tomgold182 · blahberi · May 19, 2020
diff --git a/Clients/Client.py b/Clients/Client.py
@@ -0,0 +1,3 @@
+class Client:
+    def __init__(self, apiKey):
+        self.apiKey = apiKey
diff --git a/Clients/VTClient.py b/Clients/VTClient.py
@@ -0,0 +1,86 @@
+import requests
+from Clients.Client import Client
+
+class VTClient(Client):
+    def __init__(self, apiKey):
+        super().__init__(apiKey)
+        self.baseURL = 'https://www.virustotal.com/vtapi/v2/'
+
+    def get_url_report(self,URL):
+        try:
+            requestURL = f'{self.baseURL}url/report?apikey={self.apiKey}&resource={URL}/'
+            payload = {}
+            headers = {}
+            response = requests.request("GET", requestURL, headers=headers, data=payload)
+            if response.status_code == 204:
+                raise Exception("To much API requests")
+            info = response.json()
+            if info["response_code"] == 0:
+                raise Exception(info["verbose_msg"])
+            return info
+
+        except Exception as e:
+            print(e)
+            raise Exception(e)
+
+
+    def get_ip_report(self,IP):
+        try:
+            requestURL = f'{self.baseURL}ip-address/report?apikey={self.apiKey}&ip={IP}'
+            payload = {}
+            headers = {}
+            response = requests.request("GET", requestURL, headers=headers, data=payload)
+            if response.status_code == 403:
+                return 'invalid api'
+            result = response.json()
+            if response.status_code == 204:
+                raise Exception("To much API requests")
+            info = response.json()
+            if info["response_code"] == 0:
+                raise Exception(info["verbose_msg"])
+            return info
+
+        except Exception as e:
+            print(e)
+            raise Exception(e)
+
+    def scan_file(self, filePath):
+        try:
+            url = f'{self.baseURL}file/scan'
+
+            params = {'apikey': self.apiKey}
+
+            files = {'file': (filePath, open(filePath, 'rb'))}
+
+            response = requests.post(url, files=files, params=params)
+            info = response.json()
+            if info['response_code'] == 204:
+                print("to many api requests")
+            if info["response_code"] == 1:
+                return info["scan_id"]
+            else:
+                raise Exception("error")
+        except Exception as e:
+            raise e
+
+    def get_file_report(self, scan_id):
+        url = f'{self.baseURL}file/report'
+
+        params = {'apikey': self.apiKey, 'resource': scan_id}
+        response = requests.get(url, params=params)
+        info = response.json()
+        if 'positives' in info:
+            if response.status_code == 204:
+                raise Exception("to many api requests")
+                return False
+            elif response.status_code == 200:
+                return info
+            elif response.status_code == 403:
+                raise Exception("this api key is forbiden. try again later")
+                return False
+            elif response.status_code == 404:
+                return False
+            else:
+                return False
+        else:
+            return False
diff --git a/VTPackage/__init__.py → Clients/__init__.py b/VTPackage/__init__.py → Clients/__init__.py
diff --git a/Clients/shodanClient.py b/Clients/shodanClient.py
@@ -0,0 +1,14 @@
+from Clients.Client import Client
+import shodan
+
+class shodanClient(Client):
+    def __init__(self, apiKey):
+        super().__init__(apiKey)
+        self.api = shodan.Shodan(apiKey)
+
+
+    def get_ip_report(self, IP):
+        # Search Shodan
+        response = self.api.host(IP)
+        print(response)
+        return response
diff --git a/Main.py b/Main.py
@@ -1,4 +1,4 @@
-from VTPackage import VTApp
+from UI.VTApp import VTApp
 
-vtApp = VTApp.VTApp()
+vtApp = VTApp()
 vtApp.start()
diff --git a/UI/Consts.py b/UI/Consts.py
@@ -0,0 +1 @@
+ENTRY_WIDTH = 40
diff --git a/UI/FileReportTab.py b/UI/FileReportTab.py
@@ -0,0 +1,131 @@
+from tkinter import ttk
+from tkinter import StringVar
+from UI import Consts
+from tkinter import filedialog
+from tkinter import messagebox
+import time
+
+
+class FileReportTab:
+
+    def __init__(self, root, frame, vtClient):
+        self.root = root
+        self.frame = frame
+        self.vtClient = vtClient
+
+        self.mainVTURLframe = ttk.LabelFrame(frame, text='File report')
+        self.mainVTURLframe.grid(column=0, row=1, padx=8, pady=4)
+
+        ttk.Label(self.mainVTURLframe, text="Progress:").grid(column=0, row=1, sticky='W')  # <== right-align
