sevsec
commented
3 years ago In the example above, if you have stored the API key in API, you need to use "$API" or $API, as "API" without the $ will not work.
Closed MesterPerfect closed 3 years ago
sevsec
commented
3 years ago In the example above, if you have stored the API key in API, you need to use "$API" or $API, as "API" without the $ will not work.
MesterPerfect
commented
3 years ago I modified the code and the same and still the same problem ./vt-scan.sh -a -k $cdac671b6dc3d57880a11761f594dd9c3ddb00b5c3c2b62ef5e83d405266b0f1 -f filesTest.zip or ./vt-scan.sh -a -k "$cdac671b6dc3d57880a11761f594dd9c3ddb00b5c3c2b62ef5e83d405266b0f1" -f filesTest.zip What is the correct code
sevsec
commented
3 years ago It's also worth noting that you cannot combine -a and -f at this time.
sevsec
commented
3 years ago I modified the code and the same and still the same problem ./vt-scan.sh -a -k $cdac671b6dc3d57880a11761f594dd9c3ddb00b5c3c2b62ef5e83d405266b0f1 -f filesTest.zip or ./vt-scan.sh -a -k "$cdac671b6dc3d57880a11761f594dd9c3ddb00b5c3c2b62ef5e83d405266b0f1" -f filesTest.zip What is the correct code
Either of those will work, so long as you drop the -a. If that is your API key, you may consider rotating it. (Also, afaik VT API keys do not begin with $ - are you sure you're using the correct key?)
MesterPerfect
commented
3 years ago I modified the code and the same and still the same problem ./vt-scan.sh -a -k $cdac671b6dc3d57880a11761f594dd9c3ddb00b5c3c2b62ef5e83d405266b0f1 -f filesTest.zip or ./vt-scan.sh -a -k "$cdac671b6dc3d57880a11761f594dd9c3ddb00b5c3c2b62ef5e83d405266b0f1" -f filesTest.zip What is the correct code
Either of those will work, so long as you drop the -a. If that is your API key, you may consider rotating it. (Also, afaik VT API keys do not begin with $ - are you sure you're using the correct key?)
I used this and it works
./vt-scan.sh -k cdac671b6dc3d57880a11761f594dd9c3ddb00b5c3c2b62ef5e83d405266b0f1 -f filesTest.zip
result
"data": {
"type": "analysis",
"id": "NjY3OTMzODI4YWRlMDY4MzFkOWNjMmM5MDdiNDFlYTU6MTYyMTE5NTE3MQ=="
}```
But I don't know what this means That means that the file was successfully submitted for analysis. Depending on the file size, analysis may take time. To retrieve the report associated with this submission, you'd take the value from the "id" key and use:
./vt-scan.sh -k $KEY -a "NjY3OTMzODI4YWRlMDY4MzFkOWNjMmM5MDdiNDFlYTU6MTYyMTE5NTE3MQ=="
MesterPerfect
commented
3 years ago ok, it really works
{
"meta": {
"file_info": {
"size": 5987145,
"sha256": "c2cfe8ec2758cd1169d197b5c61a454fa1e2a4259a896fdaf9c92fbd0eb7b5ac",
"name": "filesTest.zip",
"md5": "667933828ade06831d9cc2c907b41ea5",
"sha1": "14c27ebe75c7ca02839c132ae56c5cdb5348c9f3"
}
},
"data": {
"attributes": {
"date": 1621195171,
"status": "completed",
"stats": {
"harmless": 0,
"type-unsupported": 13,
"suspicious": 0,
"confirmed-timeout": 0,
"timeout": 2,
"failure": 0,
"malicious": 0,
"undetected": 59
},
"results": {
"Bkav": {
"category": "undetected",
"engine_name": "Bkav",
"engine_version": "1.3.0.9899",
"result": null,
"method": "blacklist",
"engine_update": "20210515"
},
"Elastic": {
"category": "type-unsupported",
"engine_name": "Elastic",
"engine_version": "4.0.21",
"result": null,
"method": "blacklist",
"engine_update": "20210420"
},
"MicroWorld-eScan": {
"category": "undetected",
"engine_name": "MicroWorld-eScan",
"engine_version": "14.0.409.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"FireEye": {
"category": "undetected",
"engine_name": "FireEye",
"engine_version": "32.44.1.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"CAT-QuickHeal": {
"category": "undetected",
"engine_name": "CAT-QuickHeal",
"engine_version": "14.00",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"McAfee": {
"category": "undetected",
"engine_name": "McAfee",
"engine_version": "6.0.6.653",
"result": null,
"method": "blacklist",
"engine_update": "20210504"
},
"Malwarebytes": {
"category": "undetected",
"engine_name": "Malwarebytes",
"engine_version": "4.2.2.27",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Zillya": {
"category": "undetected",
"engine_name": "Zillya",
"engine_version": "2.0.0.4364",
"result": null,
"method": "blacklist",
"engine_update": "20210514"
},
"AegisLab": {
"category": "timeout",
"engine_name": "AegisLab",
"engine_version": "4.2",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Paloalto": {
"category": "type-unsupported",
"engine_name": "Paloalto",
"engine_version": "1.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Sangfor": {
"category": "undetected",
"engine_name": "Sangfor",
"engine_version": "2.9.0.0",
"result": null,
"method": "blacklist",
"engine_update": "20210416"
},
"Trustlook": {
"category": "undetected",
"engine_name": "Trustlook",
"engine_version": "1.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Alibaba": {
"category": "undetected",
"engine_name": "Alibaba",
"engine_version": "0.3.0.5",
"result": null,
"method": "blacklist",
"engine_update": "20190527"
},
"K7GW": {
"category": "undetected",
"engine_name": "K7GW",
"engine_version": "11.182.37192",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"K7AntiVirus": {
"category": "undetected",
"engine_name": "K7AntiVirus",
"engine_version": "11.182.37192",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"BitDefenderTheta": {
"category": "undetected",
"engine_name": "BitDefenderTheta",
"engine_version": "7.2.37796.0",
"result": null,
"method": "blacklist",
"engine_update": "20210513"
},
"Cyren": {
"category": "undetected",
"engine_name": "Cyren",
"engine_version": "6.3.0.2",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"SymantecMobileInsight": {
"category": "type-unsupported",
"engine_name": "SymantecMobileInsight",
"engine_version": "2.0",
"result": null,
"method": "blacklist",
"engine_update": "20210126"
},
"Symantec": {
"category": "undetected",
"engine_name": "Symantec",
"engine_version": "1.14.0.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"ESET-NOD32": {
"category": "undetected",
"engine_name": "ESET-NOD32",
"engine_version": "23305",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Baidu": {
"category": "undetected",
"engine_name": "Baidu",
"engine_version": "1.0.0.2",
"result": null,
"method": "blacklist",
"engine_update": "20190318"
},
"TrendMicro-HouseCall": {
"category": "undetected",
"engine_name": "TrendMicro-HouseCall",
"engine_version": "10.0.0.1040",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Avast": {
"category": "undetected",
"engine_name": "Avast",
"engine_version": "21.1.5827.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"ClamAV": {
"category": "undetected",
"engine_name": "ClamAV",
"engine_version": "0.103.2.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Kaspersky": {
"category": "undetected",
"engine_name": "Kaspersky",
"engine_version": "21.0.1.45",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"BitDefender": {
"category": "undetected",
"engine_name": "BitDefender",
"engine_version": "7.2",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"NANO-Antivirus": {
"category": "undetected",
"engine_name": "NANO-Antivirus",
"engine_version": "1.0.146.25311",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"SUPERAntiSpyware": {
"category": "undetected",
"engine_name": "SUPERAntiSpyware",
"engine_version": "5.6.0.1032",
"result": null,
"method": "blacklist",
"engine_update": "20210515"
},
"Rising": {
"category": "undetected",
"engine_name": "Rising",
"engine_version": "25.0.0.26",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Ad-Aware": {
"category": "undetected",
"engine_name": "Ad-Aware",
"engine_version": "3.0.21.179",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"TACHYON": {
"category": "undetected",
"engine_name": "TACHYON",
"engine_version": "2021-05-16.02",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Sophos": {
"category": "undetected",
"engine_name": "Sophos",
"engine_version": "1.0.2.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Comodo": {
"category": "undetected",
"engine_name": "Comodo",
"engine_version": "33534",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"F-Secure": {
"category": "undetected",
"engine_name": "F-Secure",
"engine_version": "12.0.86.52",
"result": null,
"method": "blacklist",
"engine_update": "20210331"
},
"DrWeb": {
"category": "undetected",
"engine_name": "DrWeb",
"engine_version": "7.0.49.9080",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"VIPRE": {
"category": "undetected",
"engine_name": "VIPRE",
"engine_version": "92600",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"TrendMicro": {
"category": "undetected",
"engine_name": "TrendMicro",
"engine_version": "11.0.0.1006",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"McAfee-GW-Edition": {
"category": "undetected",
"engine_name": "McAfee-GW-Edition",
"engine_version": "v2019.1.2+3728",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"SentinelOne": {
"category": "type-unsupported",
"engine_name": "SentinelOne",
"engine_version": "5.0.0.20",
"result": null,
"method": "blacklist",
"engine_update": "20210215"
},
"Trapmine": {
"category": "type-unsupported",
"engine_name": "Trapmine",
"engine_version": "3.5.0.1023",
"result": null,
"method": "blacklist",
"engine_update": "20200727"
},
"CMC": {
"category": "undetected",
"engine_name": "CMC",
"engine_version": "2.10.2019.1",
"result": null,
"method": "blacklist",
"engine_update": "20210506"
},
"Emsisoft": {
"category": "undetected",
"engine_name": "Emsisoft",
"engine_version": "2018.12.0.1641",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"APEX": {
"category": "type-unsupported",
"engine_name": "APEX",
"engine_version": "6.163",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Avast-Mobile": {
"category": "undetected",
"engine_name": "Avast-Mobile",
"engine_version": "210516-00",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Jiangmin": {
"category": "undetected",
"engine_name": "Jiangmin",
"engine_version": "16.0.100",
"result": null,
"method": "blacklist",
"engine_update": "20210515"
},
"Webroot": {
"category": "type-unsupported",
"engine_name": "Webroot",
"engine_version": "1.0.0.403",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Avira": {
"category": "undetected",
"engine_name": "Avira",
"engine_version": "8.3.3.12",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"eGambit": {
"category": "type-unsupported",
"engine_name": "eGambit",
"engine_version": null,
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Antiy-AVL": {
"category": "undetected",
"engine_name": "Antiy-AVL",
"engine_version": "3.0.0.1",
"result": null,
"method": "blacklist",
"engine_update": "20210514"
},
"Kingsoft": {
"category": "undetected",
"engine_name": "Kingsoft",
"engine_version": "2017.9.26.565",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Microsoft": {
"category": "undetected",
"engine_name": "Microsoft",
"engine_version": "1.1.18100.6",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Gridinsoft": {
"category": "undetected",
"engine_name": "Gridinsoft",
"engine_version": "1.0.40.132",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Arcabit": {
"category": "undetected",
"engine_name": "Arcabit",
"engine_version": "1.0.0.886",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"ViRobot": {
"category": "undetected",
"engine_name": "ViRobot",
"engine_version": "2014.3.20.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"ZoneAlarm": {
"category": "undetected",
"engine_name": "ZoneAlarm",
"engine_version": "1.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"GData": {
"category": "undetected",
"engine_name": "GData",
"engine_version": "A:25.29669B:27.23028",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Cynet": {
"category": "undetected",
"engine_name": "Cynet",
"engine_version": "4.0.0.27",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"BitDefenderFalx": {
"category": "type-unsupported",
"engine_name": "BitDefenderFalx",
"engine_version": "2.0.936",
"result": null,
"method": "blacklist",
"engine_update": "20200916"
},
"AhnLab-V3": {
"category": "undetected",
"engine_name": "AhnLab-V3",
"engine_version": "3.20.0.10177",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Acronis": {
"category": "type-unsupported",
"engine_name": "Acronis",
"engine_version": "1.1.1.82",
"result": null,
"method": "blacklist",
"engine_update": "20210512"
},
"VBA32": {
"category": "undetected",
"engine_name": "VBA32",
"engine_version": "5.0.0",
"result": null,
"method": "blacklist",
"engine_update": "20210515"
},
"ALYac": {
"category": "undetected",
"engine_name": "ALYac",
"engine_version": "1.1.3.1",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"MAX": {
"category": "undetected",
"engine_name": "MAX",
"engine_version": "2019.9.16.1",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Cylance": {
"category": "type-unsupported",
"engine_name": "Cylance",
"engine_version": "2.3.1.101",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Zoner": {
"category": "undetected",
"engine_name": "Zoner",
"engine_version": "0.0.0.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Tencent": {
"category": "undetected",
"engine_name": "Tencent",
"engine_version": "1.0.0.1",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Yandex": {
"category": "undetected",
"engine_name": "Yandex",
"engine_version": "5.5.2.24",
"result": null,
"method": "blacklist",
"engine_update": "20210514"
},
"Ikarus": {
"category": "undetected",
"engine_name": "Ikarus",
"engine_version": "0.1.5.2",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"MaxSecure": {
"category": "timeout",
"engine_name": "MaxSecure",
"engine_version": "1.0.0.1",
"result": null,
"method": "blacklist",
"engine_update": "20210514"
},
"Fortinet": {
"category": "undetected",
"engine_name": "Fortinet",
"engine_version": "6.2.142.0",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"Cybereason": {
"category": "type-unsupported",
"engine_name": "Cybereason",
"engine_version": "1.2.449",
"result": null,
"method": "blacklist",
"engine_update": "20210330"
},
"Panda": {
"category": "undetected",
"engine_name": "Panda",
"engine_version": "4.6.4.2",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
},
"CrowdStrike": {
"category": "type-unsupported",
"engine_name": "CrowdStrike",
"engine_version": "1.0",
"result": null,
"method": "blacklist",
"engine_update": "20210203"
},
"Qihoo-360": {
"category": "undetected",
"engine_name": "Qihoo-360",
"engine_version": "1.0.0.1120",
"result": null,
"method": "blacklist",
"engine_update": "20210516"
}
}
},
"type": "analysis",
"id": "NjY3OTMzODI4YWRlMDY4MzFkOWNjMmM5MDdiNDFlYTU6MTYyMTE5NTE3MQ==",
"links": {
"self": "https://www.virustotal.com/api/v3/analyses/NjY3OTMzODI4YWRlMDY4MzFkOWNjMmM5MDdiNDFlYTU6MTYyMTE5NTE3MQ%3D%3D"
}
}thanks @sevsec
sevsec
commented
3 years ago Great to hear, you're welcome. Resolving.
Hello I tried to check a file and recover its results using this ./vt-scan.sh -a -k API -f filesTest.zip I am facing this error ./vt-scan.sh: line 112: APIKEY: unbound variable