vmray: github.com/scusi/vmray Index | Files | Directories

package vmray

import "github.com/scusi/vmray"

vmray api module for go

vmray allows to communicate with the API of VmRay. VmRay is a 3rd generation malware execution and analysis environment. For more Information see: http://www.vmray.com/

This module has been written by Florian 'scusi' Walther.

For examples how to use this module see Examples directory.

Index

Package Files

vmray.go

Constants

const (
    DefaultURL = "https://cloud.vmray.com/api/"

    GlobalSignRootCA = "" /* 1264 byte string literal not displayed */

)

func SetErrorLog Uses

func SetErrorLog(logger *log.Logger) func(*Client) error

SetErrorLog sets the logger for critical messages. It is nil by default.

func SetTraceLog Uses

func SetTraceLog(logger *log.Logger) func(*Client) error

SetTraceLog specifies the logger to use for output of trace messages like HTTP requests and responses. It is nil by default.

type AnalysisInfoDetails Uses

type AnalysisInfoDetails struct {
    AnalyzerType              string  `json:"analyzer_type"`
    AnalysisSnapshotId        float64 `json:"analysis_snapshot_id"`
    VmhostName                string  `json:"vmhost_name"`
    AnalysisCreated           string  `json:"analysis_created"`
    AnalysisSize              float64 `json:"analysis_size"`
    AnalysisJobStarted        string  `json:"analysis_job_started"`
    SnapshotName              string  `json:"snapshot_name"`
    AnalysisResult            string  `json:"analysis_result"`
    AnalysisJobId             float64 `json:"analysis_job_id"`
    AnalysisCmdlineId         float64 `json:"analysis_cmdline_id"`
    AnalysisConfigurationID   float64 `json:"analysis_configuration_id"`
    AnalysisUserConfigID      float64 `json:"analysis_user_config_id"`
    AnalyzerName              string  `json:"analyzer_name"`
    AnalysisJobruleId         float64 `json:"analysis_jobrule_id"`
    AnalysisPriority          float64 `json:"analysis_priority"`
    Target                    string  `json:"target"`
    AnalysisHint              float64 `json:"analysis_hint"`
    AnalysisAnalyzerVersion   string  `json:"analysis_analyzer_version"`
    ConfigurationName         string  `json:"configuration_name"`
    AnalysisUserId            float64 `json:"analysis_user_id"`
    AnalysisId                float64 `json:"analysis_id"`
    AnalysisExternalReference string  `json:"analysis_external_reference"`
    AnalysisVmhostId          float64 `json:"analysis_vmhost_id"`
    VmName                    string  `json:"vm_name"`
    AnalysisAnalyzerId        float64 `json:"analysis_analyzer_id"`
    AnalysisPrescriptId       float64 `json:"analysis_prescript_id"`
    AnalysisSampleId          float64 `json:"analysis_sample_id"`
    AnalysisServerity         float64 `json:"analysis_severity"`
    AnalysisVmId              float64 `json:"analysis_vm_id"`
}

type AnalysisInfoResults Uses

type AnalysisInfoResults struct {
    Analyses map[string]AnalysisInfoDetails `json:"Analyses"`
    Jobs     JobInfoResult                  `json:"jobs"`
}

AnalysisInfoResult is a datastructure to hold results from GetAnalysisInfo

type Client Uses

type Client struct {
    // contains filtered or unexported fields
}

Client type, holds all data we need for a api client

func New Uses

func New(options ...OptionFunc) (*Client, error)

New configures a new vmray client.

Example on how to use vmray.New:

c, err := vmray.New(
    vmray.SetBasicAuth(os.Getenv("VMRAY_EMAIL"), os.Getenv("VMRAY_PASSWD")),
)

Example with custom http client and URL, error logging and request tracing

c, err := vmray.New(
    vmray.SetHttpClient(httpclient),
    vmray.SetUrl("https://vmray.mydomain.com/api/"),
    vmray.SetErrorLog(log.New(os.Stderr, "vmray error: ", log.Lshortfile)),
    vmray.SetTraceLog(log.New(os.Stderr, "vmray trace: ", log.Lshortfile)),
    vmray.SetBasicAuth(os.Getenv("VMRAY_EMAIL"), os.Getenv("VMRAY_PASSWD")),
)

func (*Client) DownloadAnalysis Uses

func (self *Client) DownloadAnalysis(id string) (data []byte, err error)

