class Uirusu::VTResult
A wrapper class to hold all of the data for a single Virus total result
Constants
- RESULT_FIELDS
Attributes
results[RW]
Public Class Methods
new(hash, results)
click to toggle source
Builds a VTResult
object based on the hash and results passed to it
@param hash, Cryptographic hash that was searched @param results, Results of the search on Virustotal.com
# File lib/uirusu/vtresult.rb, line 34 def initialize hash, results if results == nil or results.empty? return # Take into consideration being passed an array of results. # For instance, rescan_file will return an array if more than # one sample is given. This ensures single results work. elsif not results.is_a? Array results = [ [ hash, results ] ] end @results = Array.new # Results will be an array of: [ [resource, result hash ] ] results.each do |entry| hash = entry.first # Grab the resource (checksum hash) result = entry.last # Grab the query report if result['response_code'] == 0 res = Hash.new RESULT_FIELDS.each{|field| res[field] = '-' } res[:hash] = hash res['result'] = result['verbose_msg'] @results.push res elsif result['response_code'] == 0 abort "[!] Invalid API KEY! Please correct this! Check ~/.uirusu" else permalink = result['permalink'] scan_date = result['scan_date'] md5 = result['md5'] sha1 = result['sha1'] sha256 = result['sha256'] result['scans'].each do |scanner, value| if value != '' res = Hash.new res[:hash] = hash res[:md5] = md5 res[:sha1] = sha1 res[:sha256] = sha256 res[:scanner] = scanner res[:detected] = value['detected'] res[:version] = value['version'] if value['result'] == nil res[:result] = "Nothing detected" else res[:result] = value['result'] end res[:scan_date] = scan_date res[:update] = value['update'] res[:permalink] = permalink unless permalink == nil @results.push res end end end end #if we didn't have any results lets create a fake not found if @results.size == 0 res = Hash.new RESULT_FIELDS.each{|field| res[field] = '-' } res[:hash] = hash res['result'] = result['verbose_msg'] @results.push res end end
Public Instance Methods
to_json(options={})
click to toggle source
Outputs the result to JSON
@return [String] JSON representation of the result
# File lib/uirusu/vtresult.rb, line 126 def to_json(options={}) JSON::pretty_generate(@results.map{|entry| { :vtresult => entry } }) end
to_stdout()
click to toggle source
Outputs the result to STDOUT
@return [String] Pretty text printable representation of the result
# File lib/uirusu/vtresult.rb, line 108 def to_stdout result_string = String.new hashes = Array.new @results.sort_by {|k| k[:scanner] }.each do |result| unless hashes.include? result[:hash].downcase result_string << "#{result[:hash]}:\n" hashes << result[:hash].downcase end result_string << "#{result[:scanner]}: ".rjust(25) + "#{result[:result]}\n" end if @results != nil result_string end
to_xml()
click to toggle source
Outputs the result to XML
@return [String] XML representation of the result
# File lib/uirusu/vtresult.rb, line 140 def to_xml result_string = String.new result_string << "<results>\n" @results.each do |result| result_string << "\t<vtresult>\n" RESULT_FIELDS.each{|field| result_string << "\t\t<#{field.to_s}>#{result[field]}</#{field.to_s}>\n" unless field == :permalink and result['permalink'].nil? } result_string << "\t</vtresult>\n" end if @results != nil result_string << "</results>\n" result_string end
to_yaml()
click to toggle source
Outputs the result to YAML
@return [String] YAML representation of the result
# File lib/uirusu/vtresult.rb, line 133 def to_yaml @results.map{|entry| { :vtresult => entry } }.to_yaml end