Skip to content

Instantly share code, notes, and snippets.

@mattghali
Forked from luca-m/virustotal_upload
Created May 20, 2017 20:01
Show Gist options
  • Save mattghali/23cbd045f6ce78d7a4efd2a2010e33cc to your computer and use it in GitHub Desktop.
Save mattghali/23cbd045f6ce78d7a4efd2a2010e33cc to your computer and use it in GitHub Desktop.
Upload a sample to VirusTotal and pretty print the report. All in a handy alias.
#!/usr/bin/env bash
#
# Upload a sample to VirusTotal and pretty print the report.
# All in a handy alias.
#
# Dependencies:
#
# * curl
# * jq
# * VirusTotal API key
#
apikey="vt api key"
echo "$(tput setaf 7)Uploading $1 to VirusTotal$(tput sgr0)"
vt_hash=$(curl -\# -X POST 'https://www.virustotal.com/vtapi/v2/file/scan' \
--form apikey="$apikey" \
--form file=@"$1" | jq .sha256 | cut -d\" -f2)
echo "$(tput setaf 4)SHA256:${vt_hash} - waiting for report..$(tput sgr0)"
while true; do
sleep 1
response=$(curl -sX POST 'https://www.virustotal.com/vtapi/v2/file/report' \
--form apikey="$apikey" \
--form resource="$vt_hash")
if (echo -n "$response" | grep -q 'Scan finished'); then
echo "$response" | jq "{\"$1\": {total,positives}}"
break;
fi
echo -e -n "$(tput setaf 7).$(tput sgr0)\r"
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment