Comodo File Informer

'; } if (count($_POST)){ if (isset($_SESSION['f_sha'])){unset($_SESSION['f_sha']);} if (isset($_POST['fname']) && $_POST['fname'] !=''){ header("Location:/test/".trim($_POST['fname']).".html"); exit; } else{ header("Location:/test/".trim($_POST['sha1']).".html"); exit; } } if(!isset($_GET['file']) && !isset($_GET['sha1']) && !isset($_GET['error'])){ echo "\n".'
Pliase enter file name
OR
Enter SHA1
Select From Given Files:
'; } elseif(isset($_GET['file']) && count($_GET['file'])){ $sql_query ='select * from mis.return_from_name(\''.$_GET['file'].'\',100) AS ("SampleName" character varying(256),"SubmitterLocation" character varying, "SampleSha1" character(40),"FirstCatchedDateTime" timestamp without time zone, "ApllicationEx" character varying, "MD5" bpchar,"SampleSize" integer,"VerdictName" character varying, malvare_name character varying,"SampleId"integer, "Company" character varying,"FileVersion" character varying,"Product" character varying,"ProductVersion" character varying)'; $sql_cht ='select min("FirstCatchedDateTime") as "first_caught" from mis.return_from_name(\''.$_GET['file'].'\',100) AS ("SampleName" character varying(256),"SubmitterLocation" character varying, "SampleSha1" character(40),"FirstCatchedDateTime" timestamp without time zone, "ApllicationEx" character varying, "MD5" bpchar,"SampleSize" integer,"VerdictName" character varying, malvare_name character varying,"SampleId"integer, "Company" character varying,"FileVersion" character varying,"Product" character varying,"ProductVersion" character varying)'; $res = odbc_exec($db_conn, $sql_query); $res1 = odbc_exec($db_conn, $sql_query); $res2 = odbc_exec($db_conn, $sql_query); $min_cgt = odbc_exec($db_conn, $sql_cht); if (!$res) { echo "An error occured in getting results from DB.\n"; exit; } if(odbc_num_rows($res) > 0) { print ' '; print '
'; //First Caught: print ''; //Malware print ''; //Safe print '

First Caught:

'.date("j F, Y, \a\\t g:i a \G\M\T",strtotime(odbc_result($min_cgt,"first_caught"))).'

Related Malware Entries:  

' ; $i = 0; while(odbc_fetch_row($res)){ if (odbc_result($res,"VerdictName") == 'Malware'){ if(odbc_result($res,"malvare_name")==''){$mal_name = 'N/A';} else{$mal_name = preg_replace("/^(\.)/","",odbc_result($res,"malvare_name"));} $i++; $cnt_name = odbc_result($res,"SubmitterLocation"); $loc=odbc_exec($db_conn, "select lower(\"Country_Code\")::character varying as cnt_code from mis.geoip where \"Country_Name\" ilike '".$cnt_name."%' limit 1"); $sha1 = odbc_result($res,"SampleSha1"); $sql_camas = "select count(\"SampleSha1\") as cnt_camas from samples join camas_results using (\"SampleId\") join camas_verdicts using (\"CamasVerdictId\") where lower(\"SampleSha1\") = lower('$sha1') and camas_verdicts.\"Name\" LIKE ANY (array['Suspicious','Suspicious+','Suspicious++'])"; $cnt_cams_verd = odbc_exec($db_conn, $sql_camas); print ' '; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; if(odbc_num_rows($cnt_cams_verd) > 0 && odbc_result($cnt_cams_verd,"cnt_camas")>0) {print "";} else{print "";} } } print '
# FileSize(In Bytes) SHA1 MD5 Digitally Signed MalwareName Company FileVersion ProductName ProductVersion Application Type Submitter Location Malware Behavior Report
'.$i. ' '.odbc_result($res,"SampleSize"). ''.odbc_result($res,"SampleSha1").''.odbc_result($res,"MD5").'No'.wordwrap($mal_name,20,"
\n",1).'		'.wordwrap(odbc_result($res,"Company"),10,"
\n",1).'		'.wordwrap(odbc_result($res,"FileVersion"),15,"
\n",1).'		'.wordwrap(odbc_result($res,"Product"),15,"
\n",1).'		'.wordwrap(odbc_result($res,"ProductVersion"),15,"
\n",1).'		'.odbc_result($res,"ApllicationEx").' '.$cnt_name.'ReportN/A

