à propos : https://www.virustotal.com/fr/documentation/public-api/
le code permet de scanner vos fichiers en ligne et obtenir le rapport de scan au format "json"
versions avec winhttp
Code : Tout sélectionner
;By Celtic88 2016
;about : https://www.virustotal.com/fr/documentation/public-api/
EnableExplicit
#VirustotalAPIkey = "" ;here put your vapi key
#WorkMemorySize = 1024*24
Macro h
Chr(34)
EndMacro
Prototype.i WinHttpOpen(pwszUserAgent.p-unicode,
dwAccessType.l,
pwszProxyName.p-unicode,
pwszProxyBypass.p-unicode,
dwFlags.l )
Prototype.i WinHttpConnect(hSession.i,
pswzServerName.p-unicode,
nServerPort.l,
dwReserved.l)
Prototype.l WinHttpCloseHandle(hInternet.i)
Prototype.i WinHttpOpenRequest(hConnect.i,
pwszVerb.p-unicode,
pwszObjectName.p-unicode,
pwszVersion.p-unicode,
pwszReferrer.p-unicode,
*ppwszAcceptTypes,
dwFlags.l);
Prototype.l WinHttpSendRequest(hRequest.i,
pwszHeaders.p-unicode,
dwHeadersLength.l,
*lpOptional,
dwOptionalLength.l,
dwTotalLength.l,
*dwContext)
Prototype.l WinHttpReceiveResponse(hRequest.i,
*lpReserved)
Prototype.l WinHttpSetOption(hInternet.i,
dwOption.l,
*lpBuffer,
dwBufferLength.l );
Prototype.l WinHttpQueryDataAvailable(hRequest.i,
*lpdwNumberOfBytesAvailable)
Prototype.l WinHttpReadData(hRequest.i,
*lpBuffer,
dwNumberOfBytesToRead.l,
*lpdwNumberOfBytesRead);
Prototype.l WinHttpQueryHeaders(hRequest.i,
dwInfoLevel.l,
pwszName.p-unicode,
*lpBuffer,
*lpdwBufferLength,
*lpdwIndex)
Prototype.l WinHttpWriteData(hRequest,
*lpBuffer,
dwNumberOfBytesToWrite.l,
*lpdwNumberOfBytesWritten)
Global winhttp_dll=OpenLibrary(#PB_Any,"winhttp.dll")
Global WinHttpOpen.WinHttpOpen=GetFunction(winhttp_dll,"WinHttpOpen")
Global WinHttpCloseHandle.WinHttpCloseHandle=GetFunction(winhttp_dll,"WinHttpCloseHandle")
Global WinHttpConnect.WinHttpConnect=GetFunction(winhttp_dll,"WinHttpConnect")
Global WinHttpOpenRequest.WinHttpOpenRequest=GetFunction(winhttp_dll,"WinHttpOpenRequest")
Global WinHttpSendRequest.WinHttpSendRequest=GetFunction(winhttp_dll,"WinHttpSendRequest")
Global WinHttpReceiveResponse.WinHttpReceiveResponse=GetFunction(winhttp_dll,"WinHttpReceiveResponse")
Global WinHttpSetOption.WinHttpSetOption=GetFunction(winhttp_dll,"WinHttpSetOption")
Global WinHttpReadData.WinHttpReadData=GetFunction(winhttp_dll,"WinHttpReadData")
Global WinHttpQueryDataAvailable.WinHttpQueryDataAvailable=GetFunction(winhttp_dll,"WinHttpQueryDataAvailable")
Global WinHttpQueryHeaders.WinHttpQueryHeaders=GetFunction(winhttp_dll,"WinHttpQueryHeaders")
Global WinHttpWriteData.WinHttpWriteData=GetFunction(winhttp_dll,"WinHttpWriteData")
#INTERNET_SCHEME_HTTPS_WINHTTP =2
#WINHTTP_ACCESS_TYPE_DEFAULT_PROXY =0
#WINHTTP_NO_PROXY_NAME =#Null$
