'
+unless Kernel.respond_to?(:require_relative)
+  module Kernel
+    def require_relative(path)
+      require File.join(File.dirname(caller[0]), path.to_str)
+    end
+  end
+end
+
+require_relative 'helper'
+
 class TestWepawet < Test::Unit::TestCase
-	should "submit submit http://example.com for analysis" do
+	def test_submit_example_com_for_analysis
 		config = {
 			'wepawetSubmitUrl' => 'http://wepawet.cs.ucsb.edu/services/upload.php', 
 			'wepawetQueryUrl' => 'http://wepawet.cs.ucsb.edu/services/query.php',
@@ -17,7 +25,6 @@ class TestWepawet < Test::Unit::TestCase
 			sleep 2
 			resp = q.by_taskid(hash)
 		end while resp['status'] == 'queued'
-		pp resp
 		resp = q.by_taskid(hash)
 		assert("http://example.com", resp['url'])
 		assert("benign", resp['result'])

data/wepawet.gemspec

@@ -1,80 +1,29 @@
-# Generated by jeweler
-# DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
-# -*- encoding: utf-8 -*-
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'wepawet/version'
 
-Gem::Specification.new do |s|
-  s.name = %q{wepawet}
-  s.version = "0.1.3"
+Gem::Specification.new do |spec|
+	spec.name          = "wepawet"
+	spec.version       = Wepawet::VERSION
+	spec.authors       = ["chrislee35"]
+	spec.email         = ["rubygems@chrislee.dhs.org"]
+	spec.description   = %q{Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files. http://wepawet.cs.ucsb.edu}
+	spec.summary       = %q{provides an interface to UCSB's wepawet malicious URL analysis project}
+	spec.homepage      = "http://github.com/chrislee35/wepawet"
+	spec.license       = "MIT"
 
-  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Chris Lee"]
-  s.cert_chain = ["/Users/chris/Documents/projects/rubygems/wepawet/../gem-public_cert.pem"]
-  s.date = %q{2011-05-11}
-  s.description = %q{Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files. http://wepawet.cs.ucsb.edu}
-  s.email = %q{rubygems@chrislee.dhs.org}
-  s.executables = ["wepawet"]
-  s.extra_rdoc_files = [
-    "LICENSE.txt",
-    "README.rdoc"
-  ]
-  s.files = [
-    ".document",
-    "Gemfile",
-    "Gemfile.lock",
-    "LICENSE.txt",
-    "README.rdoc",
-    "Rakefile",
-    "VERSION",
-    "bin/wepawet",
-    "lib/wepawet.rb",
-    "lib/wepawet/wepawet.rb",
-    "test/helper.rb",
-    "test/test_wepawet.rb",
-    "wepawet.gemspec"
-  ]
-  s.homepage = %q{http://github.com/chrislee35/wepawet}
-  s.licenses = ["MIT"]
-  s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.7.2}
-  s.signing_key = %q{/Users/chris/Documents/projects/rubygems/wepawet/../gem-private_key.pem}
-  s.summary = %q{provides an interface to UCSB's wepawet malicious URL analysis project}
-  s.test_files = [
-    "test/helper.rb",
-    "test/test_wepawet.rb"
-  ]
+	spec.files         = `git ls-files`.split($/)
+	spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+	spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+	spec.require_paths = ["lib"]
 
-  if s.respond_to? :specification_version then
-    s.specification_version = 3
+	spec.add_runtime_dependency "multipart-post", ">= 1.1.0"
+	spec.add_runtime_dependency "libxml-ruby", ">= 1.1.4"
+	spec.add_runtime_dependency "configparser", "~> 0.1.1"
+	spec.add_development_dependency "bundler", "~> 1.3"
+	spec.add_development_dependency "rake"
 
