From 008d2321e58ee1d0718dd55bb4e66f12df89de02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Henrique?= Date: Wed, 30 Jul 2025 18:08:27 -0300 Subject: [PATCH] adding virus total check --- .gitea/workflows/release.yaml | 64 ++++++++++++++++++- README.md | 11 ++++ scripts/check_virustotal.sh | 113 ++++++++++++++++++++++++++++++++++ 3 files changed, 185 insertions(+), 3 deletions(-) create mode 100755 scripts/check_virustotal.sh diff --git a/.gitea/workflows/release.yaml b/.gitea/workflows/release.yaml index a767c9c..d6b9c74 100644 --- a/.gitea/workflows/release.yaml +++ b/.gitea/workflows/release.yaml @@ -6,13 +6,15 @@ on: - v* jobs: - release: + build: runs-on: ubuntu-latest + outputs: + zip-file: vision-start-${{ gitea.ref_name }}.zip steps: - name: Check out repository code uses: actions/checkout@v4 - - name: Setup zip - run: sudo apt-get install zip -y + - name: Setup required tools + run: sudo apt-get install zip jq curl -y - name: Install JS dependencies run: npm install - name: Run build @@ -24,9 +26,65 @@ jobs: mv manifest.json vision-start/ - name: Create zip archive run: zip -r vision-start-${{ gitea.ref_name }}.zip vision-start + - name: Upload artifact + uses: actions/upload-artifact@v4 + with: + name: release-zip + path: vision-start-${{ gitea.ref_name }}.zip + + virus-total-check: + runs-on: ubuntu-latest + needs: build + outputs: + analysis-url: ${{ steps.vt-check.outputs.analysis-url }} + detection-ratio: ${{ steps.vt-check.outputs.detection-ratio }} + steps: + - name: Check out repository code + uses: actions/checkout@v4 + - name: Setup required tools + run: sudo apt-get install jq curl -y + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: release-zip + - name: Run VirusTotal check + id: vt-check + env: + virustotal_apikey: ${{ secrets.VIRUSTOTAL_APIKEY }} + VIRUS_TOTAL_FILE: vision-start-${{ gitea.ref_name }}.zip + run: | + # Run the VirusTotal check script and capture output + bash scripts/check_virustotal.sh > vt_output.txt 2>&1 + + # Extract analysis URL and detection ratio from output + ANALYSIS_URL=$(grep "Analysis URL:" vt_output.txt | cut -d' ' -f3- || echo "Not available") + DETECTION_RATIO=$(grep "Detection ratio:" vt_output.txt | cut -d' ' -f3- || echo "Not available") + + # Set outputs for next job + echo "analysis-url=$ANALYSIS_URL" >> $GITEA_OUTPUT + echo "detection-ratio=$DETECTION_RATIO" >> $GITEA_OUTPUT + + # Display the full output + cat vt_output.txt + + release: + runs-on: ubuntu-latest + needs: [build, virus-total-check] + steps: + - name: Check out repository code + uses: actions/checkout@v4 + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: release-zip - name: Release zip uses: akkuman/gitea-release-action@v1 with: + body: | + This is the release for version ${{ gitea.ref_name }}. + + **Virus Total Analysis URL:** ${{ needs.virus-total-check.outputs.analysis-url }} + **Virus Total Detection Ratio:** ${{ needs.virus-total-check.outputs.detection-ratio }} name: ${{ gitea.ref_name }} tag_name: ${{ gitea.ref_name }} files: vision-start-${{ gitea.ref_name }}.zip \ No newline at end of file diff --git a/README.md b/README.md index 804a91f..e3b3af1 100755 --- a/README.md +++ b/README.md @@ -7,6 +7,17 @@ ![Editing page with Abstract Red background](screenshots/editing-abstract-red.png) ![Configuration Tab opened](screenshots/configuration-abstract-red.png) +## Installing + +Vision Start is not yet available on Chrome Web Store, but it can be installed manually: +1. Go to https://git.ivanch.me/ivanch/vision-start/releases/latest +2. Download the latest `vision-start-[version].zip` file +3. Extract the zip file, you will have a `vision-start` folder +4. Go to chrome://extensions/ +5. Enable "Developer mode" in the top right corner +6. Click on "Load unpacked" and select the `vision-start` folder you extracted in step 3 +7. The extension should now be installed! Just open a new tab to see it in action. + ## Backgrounds It comes with a selection of some nice pre-defined backgrounds. You can also upload up to one image to it. diff --git a/scripts/check_virustotal.sh b/scripts/check_virustotal.sh new file mode 100755 index 0000000..807c60b --- /dev/null +++ b/scripts/check_virustotal.sh @@ -0,0 +1,113 @@ +#!/bin/bash + +# Script to check a file against VirusTotal API +# Requires: curl, jq +# Environment variable: virustotal_apikey + +set -e + +# Configuration +FILE_PATH="${VIRUS_TOTAL_FILE:-vision-start.zip}" +API_KEY="${virustotal_apikey}" +BASE_URL="https://www.virustotal.com/vtapi/v2" + +# Check if API key is set +if [ -z "$API_KEY" ]; then + echo "Error: virustotal_apikey environment variable is not set" + exit 1 +fi + +# Check if file exists +if [ ! -f "$FILE_PATH" ]; then + echo "Error: File $FILE_PATH not found" + exit 1 +fi + +# Check if required tools are available +if ! command -v curl &> /dev/null; then + echo "Error: curl is required but not installed" + exit 1 +fi + +if ! command -v jq &> /dev/null; then + echo "Error: jq is required but not installed" + exit 1 +fi + +echo "Uploading $FILE_PATH to VirusTotal for analysis..." + +# Upload file to VirusTotal +UPLOAD_RESPONSE=$(curl -s -X POST \ + -F "apikey=$API_KEY" \ + -F "file=@$FILE_PATH" \ + "$BASE_URL/file/scan") + +# Extract scan_id from response +SCAN_ID=$(echo "$UPLOAD_RESPONSE" | jq -r '.scan_id') + +if [ "$SCAN_ID" == "null" ] || [ -z "$SCAN_ID" ]; then + echo "Error: Failed to upload file or get scan ID" + echo "Response: $UPLOAD_RESPONSE" + exit 1 +fi + +echo "File uploaded successfully. Scan ID: $SCAN_ID" +echo "Waiting for analysis to complete..." + +# Wait for analysis to complete and get results +MAX_ATTEMPTS=30 +ATTEMPT=0 +SLEEP_INTERVAL=10 + +while [ $ATTEMPT -lt $MAX_ATTEMPTS ]; do + echo "Checking analysis status (attempt $((ATTEMPT + 1))/$MAX_ATTEMPTS)..." + + # Get scan report + REPORT_RESPONSE=$(curl -s -X POST \ + -d "apikey=$API_KEY" \ + -d "resource=$SCAN_ID" \ + "$BASE_URL/file/report") + + # Check if analysis is complete + RESPONSE_CODE=$(echo "$REPORT_RESPONSE" | jq -r '.response_code') + + if [ "$RESPONSE_CODE" == "1" ]; then + # Analysis complete + echo "Analysis completed!" + + # Extract results + POSITIVES=$(echo "$REPORT_RESPONSE" | jq -r '.positives') + TOTAL=$(echo "$REPORT_RESPONSE" | jq -r '.total') + PERMALINK=$(echo "$REPORT_RESPONSE" | jq -r '.permalink') + + echo "Analysis URL: $PERMALINK" + echo "Detection ratio: $POSITIVES/$TOTAL" + + # Check if file is safe + if [ "$POSITIVES" -eq 0 ]; then + echo "✅ File is clean (no threats detected)" + exit 0 + else + echo "❌ File contains threats ($POSITIVES detections out of $TOTAL scanners)" + exit 1 + fi + elif [ "$RESPONSE_CODE" == "0" ]; then + # File not found or analysis not complete yet + echo "Analysis still in progress..." + elif [ "$RESPONSE_CODE" == "-2" ]; then + # Still queued for analysis + echo "File still queued for analysis..." + else + echo "Unexpected response code: $RESPONSE_CODE" + echo "Response: $REPORT_RESPONSE" + exit 1 + fi + + ATTEMPT=$((ATTEMPT + 1)) + if [ $ATTEMPT -lt $MAX_ATTEMPTS ]; then + sleep $SLEEP_INTERVAL + fi +done + +echo "Timeout: Analysis did not complete within expected time" +exit 1 \ No newline at end of file