search

doomedraven / VirusTotalApi

VirusTotal Full api
MIT License
294 stars 85 forks source link

Multiple issues with download #15

Closed melomac closed 7 years ago

melomac commented 7 years ago

Hi

When I download a file, vt doesn't exit after download:

$ vt -dl ebf27a5ff315e5d78245ec3a7144e6c896f6a0be9122c16a46fad8ecea84cb5d
    Downloaded to File -- ebf27a5ff315e5d78245ec3a7144e6c896f6a0be9122c16a46fad8ecea84cb5d
^C
$ sha2 ebf27a5ff315e5d78245ec3a7144e6c896f6a0be9122c16a46fad8ecea84cb5d 
ebf27a5ff315e5d78245ec3a7144e6c896f6a0be9122c16a46fad8ecea84cb5d  ebf27a5ff315e5d78245ec3a7144e6c896f6a0be9122c16a46fad8ecea84cb5d

When I download a pcap, vt download strange files, and not the expected pcap:

$ vt --pcap ebf27a5ff315e5d78245ec3a7144e6c896f6a0be9122c16a46fad8ecea84cb5d
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- setled {CAMNUM | c[urrent]} MODE  set LED (0=off
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- getlogi {CAMNUM | c[urrent]}  get Logitech properties
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- set {CAMNUM | c[urrent]} CONTROLIND {VAL | a[uto]}    set controls
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- get {CAMNUM | c[urrent]}  get controls
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- savegraph save current graph to C:\z.grf
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- list  verbose list
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
 [-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- ??????    ?u??
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
 [-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- ??љ??f?^C???$???????????x>?????9?}?1?f?^C???~?????????E 9???????????
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- ????
                                  ???R?€?????~???????1ۉ$?????????????M???4
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- B????
                                   ???
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- B????
                                   ???
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- B????
                                   ???
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- B????
                                   ???
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- B????
                                   ???
[-] Downloaded content has not the same hash as requested
    Downloaded to File -- B????
                                   ???
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
[-] Downloaded content has not the same hash as requested
^C

$ ls
%83%C1%80%89?%83%C3??%B6R?%83?%89?%83%C3?%83%FE?~%8D%8D%85%E8%FE%FF%FF1ۉ?$%FF%95%E0%FE%FF%FF%8B%95%DC%FE%FF%FF%8BM?%C1%E2?%8D4
%89%C8?%9F%C2%C1%E8??%C2u?%83%F9
%EB?%89љ%F7%F9f%89?^C%83%FB??$%8B%84%9D%E8%FE%FF%FF%8B?%9F%85%C0x>%89%D1%D1%F9?%C89%D0}%D91%C0f%89?^C%83%FB?~%DC%FF%85%DC%FE%FF%FF%83E??%8BE 9%85%DC%FE%FF%FF?%82?%FF%FF%FF%81%C4
B%83%C1%80%89?%83%C3??%B6
ebf27a5ff315e5d78245ec3a7144e6c896f6a0be9122c16a46fad8ecea84cb5d
get {CAMNUM | c[urrent]}?get controls
getlogi {CAMNUM | c[urrent]}?get Logitech properties
list?verbose list
savegraph?save current graph to C:\z.grf
set {CAMNUM | c[urrent]} CONTROLIND {VAL | a[uto]}?set controls
setled {CAMNUM | c[urrent]} MODE?set LED (0=off

These issues were found on current master, on up-to-date OS X El Capitan, with private API and intelligence access.

doomedraven commented 7 years ago

check the last update, that should fix both issues :) let me know if that works for you, on my side worked perfectly

melomac commented 7 years ago

Hi, thank you for being reactive.

I am sorry, the commit only fixed the file download issue, not the pcap download issue.

To reproduce the issue, you have to download the file first, or to download the pcap twice.

It is also worth noting that an empty file with the same name will not raise the problem, but will leave the destination empty.

doomedraven commented 7 years ago

the problem is, that is planed to be able pass any text file with hashes and you will can downlaod list of them, so i need to think how to solve that

melomac commented 7 years ago

ah... tricky.

macOS codesign have a similar behavior: if a filename starts with a number, it will try to look for a launched process code signature. the only way to workaround is to preprend ./ to the filename.

a fix could be to tell the user: correct wording for filename is leading to confusion when filename size == a hash size and filename only contains hash chr?

please also note that pcap file are not named according to the usage description:

  --pcap                The md5/sha1/sha256 hash of the file whose network
                        traffic dump you want to retrieve. Will save as
                        VTDL_hash.pcap

(while I would prefer hash.pcap).

doomedraven commented 7 years ago

yah probably will be the best to force to users use .txt, yes i prefer more too hash.pcap, let me add this changes

doomedraven commented 7 years ago

check update, that should solve the double download, + will add .pcap if that file is pcap, thansk for reporting and testing

doomedraven commented 7 years ago

to download from file file should ends with .txt

melomac commented 7 years ago

Thank you! Cheers!

doomedraven commented 7 years ago

you are welcome, feel free to ping me for any feature/bug etc, and thanks for beer ;)