+        self.progressBar = ttk.Progressbar(self.mainVTURLframe, orient='horizontal', length=300, mode='determinate')
+        self.progressBar.grid(column=1, row=1)
+
+        ttk.Label(self.mainVTURLframe, text="File path:").grid(column=0, row=2, sticky='W')  # <== right-align
+        self.filePath = StringVar()
+        filePathEntry = ttk.Entry(self.mainVTURLframe, width=Consts.ENTRY_WIDTH, textvariable=self.filePath, state='readonly')
+        filePathEntry.grid(column=1, row=2, sticky='W')
+
+        ttk.Label(self.mainVTURLframe, text="Status:").grid(column=0, row=3, sticky='W')  # <== right-align
+        self.status = StringVar()
+        statusEntry = ttk.Entry(self.mainVTURLframe, width=Consts.ENTRY_WIDTH, textvariable=self.status, state='readonly')
+        statusEntry.grid(column=1, row=3, sticky='W')
+
+        ttk.Label(self.mainVTURLframe, text="Positive Indications:").grid(column=0, row=4, sticky='W')  # <== right-align
+        self.positiveIndications = StringVar()
+        positiveIndicationsEntry = ttk.Entry(self.mainVTURLframe, width=Consts.ENTRY_WIDTH, textvariable=self.positiveIndications, state='readonly')
+        positiveIndicationsEntry.grid(column=1, row=4, sticky='W')
+
+        ttk.Label(self.mainVTURLframe, text="SHA1:").grid(column=0, row=5, sticky='W')  # <== right-align
+        self.sha1 = StringVar()
+        sha1Entry = ttk.Entry(self.mainVTURLframe, width=Consts.ENTRY_WIDTH, textvariable=self.sha1, state='readonly')
+        sha1Entry.grid(column=1, row=5, sticky='W')
+
+        ttk.Label(self.mainVTURLframe, text="SHA256:").grid(column=0, row=6, sticky='W')  # <== right-align
+        self.sha256 = StringVar()
+        sha256Entry = ttk.Entry(self.mainVTURLframe, width=Consts.ENTRY_WIDTH, textvariable=self.sha256,
+                                state='readonly')
+        sha256Entry.grid(column=1, row=6, sticky='W')
+
+        chooseFileButton = ttk.Button(self.mainVTURLframe, text="Choose File", width=40, command=self.show_file_report).grid(
+            column=1, row=0)
+
+        self.scanCheckingTimeInterval = 25000  # This is the amount of time we are going to wait before asking VT again if it already processed our scan request
+
+        for child in self.mainVTURLframe.winfo_children():
+            child.grid_configure(padx=4, pady=2)
+
+
+    def move_progressbar(self, amount = 100):
+        previousAmount = self.progressBar['value']
+        for i in range(amount - int(previousAmount)):
+            self.progressBar['value'] = previousAmount + i + 1
+            time.sleep(0.05)
+            self.progressBar.update()
+
+
+    def _scanFile(self):
+        try:
+            self.progressBar['value'] = 0
+            filePath = filedialog.askopenfilename(initialdir="/", title="Select file to scan",
+                                                  filetypes=(('All files', "*"),
+                                                             ('EXE files', "*.exe"),
+                                                             ("Jar files", "*.jar")))
+            self.move_progressbar(25)
+
+            if (filePath):
+                self.filePath.set(filePath)
+                self.status.set('scaning file')
+                self.scanID = self.vtClient.scan_file(filePath)
+                self.move_progressbar(50)
+                for t in range(3):
+                    t = t + 1
+                    self.scanResult = self.vtClient.get_file_report(self.scanID)
+                    if self.scanResult != False:
+                        self.move_progressbar(100)
+                        self.status.set("scan finished")
+                        print('scan has finished')
+                        return self.scanResult
+                    else:
+                        self.move_progressbar(50 + 16 * t)
+                        print('scan not finished')
+                        time.sleep(10)
+                print('scan failed')
+                return False
+            self.root.lift()
+            messagebox.showerror(title = "no file", message = 'this is not a file. \n please choose a valid file')
+
+
+
+        except Exception as e:
+            self.root.lift()
+            messagebox.showerror(title = "Error", message = "an error occurred while scanning this file. \n try again")
+            raise e
+            return False
+            pass
+
+
+    def checkStatus(self):
+        try:
+            print("checking")
+            self.scanResult = self.vtClient.get_file_report(self.scanID)
+
+            if self.scanResult["response_code"] == -2:
+                self.status.set("scanning...")
