function ScanFileOnVirusTotal($file, $rescan = false) { if (!isset($file->vtscore)) { $file->vtscore = 0; } if (!isset($file->vtlink)) { $file->vtlink = ""; } if (!isset($file->vendor)) { $file->vendor = ""; } $file->scanned = 0; $api = new VirusTotalAPIV2($GLOBALS["config"]["virustotal"]["key"]); // Check size if ($file->size >= 30000000) { $file->scanned = -5; //file is too big SetVTResults($file); return; } // First, check if file exists $report = $api->getFileReport(isset($file->scan_id) && !empty($file->scan_id) ? $file->scan_id : $file->name); if (isset($report->response_code)) { if ($report->response_code == -3) { //API limit exceeded. Retry later. $file->scanned = -3; } else { if ($report->response_code == -2) { //Being scanned; Keep the permalink to check later $file->scanned = -2; if (isset($report->permalink)) { $file->vtlink = $report->permalink; } } else { if ($report->response_code == -1) { //Error occured $file->scanned = -1; } else { if ($report->response_code == 0) { //No results; upload the file if ($GLOBALS["config"]["virustotal"]["automatic_upload"] == True || $rescan == True) { ForceScanFileOnVirusTotal($file, true); } } else { if ($report->response_code == 1 && isset($report->permalink)) { if ($rescan) { ForceScanFileOnVirusTotal($file, false); } else { //Results if (isset($report->positives)) { $file->vtscore = $report->positives; } if (isset($report->permalink)) { $file->vtlink = $report->permalink; } if (isset($report->scan_id)) { $file->scan_id = $report->scan_id; } $file->scanned = 1; if (isset($report->scans)) { if (isset($report->scans->Microsoft) && !empty($report->scans->Microsoft->result)) { $file->vendor = $report->scans->Microsoft->result; } else { if (isset($report->scans->Kaspersky) && !empty($report->scans->Kaspersky->result)) { $file->vendor = $report->scans->Kaspersky->result; } else { if (isset($report->scans->BitDefender) && !empty($report->scans->BitDefender->result)) { $file->vendor = $report->scans->BitDefender->result; } else { if (isset($report->scans->Malwarebytes) && !empty($report->scans->Malwarebytes->result)) { $file->vendor = $report->scans->Malwarebytes->result; } } } } } } } } } } } //============== SetVTResults($file); } }
private function scanFileOnVirusTotal(&$file, $forceScanFile = false) { if (!isset($file->vtscore)) { $file->vtscore = 0; } if (!isset($file->vtlink)) { $file->vtlink = ""; } if (!isset($file->vendor)) { $file->vendor = ""; } if (!isset($file->is_vtscanned)) { $this->setVTScannedStatus($file, 0); } $api = new VirusTotalAPIV2($_ENV['VT_API_KEY']); $report = $api->getFileReport($file->md5); if (isset($report->response_code)) { if ($report->response_code == -3) { //API limit exceeded. Retry later. $this->setVTScannedStatus($file, $report->response_code); } else { if ($report->response_code == -2 && isset($report->permalink)) { //Being scanned; Keep the permalink to check later $this->setVTScannedStatus($file, $report->response_code); $file->vtlink = $report->permalink; } else { if ($report->response_code == -1) { //Error occured $this->setVTScannedStatus($file, $report->response_code); } else { if ($report->response_code == 0) { //No results; upload the file if ($forceScanFile) { $this->forceScanFileOnVirusTotal($file); } } else { if ($report->response_code == 1 && isset($report->permalink)) { //Results $file->vtscore = $report->positives; $file->vtlink = $report->permalink; $this->setVTScannedStatus($file, $report->response_code); if (isset($report->scans)) { if (isset($report->scans->Microsoft) && !empty($report->scans->Microsoft->result)) { $file->vendor = $report->scans->Microsoft->result; } else { if (isset($report->scans->Kaspersky) && !empty($report->scans->Kaspersky->result)) { $file->vendor = $report->scans->Kaspersky->result; } else { if (isset($report->scans->BitDefender) && !empty($report->scans->BitDefender->result)) { $file->vendor = $report->scans->BitDefender->result; } else { if (isset($report->scans->Malwarebytes) && !empty($report->scans->Malwarebytes->result)) { $file->vendor = $report->scans->Malwarebytes->result; } } } } } } } } } } } }
} else { echo "File," . $row['name'] . " Queued Successfully, Refresh page.<br>"; } } } if (isset($_POST['report_button'])) { $antivirus_array = array(); $data = $_POST['report_file']; foreach ($data as $id) { $query = "SELECT `scan_id`,`name` from `file_scan` WHERE `id`=" . $id; //echo $query; if (!($result = $db->query($query))) { echo $db->error; } $row = $result->fetch_assoc(); $report_file = $obj->getFileReport($row['scan_id']); if (isset($report_file->scans)) { $virus_data = $report_file->scans; //var_dump($report_file); foreach ($virus_data as $virus => $result) { if ($result->result != null) { $antivirus_array[] = $virus; } $query = "Insert into `" . strtolower($virus) . "`(`id`,`result`) VALUES('" . $id . "','" . $result->result . "')"; if (!($result = $db->query($query))) { echo "Error:" . $db->error; } } $antivirus_string = implode(",", $antivirus_array); //var_dump($antivirus_string); $query = "UPDATE `file_scan` SET `report` =1,`antivirus`='" . $antivirus_string . "' WHERE `id` =" . $id;