Closed darrenmcentee closed 8 years ago
Hello @darrenmcentee, for start you can't rescan what is not scanned, so you need check for that verbose msg, and if you got it, upload to scan, and add to pend queue or any other way prefered by you to check later for report for that url
-r is short for --rescan -ur is short for --url-report
so don't use both options
you need to do one think, rescan or get report
vt.py -r urls_for_scan.txt > GP-000-Results.txt or vt.py -ur urls_for_scan.txt > GP-000-Results.txt
My suggestion is to use vt script as library and script it, see wiki for automatization
reopen this if any extra help needed
Hi, I am requesting ~50 file scan results, but for some I am getting "The requested resource is not among the finished, queued or pending scans", but when I view VT website for those SHA-1s I can see the results.
I am using this request :
https://www.virustotal.com/vtapi/v2/file/report
What can be the problem ?
from documentation Before performing your submissions we encourage you to retrieve the latest report on the files
so i would suggest first do -fs
or -rai
depend on your api type, and if not found then request for scan, as basically you asking for rescan sample
if you still have issue, can you share your list of samples to test?
This is code and samples :
`import json import urllib import urllib2
def get_detection_rate(sha1):
dr = {"detection_rate": "", "vt_link": ""}
url = "https://www.virustotal.com/vtapi/v2/file/report"
api_key_list = []
api_key_num = 0
# ask VT with every api key
while api_key_num < 4:
try:
parameters = {"resource": sha1, "apikey": api_key_list[api_key_num]}
data = urllib.urlencode(parameters)
req = urllib2.Request(url, data)
response = urllib2.urlopen(req,timeout=3)
json_string = response.read()
parsed_json = json.loads(json_string)
if str(parsed_json["response_code"]) != "0":
# update detection rate
dr["detection_rate"] = str(parsed_json["positives"]) + '/' + str(parsed_json["total"])
# update vt link
dr["vt_link"] = parsed_json['permalink']
break
except:
api_key_num = api_key_num + 1
if not dr["detection_rate"] and not dr["vt_link"]:
print "empty for " + sha1
else:
print "found for " + sha1
return dr
sha1s = "04bd1321551036e1738dbd9064f99c63a115becf,054efef9644b63f4b3bb9c664ac92a0698aef590,06d9283eaff05a4e6d3a04d9e7294a7f07ddd351,093a87031d311e937e813422e94231260b30b7aa,10829b63a496fc5fab389c9423641d787ef0fa3f,11dc931857eac2e9ed4177fd78d1986b0668597a,1235104c5ea47bf7ca8bd60aa166d748af1ed581,1744d6522fc9abdb9ee4f2255b430285496dd749,1b9604955d398784b4386088ec4c3ce8ef0b3052,1edf77ba99c7c973d461f5b62cb6c34e1a5d7be1,27ea339dac2c8abda9810a3b45162e459af2c903,311a0fb06232f905adc01df3817ccf7dfd6db73a,31a0a77adc4aed82570e6ab5dc279f1d3e6030e3,34b8a69c15dc3aa28fccd4303fc5f59bffc10458,3e4ad8c30599fa6fbaf0e1ef6c6685e010eab878,422ea500275d8818061d32b693b4cc96ee75828b,4fb0b8dc5208e1ee390f3391eb06add6409feea5,57b8e9e712d515d829c8cef52690beef11905456,5c26315243d40db66d02e274841631de1565c13a,5d4c9a96cdc888833c7317d37bb74bb0ad991b0e,61cf877819b344761bb1c5b3622a80705bd92378,6b1d0a34e9a050815e2fcfc0111a3a711b059e20,6e5fa6caabd84ecde727611dffa8918d589c122a,7016e316e82e084c5f44590a39af8e70e772ad62,7100689ac720bea999d4e94fc80027fcf86bd3e4,7260bf8b656a9b7766b200c391e0a7d035a805d1,72c26d9f0b9e69202bfe0871113d7df7f0407c19,7931f6cea232d82e913d57cc057d9db1328ca496,7a0351452a9c2e299c4c63f8af236afde94f4d89,7a08a87dee32ba340201a5c2ec2d85a4c81aeee2,7eb3b901aeb1ec12889440f6d6690873798069ae,8033d2370169342809d43c687b77ee0e0e4b9773,80bd9904d9f39cfa8fc65179b57ab9bf58a02d3f,81e701789acf9f2a432fe2527560c59f50b156a8,843d77d0e69c0cd7af8af313264ca12c9d5eb2c8,88f0d2fccae4142349731e378ea4931d5e930fa3,89ec25b15b7e7dd2f01178eac502122da4db5963,905df7ca339f5751a310f5b0cfc513276d08aa5d,95c12b0bf57d6034245c4b2a6726255f486e7141,98deb8979be90576c0fe154a02cc862cf92c7c0d,9f5b716a84a869592c492deafc6eedf8d71fb66a,a2fead7092fd67c0e4f9a2bf644dd7860b10bdd8,b51a6d25db9f8c6dd96805938c5d4f1c22ffb8e7,bfb6c6c2fda6a6914772ed6be845eadd4a5fbb86,c659339103d99f33dbc3304cc9d41bfebbcf4337,c91e02f3065711488ee2e4af25d4e0ba5aff630a,c9ab1a84afcc2d8cb5e5b341d16b9ce7a28752b8,d550051c10ad6e3106fb74dc63c4ac5b36df5b5d,d63413668a2ca7b2ca1ae51fdc0339ac"
for sha1 in sha1s.split(","): get_detection_rate(sha1) `
this is not related to my script, so i can't help
Sorry, thanks.
Hi, I have a URL list i want to scan with VT API. My current command is:
vt.py -r --rescan -ur urls_for_scan.txt > GP-000-Results.txt
This works well, and returns back the report from the URL scan. But within the report, about 1/3 (a third) of all the URLs scanned, come back with the response:
[!] Status : The requested resource is not among the finished, queued or pending scans
See attached.
Many are not scanned for me, so we are missing out on many URL scan reports.
Example out put in my:
Am i implementing this rescan incorrectly? Thanks, Darren.