+                self.progressBar['value'] = self.progressBar['value'] + 5
+            else:
+                self.hasScanFinished = True
+                self.sha1.set(self.scanResult["sha1"])
+                self.sha256.set(self.scanResult["sha256"])
+
+        except Exception as e:
+            pass
+    def show_file_report(self):
+        fileReport = self._scanFile()
+        if fileReport == False:
+            self.status.set("scan failed")
+            return
+        self.positiveIndications.set(fileReport['positives'])
+        self.sha1.set(fileReport['sha1'])
+        self.sha256.set(fileReport['sha256'])
+
+
diff --git a/UI/IPreportTab.py b/UI/IPreportTab.py
@@ -0,0 +1,82 @@
+from tkinter import ttk
+from tkinter import StringVar
+
+ENTRY_WIDTH = 40
+
+class IPreportTab:
+    def __init__(self, root, frame, clients):
+        self.vtClient = clients[0]
+        self.shodanClient = clients[1]
+        self.root = root
+        self.frame = frame
+        self.mainVTIPFrame = ttk.Labelframe(frame, text = 'IP report tab')
+
+
+        self.mainVTIPFrame.grid(column = 0, row = 0, padx = 8, pady = 4)
+        ttk.Label(self.mainVTIPFrame, text = "IP:").grid(column = 0, row = 0, sticky = "W")
+        ipEntry = ttk.Entry(self.mainVTIPFrame)
+        ipEntry.grid(column = 1, row = 0, sticky = "E")
+
+
+        ttk.Label(self.mainVTIPFrame, text = "Country:").grid(column = 0, row = 1, sticky = "W")
+        Country = StringVar()
+        ttk.Entry(self.mainVTIPFrame, textvariable = Country, state = 'readonly').grid(column = 1, row = 1, sticky = "E")
+
+
+        ttk.Label(self.mainVTIPFrame, text = "Owner:").grid(column = 0, row = 2, sticky = "W")
+        Owner = StringVar()
+        ttk.Entry(self.mainVTIPFrame, textvariable = Owner, state = 'readonly').grid(column = 1, row = 2, sticky = "E")
+
+
+        ttk.Label(self.mainVTIPFrame, text = "Number of detected URLS:").grid(column = 0, row = 3, sticky = "W")
+        NumberOfDetectedURLS = StringVar()
+        ttk.Entry(self.mainVTIPFrame, textvariable = NumberOfDetectedURLS, state = 'readonly').grid(column = 1, row = 3, sticky = "E")
+
+
+        ttk.Label(self.mainVTIPFrame, text = "Number of detected malicious files:").grid(column = 0, row = 4, sticky = "W")
+        NumberOfDetectedMaliciousFiles = StringVar()
+        ttk.Entry(self.mainVTIPFrame, textvariable = NumberOfDetectedMaliciousFiles, state = 'readonly').grid(column = 1, row = 4, sticky = "E")
+
+
+        ttk.Label(self.mainVTIPFrame, text = "open ports").grid(column = 0, row = 5, sticky = "W")
+        ports = StringVar()
+        ttk.Entry(self.mainVTIPFrame, textvariable = ports, state = 'readonly').grid(column = 1, row = 5, sticky = "E")
+
+
+        notificationFrame = ttk.LabelFrame(self.frame, text=' Notifications', width=40)
+        # using the tkinter grid layout manager
+        notificationFrame.grid(column=0, row=1, padx=8, pady=10, sticky='W')
+
+
+        ttk.Label(notificationFrame, text="Errors:").grid(column=0, row=0, sticky='W')  # <== increment row for each
+        Error = StringVar()
+        ErrorEntry = ttk.Entry(notificationFrame, width=ENTRY_WIDTH, textvariable=Error, state='readonly')
+        ErrorEntry.grid(column=1, row=0, sticky='W')
+
+        def CleanErrorMessage():
+            Error.set('')
+
+
+        def print_ip_report():
+            try:
+                CleanErrorMessage()  # Starting with cleaning the error message bar
+                if not ipEntry.get():
+                    print('Please enter a IP')
+                    Error.set("Please enter a IP!")
+                    return
+
+                ipToCheck = ipEntry.get()
+                VTresponse = self.vtClient.get_ip_report(ipToCheck)
+                SHODANresponse = self.shodanClient.get_ip_report(ipToCheck)
+                print(VTresponse)
+                Country.set(VTresponse["country"])
+                Owner.set(VTresponse["as_owner"])
+                NumberOfDetectedURLS.set(len(VTresponse["detected_urls"]))
+                NumberOfDetectedMaliciousFiles.set(len(VTresponse["detected_downloaded_samples"]))
+                ports.set(SHODANresponse["ports"])
+
+
+            except Exception as e:
+                raise e
+                Error.set(e)
+        ttk.Button(self.mainVTIPFrame, text = "Check in VT", command = print_ip_report).grid(column = 2, row = 0, sticky = "E")