forked from stripe/stripe-cli
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupload-zip-to-virustotal.sh
executable file
·97 lines (76 loc) · 2.47 KB
/
upload-zip-to-virustotal.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#!/bin/bash
set -e
if ! [ -x "$(command -v jq)" ]; then
echo "jq is not installed." >&2
exit 1
fi
if ! [ -x "$(command -v unzip)" ]; then
echo "unzip is not installed." >&2
exit 1
fi
if [ -z "$GITHUB_TOKEN" ]; then
echo "GITHUB_TOKEN is not set" >&2
exit 1
fi
if [ -z "$VIRUSTOTAL_API_KEY" ]; then
echo "VIRUSTOTAL_API_KEY is not set" >&2
exit 1
fi
setVersion () {
VERSION=$(curl -s "https://api.github.com/repos/stripe/stripe-cli/releases/latest" -u $GITHUB_TOKEN: \
| jq -r ".tag_name")
}
downloadWindowsArtifacts() {
echo "Dowloading Windows artifacts..."
FILES=$(curl -s "https://api.github.com/repos/stripe/stripe-cli/releases/latest" -u $GITHUB_TOKEN: \
| jq -r ".assets[].browser_download_url" \
| grep "windows" \
| grep "zip")
echo "$FILES"
for i in $FILES; do
RESPONSE_CODE=$(curl -L -O -w "%{response_code}" "$i")
echo "$RESPONSE_CODE"
code=$(echo "$RESPONSE_CODE" | head -c2)
if [ $code != "20" ] && [ $code != "30" ]; then
echo "Unable to download $i HTTP response code: $RESPONSE_CODE"
exit 1
fi
done;
echo "Finished downloading"
}
virustotalUpload () {
for i in $FILES; do
FILENAME=${i##*/}
echo "Uncompressing archive..."
unzip -o $FILENAME
echo "Uploading to VirusTotal..."
RESPONSE=$(curl -s "https://www.virustotal.com/vtapi/v2/file/scan" -X POST -F "apikey=$VIRUSTOTAL_API_KEY" -F "file=@./stripe.exe" -w "HTTPSTATUS:%{http_code}")
BODY=$(echo $RESPONSE | sed -e 's/HTTPSTATUS\:.*//g')
RESPONSE_CODE=$(echo $RESPONSE | tr -d '\n' | sed -e 's/.*HTTPSTATUS://')
if [[ "$(echo $RESPONSE_CODE | head -c2)" != "20" ]]; then
echo "Unable to upload, HTTP response code: $RESPONSE_CODE"
exit 1
fi
echo "HTTP response code: $RESPONSE_CODE"
echo "Adding comment..."
SHA256=$(echo $BODY | jq -r ".sha256")
RESPONSE_CODE=$(curl "https://www.virustotal.com/vtapi/v2/comments/put" -X POST -d "apikey=$VIRUSTOTAL_API_KEY" -d "resource=$SHA256" -d "comment=Stripe CLI $VERSION, uncompressed from $i" -o /dev/null -w "%{http_code}")
if [[ "$(echo $RESPONSE_CODE | head -c2)" != "20" ]]; then
echo "Unable to add comment, HTTP response code: $RESPONSE_CODE"
exit 1
fi
PERMALINK=$(echo $BODY | jq -r ".permalink")
echo "Permalink: $PERMALINK"
done;
}
printMeta () {
echo "Uploading version: $VERSION"
}
cleanArtifacts () {
rm -f "$(pwd)/*.zip" "$(pwd)/*.exe"
}
cleanArtifacts
downloadWindowsArtifacts
setVersion
printMeta
virustotalUpload