]
12-12-2018, 08:41 PM
Introduction
Like all my other tutorials this will be done within Ubuntu.
![[Image: cosfPxm.png]](https://i.imgur.com/cosfPxm.png)
Exploring the Malshare API
You can view their existing
![[Image: eXg3iAd.png]](https://i.imgur.com/eXg3iAd.png)
Object Orientation
The whole philosophy for creating software is to make lives easier. When you write classes you need to keep in mind that object oriented programming is for code reuse. You want to write your code in such a way that you aren't rewriting it over and over again. Too many times people write code that they copy and paste over and over again when in fact they can simply write a class or a method/function. So below is a section of the class I started writing while reading the documentation.
The code above (unfinished) was written before I even did any planning whatsoever. Just because the API is short doesn't mean we don't need some kind of proper planning. You don't really want to rewrite code (called refactoring) over and over again. For example, I wrote some email marketing software in 2001 and it is still functioning to this day with being refactored once, when Google deprecated their old search API and started using the Custom Search API. The point is, I am going to write a function for each endpoint in the API but the code can still be refactored. For example, you could refactor these two methods into one with little effect.
Making the Call
You can make calls to external sources in PHP in a few different ways. My favorite way is with CURL. However, these endpoints work just fine with a more simple way,
![[Image: OhOpr5b.png]](https://i.imgur.com/OhOpr5b.png)
![[Image: Wv9ajSx.png]](https://i.imgur.com/Wv9ajSx.png)
Uploading FIles
Down the list a bit on the API documentation page there is an option to upload a file. However, we have only been downloading data from the Malshare website. We can't use our usual function file_get_contents() for this, so we are going to use CURL. You can check your CURL version with the --version flag/argument.
If you read the CURL manpage you can see that the -F option is for uploading the file using the FormData field like their API needs. The image below is a screenshot of the manpage for CURL. The data field they want is called upload, and using it in a single CURL command (POST data) is simple, you can see that below as well.
![[Image: 3bcxHUb.png]](https://i.imgur.com/3bcxHUb.png)
The return value is a hash of the file, which you can use to check with the earlier API methods we implemented in the Malshare class. However, executing this command in PHP is a bit different. You could probably just exec() the command and pull the results but it's much better to break it out into PHP code.
![[Image: DdGmq37.png]](https://i.imgur.com/DdGmq37.png)
Conclusion
This is a simple tutorial on how to integrate the
Like all my other tutorials this will be done within Ubuntu.
[To see links please register here]
that allows you to share malware analysis reports and malware information in general. There are plenty of places like this on the internet such as[To see links please register here]
and[To see links please register here]
and many many more. Malshare gives you 1,000 calls in a 24 hour period. You can also visit their[To see links please register here]
. To login to this website you will need to register an API key and put it in the box in the top right of the page.Exploring the Malshare API
You can view their existing
[To see links please register here]
. As you can see from the image below the API offers JSON and raw outputs. Each call is made with your API key. You can register for a[To see links please register here]
. From the API documentation we can write a class pretty easily.Object Orientation
The whole philosophy for creating software is to make lives easier. When you write classes you need to keep in mind that object oriented programming is for code reuse. You want to write your code in such a way that you aren't rewriting it over and over again. Too many times people write code that they copy and paste over and over again when in fact they can simply write a class or a method/function. So below is a section of the class I started writing while reading the documentation.
Hidden Content
The code above (unfinished) was written before I even did any planning whatsoever. Just because the API is short doesn't mean we don't need some kind of proper planning. You don't really want to rewrite code (called refactoring) over and over again. For example, I wrote some email marketing software in 2001 and it is still functioning to this day with being refactored once, when Google deprecated their old search API and started using the Custom Search API. The point is, I am going to write a function for each endpoint in the API but the code can still be refactored. For example, you could refactor these two methods into one with little effect.
Hidden Content
Making the Call
You can make calls to external sources in PHP in a few different ways. My favorite way is with CURL. However, these endpoints work just fine with a more simple way,
[To see links please register here]
. This method has been around since PHP4 and it doesn't look like it's going away any time soon. Like they say in software, let's keep it simple. SO the call method will accept our complete API url and spit out the return data, like shown below.Hidden Content
Uploading FIles
Down the list a bit on the API documentation page there is an option to upload a file. However, we have only been downloading data from the Malshare website. We can't use our usual function file_get_contents() for this, so we are going to use CURL. You can check your CURL version with the --version flag/argument.
Hidden Content
If you read the CURL manpage you can see that the -F option is for uploading the file using the FormData field like their API needs. The image below is a screenshot of the manpage for CURL. The data field they want is called upload, and using it in a single CURL command (POST data) is simple, you can see that below as well.
Hidden Content
The return value is a hash of the file, which you can use to check with the earlier API methods we implemented in the Malshare class. However, executing this command in PHP is a bit different. You could probably just exec() the command and pull the results but it's much better to break it out into PHP code.
Conclusion
This is a simple tutorial on how to integrate the
[To see links please register here]
into a PHP class. You can view the complete class[To see links please register here]
.
