diogo-fernan / malsub

A Python RESTful API framework for online malware analysis and threat intelligence services.
Other
368 stars 83 forks source link

issue with some api ? #4

Closed GhostRock37 closed 7 years ago

GhostRock37 commented 7 years ago

hello !

I'm just a new user of this tool ! # great !!

I have an error when i try this command and api i think : python malsub.py -vva VirusTotal -su http://france.lachainemeteo.com

[] debug Fri 02 Jun 2017 05:27:14.535456 +0000 UTC: arg -- { '--analysis': 'VirusTotal', '--appl': False, '--domain': False, '--download': False, '--find': False, '--help': False, '--ipaddr': False, '--pause': '0', '--quota': False, '--recursive': False, '--report': False, '--servhelp': False, '--submit': True, '--test': False, '--url': True, '--verbose': 2, '': ['http://france.lachainemeteo.com']} [] debug Fri 02 Jun 2017 05:27:14.535958 +0000 UTC: ina -- ['http://france.lachainemeteo.com'] [] debug Fri 02 Jun 2017 05:27:14.535958 +0000 UTC: _serv -- [ <class 'malsub.service.avcaesar.AVCaesar'> AVCaesar avc, <class 'malsub.service.hybrid-analysis.HybridAnalysis'> HybridAnalysis ha, <class 'malsub.service.malshare.MalShare'> MalShare ms, <class 'malsub.service.maltracker.Maltracker'> Maltracker mt, <class 'malsub.service.metadefender.Metadefender'> Metadefender md, <class 'malsub.service.openphish.OpenPhish'> OpenPhish op, <class 'malsub.service.pdf-examiner.PDFExaminer'> PDFExaminer pe, <class 'malsub.service.phishtank.PhishTank'> PhishTank pt, <class 'malsub.service.quicksand.QuickSand'> QuickSand qs, <class 'malsub.service.safebrowsing.SafeBrowsing'> SafeBrowsing sb, <class 'malsub.service.threatcrowd.ThreatCrowd'> ThreatCrowd tc, <class 'malsub.service.urlvoid.URLVoid'> URLVoid uv, <class 'malsub.service.virustotal.VirusTotal'> VirusTotal vt, <class 'malsub.service.vxstream.VxStream'> VxStream vs] [] debug Fri 02 Jun 2017 05:27:14.536459 +0000 UTC: anserv -- [<class 'malsub.service.virustotal.VirusTotal'> VirusTotal vt] [*] debug Fri 02 Jun 2017 05:27:14.565035 +0000 UTC: apikey -- {'virustotal': {'apikey': {'apikey': ''}}}

malsub v1.2 https://github.com/diogo-fernan/malsub

[] debug Fri 02 Jun 2017 05:27:15.072886 +0000 UTC: res.headers -- { 'Cache-Control': 'no-cache', 'Connection': 'close', 'Content-Length': '0', 'Content-Type': 'text/html; charset=utf-8', 'Date': 'Fri, 02 Jun 2017 05:27:17 GMT', 'Server': 'Google Frontend', 'X-Cloud-Trace-Context': 'd7fd11a19caba7892de324545aee5eeb'} [] debug Fri 02 Jun 2017 05:27:15.073387 +0000 UTC: res.text [!] warning Fri 02 Jun 2017 05:27:15.075392 +0000 UTC: "VirusTotal" -- "submit_url" error: 403 Client Error: Forbidden for url: https://www.virustotal.com/vtapi/v2/url/scan Traceback (most recent call last): File "D:\malsub-master\malsub\core\work.py", line 27, in exec data = f.result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 398, in result return self.get_result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 357, in get_result raise self._exception File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures\thread.py", line 55, in run result = self.fn(*self.args, **self.kwargs) File "D:\malsub-master\malsub\service\virustotal.py", line 97, in submiturl data, = request(self.api_subu) File "D:\malsub-master\malsub\core\web.py", line 94, in request apispec.verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 77, in post json_req, param, verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 45, in _request res.raise_for_status() File "C:\Program Files (x86)\Python36-32\lib\site-packages\requests\models.py", line 893, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 403 Client Error: Forbidden for url: https://www.virustotal.com/vtapi/v2/url/scan

[*] verbose Fri 02 Jun 2017 05:27:15.075894 +0000 UTC: malsub finished with results: +---+---------------------------------+--------------+ | # | input | VirusTotal | +---+---------------------------------+--------------+ | 1 | http://france.lachainemeteo.com | unsuccessful | +---+---------------------------------+--------------+

I have also try a another command : python malsub.py -or france.lachainemeteo.com and i have also an error with some api i think

``

malsub v1.2 https://github.com/diogo-fernan/malsub

[!] warning Fri 02 Jun 2017 05:30:54.730730 +0000 UTC: "URLVoid" -- "report_dom" error: 404 Client Error: Not Found for url: http://api.urlvoid.com/%3Capiuser%3E/%3Capikey%3E/host/france.lachainemeteo.com/ Traceback (most recent call last): File "D:\malsub-master\malsub\core\work.py", line 27, in exec data = f.result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 398, in result return self.get_result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 357, in get_result raise self._exception File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures\thread.py", line 55, in run result = self.fn(*self.args, **self.kwargs) File "D:\malsub-master\malsub\service\urlvoid.py", line 57, in reportdom data, = request(self.api_repd) File "D:\malsub-master\malsub\core\web.py", line 94, in request apispec.verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 83, in get json_req, param, verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 45, in _request res.raise_for_status() File "C:\Program Files (x86)\Python36-32\lib\site-packages\requests\models.py", line 893, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 404 Client Error: Not Found for url: http://api.urlvoid.com/%3Capiuser%3E/%3Capikey%3E/host/france.lachainemeteo.com/

[!] warning Fri 02 Jun 2017 05:30:54.846539 +0000 UTC: "Maltracker" -- "report_dom" error: 403 Client Error: FORBIDDEN for url: http://api.maltracker.net:4700/c2/domain/france.lachainemeteo.com/?apikey=%3Capikey%3E Traceback (most recent call last): File "D:\malsub-master\malsub\core\work.py", line 27, in exec data = f.result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 398, in result return self.get_result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 357, in get_result raise self._exception File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures\thread.py", line 55, in run result = self.fn(*self.args, **self.kwargs) File "D:\malsub-master\malsub\service\maltracker.py", line 71, in reportdom data, = request(self.api_repd) File "D:\malsub-master\malsub\core\web.py", line 94, in request apispec.verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 83, in get json_req, param, verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 45, in _request res.raise_for_status() File "C:\Program Files (x86)\Python36-32\lib\site-packages\requests\models.py", line 893, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 403 Client Error: FORBIDDEN for url: http://api.maltracker.net:4700/c2/domain/france.lachainemeteo.com/?apikey=%3Capikey%3E

[!] warning Fri 02 Jun 2017 05:30:55.028021 +0000 UTC: "VirusTotal" -- "report_dom" error: 403 Client Error: Forbidden for url: https://www.virustotal.com/vtapi/v2/domain/report?apikey=%3Capikey%3E&domain=france.lachainemeteo.com Traceback (most recent call last): File "D:\malsub-master\malsub\core\work.py", line 27, in exec data = f.result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 398, in result return self.get_result() File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures_base.py", line 357, in get_result raise self._exception File "C:\Program Files (x86)\Python36-32\lib\concurrent\futures\thread.py", line 55, in run result = self.fn(*self.args, **self.kwargs) File "D:\malsub-master\malsub\service\virustotal.py", line 78, in reportdom data, = request(self.api_repd) File "D:\malsub-master\malsub\core\web.py", line 94, in request apispec.verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 83, in get json_req, param, verify, bin, json) File "D:\malsub-master\malsub\core\web.py", line 45, in _request res.raise_for_status() File "C:\Program Files (x86)\Python36-32\lib\site-packages\requests\models.py", line 893, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 403 Client Error: Forbidden for url: https://www.virustotal.com/vtapi/v2/domain/report?apikey=%3Capikey%3E&domain=france.lachainemeteo.com