#WINHTTP_NO_PROXY_BYPASS =#Null$
#WINHTTP_FLAG_ESCAPE_DISABLE = $00000040
#WINHTTP_NO_REFERER = #Null$
#WINHTTP_DEFAULT_ACCEPT_TYPES =#Null
#WINHTTP_NO_REQUEST_DATA =#Null
Threaded VirustotalhSession,VirustotalhConnect
Procedure.s GetHashFile(File$)
Protected Rdf=ReadFile(#PB_Any,File$)
If Rdf
Protected *Dataf=AllocateMemory(#WorkMemorySize)
If *Dataf
#PROV_RSA_AES = 24
#CRYPT_VERIFYCONTEXT = $F0000000
#CALG_MD5 = $00008003
#HP_HASHSIZE = $0004
#HP_HASHVAL = $0002
Protected hProv,hHash,*ihash, iDataLen.l,iDataLenType.l,iReturn$,o.l,Rd.l
CryptAcquireContext_(@hProv, #Null, #Null, #PROV_RSA_AES, #CRYPT_VERIFYCONTEXT)
If hProv
CryptCreateHash_(hProv, #CALG_MD5, 0, 0, @hHash)
If hHash
While Eof(Rdf)=0
Rd=ReadData(Rdf,*Dataf,#WorkMemorySize)
CryptHashData_(hHash, *Dataf, Rd, 1)
Wend
iDataLenType=4
CryptGetHashParam_(hHash,#HP_HASHSIZE,@iDataLen,@iDataLenType,0)
If iDataLen
iDataLenType=iDataLen
CryptGetHashParam_(hHash,#HP_HASHVAL,*Dataf,@iDataLenType,0)
For o=0 To iDataLenType-1
iReturn$+ RSet(Hex(PeekA(*Dataf+o),#PB_Ascii), 2, "0")
Next
EndIf
CryptDestroyHash_(hHash)
EndIf
CryptReleaseContext_(hProv, 0)
EndIf
FreeMemory(*Dataf)
EndIf
CloseFile(Rdf)
EndIf
ProcedureReturn iReturn$
EndProcedure
Procedure Virustotal_Connect()
VirustotalhSession = WinHttpOpen("", #WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, #WINHTTP_NO_PROXY_NAME,#WINHTTP_NO_PROXY_BYPASS,0)
If VirustotalhSession
VirustotalhConnect =WinHttpConnect(VirustotalhSession,"www.virustotal.com",80,0)
If Not VirustotalhConnect:WinHttpCloseHandle(VirustotalhSession):VirustotalhSession=0:ProcedureReturn 0:EndIf
ProcedureReturn VirustotalhConnect
EndIf
EndProcedure
Procedure Virustotal_Close()
If VirustotalhSession:WinHttpCloseHandle(VirustotalhSession):EndIf
If VirustotalhConnect:WinHttpCloseHandle(VirustotalhConnect):EndIf
EndProcedure
Procedure.s Virustotal_ScanFile(FileToScan$)
Protected iReturn$,iDatelen.l,*m,Rcv.l,iRead.l,p.l
Protected sBoundary$="--------Boundary"
Protected sHeaders$ = "Content-Type: multipart/form-data; boundary=" + sBoundary$ + #CRLF$
Protected sData$ = "--" + sBoundary$ + #CRLF$
sData$ + "Content-Disposition: form-data; name=" + h + "apikey" + h + #CRLF$ + #CRLF$ + #VirustotalAPIkey + #CRLF$
sData$ + "--" + sBoundary$ + #CRLF$
sData$ + "Content-Disposition: form-data; name=" +h+ "file" +h + "; filename="+h+ GetFilePart(FileToScan$,#PB_FileSystem_NoExtension) +h + #CRLF$ + "Content-Type: application/octet-stream" + #CRLF$ + #CRLF$
Protected EndData$ = #CRLF$ +"--" + sBoundary$ + "--" + #CRLF$
Protected Rdf =ReadFile(#PB_Any,FileToScan$)
If Rdf
Protected SizeData.l=Lof(Rdf)+StringByteLength(sData$ ,#PB_Ascii)+StringByteLength(EndData$ ,#PB_Ascii)
