Nkan yii yoo wulo fun awọn ti o faramọ imọ-ẹrọ Ṣayẹwo Point nipasẹ apẹẹrẹ faili (Irokeke Emulation) ati mimọ faili ti nṣiṣe lọwọ (Irokeke Iyọkuro) ati pe o fẹ lati ṣe igbesẹ kan si adaṣe awọn iṣẹ ṣiṣe wọnyi. Ṣayẹwo Point ni o ni , eyiti o nṣiṣẹ mejeeji ni awọsanma ati lori awọn ẹrọ agbegbe, ati ni iṣẹ ṣiṣe o jẹ aami kanna lati ṣayẹwo awọn faili ni oju opo wẹẹbu / smtp / ftp / smb / nfs awọn ṣiṣan ijabọ. Nkan yii jẹ apakan itumọ ti onkọwe ti ṣeto awọn nkan lati inu iwe aṣẹ, ṣugbọn da lori iriri iṣẹ ti ara mi ati awọn apẹẹrẹ ti ara mi. Paapaa ninu nkan naa iwọ yoo rii awọn ikojọpọ Postman ti onkọwe fun ṣiṣẹ pẹlu API Idena Irokeke.
Ipilẹ abbreviations
Idena Irokeke API n ṣiṣẹ pẹlu awọn paati akọkọ mẹta, eyiti a pe ni API nipasẹ awọn iye ọrọ wọnyi:
av - Apakan Anti-Iwoye, lodidi fun igbekale ibuwọlu ti awọn irokeke ti a mọ.
te - Irokeke Emulation paati, lodidi fun yiyewo awọn faili ninu awọn sandbox, ati ṣiṣe a irira / ko dara idajo lẹhin emulation.
isediwon - paati Irokeke Irokeke, lodidi fun iyipada awọn iwe aṣẹ ọfiisi ni iyara sinu fọọmu ailewu (ninu eyiti gbogbo akoonu irira ti yọ kuro), lati le fi wọn ranṣẹ ni iyara si awọn olumulo / awọn eto.
API be ati akọkọ idiwọn
Idena Irokeke API nlo awọn ibeere 4 nikan - po si, ìbéèrè, download ati ipin. Ninu akọsori fun gbogbo awọn ibeere mẹrin o nilo lati kọja bọtini API nipa lilo paramita naa ašẹ. Ni wiwo akọkọ, eto le dabi rọrun pupọ ju inu lọ , ṣugbọn nọmba awọn aaye ti o wa ninu ikojọpọ ati awọn ibeere ibeere ati ilana ti awọn ibeere wọnyi jẹ eka pupọ. Iwọnyi le jẹ iṣẹ ṣiṣe akawe si awọn profaili Idena Irokeke ni ẹnu-ọna/eto aabo apoti iyanrin.
Ni akoko yii, ẹya nikan ti Idena Idẹruba API ti tu silẹ - 1.0; URL fun awọn ipe API yẹ ki o pẹlu v1 ni apa ibi ti o nilo lati pato awọn ti ikede. Ko dabi API Iṣakoso, o jẹ dandan lati tọka ẹya API ninu URL, bibẹẹkọ ko ni ṣe imuse ibeere naa.
Apapa Anti-Iwoye, nigbati a pe laisi awọn paati miiran (te, isediwon), lọwọlọwọ ṣe atilẹyin awọn ibeere ibeere nikan pẹlu awọn akopọ hash md5. Irokeke Emulation ati Irokeke Irokeke tun ṣe atilẹyin sha1 ati awọn akopọ hash sha256.
O ṣe pataki pupọ lati ma ṣe awọn aṣiṣe ni awọn ibeere! Ibeere naa le ṣe laisi aṣiṣe, ṣugbọn kii ṣe patapata. Wiwa siwaju diẹ diẹ, jẹ ki a wo ohun ti o le ṣẹlẹ nigbati awọn aṣiṣe / awọn aṣiṣe wa ninu awọn ibeere.