[+] info Fri 02 Jun 2017 05:30:55.075648 +0000 UTC: "ThreatCrowd" -- "report_dom" completed: { 'emails': [], 'hashes': [], 'permalink': 'https://www.threatcrowd.org/domain.php?domain=france.lachainemeteo.com', 'references': [], 'resolutions': [ {'ip_address': '-', 'last_resolved': '2016-02-25'}, { 'ip_address': '104.80.89.129', 'last_resolved': '2017-04-25'}, { 'ip_address': '128.177.96.136', 'last_resolved': '2015-02-12'}, { 'ip_address': '128.177.96.42', 'last_resolved': '2014-10-06'}, { 'ip_address': '128.177.96.67', 'last_resolved': '2015-01-09'}, { 'ip_address': '128.177.96.88', 'last_resolved': '2014-09-26'}, { 'ip_address': '128.177.96.97', 'last_resolved': '2014-12-06'}, { 'ip_address': '157.238.74.171', 'last_resolved': '2014-02-05'}, { 'ip_address': '157.238.74.186', 'last_resolved': '2015-01-31'}, { 'ip_address': '157.238.74.202', 'last_resolved': '2014-11-18'}, { 'ip_address': '157.238.74.225', 'last_resolved': '2013-10-17'}, { 'ip_address': '165.254.114.104', 'last_resolved': '2014-09-28'}, { 'ip_address': '165.254.114.105', 'last_resolved': '2015-01-15'}, { 'ip_address': '165.254.155.115', 'last_resolved': '2015-01-15'}, { 'ip_address': '165.254.155.136', 'last_resolved': '2015-01-02'}, { 'ip_address': '165.254.155.66', 'last_resolved': '2015-03-17'}, { 'ip_address': '165.254.155.72', 'last_resolved': '2015-01-20'}, { 'ip_address': '165.254.206.138', 'last_resolved': '2014-04-20'}, { 'ip_address': '165.254.206.212', 'last_resolved': '2014-02-26'}, { 'ip_address': '165.254.206.244', 'last_resolved': '2014-01-22'}, { 'ip_address': '165.254.29.24', 'last_resolved': '2013-11-09'}, { 'ip_address': '165.254.50.187', 'last_resolved': '2013-11-15'}, { 'ip_address': '173.205.10.11', 'last_resolved': '2015-03-04'}, { 'ip_address': '173.205.10.136', 'last_resolved': '2015-02-26'}, { 'ip_address': '173.205.10.19', 'last_resolved': '2015-02-25'}, { 'ip_address': '173.205.10.74', 'last_resolved': '2014-12-20'}, { 'ip_address': '173.205.10.97', 'last_resolved': '2014-12-27'}, { 'ip_address': '184.25.102.50', 'last_resolved': '2014-01-09'}, { 'ip_address': '184.25.102.65', 'last_resolved': '2014-01-15'}, { 'ip_address': '184.26.93.40', 'last_resolved': '2016-06-16'}, { 'ip_address': '184.26.93.50', 'last_resolved': '2016-05-26'}, { 'ip_address': '184.50.238.57', 'last_resolved': '2014-04-11'}, { 'ip_address': '184.50.239.17', 'last_resolved': '2017-04-07'}, { 'ip_address': '184.50.239.50', 'last_resolved': '2016-11-04'}, { 'ip_address': '184.51.147.114', 'last_resolved': '2015-03-08'}, { 'ip_address': '184.51.147.81', 'last_resolved': '2015-03-07'}, { 'ip_address': '184.84.180.34', 'last_resolved': '2014-09-06'}, { 'ip_address': '184.84.180.56', 'last_resolved': '2014-09-02'}, { 'ip_address': '184.86.240.34', 'last_resolved': '2015-05-18'}, { 'ip_address': '184.86.240.51', 'last_resolved': '2015-04-17'}, { 'ip_address': '192.204.4.26', 'last_resolved': '2013-05-22'}, { 'ip_address': '192.204.4.72', 'last_resolved': '2013-05-22'}, { 