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<multipart-post>, [">= 1.1.0"])
-      s.add_runtime_dependency(%q<libxml-ruby>, [">= 1.1.4"])
-      s.add_development_dependency(%q<shoulda>, [">= 0"])
-      s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
-      s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
-      s.add_development_dependency(%q<rcov>, [">= 0"])
-      s.add_runtime_dependency(%q<multipart-post>, [">= 1.1.0"])
-      s.add_runtime_dependency(%q<libxml-ruby>, [">= 1.1.4"])
-    else
-      s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
-      s.add_dependency(%q<libxml-ruby>, [">= 1.1.4"])
-      s.add_dependency(%q<shoulda>, [">= 0"])
-      s.add_dependency(%q<bundler>, ["~> 1.0.0"])
-      s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
-      s.add_dependency(%q<rcov>, [">= 0"])
-      s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
-      s.add_dependency(%q<libxml-ruby>, [">= 1.1.4"])
-    end
-  else
-    s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
-    s.add_dependency(%q<libxml-ruby>, [">= 1.1.4"])
-    s.add_dependency(%q<shoulda>, [">= 0"])
-    s.add_dependency(%q<bundler>, ["~> 1.0.0"])
-    s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
-    s.add_dependency(%q<rcov>, [">= 0"])
-    s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
-    s.add_dependency(%q<libxml-ruby>, [">= 1.1.4"])
-  end
+	spec.signing_key   = "#{File.dirname(__FILE__)}/../gem-private_key.pem"
+	spec.cert_chain    = ["#{File.dirname(__FILE__)}/../gem-public_cert.pem"]
 end
-

