Skip to content

REST API

Jump to bottom
danieljampen edited this page Jul 17, 2019 · 5 revisions

GET /api/v1/sample

Returns a list of all samples in the db along with some properties

Request

GET /api/v1/sample

Request Parameter Description

No parameters

Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "id": 1,
    "name": "sample.exe",
    "md5": "9551ff314306e062e21535ce99073883",
    "sha1": "507055a04151fa843eee67f85cdbe12fca5d0868",
    "sha256": "5427922f4f730f185a5e739a5a50b00e8f40241c739cf898a74c15b047d63b8d",
    "size": "537043",
    "start_date": "Mon Jul  8 13:42:45 2019",
    "end_date": "Mon Jul  8 13:46:46 2019"
  },
  ...
]

Error codes

400 Bad Request

Response

HTTP/1.1 400 Bad Request
Content-Type: application/json

{
  "error": "invalid sample id"
}

POST /api/v1/sample

This endpoint is used to upload a new sample to the system.

Request

POST /api/upload

{
  "allow_internet": STRING,
  "minspeed": INT,
  "sample": STRING,
  "sample_name": STRING
}

Request Parameter Description

  • allow_internet: True, False - Specifies whether the system is allowed to scan the sample with containers which have internet access.
  • minspeed: -1, 0, 1, 2, 3 - MultiAV will use only scanners which are faster than the provided speed level. -1 = Ultra, 0 = Fast, 1 = Medium, 2 = Slow, 3 = All
  • sample: BASE64 - Base64 encoded sample
  • sample_name: String - Filename of the sample

Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": INT,
  "hashes": {
    "md5": STRING,
    "sha1": STRING,
    "sha256": STRING
  },
  "file": {
    "name": STRING,
    "size": INT,
}
}

Error codes

400 Bad Request

Response

HTTP/1.1 400 Bad Request
Content-Type: application/json

{
  "error": "missing parameter: allow_internet"
}

GET /api/v1/sample/<SAMPLE_ID>

Returns a list of all samples in the db along with some properties

Request

GET /api/v1/sample/<SAMPLE_ID>

Request Parameter Description

  • SAMPLE_ID: id of the sample for which the report should be returned

Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": 1,
  "name": "sample.exe",
  "md5": "9551ff314306e062e21535ce99073883",
  "sha1": "507055a04151fa843eee67f85cdbe12fca5d0868",
  "sha256": "5427922f4f730f185a5e739a5a50b00e8f40241c739cf898a74c15b047d63b8d",
  "size": "537043",
  "infected": -1,
  "start_date": "Mon Jul  8 13:42:45 2019",
  "end_date": "Mon Jul  8 13:46:46 2019",
  "result": [
    {
      "name": "FileInfo",
      "plugin_type": 2,
      "speed": -1,
      "has_internet": false,
      "queued": 0,
      "scanning": 0,
      "magic": {
        ...
      },
      "ssdeep": "6144:fuY8d8TTNMMIunNtaRYHYDtXk5LGE0S8Rbfie3qIy+QYY:MmF7zCY4DuL1+fie39lY",
      "trid": [
        "STRING"
      ],
      "exiftool": {
        ...
      }
    },
    {
      "infected": false,
      "result": "",
      "engine": "5.53.0",
      "database": "5.65",
      "updated": "20190708",
      "name": "Sophos",
      "plugin_type": 1,
      "speed": 2,
      "has_internet": false,
      "queued": 0,
      "scanning": 0
    },
    {
      "infected": false,
      "result": "",
      "engine": "7.141118",
      "updated": "20190708",
      "name": "BitDefender",
      "plugin_type": 1,
      "speed": 1,
      "has_internet": false,
      "queued": 0,
      "scanning": 0
    },
	...
  ]
}

Error codes

400 Bad Request

Response

HTTP/1.1 400 Bad Request
Content-Type: application/json

{
  "error": "invalid sample id"
}

(c) 2019 Daniel Jampen, ZHAW

Clone this wiki locally