Related Safe Entries:  

'; $i=0; while(odbc_fetch_row($res1)){ if (odbc_result($res1,"VerdictName") == 'Safe'){ $i++; $sha1 =odbc_result($res1,"SampleSize"); $chk_sig = odbc_exec($db_conn,"select mis.is_signed($sha1)"); $is_sig=odbc_result($chk_sig,"is_signed"); $cnt_name = odbc_result($res1,"SubmitterLocation"); $loc=odbc_exec($db_conn, "select lower(\"Country_Code\")::character varying as cnt_code from mis.geoip where \"Country_Name\" ilike '".$cnt_name."%' limit 1"); print ' '; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; } } print '
# FileSize(In Bytes) SHA1 MD5 Digitally Signed Company FileVersion ProductName ProductVersion Application Type Submitter Location
'.$i. ' '.odbc_result($res1,"SampleSize"). ''.odbc_result($res1,"SampleSha1").''.odbc_result($res1,"MD5").''; if($is_sig) print"Yes"; else print "No"; print ''.wordwrap(odbc_result($res1,"Company"),15,"
\n",1).'		'.wordwrap(odbc_result($res1,"FileVersion"),15,"
\n",1).'		'.wordwrap(odbc_result($res1,"Product"),20,"
\n",1).'		'.wordwrap(odbc_result($res1,"ProductVersion"),20,"
\n",1).'		'.odbc_result($res1,"ApllicationEx").' '.$cnt_name.'
'; //Unknown print '

Related Unknown Entries:  

'; $i=0; while(odbc_fetch_row($res2)){ if (odbc_result($res2,"VerdictName") == 'unknown'){ if(odbc_result($res2,"malvare_name")==''){$mal_name = 'N/A';} else{$mal_name = odbc_result($res2,"malvare_name");} $i++; $cnt_name = odbc_result($res2,"SubmitterLocation"); $loc=odbc_exec($db_conn, "select lower(\"Country_Code\")::character varying as cnt_code from mis.geoip where \"Country_Name\" ilike '".$cnt_name."%' limit 1"); print ' '; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; } } print '
# FileSize(In Bytes) SHA1 MD5 Digitally Signed Company FileVersion ProductName ProductVersion Application Type Submitter Location
'.$i. ' '.odbc_result($res2,"SampleSize"). ''.odbc_result($res2,"SampleSha1").''.odbc_result($res2,"MD5").'No'.wordwrap(odbc_result($res2,"Company"),20,"
\n",1).'		'.wordwrap(odbc_result($res2,"FileVersion"),15,"
\n",1).'		'.wordwrap(odbc_result($res2,"Product"),20,"
\n",1).'		'.wordwrap(odbc_result($res2,"ProductVersion"),10,"
\n",1).'		'.odbc_result($res2,"ApllicationEx").' '.$cnt_name.'
'; } else{ //header("HTTP/1.0 404 Not Found"); // header("Location:/test/404/".$_GET['file']); ob_clean(); flush(); // print $_SERVER['QUERY_STRING']; include('error404.php'); exit; // print "