Beere pẹlu typo pẹlu awọn ijabọ ọrọ (awọn ijabọ)
{ "request": [
{
"sha256": {{sha256}},
"features": ["te"] ,
"te": {
"images": [
{
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
reportss: ["tar", "pdf", "xml"]
}
}
]
}Ko si aṣiṣe ninu idahun, ṣugbọn kii yoo si alaye nipa awọn ijabọ rara
{
"response": [
{
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
},
"sha256": "9cc488fa6209caeb201678f8360a6bb806bd2f85b59d108517ddbbf90baec33a",
"file_type": "pdf",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 10,
"images": [
{
"report": {
"verdict": "malicious"
},
"status": "found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"combined_verdict": "malicious",
"severity": 4,
"confidence": 3,
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
}
}
]
}Ṣugbọn fun a ìbéèrè lai a typo ni awọn iroyin bọtini
{ "request": [
{
"sha256": {{sha256}},
"features": ["te"] ,
"te": {
"images": [
{
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
reports: ["tar", "pdf", "xml"]
}
}
]
}A gba esi ti o ni id tẹlẹ ninu fun gbigba awọn iroyin
{
"response": [
{
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
},
"sha256": "9cc488fa6209caeb201678f8360a6bb806bd2f85b59d108517ddbbf90baec33a",
"file_type": "pdf",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 10,
"images": [
{
"report": {
"verdict": "malicious",
"full_report": "b684066e-e41c-481a-a5b4-be43c27d8b65",
"pdf_report": "e48f14f1-bcc7-4776-b04b-1a0a09335115",
"xml_report": "d416d4a9-4b7c-4d6d-84b9-62545c588963"
},
"status": "found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"combined_verdict": "malicious",
"severity": 4,
"confidence": 3,
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
}
}
]
}Ti a ba firanṣẹ bọtini API ti ko tọ/ti pari, a yoo gba aṣiṣe 403 ni idahun.
SandBlast API: ninu awọsanma ati lori awọn ẹrọ agbegbe
Awọn ibeere API ni a le fi ranṣẹ si awọn ẹrọ Ṣayẹwo Point ti o ni paati Irokeke Emulation (abẹfẹlẹ) ṣiṣẹ. Gẹgẹbi adirẹsi fun awọn ibeere, o nilo lati lo ip/url ẹrọ naa ati ibudo 18194 (fun apẹẹrẹ, https: //10.10.57.19:18194/tecloud/api/v1/file/query). O yẹ ki o tun rii daju pe eto imulo aabo lori ẹrọ ngbanilaaye asopọ yii. Aṣẹ nipasẹ bọtini API lori awọn ẹrọ agbegbe nipasẹ aiyipada kuro ati bọtini aṣẹ ni ibeere awọn akọle ko le firanṣẹ rara.
Awọn ibeere API si awọsanma CheckPoint yẹ ki o firanṣẹ si te.checkpoint.com (fun apẹẹrẹ - https://te.checkpoint.com/tecloud/api/v1/file/query). Bọtini API le gba bi iwe-aṣẹ idanwo fun awọn ọjọ 60 nipa kikan si awọn alabaṣiṣẹpọ Ṣayẹwo Point tabi ọfiisi agbegbe ti ile-iṣẹ naa.
Lori awọn ẹrọ agbegbe, Ihamọ Ihalẹ ko ti ni atilẹyin bi idiwọn. ati pe o yẹ ki o lo (a yoo sọrọ nipa rẹ ni awọn alaye diẹ sii ni opin nkan naa).
Awọn ẹrọ agbegbe ko ṣe atilẹyin ibeere ipin.
Bibẹẹkọ, ko si iyatọ laarin awọn ibeere si awọn ẹrọ agbegbe ati si awọsanma.
Gbe API ipe
Ọna ti a lo - post
Adirẹsi ipe - https:///tecloud/api/v1/file/upload
Ibeere naa ni awọn ẹya meji (fọọmu-data): faili ti a pinnu fun emulation/ninu ati ara ibeere pẹlu ọrọ.
Ibere ọrọ ko le jẹ ofo, ṣugbọn o le ma ni eyikeyi iṣeto ni ninu. Ni ibere fun ibeere naa lati ṣaṣeyọri, o gbọdọ firanṣẹ o kere ju ọrọ atẹle ninu ibeere naa:
O kere ju beere fun ibeere ikojọpọ
HTTP POST
https:///tecloud/api/v1/file/upload
Awọn akọle:
Aṣẹ:
ara
{
"ìbéèrè": {
}
}
faili
faili
Ni ọran yii, faili naa yoo ni ilọsiwaju ni ibamu pẹlu awọn aye aiyipada: paati - te, awọn aworan OS - Win XP ati Win 7, laisi ipilẹṣẹ ijabọ kan.
Awọn asọye lori awọn aaye akọkọ ninu ibeere ọrọ:
orukọ faili и file_type O le fi wọn silẹ ni ofifo tabi ko fi wọn ranṣẹ rara, nitori eyi kii ṣe alaye ti o wulo julọ nigbati o ba n gbe faili kan. Ninu idahun API, awọn aaye wọnyi yoo kun ni aifọwọyi da lori orukọ faili ti a ṣe igbasilẹ, ati pe alaye ti o wa ninu kaṣe yoo tun ni lati wa ni lilo awọn iye hash md5/sha1/sha256.
Apeere ìbéèrè pẹlu ofo file_name ati file_type
{
"request": {
"file_name": "",
"file_type": "",
}
}awọn ẹya ara ẹrọ - atokọ ti o tọka iṣẹ ṣiṣe pataki nigbati o ba n ṣiṣẹ ninu apoti iyanrin - av (Anti-Iwoye), te (Emulation Irokeke), isediwon (Irokeke Irokeke). Ti paramita yii ko ba kọja rara, lẹhinna paati aiyipada nikan ni yoo lo - te (Emulation Irokeke).
