#include-once #include "WinHttp.au3" ; #INDEX# ================================================================================================= ; Title .........: VT.au3 ; AutoIt Version : 3.3.8.1 ; Language ......: English ; Description ...: VirusTotal public API version 2.0 implementation in Autoit ;thanks to: trancexx|ProgAndy "WinHttp.au3" & www.virustotal.com ;Reference https://www.virustotal.com/es/documentation/public-api ;Written by Danyfirex ;Date 12/05/2013 ; #FUNCTION# ============================================================================================= ;===================CONSTANTS/CONSTANTES======================= Global Const $VTPage="www.virustotal.com" ;============================================================== ; #FUNCTIONS/FUNCIONES# ======================================= ;VT_Open ;VT_Close ;VT_File_Report ;VT_Url_Report ;VT_Url_Scan ;VT_File_Scan ;VT_File_Rescan ;VT_Put_Comment ; ============================================================== ; #FUNCTION# ============================================================================================= ; Name...........: VT_Open ; Description ...: Initialize and get session handle & connection handle ; Syntax.........: VT_Open() ; #FUNCTION# ============================================================================================= Func VT_Open() Global $hOpen = _WinHttpOpen() Global $hConnect = _WinHttpConnect($hOpen, $VTPage) EndFunc ;==> VT_Open ; #FUNCTION# ============================================================================================= ; Name...........: VT_Open ; Description ...: Close handles ; Syntax.........: VT_Open() ; #FUNCTION# ============================================================================================= Func VT_Close() _WinHttpCloseHandle($hConnect) _WinHttpCloseHandle($hOpen) EndFunc ; #FUNCTION# ============================================================================================= ; Name...........: VT_File_Report ; Description ...: retrieve a scan report on a given file ; Syntax.........: VT_File_Report($Resource,$APIkey) ; Parameters ....: $Resource - A md5/sha1/sha256/scan_id hash will retrieve the most recent report. ; $APIkey - your API key. ; #FUNCTION# ============================================================================================= Func VT_File_Report($Resource,$APIkey) Return _WinHttpSimpleRequest($hConnect, "POST", "/vtapi/v2/file/report", Default,"resource="& $Resource & "&key=" & $APIkey) EndFunc ; #FUNCTION# ============================================================================================= ; Name...........: VT_Url_Report ; Description ...: retrieve a scan report on a given URL ; Syntax.........: VT_Url_Report($URL,$APIkey) ; Parameters ....: $URL - a URL. ; $APIkey - your API key. ; #FUNCTION# ============================================================================================= Func VT_Url_Report($URL,$APIkey) Return _WinHttpSimpleRequest($hConnect, "POST", "/vtapi/v2/url/report", Default, "resource=" & $URL & "&key=" & $APIkey) EndFunc ; #FUNCTION# ============================================================================================= ; Name...........: VT_Url_Scan ; Description ...: submit a URL for Scanning ; Syntax.........: VT_Url_Scan($URL,$APIkey) ; Parameters ....: $URL - The URL that should be scanned. ; $APIkey - your API key. ; #FUNCTION# ============================================================================================= Func VT_Url_Scan($URL,$APIkey) Return _WinHttpSimpleRequest($hConnect, "POST", "/vtapi/v2/url/scan", Default, "url="& $URL & "&key="&$APIkey) EndFunc ; #FUNCTION# ============================================================================================= ; Name...........: VT_Url_Scan ; Description ...: submit a file for Scanning ; Syntax.........: VT_File_Scan($File,$APIkey,$sBoundary="--------Boundary") ; Parameters ....: $File - The file path to upload ; $APIkey - your API key. ; $sBoundary - your Boundary. ; #FUNCTION# ============================================================================================= Func VT_File_Scan($File,$APIkey,$sBoundary="--------Boundary") $sHeaders = "Content-Type: multipart/form-data; boundary=" & $sBoundary & @CRLF $sData = '' $sData &= "--" & $sBoundary & @CRLF $sData &= 'Content-Disposition: form-data; name="apikey"' & @CRLF & @CRLF & $APIkey & @CRLF $sData &= "--" & $sBoundary & @CRLF $sData &= __WinHttpFileContent("", "file", $File,$sBoundary) $sData &= "--" & $sBoundary & "--" & @CRLF return _WinHttpSimpleRequest($hConnect, "POST", "/vtapi/v2/file/scan", Default, StringToBinary($sData,0), $sHeaders) EndFunc ; #FUNCTION# ============================================================================================= ; Name...........: VT_File_Rescan ; Description ...: Rescan files in VirusTotal's file store ; Syntax.........: VT_File_Rescan($Resource,$APIkey) ; Parameters ....: $Resource - md5/sha1/sha256/CSV ; $APIkey - your API key. ; #FUNCTION# ============================================================================================= Func VT_File_Rescan($Resource,$APIkey) return _WinHttpSimpleRequest($hConnect, "POST", "/vtapi/v2/file/rescan", Default, "resource=" & $Resource &"&key=" & $APIkey) EndFunc ; #FUNCTION# ============================================================================================= ; Name...........: VT_Put_Comment ; Description ...: Make a commnet on files and URLs ; Syntax.........: VT_Put_Comment($Resource,$APIkey) ; Parameters ....: $Resource - md5/sha1/sha256 ; $APIkey - your API key. ; $Commnet - your Comment. ; #FUNCTION# ============================================================================================= func VT_Put_Comment($Resource,$APIkey,$Comment) return _WinHttpSimpleRequest($hConnect, "POST", "/vtapi/v2/comments/put", Default, "resource=" & $Resource & _ "&comment=" & $Comment & "&key=" & $APIkey) EndFunc