metadata

@@ -1,224 +1,151 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: wepawet
-version: !ruby/object:Gem::Version 
-  hash: 29
-  prerelease: 
-  segments: 
-  - 0
-  - 1
-  - 3
-  version: 0.1.3
+version: !ruby/object:Gem::Version
+  version: 0.1.5
 platform: ruby
-authors: 
-- Chris Lee
+authors:
+- chrislee35
 autorequire: 
 bindir: bin
-cert_chain: 
+cert_chain:
 - |
   -----BEGIN CERTIFICATE-----
   MIIDYjCCAkqgAwIBAgIBADANBgkqhkiG9w0BAQUFADBXMREwDwYDVQQDDAhydWJ5
   Z2VtczEYMBYGCgmSJomT8ixkARkWCGNocmlzbGVlMRMwEQYKCZImiZPyLGQBGRYD
-  ZGhzMRMwEQYKCZImiZPyLGQBGRYDb3JnMB4XDTExMDIyNzE1MzAxOVoXDTEyMDIy
-  NzE1MzAxOVowVzERMA8GA1UEAwwIcnVieWdlbXMxGDAWBgoJkiaJk/IsZAEZFghj
+  ZGhzMRMwEQYKCZImiZPyLGQBGRYDb3JnMB4XDTEzMDUyMjEyNTk0N1oXDTE0MDUy
+  MjEyNTk0N1owVzERMA8GA1UEAwwIcnVieWdlbXMxGDAWBgoJkiaJk/IsZAEZFghj
   aHJpc2xlZTETMBEGCgmSJomT8ixkARkWA2RoczETMBEGCgmSJomT8ixkARkWA29y
-  ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNM1Hjs6q58sf7Jp64A
-  vEY2cnRWDdFpD8UWpwaJK5kgSHOVgs+0mtszn+YlYjmx8kpmuYpyU4g9mNMImMQe
-  ow8pVsL4QBBK/1Ozgdxrsptk3IiTozMYA+g2I/+WvZSEDu9uHkKe8pvMBEMrg7RJ
-  IN7+jWaPnSzg3DbFwxwOdi+QRw33DjK7oFWcOaaBqWTUpI4epdi/c/FE1I6UWULJ
-  ZF/Uso0Sc2Pp/YuVhuMHGrUbn7zrWWo76nnK4DTLfXFDbZF5lIXT1w6BtIiN6Ho9
-  Rdr/W6663hYUo3WMsUSa3I5+PJXEBKmGHIZ2TNFnoFIRHha2fmm1HC9+BTaKwcO9
-  PLcCAwEAAaM5MDcwCQYDVR0TBAIwADAdBgNVHQ4EFgQURzsNkZo2rv86Ftc+hVww
-  RNICMrwwCwYDVR0PBAQDAgSwMA0GCSqGSIb3DQEBBQUAA4IBAQBRRw/iNA/PdnvW
-  OBoNCSr/IiHOGZqMHgPJwyWs68FhThnLc2EyIkuLTQf98ms1/D3p0XX9JsxazvKT
-  W/in8Mm/R2fkVziSdzqChtw/4Z4bW3c+RF7TgX6SP5cKxNAfKmAPuItcs2Y+7bdS
-  hr/FktVtT2iAmISRnlEbdaTpfl6N2ZWNT83khV6iOs5xRkX/+0e+GgAv9mE6nqr1
-  AkuDXMhposxcnFZUrZ3UtMPEe/JnyP7Vv6pvr3qtZm8FidFZU91+rX/fwdyBU8RP
-  /5l8uLWXXNt1wEbtu4N1I66LwTK2iRrQZE8XtlgZGbxYDFUkiurq3OafF2YwRs6W
-  6yhklP75
+  ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANcPrx8BZiWIR9xWWG8I
+  tqR538tS1t+UJ4FZFl+1vrtU9TiuWX3Vj37TwUpa2fFkziK0n5KupVThyEhcem5m
+  OGRjvgrRFbWQJSSscIKOpwqURHVKRpV9gVz/Hnzk8S+xotUR1Buo3Ugr+I1jHewD
+  Cgr+y+zgZbtjtHsJtsuujkOcPhEjjUinj68L9Fz9BdeJQt+IacjwAzULix6jWCht
+  Uc+g+0z8Esryca2G6I1GsrgX6WHw8dykyQDT9dCtS2flCOwSC1R0K5T/xHW54f+5
+  wcw8mm53KLNe+tmgVC6ZHyME+qJsBnP6uxF0aTEnGA/jDBQDhQNTF0ZP/abzyTsL
+  zjUCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFO8w
+  +aeP7T6kVJblCg6eusOII9DfMA0GCSqGSIb3DQEBBQUAA4IBAQBCQyRJLXsBo2Fy
+  8W6e/W4RemQRrlAw9DK5O6U71JtedVob2oq+Ob+zmS+PifE2+L+3RiJ2H6VTlOzi
+  x+A061MUXhGraqVq4J2FC8kt4EQywAD0P0Ta5GU24CGSF08Y3GkJy1Sa4XqTC2YC
+  o51s7JP+tkCCtpVYSdzJhTllieRAWBpGV1dtaoeUKE6tYPMBkosxSRcVGczk/Sc3
+  7eQCpexYy9JlUBI9u3BqIY9E+l+MSn8ihXSPmyK0DgrhaCu+voaSFVOX6Y+B5qbo
+  jLXMQu2ZgISYwXNjNbGVHehut82U7U9oiHoWcrOGazaRUmGO9TXP+aJLH0gw2dcK
+  AfMglXPi
   -----END CERTIFICATE-----
-
-date: 2011-05-11 00:00:00 Z
-dependencies: 
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id001 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 19
-        segments: 
-        - 1
-        - 1
-        - 0
-        version: 1.1.0
-  requirement: *id001
-  prerelease: false
+date: 2013-06-03 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: multipart-post
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
   type: :runtime
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id002 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 27