Lati mu ṣiṣe ayẹwo ni awọn paati mẹta ti o wa, o nilo lati pato awọn paati wọnyi ninu ibeere API.
Apeere ti a ìbéèrè pẹlu yiyewo ni av, te ati isediwon
{ "request": [
{
"sha256": {{sha256}},
"features": ["av", "te", "extraction"]
}
]
}Awọn bọtini ni apakan te
images - atokọ ti o ni awọn iwe-itumọ pẹlu id ati nọmba atunyẹwo ti awọn ọna ṣiṣe ninu eyiti ayẹwo yoo ṣee ṣe. Awọn ID ati awọn nọmba atunyẹwo jẹ kanna fun gbogbo awọn ẹrọ agbegbe ati awọsanma.
Akojọ ti awọn ọna šiše ati awọn atunṣe
ID Aworan OS ti o wa
àtúnyẹwò
Aworan OS ati Ohun elo
e50e99f3-5963-4573-af9e-e3f4750b55e2
1
Microsoft Windows: XP - 32bit SP3
Office: 2003, 2007
Adobe Acrobat Reader: 9.0
Flash Player 9r115 ati ActiveX 10.0
Akoko ṣiṣe Java: 1.6.0u22
7e6fe36e-889e-4c25-8704-56378f0830df
1
Microsoft Windows: 7-32bit
Office: 2003, 2007
Adobe Acrobat Reader: 9.0
Filaṣi ẹrọ orin: 10.2r152 (itanna& ActiveX)
Akoko ṣiṣe Java: 1.6.0u0
8d188031-1010-4466-828b-0cd13d4303ff
1
Microsoft Windows: 7-32bit
Office: 2010
Adobe Acrobat Reader: 9.4
Filaṣi ẹrọ orin: 11.0.1.152 (itanna & ActiveX)
Akoko ṣiṣe Java: 1.7.0u0
5e5de275-a103-4f67-b55b-47532918fa59
1
Microsoft Windows: 7-32bit
Office: 2013
Adobe Acrobat Reader: 11.0
Filaṣi ẹrọ orin: 15 (itanna & ActiveX)
Akoko ṣiṣe Java: 1.7.0u9
3ff3ddae-e7fd-4969-818c-d5f1a2be336d
1
Microsoft Windows: 7-64bit
OfficeỌdun 2013 (32bit)
Adobe Acrobat Reader: 11.0.01
Filaṣi ẹrọ orin: 13 (itanna & ActiveX)
Akoko ṣiṣe Java: 1.7.0u9
6c453c9b-20f7-471a-956c-3198a868dc92
1
Microsoft Windows: 8.1-64bit
OfficeỌdun 2013 (64bit)
Adobe Acrobat Reader: 11.0.10
Filaṣi ẹrọ orin: 18.0.0.160 (itanna & ActiveX)
Akoko ṣiṣe Java: 1.7.0u9
10b4a9c6-e414-425c-ae8b-fe4dd7b25244
1
Microsoft Windows: 10
Office: Ọjọgbọn Plus 2016 en-us
Adobe Acrobat Reader: DC 2015 MUI
Filaṣi ẹrọ orin: 20 (itanna & ActiveX)
Akoko ṣiṣe Java: 1.7.0u9
Ti bọtini awọn aworan ko ba ni pato rara, lẹhinna imudara yoo waye ni awọn aworan ti a ṣeduro nipasẹ Ṣayẹwo Point (Lọwọlọwọ Win XP ati Win 7). Awọn aworan wọnyi ni a ṣe iṣeduro da lori awọn ero ti iwọntunwọnsi ti o dara julọ ti iṣẹ ati oṣuwọn apeja.
iroyin - atokọ ti awọn ijabọ ti a beere ni ọran ti faili naa ba jade lati jẹ irira. Awọn aṣayan wọnyi wa:
-
Lakotan - .tar.gz pamosi ti o ni awọn kan Iroyin lori emulation nipa si gbogbo awọn aworan ti a beere (mejeeji oju-iwe html ati awọn paati bii fidio lati OS emulator, idalenu ijabọ nẹtiwọọki, ijabọ ni json, ati apẹẹrẹ funrararẹ ni ibi ipamọ aabo ọrọ igbaniwọle). A n wa bọtini ni idahun - akopọ_iroyin fun atẹle gbigba iroyin naa.
-
pdf - iwe nipa emulation ni ọkan image, eyi ti ọpọlọpọ awọn ti wa ni saba si gbigba nipasẹ awọn Smart Console. A n wa bọtini ni idahun - pdf_iroyin fun atẹle gbigba iroyin naa.
