-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Command-line option #109
Comments
There is an endpoint in the API for getting detailed results. The problem is that the free API is very aggressively rate limited so it would literally die after checking 5 files. It is also a bit beyond the app goals (which is just to have a right click -> VT option). If you are familiar with scripting in the terminal you should have zero issues just using curl to send the request yourself (the API is pretty strait forward - check docs), but as I said you will either have to put in long timeouts or get the premium key. |
Thanks. I recently became aware of curl though am not familiar with it. I'll have to look into this. I checked to see what the upgrade cost would be, but there's no standard cost, you have to fill out a bunch of info and get a quote I guess...not worth it. But the free API allows 4/min and 500/day, so that should work. I've started playing a bit on that site, and from what I can tell, and thanks to your use of "endpoint" in your response, it seems the "Universal Endpoint API" section is what I need. For some reason, when I try the "Upload a file" one it keeps giving an error saying I'm uploading a file without a name. As for checking with a hash, I'm not sure which is the best way to do it. It looks like "Get a file report" and then I'd have to sift through all the results manually, as there doesn't seem to be a way to request a simple x/y report. Is that correct? Also, I'm unclear on how exactly I'm supposed to use the JSON response, i.e. when I use a curl request from a bach/PS script, how will the script see and be able to make use of it? |
Quick Google search will show you some basic examples with curl. As for the response parsing, you will get a JSON with all the results and you will have to parse it. You can either script it through just grepping the individual AV results or you can use something like jq. After writing the thing above I just realized I assumed we are talking about Linux command line environment which probably is not what you have in mind... There are probably some ways to do it in PowerShell (I mean it has entire C# interpreter) but at that point you are basically writing the entire app for it. |
Windows comes with curl, but not jq, you can get it though
You can also get pwsh to parse the json natively: ((iwr 'link').Content | ConvertFrom-Json) Whatever properties you want can follow after the ((iwr 'link').Content | ConvertFrom-Json).foo.bar[0] You prob already figured this out @vertigo220, thought it was worth a mention tho |
I actually haven't had a chance to work on this yet, so any added info that might help when I do is appreciated. |
This may be beyond the purview of this basic app and/or against VT's TOS, but it would be very useful to have command-line options that would check the results for a file without opening the browser and simply report based on options. This could be used to perform automatic checks when downloading files, especially when doing automatic mass downloads with a program like ketarin. Use parameters would be one to specify the threat threshold, i.e. how many scanners show a positive result, before taking action, and one to specify the action to take, whether that's to show a notification or simply to output the results (e.g. positive/total) to the terminal output, which could then be handled as desired by the user, such as appending it to a file that would then be shown after all downloads are done.
The text was updated successfully, but these errors were encountered: