-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathgrabVThash.sh
More file actions
12 lines (12 loc) · 911 Bytes
/
grabVThash.sh
File metadata and controls
12 lines (12 loc) · 911 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
#!/bin/bash
echo "GrabVThash.sh searches Virus Total DB for MD5 values"
# jsbrown, CCajigas
echo ""
echo "Usage: grabVThash.sh [file or hash...]"
echo ""
#process file
[ -f "$1" ] && echo "Processing..." && cat $1|cut -c -32| while read line; do curl -s -X POST 'https://www.virustotal.com/vtapi/v2/file/report' --form apikey="---api-key---" --form resource="$line" |awk -F'positives\":' '{print "VT Hits:" $2}'|awk -F' ' '{print $1$2" "$3$6$7}'|sed 's/["}]//g' && sleep 15 ; done && exit
#process single hash
HTEST=$(echo $1|grep -e "[0-9a-f]\{32\}")
[ ! -f "$1" ] && [ "$HTEST" != $1 ] && echo "$1 is not a valid md5 hash"
[ ! -f "$1" ] && [ "$HTEST" == $1 ] && echo "Processing..." && curl -s -X POST 'https://www.virustotal.com/vtapi/v2/file/report' --form apikey="---api-key---" --form resource="$1" |awk -F'positives\":' '{print "VT Hits:" $2}'|awk -F' ' '{print $1$2" "$3$6$7}'|sed 's/["}]//g' && exit