-
XML - iwe nipa emulation ni ọkan Aworan, rọrun fun itupalẹ atẹle ti awọn paramita ninu ijabọ naa. A n wa bọtini ni idahun - xml_iroyin fun atẹle gbigba iroyin naa.
-
oda - .tar.gz pamosi ti o ni iroyin kan lori emulation ni ọkan awọn aworan ti a beere (mejeeji oju-iwe html ati awọn paati bii fidio lati OS emulator, idalenu ijabọ nẹtiwọọki, ijabọ ni json, ati apẹẹrẹ funrararẹ ni ibi ipamọ aabo ọrọ igbaniwọle). A n wa bọtini ni idahun - full_iroyin fun atẹle gbigba iroyin naa.
Kini inu iroyin Lakotan
Awọn bọtini full_report, pdf_report, xml_report wa ninu iwe-itumọ fun OS kọọkan
{
"response": [
{
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
},
"sha256": "9e6f07d03b37db0d3902bde4e239687a9e3d650e8c368188c7095750e24ad2d5",
"file_type": "html",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 10,
"images": [
{
"report": {
"verdict": "malicious",
"full_report": "8d18067e-b24d-4103-8469-0117cd25eea9",
"pdf_report": "05848b2a-4cfd-494d-b949-6cfe15d0dc0b",
"xml_report": "ecb17c9d-8607-4904-af49-0970722dd5c8"
},
"status": "found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
},
{
"report": {
"verdict": "malicious",
"full_report": "d7c27012-8e0c-4c7e-8472-46cc895d9185",
"pdf_report": "488e850c-7c96-4da9-9bc9-7195506afe03",
"xml_report": "e5a3a78d-c8f0-4044-84c2-39dc80ddaea2"
},
"status": "found",
"id": "6c453c9b-20f7-471a-956c-3198a868dc92",
"revision": 1
}
],
"score": -2147483648,
"combined_verdict": "malicious",
"severity": 4,
"confidence": 3,
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
}
}
]
}Ṣugbọn bọtini summary_report - ọkan wa fun apẹẹrẹ ni gbogbogbo
{
"response": [
{
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
},
"sha256": "d57eadb7b2f91eea66ea77a9e098d049c4ecebd5a4c70fb984688df08d1fa833",
"file_type": "exe",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 10,
"images": [
{
"report": {
"verdict": "malicious",
"full_report": "c9a1767b-741e-49da-996f-7d632296cf9f",
"xml_report": "cc4dbea9-518c-4e59-b6a3-4ea463ca384b"
},
"status": "found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
},
{
"report": {
"verdict": "malicious",
"full_report": "ba520713-8c0b-4672-a12f-0b4a1575b913",
"xml_report": "87bdb8ca-dc44-449d-a9ab-2d95e7fe2503"
},
"status": "found",
"id": "6c453c9b-20f7-471a-956c-3198a868dc92",
"revision": 1
}
],
"score": -2147483648,
"combined_verdict": "malicious",
"severity": 4,
"confidence": 3,
"summary_report": "7e7db12d-5df6-4e14-85f3-2c1e29cd3e34",
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
}
}
]
}O le beere tar ati xml ati awọn ijabọ pdf ni akoko kanna, o le beere akopọ ati tar ati xml. Kii yoo ṣee ṣe lati beere ijabọ akojọpọ ati pdf ni akoko kanna.
Awọn bọtini ni apakan isediwon
Fun isediwon irokeke, awọn bọtini meji nikan ni a lo:
ọna - pdf (iyipada si pdf, ti a lo nipasẹ aiyipada) tabi mimọ (akoonu ti nṣiṣe lọwọ nu).
jade_parts_codes - atokọ ti awọn koodu fun yiyọ akoonu ti nṣiṣe lọwọ, wulo nikan fun ọna mimọ
Awọn koodu fun yiyọ akoonu lati awọn faili
Code
Apejuwe
1025
Awọn nkan ti o sopọ mọ
1026
Makiro ati koodu
1034
Ifamọ Hyperlinks
1137
PDF GoToR Awọn iṣe
1139
Awọn iṣẹ ifilọlẹ PDF
1141
PDF URI išë
1142
Awọn iṣẹ Ohun PDF
1143
PDF Movie Awọn iṣẹ
1150
PDF JavaScript Awọn iṣẹ
1151
Awọn iṣẹ Fọọmu Firanṣẹ PDF
1018
Awọn ibeere data
1019
Awọn nkan ti a fi sinu
1021
Fast Fi Data
1017
Aṣa Properties
1036
Iṣiro-ini
1037
Lakotan Properties
Lati ṣe igbasilẹ ẹda ti a sọ di mimọ, iwọ yoo tun nilo lati ṣe ibeere ibeere (eyiti yoo jiroro ni isalẹ) lẹhin iṣẹju-aaya diẹ, ni pato iye hash ti faili naa ati paati isediwon ninu ọrọ ibeere. O le gbe faili ti o mọtoto nipa lilo id lati idahun si ibeere naa - extracted_file_download_id. Lẹẹkansi, ti n wo iwaju diẹ, Mo fun awọn apẹẹrẹ ti ibeere kan ati idahun ibeere kan lati wa id kan fun igbasilẹ iwe ti a ti sọ di mimọ.
