[Bro] Virus Total Api

Alex Kefallonitis al.kefallonitis at gmail.com
Tue Apr 4 08:31:10 PDT 2017


I am using bro 2.5 and i cant get this working
https://github.com/sooshie/bro-scripts/blob/master/misc/vt_check.bro

I see curl running on request and succefully submitted on virustotal but i
get this error:

1490780707.065084 error in /opt/bro/share/bro/bro-extra/vt_check.bro, line
79: no such index (VTCHECK::temp[2])
1490780707.065084 error in /opt/bro/share/bro/bro-extra/vt_check.bro, line
74: no such index (VTCHECK::temp[2])
1490780707.065084 error in /opt/bro/share/bro/bro-extra/vt_check.bro, line
91: value used but not set (VTCHECK::positives)


Anyone made this work or anything similar?

I can't get either this example working
https://www.sans.org/reading-room/whitepapers/detection/detecting-malicious-smb-activity-bro-37472

Thanks in advanced
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170404/81b4ec44/attachment.html 


More information about the Bro mailing list