'ip_address': '198.173.2.43', 'last_resolved': '2013-10-13'}, { 'ip_address': '198.173.2.82', 'last_resolved': '2014-11-04'}, { 'ip_address': '198.173.3.64', 'last_resolved': '2014-01-13'}, { 'ip_address': '198.47.108.10', 'last_resolved': '2013-10-20'}, { 'ip_address': '198.47.108.58', 'last_resolved': '2014-02-22'}, { 'ip_address': '198.47.108.59', 'last_resolved': '2013-12-01'}, { 'ip_address': '198.63.196.35', 'last_resolved': '2015-01-27'}, { 'ip_address': '198.63.196.49', 'last_resolved': '2014-11-08'}, {'ip_address': '204.0.5.40', 'last_resolved': '2015-05-06'}, { 'ip_address': '204.0.54.138', 'last_resolved': '2013-11-06'}, { 'ip_address': '204.188.138.153', 'last_resolved': '2013-05-22'}, { 'ip_address': '204.188.138.57', 'last_resolved': '2013-05-22'}, { 'ip_address': '204.2.145.65', 'last_resolved': '2014-04-22'}, { 'ip_address': '204.2.193.136', 'last_resolved': '2017-02-15'}, { 'ip_address': '204.2.193.139', 'last_resolved': '2016-12-15'}, { 'ip_address': '204.2.215.11', 'last_resolved': '2014-04-26'}, {'ip_address': '204.2.215.8', 'last_resolved': '2014-04-24'}, { 'ip_address': '204.237.161.40', 'last_resolved': '2016-05-19'}, { 'ip_address': '204.237.161.41', 'last_resolved': '2015-12-23'}, { 'ip_address': '204.93.46.153', 'last_resolved': '2013-10-11'}, { 'ip_address': '204.93.46.155', 'last_resolved': '2014-12-31'}, { 'ip_address': '204.93.46.225', 'last_resolved': '2014-01-18'}, { 'ip_address': '204.93.47.202', 'last_resolved': '2013-12-15'}, { 'ip_address': '204.93.47.205', 'last_resolved': '2013-10-22'}, { 'ip_address': '204.94.153.144', 'last_resolved': '2013-07-02'}, { 'ip_address': '204.94.153.168', 'last_resolved': '2013-07-02'}, { 'ip_address': '204.95.26.35', 'last_resolved': '2015-02-27'}, { 'ip_address': '204.95.26.80', 'last_resolved': '2014-12-29'}, { 'ip_address': '205.185.206.136', 'last_resolved': '2015-02-11'}, { 'ip_address': '205.185.206.139', 'last_resolved': '2015-01-11'}, { 'ip_address': '205.185.206.146', 'last_resolved': '2015-02-23'}, { 'ip_address': '205.185.206.160', 'last_resolved': '2014-11-28'}, { 'ip_address': '205.185.206.186', 'last_resolved': '2013-10-09'}, { 'ip_address': '205.234.225.219', 'last_resolved': '2014-05-11'}, { 'ip_address': '205.234.225.240', 'last_resolved': '2015-01-25'}, { 'ip_address': '207.109.221.144', 'last_resolved': '2015-04-19'}, { 'ip_address': '207.109.221.146', 'last_resolved': '2015-03-19'}, { 'ip_address': '207.109.221.179', 'last_resolved': '2015-03-19'}, { 'ip_address': '207.109.221.192', 'last_resolved': '2015-03-31'}, { 'ip_address': '207.109.221.240', 'last_resolved': '2017-05-04'}, { 'ip_address': '207.152.124.136', 'last_resolved': '2014-11-22'}, { 'ip_address': '207.152.125.26', 'last_resolved': '2014-05-03'}, { 'ip_address': '207.86.215.169', 'last_resolved': '2014-02-13'}, { 'ip_address': '208.48.254.50', 'last_resolved': '2013-06-03'}, { 'ip_address': '209.133.57.40', 'last_resolved': '2016-06-12'}, { 