Ibere ibere lati wa fun extracted_file_download_id bọtini
{ "request": [
{
"sha256": "9a346005ee8c9adb489072eb8b5b61699652962c17596de9c326ca68247a8876",
"features": ["extraction"] ,
"extraction": {
"method": "pdf"
}
}
]
}Idahun si ibeere (wa fun extracted_file_download_id bọtini)
{
"response": [
{
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
},
"sha256": "9a346005ee8c9adb489072eb8b5b61699652962c17596de9c326ca68247a8876",
"file_type": "",
"file_name": "",
"features": [
"extraction"
],
"extraction": {
"method": "pdf",
"extract_result": "CP_EXTRACT_RESULT_SUCCESS",
"extracted_file_download_id": "b5f2b34e-3603-4627-9e0e-54665a531ab2",
"output_file_name": "kp-20-xls.cleaned.xls.pdf",
"time": "0.013",
"extract_content": "Macros and Code",
"extraction_data": {
"input_extension": "xls",
"input_real_extension": "xls",
"message": "OK",
"output_file_name": "kp-20-xls.cleaned.xls.pdf",
"protection_name": "Potential malicious content extracted",
"protection_type": "Conversion to PDF",
"protocol_version": "1.0",
"risk": 5.0,
"scrub_activity": "Active content was found - XLS file was converted to PDF",
"scrub_method": "Convert to PDF",
"scrub_result": 0.0,
"scrub_time": "0.013",
"scrubbed_content": "Macros and Code"
},
"tex_product": false,
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
}
}
]
}Alaye gbogbogbo
Ninu ipe API kan, o le fi faili kan ranṣẹ fun ijẹrisi.
Awọn paati av ko nilo apakan afikun pẹlu awọn bọtini, o to lati pato ninu iwe-itumọ awọn ẹya ara ẹrọ.
Ipe API ìbéèrè
Ọna ti a lo - post
Adirẹsi ipe - https:///tecloud/api/v1/file/query
Ṣaaju ki o to firanṣẹ faili kan fun igbasilẹ (ibeere ikojọpọ), o ni imọran lati ṣayẹwo kaṣe apoti iyanrin (ibeere ibeere) lati le mu ẹru naa pọ si lori olupin API, nitori olupin API le ti ni alaye tẹlẹ ati idajọ lori faili ti a gbasile. Ipe naa ni apakan ọrọ nikan. Apakan ti ibeere naa jẹ sha1/sha256/md5 hash iye ti faili naa. Nipa ọna, o le gba ni idahun si ibeere ikojọpọ.
O kere ju beere fun ibeere
HTTP POST
https:///tecloud/api/v1/file/query
Awọn akọle:
Aṣẹ:
ara
{
"ìbéèrè": {
"sha256":
}
}
Apeere ti idahun si ibeere ikojọpọ, nibiti awọn iye hash sha1/md5/sha256 ti han
{
"response": {
"status": {
"code": 1002,
"label": "UPLOAD_SUCCESS",
"message": "The file was uploaded successfully."
},
"sha1": "954b5a851993d49ef8b2412b44f213153bfbdb32",
"md5": "ac29b7c26e7dcf6c6fdb13ac0efe98ec",
"sha256": "313c0feb009356495b7f4a60e96737120beb30e1912c6d866218cee830aebd90",
"file_type": "",
"file_name": "kp-20-doc.doc",
"features": [
"te"
],
"te": {
"trust": 0,
"images": [
{
"report": {
"verdict": "unknown"
},
"status": "not_found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"status": {
"code": 1002,
"label": "UPLOAD_SUCCESS",
"message": "The file was uploaded successfully."
}
}
}
}Ibeere ibeere naa, ni afikun si iye hash, o yẹ ki o jẹ deede bi ibeere ikojọpọ ti jẹ (tabi ti gbero lati jẹ), tabi paapaa “tẹlẹ” (ni awọn aaye diẹ ninu ibeere ibeere ju ninu ibeere ikojọpọ lọ). Ninu ọran nibiti ibeere ibeere ni awọn aaye diẹ sii ju ti o wa ninu ibeere ikojọpọ, iwọ kii yoo gba gbogbo alaye ti o nilo ninu idahun naa.
