Hash search enhancements (#7)

* typo fix * Bug fixes. Thanks to A. Gurin for bugreporting * gofmt -s -w * fixed compatibility with go-latest * print json even result is non-positive
moldabekov · Jan 20, 2018 · 91b1e8a · 91b1e8a
1 parent fce2641
commit 91b1e8a
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -18,13 +18,15 @@
 
 Yes, it is yet another wrapper. However it's a crossplatform CLI tool which runs on Linux/macOS/Windows/\*BSD and even on Android.
 
+It's also requires **zero** runtime dependency.
+
 
 ## Installation
 
-1. The easiest way is to grab package from Github Releases page and place it (*preferably*) in your $PATH.
-For more convinient usage rename `virusgotal-OS-ARCH` to `virusgotal`.
+**Option 1.** The easiest way is to grab package from Github Releases page and place it (*preferably*) in your $PATH.
+For more convenient usage rename `virusgotal-OS-ARCH` to `virusgotal`.
 
-2. If you want to do it manually then you are welcome:
+**Option 2.** If you want to do it manually then you are welcome:
 ```
 go get -u github.com/moldabekov/virusgotal
 go install -u github.com/moldabekov/virusgotal
@@ -63,6 +65,7 @@ At the moment `virusgotal` supports files/URLs scan and search results by file h
   * Get JSON formatted result:
   `virustotal hash <HASH> --json`
 
+You also can combine options: `virusgotal file --wait --json --force <FILE>`
 
 ## Contribution
 

diff --git a/hashsearch.go b/hashsearch.go
@@ -17,23 +17,33 @@ func searchHash(hash string) {
 	r, err := vt.GetFileReport(hash)
 	check(err)
 
-	if r.ResponseCode == 0 {
+	if r.ResponseCode == 0 { // Hash not found
 		color.Set(color.FgHiRed, color.Bold)
 		fmt.Printf("Given hash isn't recognized by VirusTotal\n")
 		color.Unset()
 		os.Exit(1)
 	}
-	if r.Positives > 0 {
-		color.Set(color.FgHiRed)
+	if r.ResponseCode == -2 { // File scan with given hash is still in progress
+		color.Set(color.FgHiYellow)
+		fmt.Printf("\nScan with given hash is still in progress\n")
+		color.Unset()
+		os.Exit(1)
+	}
+	if r.Positives > 0 { // Malware detected
 		if !*jsonHash {
+			color.Set(color.FgHiRed, color.Bold)
 			fmt.Printf("\nGiven hash is KNOWN by VirusTotal and has positive results [%d/%d]\n", r.Positives, r.Total)
+			color.Unset()
 		}
 		printFileResult(r)
-		color.Unset()
-	} else {
-		color.Set(color.FgHiGreen)
-		fmt.Printf("\nGiven hash is KNOWN by VirusTotal and has no positive results\n")
-		color.Unset()
+	} else { // Malware undetected
+		if !*jsonHash {
+			color.Set(color.FgHiGreen, color.Bold)
+			fmt.Printf("\nGiven hash is KNOWN by VirusTotal and has no positive results\n")
+			color.Unset()
+		} else {
+			printFileResult(r)
+		}
 	}
 	if !*jsonHash {
 		fmt.Printf("Direct link: %s\n\n", r.Permalink)

diff --git a/vt/vt.go b/vt/vt.go
@@ -34,7 +34,7 @@ import (
 )
 
 const (
-	// Fallback VT API URL 
+	// Fallback VT API URL
 	DefaultURL = "https://www.virustotal.com/vtapi/v2/"
 )
-Original file line number
+Diff line change
@@ Expand Up / @@ -34,7 +34,7 @@ import ( @@
     )
     const (
-    	// Fallback VT API URL
+    	// Fallback VT API URL
     	DefaultURL = "https://www.virustotal.com/vtapi/v2/"
     )
@@ Expand Down @@