Protected *iData = AllocateMemory(#WorkMemorySize)
If *iData
Protected hRequest=WinHttpOpenRequest(VirustotalhConnect,"Post","/vtapi/v2/file/scan","HTTP/1.1",#WINHTTP_NO_REFERER,#WINHTTP_DEFAULT_ACCEPT_TYPES,#WINHTTP_FLAG_ESCAPE_DISABLE)
If hRequest
WinHttpSendRequest(hRequest,sHeaders$,Len(sHeaders$),#WINHTTP_NO_REQUEST_DATA, 0,SizeData,0)
PokeS(*iData,sData$,-1,#PB_Ascii)
WinHttpWriteData(hRequest,*iData,StringByteLength(sData$ ,#PB_Ascii),0)
For p=0 To Lof(Rdf) Step #WorkMemorySize
iRead= ReadData(Rdf,*iData, #WorkMemorySize)
WinHttpWriteData(hRequest,*iData,iRead,0)
Debug "Send :"+Str(iRead)
Next
PokeS(*iData,EndData$,-1,#PB_Ascii)
WinHttpWriteData(hRequest,*iData,StringByteLength(EndData$ ,#PB_Ascii),0)
WinHttpReceiveResponse(hRequest,0)
While WinHttpQueryDataAvailable(hRequest,@iDatelen) = 1 And iDatelen > 0
*m=ReAllocateMemory(*m,Rcv+iDatelen)
WinHttpReadData(hRequest,*m+Rcv,iDatelen,0)
Rcv+iDatelen
Wend
If *m
iReturn$= PeekS(*m,Rcv,#PB_Ascii)
FreeMemory(*m)
EndIf
WinHttpCloseHandle(hRequest)
EndIf
FreeMemory(*iData)
EndIf
CloseFile(Rdf)
EndIf
ProcedureReturn iReturn$
EndProcedure
Procedure.s Virustotal_Get(HashFile$,sCommand$,sType$="resource")
Protected iReturn$,iDatelen.l,*m,Rcv.l
Protected *iData = Ascii(sType$+"=" + HashFile$ + "&key=" + #VirustotalAPIkey)
If *iData
Protected sHeaders$ = "Content-Type: application/x-www-form-urlencoded" + #CRLF$
Protected hRequest=WinHttpOpenRequest(VirustotalhConnect,"Post","/vtapi/v2/"+sCommand$,"HTTP/1.1",#WINHTTP_NO_REFERER,#WINHTTP_DEFAULT_ACCEPT_TYPES,#WINHTTP_FLAG_ESCAPE_DISABLE)
If hRequest
WinHttpSendRequest(hRequest,sHeaders$,Len(sHeaders$),*iData,MemorySize(*iData)-1,MemorySize(*iData)-1,0)
WinHttpReceiveResponse(hRequest,0)
While WinHttpQueryDataAvailable(hRequest,@iDatelen) = 1 And iDatelen > 0
*m=ReAllocateMemory(*m,Rcv+iDatelen)
WinHttpReadData(hRequest,*m+Rcv,iDatelen,0)
Rcv+iDatelen
Wend
If *m
iReturn$= PeekS(*m,Rcv,#PB_Ascii)
FreeMemory(*m)
EndIf
WinHttpCloseHandle(hRequest)
EndIf
FreeMemory(*iData)
EndIf
ProcedureReturn iReturn$
EndProcedure
Macro Virustotal_GetReportFile(HashFile)
Virustotal_Get(HashFile,"file/report")
EndMacro
Macro Virustotal_RescanFile(HashFile)
Virustotal_Get(HashFile,"file/rescan")
EndMacro
Macro Virustotal_ScanUrl(Url)
Virustotal_Get(Url,"url/scan","url")
EndMacro
Macro Virustotal_GetReportUrl(Url)
Virustotal_Get(Url,"url/report")
EndMacro
Virustotal_Connect()
Define HashFile$ =GetHashFile("virus.exe")
Debug HashFile$
Debug Virustotal_ScanFile("virus.exe")
Debug Virustotal_GetReportFile(HashFile$)
Debug Virustotal_ScanUrl("www.purebasic.fr")
Debug Virustotal_GetReportUrl("www.purebasic.fr")
Code : Tout sélectionner