File ".$_GET['file']." not found

"; } } //-----------------------sha1 if(isset($_GET['sha1']) && count($_GET['sha1'])){ $sql_query = 'select * from mis.return_from_sha1(\''.$_GET['sha1'].'\') AS ("SampleName" character varying(256), "SampleSha1" character(40),"FirstCatchedDateTime" timestamp without time zone, "ApllicationEx" character varying, "MD5" bpchar,"SampleSize" integer,"VerdictName" character varying, malvare_name character varying,"SampleId"integer, "Company" character varying,"FileVersion" character varying, "Product" character varying,"ProductVersion" character varying) limit 1'; $sql_cth = 'select min("FirstCatchedDateTime") as first_caught ,"ApllicationEx" from mis.return_from_sha1(\''.$_GET['sha1'].'\') AS ("SampleName" character varying(256), "SampleSha1" character(40),"FirstCatchedDateTime" timestamp without time zone, "ApllicationEx" character varying, "MD5" bpchar,"SampleSize" integer,"VerdictName" character varying, malvare_name character varying,"SampleId"integer, "Company" character varying,"FileVersion" character varying, "Product" character varying,"ProductVersion" character varying) group by "ApllicationEx"'; $sha1 = $_GET['sha1']; $sql_camas = "select count(\"SampleSha1\") as cnt_camas from samples join camas_results using (\"SampleId\") join camas_verdicts using (\"CamasVerdictId\") where lower(\"SampleSha1\") = lower('$sha1') and camas_verdicts.\"Name\" LIKE ANY (array['Suspicious','Suspicious+','Suspicious++'])"; $sample_auth = odbc_exec($db_conn,"select * from mis.return_authcodes_by_sha1('$sha1')"); $res = odbc_exec($db_conn, $sql_query); $min_cgt = odbc_exec($db_conn, $sql_cth); $fn = odbc_exec($db_conn, $sql_query); $cnt_cams_verd = odbc_exec($db_conn, $sql_camas); if (!$res) { echo "An error occured in getting results from DB.\n"; exit; } if(odbc_num_rows($res) > 0) { print ' '; print '

First Caught:

'.date("j F, Y, \a\\t g:i a \G\M\T",strtotime(odbc_result($min_cgt,"first_caught"))).'

Application Type:

'.odbc_result($min_cgt,"ApllicationEx").'

Execution Report:

'; if(odbc_num_rows($cnt_cams_verd) > 0 && odbc_result($cnt_cams_verd,"cnt_camas")>0) //{print "Report";} {print "Report";} else{print 'N/A';} print '
'; while(odbc_fetch_row($res)){ $name = odbc_exec($db_conn, 'select radar."SampleName",mis.countryname_by_ip(radar."SubmitterIP") as "SubmitterLoc" from radar where radar."SampleId" = '.odbc_result($res,"SampleId").' group by radar."SampleName","SubmitterLoc"'); while(odbc_fetch_row($name)){ //array_push($arr_catched,odbc_result($name,"first_caught")); array_push($arr_name,odbc_result($name,"SampleName")); array_push($arr_ip,odbc_result($name,"SubmitterLoc")); } print " \n"; print '\n"; print '\n"; print "\n"; print '\n"; print '\n"; print '\n"; print '\n"; print '\n"; } print '
FileSize(InBytes) SHA1 MD5 DigitallySigned Verdict Company FileVersion ProductName ProductVersion
".odbc_result($res,"SampleSize"). "'.odbc_result($res,"SampleSha1")."'.odbc_result($res,"MD5").""; if(odbc_result($sample_auth,"return_authcodes_by_sha1")){print "Yes";} else{print "No";} print "'.odbc_result($res,"malvare_name")."'.odbc_result($res,"Company")."'.odbc_result($res,"FileVersion")."'.odbc_result($res,"Product")."'.odbc_result($res,"ProductVersion")."
'; $cnt_a = count($arr_name); //$arr_res = array_unique($arr_name); //sort($arr_res); //reset($arr_res); //$cnt=count($arr_res); print "

File Name Aliases: ".$cnt_a."

"; /*while (list($key, $val) = each($arr_res)) { echo ""; $key; echo ""; // echo ""; }*/ print ""; $x=0; $xx = 1; while ($x<$cnt_a) { $loc=odbc_exec($db_conn, "select lower(\"Country_Code\")::character varying as cnt_code from mis.geoip where \"Country_Name\" ilike '".$arr_ip[$x]."%' limit 1"); print ""; $x++;$xx++; /* if ($x<$cnt_a){echo "";} $x++; if ($x<$cnt_a){echo "";} $x++;*/ } /*$x=0; while ($x<$cnt) { echo ""; $x++; if ($x<$cnt){echo "";} $x++; if ($x<$cnt){echo "";} $x++; }*/ } } print "
$val- location$key - $val- location
$arr_res[j] - location
# File Name Submitter Location
".$xx." ".$arr_name[$x]." ".$arr_ip[$x]."
".$arr_name[$x]."-".$arr_ip[$x]."".$arr_name[$x]."-".$arr_ip[$x]."
".$arr_res[$x]." - location ".$arr_res[$x]." - location".$arr_res[$x]." - location

"; ?>