Python implements the method of uploading samples to virustotal and querying scan information _python

Source: Internet
Author: User
Tags md5

This article describes how Python implements uploading samples to virustotal and querying for scanned information. Share to everyone for your reference. The specific method is as follows:

Import Simplejson Import urllib import urllib2 import os MD5 = "5248f774d2ee0a10936d0b1dc89107f1" MD5 = "12fa5fb7 4201d9b6a14f63fbf9a81ff6 "#do not have in virustotal.com ################################################# 
  ####################### Apikey = "E0a50a50e77fxxxxxxxxxxxxxx4f17e31 here is the key for the account you are applying on VirusTotal" class VirusTotal: 
     
     
  "" "" "Def __init__ (self, MD5):" "" Constructor "" "Self._virus_dict = {} SELF._MD5 = MD5                                      
    def repr (self): return str (SELF._VIRUS_DICT) def submit_md5 (self, file_path): Import postfile  
               
                                                  
    #submit the file file_name = Os.path.basename (File_path) Host = "www.virustotal.com" selector = "Https://www.virustotal.com/vtapi/v2/file/scan" fields = [("Apikey", apikey)] File_to_send = Ope N (File_path, "RB"). Read (Files = [("File", file_name, file_to_send)] json = Postfile.post _multipart (Host, selector, fields, files) Print JSON pass Def get_report_dict (self): R esult_dict = {} URL = "Https://www.virustotal.com/vtapi/v2/file/report" parameters = {"Resource": SELF._MD 5, "Apikey": apikey} data = Urllib.urlencode (parameters) req = Urllib2. Request (URL, data) response = Urllib2.urlopen (req) json = Response.read () response_dict = Simplejson. 
      Loads (JSON) if response_dict["Response_code": #has result scans_dict = Response_dict.get ("Scans", {}) For Anti_virus_comany, Virus_Name in Scans_dict.iteritems (): If virus_name["detected"]: Self._virus_d 

 Ict.setdefault (Anti_virus_comany, virus_name["result") return self._virus_dict

The result returned is: {u ' Sophos ': U ' sus/behav-1010 '}, if there are any results of the scan.

The method invoked is as follows:

MD5 = "12fa5fb74201d9b6a14f63fbf9a81ff6" #do not have in virustotal.com 
MD5 = " 5248f774d2ee0a10936d0b1dc89107f1 " 
File_path = r" D:\backSample\10\9af41bc012d66c98ca2f9c68ba38e98f_ ICQLiteShell.dll "from 
 
getvirustotalinfo import virustotal 
#得到扫描结果并打印出来 
virus_total = VirusTotal (MD5) 
print virus_total.get_report_dict () 
 
#提交文件到扫描, then you can take the scan results based on this MD5 
virus_total.submit_md5 (File_path) 

I hope this article will help you with your Python programming.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.