I hereby claim:
- I am klingerko on github.
- I am kk_konstantin (https://keybase.io/kk_konstantin) on keybase.
- I have a public key ASD-v8A3DHdOwuNtWDVgtONLyxtSfHhjRDBmo-pATCtVIQo
To claim this, I am signing this object:
Info.ReverseHttpHtml;Engine:81-255,Target:3;(0|1);2f2f3a7370747468::i;2f2f3a70747468::i | |
Info.ReverseHttpAscii;Engine:81-255,Target:7;(0|1);2f2f3a7370747468::i;2f2f3a70747468::i |
import requests | |
import json | |
import sys | |
import time | |
# create your api token with: curl -d "username=<USER>&password=<PASSWD>" https://capesandbox.com/apiv2/api-token-auth/ | |
headers = {"Authorization": "Token <token>"} | |
DETECTION = "Azorult" | |
# quick check for status api endpoint to see if api token works and we can reach the api |
import requests | |
import json | |
import sys | |
import time | |
# create your api token with: curl -d "username=<USER>&password=<PASSWD>" https://capesandbox.com/apiv2/api-token-auth/ | |
headers = {"Authorization": "Token <INSERT_TOKEN>"} | |
# quick check for status api endpoint to see if api token works and we can reach the api | |
response = requests.get("https://www.capesandbox.com/apiv2/cuckoo/status/", headers=headers) |
# ... | |
response = requests.get(api_url, headers=headers) | |
if not response or response.status_code != 200: | |
return None | |
# we have the file as gzip in response.content | |
# we decompress it and store it on disk | |
with open(f"{hash_}.bin", 'wb') as tmp_file: | |
tmp_file.write(zlib.decompress(response.content, 16+zlib.MAX_WBITS)) | |
# ... |
I hereby claim:
To claim this, I am signing this object: