<?php require_once 'VirusTotalApiV2.php'; /* Initialize the VirusTotalApi class. */ $api = new VirusTotalAPIV2('myKey'); /* Upload and scan a local file. */ $result = $api->scanFile('/tmp/xxx'); $scanId = $api->getScanID($result); /* Can be used to check for the report later on. */ $api->displayResult($result); /* Get a file report. */ // $report = $api->getFileReport('Hash-of-a-file-to-check-for-a-report'); // $api->displayResult($report); // print($api->getSubmissionDate($report) . '<br>'); // print($api->getReportPermalink($report, TRUE) . '<br>'); // /* Scan an URL. */ // $result = $api->scanURL('URL-to-scan'); // $scanId = $api->getScanID($result); /* Can be used to check for the report later on. */ // $api->displayResult($result); // /* Get an URL report. */ // $report = $api->getURLReport('URL-to-check-for-a-report'); // $api->displayResult($report); // print($api->getTotalNumberOfChecks($report) . '<br>'); // print($api->getNumberHits($report) . '<br>'); // print($api->getReportPermalink($report, FALSE) . '<br>'); // /* Comment on a file. */ // $report = $api->makeComment('Hash-of-a-file-to-comment-on', 'Your-comment'); // $api->displayResult($report); // /* Comment on an URL. */ // $report = $api->makeComment('URL-to-comment-on', 'Your-comment'); // $api->displayResult($report);
function ScanFileOnVirusTotal($file, $rescan = false) { if (!isset($file->vtscore)) { $file->vtscore = 0; } if (!isset($file->vtlink)) { $file->vtlink = ""; } if (!isset($file->vendor)) { $file->vendor = ""; } $file->scanned = 0; $api = new VirusTotalAPIV2($GLOBALS["config"]["virustotal"]["key"]); // Check size if ($file->size >= 30000000) { $file->scanned = -5; //file is too big SetVTResults($file); return; } // First, check if file exists $report = $api->getFileReport(isset($file->scan_id) && !empty($file->scan_id) ? $file->scan_id : $file->name); if (isset($report->response_code)) { if ($report->response_code == -3) { //API limit exceeded. Retry later. $file->scanned = -3; } else { if ($report->response_code == -2) { //Being scanned; Keep the permalink to check later $file->scanned = -2; if (isset($report->permalink)) { $file->vtlink = $report->permalink; } } else { if ($report->response_code == -1) { //Error occured $file->scanned = -1; } else { if ($report->response_code == 0) { //No results; upload the file if ($GLOBALS["config"]["virustotal"]["automatic_upload"] == True || $rescan == True) { ForceScanFileOnVirusTotal($file, true); } } else { if ($report->response_code == 1 && isset($report->permalink)) { if ($rescan) { ForceScanFileOnVirusTotal($file, false); } else { //Results if (isset($report->positives)) { $file->vtscore = $report->positives; } if (isset($report->permalink)) { $file->vtlink = $report->permalink; } if (isset($report->scan_id)) { $file->scan_id = $report->scan_id; } $file->scanned = 1; if (isset($report->scans)) { if (isset($report->scans->Microsoft) && !empty($report->scans->Microsoft->result)) { $file->vendor = $report->scans->Microsoft->result; } else { if (isset($report->scans->Kaspersky) && !empty($report->scans->Kaspersky->result)) { $file->vendor = $report->scans->Kaspersky->result; } else { if (isset($report->scans->BitDefender) && !empty($report->scans->BitDefender->result)) { $file->vendor = $report->scans->BitDefender->result; } else { if (isset($report->scans->Malwarebytes) && !empty($report->scans->Malwarebytes->result)) { $file->vendor = $report->scans->Malwarebytes->result; } } } } } } } } } } } //============== SetVTResults($file); } }
private function scanFileOnVirusTotal(&$file, $forceScanFile = false) { if (!isset($file->vtscore)) { $file->vtscore = 0; } if (!isset($file->vtlink)) { $file->vtlink = ""; } if (!isset($file->vendor)) { $file->vendor = ""; } if (!isset($file->is_vtscanned)) { $this->setVTScannedStatus($file, 0); } $api = new VirusTotalAPIV2($_ENV['VT_API_KEY']); $report = $api->getFileReport($file->md5); if (isset($report->response_code)) { if ($report->response_code == -3) { //API limit exceeded. Retry later. $this->setVTScannedStatus($file, $report->response_code); } else { if ($report->response_code == -2 && isset($report->permalink)) { //Being scanned; Keep the permalink to check later $this->setVTScannedStatus($file, $report->response_code); $file->vtlink = $report->permalink; } else { if ($report->response_code == -1) { //Error occured $this->setVTScannedStatus($file, $report->response_code); } else { if ($report->response_code == 0) { //No results; upload the file if ($forceScanFile) { $this->forceScanFileOnVirusTotal($file); } } else { if ($report->response_code == 1 && isset($report->permalink)) { //Results $file->vtscore = $report->positives; $file->vtlink = $report->permalink; $this->setVTScannedStatus($file, $report->response_code); if (isset($report->scans)) { if (isset($report->scans->Microsoft) && !empty($report->scans->Microsoft->result)) { $file->vendor = $report->scans->Microsoft->result; } else { if (isset($report->scans->Kaspersky) && !empty($report->scans->Kaspersky->result)) { $file->vendor = $report->scans->Kaspersky->result; } else { if (isset($report->scans->BitDefender) && !empty($report->scans->BitDefender->result)) { $file->vendor = $report->scans->BitDefender->result; } else { if (isset($report->scans->Malwarebytes) && !empty($report->scans->Malwarebytes->result)) { $file->vendor = $report->scans->Malwarebytes->result; } } } } } } } } } } } }
echo "</td>"; echo "</tr>"; /*echo "<tr class='result ".$row['id']."'><td>Antivirus</td><td colspan='2'>Result</td></tr>";*/ } ?> <tr> <td></td> <td><input type="submit" value="Queue File" name="scan_button" class="button"/></td> <td><input type="submit" value="Get Report" name="report_button" class="button"/></td> </tr> <tr><td colspan="3"><h4> <?php require_once 'VirusTotalApiV2.php'; ini_set('max_execution_time', 300); $obj = new VirusTotalAPIV2("be6591b7ba93d10e26c18baf69e46b8769960676b09dfaf383d48430ffa92abb"); if (isset($_POST['scan_button'])) { if (!isset($_POST['scan_file'])) { die("No File Selected"); } $data = $_POST['scan_file']; foreach ($data as $id) { $query = "SELECT `name` from `file_scan` WHERE `id`=" . $id; //echo $query; if (!($result = $db->query($query))) { $db->error; } $row = $result->fetch_assoc(); $file_dest = "data/" . $row['name']; if (!($scanFile = $obj->scanFile($file_dest))) { die("It`s not working, Try again later");