-        segments: 
-        - 1
-        - 1
-        - 4
-        version: 1.1.4
-  requirement: *id002
   prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+- !ruby/object:Gem::Dependency
   name: libxml-ruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.4
   type: :runtime
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id003 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
-  requirement: *id003
   prerelease: false
-  name: shoulda
-  type: :development
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id004 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.4
+- !ruby/object:Gem::Dependency
+  name: configparser
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 23
-        segments: 
-        - 1
-        - 0
-        - 0
-        version: 1.0.0
-  requirement: *id004
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+  type: :runtime
   prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+- !ruby/object:Gem::Dependency
   name: bundler
-  type: :development
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id005 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 7
-        segments: 
-        - 1
-        - 5
-        - 2
-        version: 1.5.2
-  requirement: *id005
-  prerelease: false
-  name: jeweler
+      - !ruby/object:Gem::Version
+        version: '1.3'
   type: :development
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id006 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
-  requirement: *id006
   prerelease: false
-  name: rcov
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id007 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 19
-        segments: 
-        - 1
-        - 1
-        - 0
-        version: 1.1.0
-  requirement: *id007
-  prerelease: false
-  name: multipart-post
-  type: :runtime
-- !ruby/object:Gem::Dependency 
-  version_requirements: &id008 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 27
-        segments: 
-        - 1
-        - 1
-        - 4
-        version: 1.1.4
-  requirement: *id008
   prerelease: false
-  name: libxml-ruby
-  type: :runtime
-description: Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files. http://wepawet.cs.ucsb.edu
-email: rubygems@chrislee.dhs.org
-executables: 
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Wepawet is a service for detecting and analyzing web-based malware. It
+  currently handles Flash, JavaScript, and PDF files. http://wepawet.cs.ucsb.edu
+email:
+- rubygems@chrislee.dhs.org
+executables:
 - wepawet
 extensions: []
-
-extra_rdoc_files: 
-- LICENSE.txt
-- README.rdoc
-files: 
-- .document
+extra_rdoc_files: []
+files:
+- .gitignore
 - Gemfile
-- Gemfile.lock
 - LICENSE.txt
-- README.rdoc
+- README.md
 - Rakefile
-- VERSION
 - bin/wepawet
 - lib/wepawet.rb
-- lib/wepawet/wepawet.rb
+- lib/wepawet/version.rb
 - test/helper.rb
 - test/test_wepawet.rb
 - wepawet.gemspec
 homepage: http://github.com/chrislee35/wepawet
-licenses: 
+licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.7.2
+rubygems_version: 2.0.3
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: provides an interface to UCSB's wepawet malicious URL analysis project
-test_files: 
+test_files:
 - test/helper.rb
 - test/test_wepawet.rb

