From 65f31a5bda260d54fd74e5a4aaec613665670fa4 Mon Sep 17 00:00:00 2001 From: TrianguloY Date: Mon, 8 Jul 2024 19:10:16 +0200 Subject: [PATCH] show details --- .../modules/companions/VirusTotalUtility.java | 19 ++++++++++++++- .../modules/list/VirusTotalModule.java | 24 +++++++------------ 2 files changed, 27 insertions(+), 16 deletions(-) diff --git a/app/src/main/java/com/trianguloy/urlchecker/modules/companions/VirusTotalUtility.java b/app/src/main/java/com/trianguloy/urlchecker/modules/companions/VirusTotalUtility.java index 41ece83..d777607 100644 --- a/app/src/main/java/com/trianguloy/urlchecker/modules/companions/VirusTotalUtility.java +++ b/app/src/main/java/com/trianguloy/urlchecker/modules/companions/VirusTotalUtility.java @@ -8,6 +8,7 @@ import android.content.Context; import android.util.Base64; import com.trianguloy.urlchecker.R; +import com.trianguloy.urlchecker.utilities.methods.JavaUtils; import com.trianguloy.urlchecker.utilities.wrappers.Connection; import org.json.JSONException; @@ -49,6 +50,7 @@ public class VirusTotalUtility { public String date; public String scanUrl; public String info; + public String debugData; } /** Returns the analysis of an url, or null if the analysis is in progress */ @@ -76,7 +78,7 @@ public class VirusTotalUtility { // parse response try { - result.info = response.toString(1); + result.debugData = response.toString(1); result.scanUrl = "https://www.virustotal.com/gui/url/" + encodedUrl; // parse attributes @@ -95,6 +97,21 @@ public class VirusTotalUtility { + stats.optInt("harmless", 0); result.date = DateFormat.getInstance().format(new Date(attributes.getLong("last_analysis_date") * 1000)); + // build summary info + var info = new StringBuilder(); + info.append("Title: ").append(attributes.optString("title")).append("\n"); + info.append("Final url: ").append(attributes.optString("last_final_url")).append("\n"); + info.append("Reputation: ").append(attributes.optString("reputation")).append("\n"); + var results = attributes.getJSONObject("last_analysis_results"); + if (results.length() > 0) info.append("Detections: "); + for (var k : JavaUtils.toList(results.keys())) { + var engine = results.getJSONObject(k); + if ("malicious,suspicious".contains(engine.getString("result"))) { + info.append(engine.getString("engine_name")).append("; "); + } + } + result.info = info.toString(); + result.error = null; } catch (JSONException e) { e.printStackTrace(); diff --git a/app/src/main/java/com/trianguloy/urlchecker/modules/list/VirusTotalModule.java b/app/src/main/java/com/trianguloy/urlchecker/modules/list/VirusTotalModule.java index e1e7446..b029b94 100644 --- a/app/src/main/java/com/trianguloy/urlchecker/modules/list/VirusTotalModule.java +++ b/app/src/main/java/com/trianguloy/urlchecker/modules/list/VirusTotalModule.java @@ -268,22 +268,16 @@ class VirusTotalDialog extends AModuleDialog { } } - /** - * Shows the report results - * - * @param details if true, the virustotal page is opened, if false just a basic dialog with the json - */ - private void showInfo(boolean details) { + /** Shows the report results, either a summary or debug details */ + private void showInfo(boolean debug) { if (result == null || result.error != null) return; - if (details) { - setUrl(result.scanUrl); -// UrlUtils.openUrlRemoveThis(result.scanUrl, getActivity()); - } else { - // TODO: beautify this - new AlertDialog.Builder(getActivity()) - .setMessage(result.info) - .show(); - } + new AlertDialog.Builder(getActivity()) + .setTitle(R.string.mVT_name) + .setMessage(debug ? result.debugData : result.info) + .setPositiveButton("virustotal.com", (dialog, which) -> setUrl(result.scanUrl)) + .setNeutralButton(debug ? "Abc: xyz" : "{...}", (dialog, which) -> showInfo(!debug)) + .setNegativeButton(R.string.dismiss, null) + .show(); } }