Eyi jẹ apẹẹrẹ ti idahun si ibeere nibiti a ko ti rii gbogbo data ti a beere
{
"response": [
{
"status": {
"code": 1006,
"label": "PARTIALLY_FOUND",
"message": "The request cannot be fully answered at this time."
},
"sha256": "313c0feb009356495b7f4a60e96737120beb30e1912c6d866218cee830aebd90",
"file_type": "doc",
"file_name": "",
"features": [
"te",
"extraction"
],
"te": {
"trust": 10,
"images": [
{
"report": {
"verdict": "malicious",
"pdf_report": "4e9cddaf-03a4-489f-aa03-3c18f8d57a52",
"xml_report": "9c18018f-c761-4dea-9372-6a12fcb15170"
},
"status": "found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"combined_verdict": "malicious",
"severity": 4,
"confidence": 1,
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
},
"extraction": {
"method": "pdf",
"tex_product": false,
"status": {
"code": 1004,
"label": "NOT_FOUND",
"message": "Could not find the requested file. Please upload it."
}
}
}
]
}San ifojusi si awọn aaye koodu и aami. Awọn aaye wọnyi han ni igba mẹta ni awọn iwe-itumọ ipo. Ni akọkọ a rii bọtini agbaye “koodu”: 1006 ati “aami”: “PARTIALLY_FOUND”. Nigbamii, awọn bọtini wọnyi wa fun paati kọọkan ti a beere - te ati isediwon. Ati pe ti o ba jẹ pe fun te o han gbangba pe a ti rii data naa, lẹhinna fun isediwon ko si alaye.
Eyi ni ohun ti ibeere naa dabi fun apẹẹrẹ loke
{ "request": [
{
"sha256": {{sha256}},
"features": ["te", "extraction"] ,
"te": {
"images": [
{
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"reports": [
"xml", "pdf"
]
}
}
]
}Ti o ba fi ibeere ibeere ranṣẹ laisi paati isediwon
{ "request": [
{
"sha256": {{sha256}},
"features": ["te"] ,
"te": {
"images": [
{
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"reports": [
"xml", "pdf"
]
}
}
]
}Lẹhinna idahun yoo ni alaye pipe ninu (“koodu”: 1001, “aami”: “RI”)
{
"response": [
{
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
},
"sha256": "313c0feb009356495b7f4a60e96737120beb30e1912c6d866218cee830aebd90",
"file_type": "doc",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 10,
"images": [
{
"report": {
"verdict": "malicious",
"pdf_report": "4e9cddaf-03a4-489f-aa03-3c18f8d57a52",
"xml_report": "9c18018f-c761-4dea-9372-6a12fcb15170"
},
"status": "found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"combined_verdict": "malicious",
"severity": 4,
"confidence": 1,
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
}
}
]
}Ti ko ba si alaye ninu kaṣe rara, idahun yoo jẹ “aami”: “NOT_FOUND”
{
"response": [
{
"status": {
"code": 1004,
"label": "NOT_FOUND",
"message": "Could not find the requested file. Please upload it."
},
"sha256": "313c0feb009356495b7f4a60e96737120beb30e1912c6d866218cee830aebd91",
"file_type": "",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 0,
"images": [
{
"report": {
"verdict": "unknown"
},
"status": "not_found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"status": {
"code": 1004,
"label": "NOT_FOUND",
"message": "Could not find the requested file. Please upload it."
}
}
}
]
}Ninu ipe API kan, o le fi awọn iye hash pupọ ranṣẹ ni ẹẹkan fun ijẹrisi. Idahun naa yoo da data pada ni aṣẹ kanna bi o ti firanṣẹ ninu ibeere naa.
Ibeere ibeere apẹẹrẹ pẹlu ọpọlọpọ awọn oye sha256
{ "request": [
{
"sha256": "b84531d3829bf6131655773a3863d6b16f6389b7f4036aef9b81c0cb60e7fd81"
},
{
"sha256": "b84531d3829bf6131655773a3863d6b16f6389b7f4036aef9b81c0cb60e7fd82"
}
]
}Idahun si ibeere pẹlu ọpọlọpọ awọn oye sha256
{
"response": [
{
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
},
"sha256": "b84531d3829bf6131655773a3863d6b16f6389b7f4036aef9b81c0cb60e7fd81",
"file_type": "dll",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 10,
"images": [
{
"report": {
"verdict": "malicious"
},
"status": "found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"combined_verdict": "malicious",
"severity": 4,
"confidence": 3,
"status": {
"code": 1001,
"label": "FOUND",
"message": "The request has been fully answered."
}
}
},
{
"status": {
"code": 1004,
"label": "NOT_FOUND",
"message": "Could not find the requested file. Please upload it."