'ip_address': '209.133.57.88', 'last_resolved': '2017-03-18'}, { 'ip_address': '209.95.152.27', 'last_resolved': '2014-06-12'}, { 'ip_address': '216.156.225.35', 'last_resolved': '2013-11-21'}, { 'ip_address': '216.156.225.48', 'last_resolved': '2013-11-17'}, { 'ip_address': '216.156.225.56', 'last_resolved': '2013-11-23'}, { 'ip_address': '216.156.249.137', 'last_resolved': '2013-12-03'}, { 'ip_address': '216.156.249.145', 'last_resolved': '2013-12-07'}, { 'ip_address': '216.156.249.32', 'last_resolved': '2013-10-24'}, { 'ip_address': '216.206.30.41', 'last_resolved': '2014-02-07'}, {'ip_address': '23.0.165.75', 'last_resolved': '2013-11-11'}, { 'ip_address': '23.204.108.74', 'last_resolved': '2015-05-05'}, { 'ip_address': '23.212.53.207', 'last_resolved': '2016-08-19'}, { 'ip_address': '23.212.53.220', 'last_resolved': '2016-03-25'}, { 'ip_address': '23.215.104.105', 'last_resolved': '2016-09-06'}, { 'ip_address': '23.215.104.128', 'last_resolved': '2016-09-07'}, { 'ip_address': '23.218.156.227', 'last_resolved': '2016-06-12'}, { 'ip_address': '23.218.156.232', 'last_resolved': '2016-06-12'}, {'ip_address': '23.3.12.18', 'last_resolved': '2014-07-26'}, {'ip_address': '23.3.12.66', 'last_resolved': '2014-07-24'}, {'ip_address': '23.3.68.147', 'last_resolved': '2014-07-28'}, {'ip_address': '23.3.68.202', 'last_resolved': '2014-08-06'}, {'ip_address': '23.3.68.218', 'last_resolved': '2014-07-29'}, { 'ip_address': '23.33.187.89', 'last_resolved': '2013-05-22'}, { 'ip_address': '23.33.187.96', 'last_resolved': '2013-05-22'}, { 'ip_address': '23.63.226.161', 'last_resolved': '2017-05-06'}, { 'ip_address': '23.63.226.176', 'last_resolved': '2017-04-09'}, { 'ip_address': '23.63.227.162', 'last_resolved': '2014-06-04'}, { 'ip_address': '23.63.227.192', 'last_resolved': '2014-05-21'}, {'ip_address': '23.7.245.48', 'last_resolved': '2017-05-31'}, {'ip_address': '23.7.245.64', 'last_resolved': '2017-05-24'}, {'ip_address': '23.7.245.73', 'last_resolved': '2017-05-12'}, { 'ip_address': '23.73.180.107', 'last_resolved': '2013-06-21'}, { 'ip_address': '23.73.180.114', 'last_resolved': '2013-06-21'}, {'ip_address': '23.74.8.218', 'last_resolved': '2016-05-21'}, {'ip_address': '23.74.9.33', 'last_resolved': '2016-05-02'}, {'ip_address': '23.74.9.43', 'last_resolved': '2015-03-01'}, { 'ip_address': '24.143.193.26', 'last_resolved': '2015-04-30'}, { 'ip_address': '24.143.193.40', 'last_resolved': '2015-04-15'}, { 'ip_address': '24.143.193.65', 'last_resolved': '2015-04-24'}, { 'ip_address': '63.216.54.145', 'last_resolved': '2013-12-19'}, { 'ip_address': '63.216.54.161', 'last_resolved': '2014-06-29'}, { 'ip_address': '63.216.54.18', 'last_resolved': '2013-10-31'}, { 'ip_address': '63.216.54.184', 'last_resolved': '2013-10-15'}, { 'ip_address': '63.217.208.147', 'last_resolved': '2016-02-18'}, { 'ip_address': '63.233.92.65', 'last_resolved': '2014-05-01'}, { 'ip_address': '63.236.253.17', 'last_resolved': '2015-03-21'}, { 'ip_address': '63.238.216.50', 