-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathUrl.php
More file actions
169 lines (147 loc) · 5.94 KB
/
Url.php
File metadata and controls
169 lines (147 loc) · 5.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
<?php
namespace RedBrick\Shared\VirusTotal;
/**
* Class: Url
*
* URL-specific methods for interacting with the VirusTotal API.
*
* @see Base
*
* @author Brad Melanson <brad.melanson@redbrickmedia.com>
* @copyright 2014 Red Brick Media
* @package RedBrick\Shared\VirusTotal
*/
class Url extends Base
{
/**
* scan
*
* Submit a URL for scanning by VirusTotal.
*
* @link https://www.virustotal.com/en/documentation/public-api/#scanning-urls
* @link https://www.virustotal.com/en/documentation/private-api/#url-scan
*
* @param string $url The URL to submit and scan.
*
* @throws \InvalidArgumentException An invalid URL was provided.
* @return mixed Decoded JSON response from the VirusTotal API.
*/
public function scan( $url )
{
if ( !filter_var( $url, FILTER_VALIDATE_URL ) )
{
throw new \InvalidArgumentException( 'An invalid URL was submitted for scanning.' );
}
return $this->_sendUrl( 'url/scan', $url )->json();
}
/**
* scanMultiple
*
* Submit multiple URLS for scanning by VirusTotal.
*
* @link https://www.virustotal.com/en/documentation/public-api/#scanning-urls
* @link https://www.virustotal.com/en/documentation/private-api/#url-scan
*
* @param string[] $urls An array of URLs to submit and scan.
*
* @throws \InvalidArgumentException Too many URLs were provided.
* @throws \InvalidArgumentException No valid URLs were provided.
* @return mixed Decoded JSON response from the VirusTotal API.
*/
public function scanMultiple( Array $urls )
{
$max = ( $this->_access == 'private' )
? parent::MAX_PRIVATE_API_CALL_RESOURCES : parent::MAX_PUBLIC_API_CALL_RESOURCES;
if ( count( $urls ) > $max )
{
throw new \InvalidArgumentException( "Only {$max} URLs can be submitted in a single request." );
}
$urls = array_filter( $urls, function( $url ) { return filter_var( $url, FILTER_VALIDATE_URL ); } );
if ( empty( $urls ) )
{
throw new \InvalidArgumentException( 'No valid URLs were submitted for scanning.' );
}
$joined_urls = implode( '\n', $urls );
return $this->_sendUrl( 'url/scan', $joined_urls )->json();
}
/**
* getReport
*
* Get a report on a given URL from VirusTotal.
* NOTE: The allinfo flag is only accepted by the private VirusTotal API.
*
* @link https://www.virustotal.com/en/documentation/public-api/#getting-url-scans
* @link https://www.virustotal.com/en/documentation/private-api/#url-report
*
* @param string $resource The submitted URL or the scan ID provided by VirusTotal.
* @param bool $scan Whether to submit the URL for scanning if no report is found.
* @param bool $allinfo Whether to include additional data in the response.
*
* @throws \InvalidArgumentException The scan flag provided was not a boolean.
* @throws \InvalidArgumentException The allinfo flag provided was not a boolean.
* @throws RateLimitException The API rate limit was exceeded.
* @return mixed Decoded JSON response from the VirusTotal API.
*/
public function getReport( $resource, $scan = false, $allinfo = false )
{
if ( !is_bool( $scan ) )
{
throw new \InvalidArgumentException( 'Scan parameter must be true or false.' );
}
if ( !is_bool( $allinfo ) )
{
throw new \InvalidArgumentException( 'Allinfo parameter must be true or false.' );
}
$endpoint = ( $this->_client->getConfig( 'base_url' ) === null )
? parent::API_ENDPOINT . 'url/report' : 'url/report';
$params = array(
'body' => array(
'apikey' => $this->_apiKey,
'resource' => $resource
)
);
if ( $scan === true )
{
$params[ 'body' ][ 'scan' ] = 1;
}
if ( $allinfo === true )
{
$params[ 'body' ][ 'allinfo' ] = 1;
}
$response = $this->_client->post( $endpoint, $params );
// VirusTotal's API returns HTTP status code 204 and no response body when the
// public API rate limit is exceeded
if ( $response->getStatusCode() == 204 )
{
throw new RateLimitException( 'API Rate limit exceeded.' );
}
return $response->json();
}
/**
* getReportMultiple
*
* Get reports on a group of urls from VirusTotal.
* NOTE: The allinfo flag is only accepted by the private VirusTotal API.
*
* @link https://www.virustotal.com/en/documentation/public-api/#getting-url-scans
* @link https://www.virustotal.com/en/documentation/private-api/#url-report
*
* @param string[] $resources An array of submitted URLs or scan IDs provided by VirusTotal
* @param bool $scan Whether to submit the URLs for scanning if no report is found.
* @param bool $allinfo Whether to include additional data in the response.
*
* @throws \InvalidArgumentException Too many URLs or resource-identifier hashes were provided.
* @return mixed Decoded JSON response from the VirusTotal API.
*/
public function getReportMultiple( Array $resources, $scan = false, $allinfo = false )
{
$max = ( $this->_access == 'private' )
? parent::MAX_PRIVATE_API_CALL_RESOURCES : parent::MAX_PUBLIC_API_CALL_RESOURCES;
if ( count( $resources ) > $max )
{
throw new \InvalidArgumentException( "Only {$max} resources can be submitted in a single request." );
}
$joined_resources = implode( ',', $resources );
return $this->getReport( $joined_resources, $scan, $allinfo );
}
}