-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvirustotal-scan
executable file
·89 lines (68 loc) · 2.55 KB
/
virustotal-scan
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#!/usr/bin/env bash
. "$(dirname "$BASH_SOURCE")/lib/bridge-util.sh"
{
if [[ -z "$NAUTILUS_SCRIPT_SELECTED_FILE_PATHS" ]]
then
NAUTILUS_SCRIPT_SELECTED_FILE_PATHS="$1"
fi
echo ""
echo "Running virustotal-scan on files:"
echo "$NAUTILUS_SCRIPT_SELECTED_FILE_PATHS"
echo ""
SETUP_SCRIPT="
. '$(realpath "$(dirname "$BASH_SOURCE")/lib/bridge-util.sh")';
SCRIPT_NAME='Virustotal Scan'
SCRIPT_FILE_NAME='virustotal-scan'
DEPENDENCIES_APT=('jq')
DEPENDENCIES_DNF=('jq')
CONFIG_ITEMS=()
SECRETS=(
'Virustotal API key'
'In order to use virustotal-scan, you need to retrieve your own, personal API key for virustotal.com
1. Register at https://www.virustotal.com/gui/join-us
2. After registering and logging into Virustotal, open https://www.virustotal.com, click on your user name/icon on the upper right and select \\\"API Key\\\". This will bring you to the API key section in your profile.
From there, copy your API key and paste it here (with Ctrl + Shift + V), then press [ENTER]:'
'account virustotal.com id virustotal-apikey')
show_setup_dialog
"
VT_API_KEY="$(secret-tool lookup service nautilus-bridge-tools id virustotal-apikey account virustotal.com)"
if [[ "$?" != "0" ]] || ! command -v jq >/dev/null 2>&1
then
msg="Could not load virustotal api key. Opening setup dialog..."
notify-send -a "virustotal-scan" "$msg"
echo "NOTICE: $msg" 1>&2
open-in-terminal bash -c "$SETUP_SCRIPT"
exit 1
fi
#if false
#then
# setup_guide_html_plain="$(echo "$setup_guide_html" | base64 -d)"
# DATA_URL="data:text/html,${setup_guide_html_plain/\{SCRIPT_PATH\}/$0}"
# $(xdg-open "$DATA_URL" || sensible-browser "$DATA_URL" ) &
# exit 0
#fi
while read -r file
do
if [[ -d "$file" ]]
then
notify-send -t 15 -a "virustotal-scan" "WARN: Directories are not supported!"
fi
[[ -f "$file" ]] || continue
resp="$(curl --request POST \
--url https://www.virustotal.com/api/v3/files \
--header "x-apikey: $VT_API_KEY" \
--form file=@"$file")"
id="$(echo "$resp" | jq -r ".data.id")"
data_type="$(echo "$resp" | jq -r ".data.type")"
if [[ -z "$file_id" ]] || [[ "$file_id" == "null" ]]
then
resp="$(curl --request GET \
--url https://www.virustotal.com/api/v3/analyses/${id} \
--header "x-apikey: $VT_API_KEY")"
fi
file_id="$(echo "$resp" | jq -r ".meta.file_info.sha256")"
result_url="https://www.virustotal.com/gui/file/${file_id}/detection"
notify-send -a "virustotal-scan" "Scan ready for $file: $result_url"
xdg-open $result_url
done <<< "$NAUTILUS_SCRIPT_SELECTED_FILE_PATHS"
} 2>&1 | tee -a "$(get_log_path virustotal-scan)"