'last_resolved': '2016-06-30'}, {'ip_address': '63.80.4.57', 'last_resolved': '2014-06-28'}, {'ip_address': '63.85.36.11', 'last_resolved': '2014-10-02'}, {'ip_address': '63.85.36.17', 'last_resolved': '2015-11-12'}, {'ip_address': '63.85.36.41', 'last_resolved': '2014-07-22'}, {'ip_address': '63.85.36.56', 'last_resolved': '2014-07-20'}, { 'ip_address': '64.145.86.17', 'last_resolved': '2014-05-23'}, { 'ip_address': '64.145.86.59', 'last_resolved': '2014-06-02'}, { 'ip_address': '65.152.202.120', 'last_resolved': '2016-10-06'}, { 'ip_address': '65.152.202.195', 'last_resolved': '2016-11-13'}, { 'ip_address': '65.172.31.27', 'last_resolved': '2014-02-03'}, { 'ip_address': '65.172.31.33', 'last_resolved': '2013-12-05'}, { 'ip_address': '65.172.31.43', 'last_resolved': '2014-01-01'}, { 'ip_address': '66.171.225.16', 'last_resolved': '2014-04-29'}, { 'ip_address': '66.198.26.57', 'last_resolved': '2016-11-14'}, { 'ip_address': '66.198.26.59', 'last_resolved': '2016-06-10'}, { 'ip_address': '66.198.26.67', 'last_resolved': '2016-06-09'}, { 'ip_address': '67.132.30.121', 'last_resolved': '2014-10-18'}, { 'ip_address': '67.132.30.137', 'last_resolved': '2014-10-04'}, { 'ip_address': '67.135.105.112', 'last_resolved': '2016-06-22'}, { 'ip_address': '67.135.105.129', 'last_resolved': '2016-06-23'}, { 'ip_address': '69.22.154.171', 'last_resolved': '2013-12-11'}, { 'ip_address': '72.246.40.10', 'last_resolved': '2016-12-16'}, { 'ip_address': '72.246.40.43', 'last_resolved': '2014-01-11'}, { 'ip_address': '72.246.55.11', 'last_resolved': '2014-04-05'}, { 'ip_address': '72.246.55.18', 'last_resolved': '2014-04-03'}, { 'ip_address': '77.67.86.121', 'last_resolved': '2013-12-30'}, { 'ip_address': '77.67.86.228', 'last_resolved': '2013-10-28'}, {'ip_address': '8.18.42.81', 'last_resolved': '2014-07-18'}, { 'ip_address': '80.239.237.49', 'last_resolved': '2015-04-10'}, {'ip_address': '90.84.55.10', 'last_resolved': '2014-10-14'}, {'ip_address': '90.84.55.26', 'last_resolved': '2014-10-14'}, {'ip_address': '96.16.6.176', 'last_resolved': '2015-09-01'}, {'ip_address': '96.17.10.64', 'last_resolved': '2015-10-13'}, {'ip_address': '96.17.10.83', 'last_resolved': '2016-04-15'}, {'ip_address': '96.17.10.90', 'last_resolved': '2016-05-26'}, { 'ip_address': '96.17.164.176', 'last_resolved': '2014-09-10'}, { 'ip_address': '96.17.164.184', 'last_resolved': '2014-04-07'}, {'ip_address': '96.6.46.67', 'last_resolved': '2013-11-25'}, {'ip_address': '96.6.46.73', 'last_resolved': '2013-11-02'}], 'response_code': '1', 'subdomains': [], 'votes': 0}

diogo-fernan commented 7 years ago

All your commands are failing because you do not have valid API keys for the services being used.

Read the description of malsub on the main page: "Most of these services require API keys that are generated after registering an account in their respective websites, which need to be specified in the apikey.yaml file according to the given structure."