},
"sha256": "b84531d3829bf6131655773a3863d6b16f6389b7f4036aef9b81c0cb60e7fd82",
"file_type": "",
"file_name": "",
"features": [
"te"
],
"te": {
"trust": 0,
"images": [
{
"report": {
"verdict": "unknown"
},
"status": "not_found",
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"score": -2147483648,
"status": {
"code": 1004,
"label": "NOT_FOUND",
"message": "Could not find the requested file. Please upload it."
}
}
}
]
}Bibeere awọn akopọ hash pupọ ni ẹẹkan ninu ibeere ibeere yoo tun ni ipa anfani lori iṣẹ olupin API.
Ṣe igbasilẹ ipe API
Ọna ti a lo - post (ni ibamu si awọn iwe aṣẹ), gba tun ṣiṣẹ (ati pe o le dabi ọgbọn diẹ sii)
Adirẹsi ipe - https:///tecloud/api/v1/file/download?id=
Akọsori nilo bọtini API lati kọja, ara ti ibeere naa ṣofo, id lati ayelujara ti kọja ni adirẹsi URL.
Ni idahun si ibeere ibeere kan, ti apẹẹrẹ ba ti pari ati pe wọn beere awọn ijabọ nigba igbasilẹ faili naa, id fun awọn ijabọ igbasilẹ yoo han. Ti o ba beere fun ẹda ti o mọtoto, o yẹ ki o wa id lati ṣe igbasilẹ iwe mimọ naa.
Ni apapọ, awọn bọtini inu idahun si ibeere ti o ni iye id fun ikojọpọ le jẹ:
-
akopọ_iroyin
-
full_iroyin
-
pdf_iroyin
-
xml_iroyin
-
jade_file_download_id
Nitoribẹẹ, lati le gba awọn bọtini wọnyi ni idahun si ibeere ibeere, wọn gbọdọ wa ni pato ninu ibeere (fun awọn ijabọ) tabi ranti lati ṣe ibeere nipa lilo iṣẹ isediwon (fun awọn iwe mimọ)
Quota API ipe
Ọna ti a lo - post
Adirẹsi ipe - https:///tecloud/api/v1/file/quota
Lati ṣayẹwo iye ti o ku ninu awọsanma, lo ibeere ipin. Ara ìbéèrè ti ṣofo.
Idahun apẹẹrẹ si ibeere ipin kan
{
"response": [
{
"remain_quota_hour": 1250,
"remain_quota_month": 10000000,
"assigned_quota_hour": 1250,
"assigned_quota_month": 10000000,
"hourly_quota_next_reset": "1599141600",
"monthly_quota_next_reset": "1601510400",
"quota_id": "TEST",
"cloud_monthly_quota_period_start": "1421712300",
"cloud_monthly_quota_usage_for_this_gw": 0,
"cloud_hourly_quota_usage_for_this_gw": 0,
"cloud_monthly_quota_usage_for_quota_id": 0,
"cloud_hourly_quota_usage_for_quota_id": 0,
"monthly_exceeded_quota": 0,
"hourly_exceeded_quota": 0,
"cloud_quota_max_allow_to_exceed_percentage": 1000,
"pod_time_gmt": "1599138715",
"quota_expiration": "0",
"action": "ALLOW"
}
]
}Idena Irokeke API fun Aabo ẹnu-ọna
API yii jẹ idagbasoke ṣaaju API Idena Ihalẹ ati pe a pinnu fun awọn ẹrọ agbegbe nikan. Fun bayi o le wulo nikan ti o ba nilo API Ihalẹ Irokeke. Fun Emulation Irokeke o dara lati lo API Idena Irokeke deede. Lati tan-an TP API fun SG ati tunto bọtini API ti o nilo lati tẹle awọn igbesẹ lati . Mo ṣeduro san ifojusi si igbesẹ 6b ati ṣayẹwo iraye si oju-iwe naa https://<IPAddressofSecurityGateway>/UserCheck/TPAPI nitori ninu ọran ti abajade odi, iṣeto siwaju ko ni oye. Gbogbo awọn ipe API ni yoo fi ranṣẹ si url yii. Iru ipe naa (ikojọpọ/ibeere) jẹ ilana ni bọtini ara ipe - ìbéèrè_orukọ. Tun beere awọn bọtini ni o wa - api_key (o nilo lati ranti rẹ nigba ti iṣeto ni ilana) ati version_protocol (Lọwọlọwọ lọwọlọwọ ti ikede jẹ 1.1). O le wa iwe aṣẹ fun API yii ni . Awọn anfani ibatan pẹlu agbara lati fi ọpọlọpọ awọn faili ranṣẹ ni ẹẹkan fun apẹẹrẹ nigbati o ba n ṣajọpọ wọn, niwọn igba ti a firanṣẹ awọn faili bi okun ọrọ base64. Lati fi koodu pamo/di koodu awọn faili si/lati base64 o le lo oluyipada ori ayelujara ni Postman fun awọn idi ifihan, fun apẹẹrẹ - . Fun awọn idi iṣe, o yẹ ki o lo koodu-itumọ ti ati awọn ọna iyipada nigba kikọ koodu.
