Wiki

Clone wiki

virusbattle-sdk / Uploading Files

ACTION: UPLOAD FILES

The following summarizes the command to upload a file to VirusBattle for analysis. (The syntax assumes that vbclient.py is on your command search PATH.)

  vbclient.py -a upload [-p password] [--norecursive]  [-f] [--lf listfile] arg ...

The CLI parameter -a upload selects the upload action. The -p, --norecursive, -f, and --lf arguments are optional. Their default values may be obtained by invoking vbclient.py using -h (or --help).

For this command an arg may be a file or a directory. The program can take a list of arguments. At least one arg must be provided for the system to do anything.

The meaning (or effect) of the optional arguments are as follows.

-p password: This option is used to provide the password for unzipping .zip and .7z archives.

--norecursive: When any arg is a directory, the --norecursive option may be used to direct vbclient.py to not to traverse it recursively. In the absence of the --norecursive option, arg directory will be recursively traversed and all files found are uploaded.

-f: VirusBattle, by default, does not unpack a binary that has been unpacked before. The -f option is used to instruct VirusBattle that the executables being submitted ought to be re-unpacked, even if they have previously been packed. This option is currently provided to compensate for potential errors that may terminate the processing prematurely. We advice that -f be used only if you have a reason to believe that the previous analysis was faulty.

--lf list-file: vbclient.py stores the file identifiers of the uploaded file in the listfile. These file identifiers may then be used for querying VirusBattle for its analysis. To override this capability please use --lf /dev/null. Default listfile is UploadedHashes.txt

COMMON USAGE

  1. Upload a file (exe or archive, such as zip file)

    vbclient.py -a upload <filename>
    
  2. Upload a password protected zip file (with password mypassword)

    vbclient.py -a upload -p mypassword <filename.zip>
    
  3. Upload files in a directory (one level deep)

    vbclient.py -a upload --norecursive <directoryname>
    
  4. Upload all files in a directory, recursively.

    vbclient.py -a upload <directoryname>
    
  5. Upload multiple files and directories

    vbclient.py -a upload <file1> <dir2> <file3> <file4>
    
  6. Upload files, save file hashes returned in UploadedHashes.txt

    vbclient.py -a upload --list-file UploadedHashes.txt  <dir1> <file1> <dir2>
    
  7. Upload and force analysis of the binary even if it was analyzed earlier

    vbclient.py -a upload --force <filename>
    
  8. Force analysis of a binary that was analyzed earlier (without uploading again)

    vbclient.py -a reprocess <sha1>
    

Updated