;By Celtic88 new version multi os
;about : https://www.virustotal.com/fr/documentation/public-api/
EnableExplicit
InitNetwork()
UseMD5Fingerprint()
#VirustotalAPIkey = "" ; here put your vapi key
#WorkMemorySize = 1024*24; 24Kb
Macro h
Chr(34)
EndMacro
Macro ScanFileRequest(Content_Length,DataBoundary)
"POST /vtapi/v2/file/scan HTTP/1.1" +#CRLF$ +
"Connection: Close" +#CRLF$ +
"Content-Type: multipart/form-data; boundary=--------Boundary" +#CRLF$ +
"Content-Length: "+ Str(Content_Length) +#CRLF$ +
"Host: www.virustotal.com" +#CRLF$ +#CRLF$+
DataBoundary
EndMacro
Macro SimpleRequest(file,sData)
"POST /vtapi/v2/" +file+ " HTTP/1.1" +#CRLF$ +
"Connection: Close" +#CRLF$ +
"Content-Type: application/x-www-form-urlencoded" +#CRLF$ +
"Content-Length: " +Str(Len(sData)) +#CRLF$ +
"Host: www.virustotal.com"+#CRLF$ +#CRLF$ +
sData
EndMacro
Procedure.s GetHashFile(File$)
Protected Rdf=ReadFile(#PB_Any,File$)
If Rdf
Protected *Dataf=AllocateMemory(#WorkMemorySize)
If *Dataf
Protected fmd5 = StartFingerprint(#PB_Any, #PB_Cipher_MD5)
If fmd5
Protected Rd.l,iReturn$
While Eof(Rdf)=0
Rd=ReadData(Rdf,*Dataf,#WorkMemorySize)
AddFingerprintBuffer(fmd5, *Dataf, Rd)
Wend
iReturn$= FinishFingerprint(fmd5)
EndIf
FreeMemory(*Dataf)
EndIf
CloseFile(Rdf)
EndIf
ProcedureReturn iReturn$
EndProcedure
Procedure.s Virustotal_ScanFile(FileToScan$)
Protected Rdf =ReadFile(#PB_Any,FileToScan$)
If Rdf
Protected *iData = AllocateMemory(#WorkMemorySize)
If *iData
Protected hConnect =OpenNetworkConnection("www.virustotal.com",80)
If hConnect
Protected DataBoundary$= "----------Boundary" +#CRLF$ +
"Content-Disposition: form-data; name="+h+"apikey"+h+ #CRLF$ +#CRLF$ +
#VirustotalAPIkey +#CRLF$ +
"----------Boundary" +#CRLF$ +
"Content-Disposition: form-data; name="+h+"file"+h+"; filename="+h+ GetFilePart(FileToScan$) +h +#CRLF$ +
"Content-Type: " + "application/octet-stream" +#CRLF$ +#CRLF$
Protected DataEnfBoundary$=#CRLF$ +"----------Boundary--" + #CRLF$
Protected Content_Length = Lof(Rdf)+StringByteLength(DataBoundary$ ,#PB_Ascii)+StringByteLength(DataEnfBoundary$ ,#PB_Ascii)
SendNetworkString(hConnect,ScanFileRequest(Content_Length,DataBoundary$), #PB_Ascii)
Protected p.l, iRead.l,Ev, *m, iReturn$,Rcv.l
For p=0 To Lof(Rdf) Step #WorkMemorySize
iRead= ReadData(Rdf,*iData, #WorkMemorySize)
While (SendNetworkData(hConnect,*iData,iRead) < 1)
If NetworkClientEvent(hConnect) = #PB_NetworkEvent_Disconnect:Break 2:EndIf
Delay(50)
Wend
Debug "Send :"+Str(iRead)
Next
SendNetworkString(hConnect,DataEnfBoundary$, #PB_Ascii)
Repeat
Delay(50)
Ev=NetworkClientEvent(hConnect)
Until Ev = #PB_NetworkEvent_Data Or Ev = #PB_NetworkEvent_Disconnect; you can place a timeout!
