Rooba
/
cowrie
mirror of https://github.com/cowrie/cowrie.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

run with 'allinfo' to get more data (#1130)

This commit is contained in:
Michel Oosterhof 2019-05-16 18:12:35 +04:00 committed by GitHub
parent af89919b16
commit 2c39da7684
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/cowrie/output/virustotal.py
View File

@ -85,7 +85,6 @@ class Output(cowrie.core.output.Output):
def write(self, entry):
if entry["eventid"] == 'cowrie.session.file_download':
# TODO: RENABLE file upload to virustotal (git commit 6546f1ee)
if self.scan_url and 'url' in entry:
log.msg("Checking url scan report at VT")
self.scanurl(entry)
@ -122,7 +121,7 @@ class Output(cowrie.core.output.Output):
"""
vtUrl = '{0}file/report'.format(VTAPI_URL).encode('utf8')
headers = http_headers.Headers({'User-Agent': [COWRIE_USER_AGENT]})
fields = {'apikey': self.apiKey, 'resource': entry["shasum"]}
fields = {'apikey': self.apiKey, 'resource': entry["shasum"], 'allinfo': 1}
body = StringProducer(urlencode(fields).encode("utf-8"))
d = self.agent.request(b'POST', vtUrl, headers, body)
@ -277,7 +276,7 @@ class Output(cowrie.core.output.Output):
"""
vtUrl = '{0}url/report'.format(VTAPI_URL).encode('utf8')
headers = http_headers.Headers({'User-Agent': [COWRIE_USER_AGENT]})
fields = {'apikey': self.apiKey, 'resource': entry['url'], 'scan': 1}
fields = {'apikey': self.apiKey, 'resource': entry['url'], 'scan': 1, 'allinfo': 1}
body = StringProducer(urlencode(fields).encode("utf-8"))
d = self.agent.request(b'POST', vtUrl, headers, body)