data/.document

@@ -1,5 +0,0 @@
-lib/**/*.rb
-bin/*
-- 
-features/**/*.feature
-LICENSE.txt

data/Gemfile.lock

@@ -1,24 +0,0 @@
-GEM
-  remote: http://rubygems.org/
-  specs:
-    git (1.2.5)
-    jeweler (1.5.2)
-      bundler (~> 1.0.0)
-      git (>= 1.2.5)
-      rake
-    libxml-ruby (1.1.4)
-    multipart-post (1.1.0)
-    rake (0.8.7)
-    rcov (0.9.9)
-    shoulda (2.11.3)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler (~> 1.0.0)
-  jeweler (~> 1.5.2)
-  libxml-ruby (>= 1.1.4)
-  multipart-post (>= 1.1.0)
-  rcov
-  shoulda

data/VERSION

@@ -1 +0,0 @@
-0.1.3

data/lib/wepawet/wepawet.rb

@@ -1,115 +0,0 @@
-require 'net/http'
-require 'net/https'
-require 'uri'
-require 'net/http/post/multipart'
-require 'xml'
-require 'cgi'
-
-# The Wepawet module contains all the query and submission classes for wepawet
-module Wepawet
-	
-	# Wepawet::Submit is used to submit new files and/or URLs into the wepawet system.
-	class Submit
-		def initialize(config = {
-			'wepawetSubmitUrl' => 'http://wepawet.cs.ucsb.edu/services/upload.php', 
-			'wepawetQueryUrl' => 'http://wepawet.cs.ucsb.edu/services/query.php',
-			'wepawetDomainUrl' => 'http://wepawet.cs.ucsb.edu/services/domain.php',
-			'wepawetUrlUrl' => 'http://wepawet.cs.ucsb.edu/services/url.php',
-		})
-			@config = config
-		end
-		
-		def submit_file(filename, resource_type='js')
-			params = {'resource_type' => resource_type}
-			['user','passwd','referer'].each do |opt|
-				params[opt] = @config[opt] if @config[opt]
-			end
-			file = File.open(filename)
-			params['file'] = UploadIO.new(file, "application/octet-stream", File.basename(filename))
-			uri = URI.parse(@config['wepawetSubmitUrl'])
-			http = Net::HTTP.new(uri.host, uri.port)
-			http.use_ssl = (uri.scheme == 'https')
-			http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-			request = Net::HTTP::Post::Multipart.new(uri.path, params)
-			request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} wepawet gem (https://github.com/chrislee35/wepawet)")
-			response = http.request(request)
-			parse_response(response.body)
-		end
-		
-		# Wepawet::Submit#submit_url(url) submits a new URL to the wepawet system and returns a task ID (a hash).
-		def submit_url(url, resource_type='js')
-			params = {'resource_type' => resource_type, 'url' => url}
-			['user','passwd','referer'].each do |opt|
-				params[opt] = @config[opt] if @config[opt]
-			end
-			uri = URI.parse(@config['wepawetSubmitUrl'])
-			http = Net::HTTP.new(uri.host, uri.port)
-			http.use_ssl = (uri.scheme == 'https')
-			http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-			request = Net::HTTP::Post.new(uri.path)
-			request.set_form_data(params)
-			request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} wepawet gem (https://github.com/chrislee35/wepawet)")
-			response = http.request(request)
-			parse_response(response.body)
-		end
-		
-		def parse_response(doc)
-			xml = XML::Document.string(doc)
-			h = xml.find("hash")
-			h[0].child.to_s
-		rescue Exception
-			return nil
-		end
-	end
-	
-	class Query
-		def initialize(config = {
-			'wepawetSubmitUrl' => 'http://wepawet.cs.ucsb.edu/services/upload.php', 
-			'wepawetQueryUrl' => 'http://wepawet.cs.ucsb.edu/services/query.php',
-			'wepawetDomainUrl' => 'http://wepawet.cs.ucsb.edu/services/domain.php',
-			'wepawetUrlUrl' => 'http://wepawet.cs.ucsb.edu/services/url.php',
-		})
-			@config = config
-		end
-		
-		def by_whatever(whatever, value)
-			params = {'resource_type' => 'js', whatever => value}
-			urlkey = (whatever == 'hash') ? 'wepawetQueryUrl' : (whatever == 'domain') ? 'wepawetDomainUrl' : (whatever == 'url') ? 'wepawetUrlUrl' : 'wepawetQueryUrl'
-			uri = URI.parse(@config[urlkey]+"?"+params.map{|k,v| "#{k}=#{v}"}.join("&"))
-			http = Net::HTTP.new(uri.host, uri.port)
-			http.use_ssl = (uri.scheme == 'https')
-			http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-			request = Net::HTTP::Get.new(uri.path+"?"+uri.query)
-			request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} wepawet gem (https://github.com/chrislee35/wepawet)")
-			response = http.request(request)
-			_parse_response(response.body)
-		end
-		
-		def by_taskid(taskid)
-			by_whatever('hash',taskid)
-		end
-		
-		alias :by_hash :by_taskid
-		
-		def by_domain(domain)
-			by_whatever('domain',domain)
-		end
-		
-		def by_url(url)
-			by_whatever('url', CGI.escape(url))
-		end
-		
-		def _parse_response(doc)
-			xml = XML::Document.string(doc)
-			hash = {}
-			xml.child.children.each do |node|
-				if node.name =~ /\w/ and node.child
-					hash[node.name] = node.child.content
-				end
-			end
-			hash
-		rescue Exception
-			return nil
-		end
-	end
-end