While NetworkClientEvent(hConnect) <> #PB_NetworkEvent_Disconnect ; get Request response
iRead=ReceiveNetworkData(hConnect,*iData,#WorkMemorySize)
If iRead
*m=ReAllocateMemory(*m,Rcv+iRead)
If *m
CopyMemory(*iData, *m+Rcv, iRead)
Rcv+iRead
EndIf
EndIf
Wend
If *m
iReturn$= PeekS(*m,Rcv,#PB_Ascii)
iReturn$=Mid(iReturn$,FindString(iReturn$, #CRLF$ +#CRLF$ )+4)
FreeMemory(*m)
EndIf
CloseNetworkConnection(hConnect)
EndIf
FreeMemory(*iData)
EndIf
CloseFile(Rdf)
EndIf
ProcedureReturn iReturn$
EndProcedure
Procedure.s Virustotal_Get(HashFile$,sCommand$,sType$="resource")
Protected iReturn$,Ev,Rcv.l,tRcv.l
Protected *iData = AllocateMemory(#WorkMemorySize)
If *iData
Protected hConnect =OpenNetworkConnection("www.virustotal.com",80)
If hConnect
SendNetworkString(hConnect,SimpleRequest(sCommand$, sType$+"=" + HashFile$ + "&key=" + #VirustotalAPIkey), #PB_Ascii)
Repeat
Delay(50)
Ev=NetworkClientEvent(hConnect)
Until Ev = #PB_NetworkEvent_Data Or Ev = #PB_NetworkEvent_Disconnect
While NetworkClientEvent(hConnect) <> #PB_NetworkEvent_Disconnect
tRcv=ReceiveNetworkData(hConnect,*iData+Rcv,#WorkMemorySize)
If tRcv
Rcv+tRcv
*iData=ReAllocateMemory(*iData,Rcv+(#WorkMemorySize))
If Not *iData:Break:EndIf
EndIf
Wend
If *iData
iReturn$= PeekS(*iData,Rcv,#PB_Ascii)
iReturn$=Mid(iReturn$,FindString(iReturn$, #CRLF$ +#CRLF$ )+4)
EndIf
CloseNetworkConnection(hConnect)
EndIf
FreeMemory(*iData)
EndIf
ProcedureReturn iReturn$
EndProcedure
Macro Virustotal_GetReportFile(HashFile); Get scanned File Report!
Virustotal_Get(HashFile,"file/report")
EndMacro
Macro Virustotal_RescanFile(HashFile)
Virustotal_Get(HashFile,"file/rescan")
EndMacro
Macro Virustotal_ScanUrl(Url)
Virustotal_Get(Url,"url/scan","url")
EndMacro
Macro Virustotal_GetReportUrl(Url)
Virustotal_Get(Url,"url/report")
EndMacro
Define HashFile$ =GetHashFile("virus.exe")
Debug HashFile$
Debug Virustotal_ScanFile("virus.exe")
Debug Virustotal_GetReportFile(HashFile$)
Debug Virustotal_ScanUrl("www.purebasic.fr")
Debug Virustotal_GetReportUrl("www.purebasic.fr")
amusez vous a+