DownloadAnalysis downloads results of an VmRay analysis as zip file.

func (*Client) FindSample Uses

func (self *Client) FindSample(hash string) (r *FindSampleResult, err error)

FindSample finds a Sample in VmRay by its sha1, sha2 or md5 hash

func (*Client) GetAnalysisInfo Uses

func (self *Client) GetAnalysisInfo(id string) (r *AnalysisInfoResults, err error)

GetAnalysisInfo queries Information about an analysis performed by VmRay

func (*Client) GetJobsInfo Uses

func (self *Client) GetJobsInfo() (r *JobInfoResult, err error)

GetJobsInfo queries pending and in progress jobs from vmray

func (*Client) GetSampleInfo Uses

func (self *Client) GetSampleInfo(id string) (r *SampleInfoResult, err error)

GetSampleInfo queries Information about a given Sample from VmRay

func (*Client) UploadSample Uses

func (self *Client) UploadSample(file string) (r *map[string]UploadResultDetails, err error)

UploadSample uploads a given file to VmRay and returns the UploadResultDetails and error

type ClientError Uses

type ClientError struct {
    // contains filtered or unexported fields
}

generic error specific to vmray

func (ClientError) Error Uses

func (self ClientError) Error() string

Error returns a string representation of the error condition

type FindSampleResult Uses

type FindSampleResult struct {
    SampleId int `json:"sample_id"`
}

FindSampleResult a datastructure to hold the results from FindSample

type JobInfoDetail Uses

type JobInfoDetail struct {
    Status string  `json:"status"`
    Slot   float64 `json:"slot"`
}

type JobInfoResult Uses

type JobInfoResult struct {
    Jobs map[string]JobInfoDetail `json:"jobs"`
}

JobsInfoResult a datastructure to hold the results from GetJobsInfo

type OptionFunc Uses

type OptionFunc func(*Client) error

OptionFunc configures a client, used by New

func SetBasicAuth Uses

func SetBasicAuth(username, password string) OptionFunc

Set basic auth

func SetHttpClient Uses

func SetHttpClient(httpClient *http.Client) OptionFunc

SetHttpClient can be used to specify the http.Client to use when making HTTP requests to vmray.

func SetUrl Uses

func SetUrl(rawurl string) OptionFunc

SetUrl defines the URL endpoint of vmray

type Parameters Uses

type Parameters map[string]string

type SampleInfoResult Uses

type SampleInfoResult struct {
    Filesize  int    `json:"sample_filesize"`
    Priority  int    `json:"sample_priority"`
    Sha1      string `json:"sample_sha1hash"`
    Type      string `json:"sample_type"`
    Filename  string `json:"sample_filename"`
    Md5       string `json:"sample_md5hash"`
    Password  string `json:"sample_password"`
    Shareable bool   `json:"sample_shareable"`
    SampleId  int    `json:"sample_id"`
    Sha2      string `json:"sample_sha256hash"`
    Url       string `json:"sample_url"`
    Created   string `json:"sample_created"`
}

SampleInfoResult a datastructure to hold the result of GetSampleInfo

type UploadResultDetails Uses

type UploadResultDetails struct {
    Submission_id   int    `json:"submission_id"`
    Sample_id       int    `json:"sample_id"`
    Webif_url       string `json:"webif_url"`
    Sample_filename string `json:"sample_filename"`
    Sample_url      string `json:"sample_url"`
    Job_ids         []int  `json:"job_ids"`
}

UploadResult is a datastructure to hold results from UploadSample API call

Directories

PathSynopsis
Examples/DownloadAnalysesByHashvmrDoanloadAnalysesByHash.go - downloads all vmray analyses for a given sample, identified by its hash.
Examples/DownloadAnalysisvmrDownloadAnalysis.go - can be used to download a complete analysis from vmray
Examples/FindSampleByHashvmrFindSample.go - can be used to find a sample by its hash on vmray
Examples/GetAnalysisInfovmrGetAnalysisInfo.go - take a sample_id and returns information about analysis available for that sample
Examples/GetJobsInfovmrGetJobsInfo.go - provides information about running jobs on vmray
Examples/GetSampleInfovmrGetSampleInfo.go - takes a vmray sampleId, provides Information about the sample
Examples/UploadSamplevmrUploadSample.go - uploads a file for analysis on vmray

Package vmray imports 15 packages (graph) and is imported by 7 packages. Updated 2017-08-16. Refresh now. Tools for package owners.