Bayi jẹ ki ká ya a jo wo ni awọn iṣẹ te и isediwon ninu API yii.
Fun paati te pese iwe-itumọ te_aṣayan ni awọn ibeere ikojọpọ/awọn ibeere, ati awọn bọtini inu ibeere yii ni ibamu patapata pẹlu awọn bọtini te ni .
Ibere fun apẹẹrẹ fun apẹẹrẹ faili ni Win10 pẹlu awọn ijabọ
{
"request": [{
"protocol_version": "1.1",
"api_key": "<api_key>",
"request_name": "UploadFile",
"file_enc_data": "<base64_encoded_file>",
"file_orig_name": "<filename>",
"te_options": {
"images": [
{
"id": "10b4a9c6-e414-425c-ae8b-fe4dd7b25244",
"revision": 1
}
],
"reports": ["summary", "xml"]
}
}
]
}Fun paati isediwon pese iwe-itumọ scrub_aṣayan. Ibeere yii ṣe alaye ọna mimọ: yipada si PDF, ko akoonu ti nṣiṣe lọwọ kuro, tabi yan ipo kan ni ibamu pẹlu profaili Idena Irokeke (orukọ profaili jẹ itọkasi). Ohun nla nipa didahun si ibeere API isediwon fun faili ni pe o gba ẹda ti o mọ ni idahun si ibeere yẹn bi okun ti paroko base64 (iwọ ko nilo lati ṣe ibeere ibeere ki o wo id lati ṣe igbasilẹ naa iwe)
Apẹẹrẹ ti ibeere lati ko faili kan kuro
{
"request": [{
"protocol_version": "1.1",
"api_key": "<API_KEY>",
"request_name": "UploadFile",
"file_enc_data": "<base64_encoded_file>",
"file_orig_name": "hi.txt",
"scrub_options": {
"scrub_method": 2
}
}]
}Fesi si a ìbéèrè
{
"response": [{
"protocol_version": "1.1",
"src_ip": "<IP_ADDRESS>",
"scrub": {
"file_enc_data": "<base64_encoded_converted_to_PDF_file>",
"input_real_extension": "js",
"message": "OK",
"orig_file_url": "",
"output_file_name": "hi.cleaned.pdf",
"protection_name": "Extract potentially malicious content",
"protection_type": "Conversion to PDF",
"real_extension": "txt",
"risk": 0,
"scrub_activity": "TXT file was converted to PDF",
"scrub_method": "Convert to PDF",
"scrub_result": 0,
"scrub_time": "0.011",
"scrubbed_content": ""
}
}]
} Bi o ti jẹ pe awọn ibeere API diẹ ni o nilo lati gba ẹda ti a sọ di mimọ, Mo rii pe aṣayan yii ko dara julọ ati irọrun ju ibeere fọọmu-data ti a lo ninu .
Postman Collections
Mo ṣẹda awọn ikojọpọ ni Postman fun mejeeji Idena Idẹruba API ati Idena Irokeke API fun Ẹnu-ọna Aabo, eyiti o ṣe aṣoju awọn ibeere API ti o wọpọ julọ. Ni ibere fun olupin ip/url API ati bọtini lati rọpo laifọwọyi sinu awọn ibeere, ati iye hash sha256 lati ranti lẹhin igbasilẹ faili naa, awọn oniyipada mẹta ti ṣẹda ninu awọn ikojọpọ (o le rii wọn nipa lilọ si awọn eto ikojọpọ. Ṣatunkọ -> Awọn iyipada): te_api (beere), api_key (o nilo lati kun, ayafi nigba lilo TP API pẹlu awọn ẹrọ agbegbe), sha256 (fi silẹ ni ofo, ko lo ninu TP API fun SG).
Awọn apẹẹrẹ ti lilo
Ni agbegbe Awọn iwe afọwọkọ ti a kọ sinu Python ni a gbekalẹ ti o ṣayẹwo awọn faili lati itọsọna ti o fẹ nipasẹ , ati . Nipasẹ ibaraenisepo pẹlu API Idena Irokeke, agbara rẹ lati ṣayẹwo awọn faili ti pọ si ni pataki, niwọn igba ti o le ṣe ọlọjẹ awọn faili ni awọn iru ẹrọ pupọ ni ẹẹkan (ṣayẹwo wọle , ati lẹhinna ninu apoti iyanrin Ṣayẹwo Point), ati gba awọn faili kii ṣe lati awọn ijabọ nẹtiwọọki nikan, ṣugbọn tun mu wọn lati awọn awakọ nẹtiwọọki eyikeyi ati, fun apẹẹrẹ, awọn ọna ṣiṣe CRM.
orisun: www.habr.com