malwaredb-client 0.1.1

Client application and library for connecting to MalwareDB.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

## Malware DB Client
[![Test](https://github.com/malwaredb/malwaredb-rs/actions/workflows/test.yml/badge.svg)](https://github.com/malwaredb/malwaredb-rs/actions/workflows/test.yml)[![Lint](https://github.com/malwaredb/malwaredb-rs/actions/workflows/lint.yml/badge.svg)](https://github.com/malwaredb/malwaredb-rs/actions/workflows/lint.yml)[![Cross](https://github.com/malwaredb/malwaredb-rs/actions/workflows/release.yml/badge.svg)](https://github.com/malwaredb/malwaredb-rs/actions/workflows/release.yml)[![Documentation](https://docs.rs/malwaredb-client/badge.svg)](https://docs.rs/malwaredb-client/)[![Crates.io Version](https://img.shields.io/crates/v/malwaredb-client)](https://crates.io/crates/malwaredb-client)

This application submits and retrieves samples (of known/supported types) from the `MalwareDB` server over the http protocol.

### Getting started
1. Install a `MalwareDB` instance, if you don't have one already. See the main repo for directions.
2. Have an account created on the server.
3. Login with your username, password, and server URL. Example: `mdb_client login http://localhost:8080 myusername`. You'll be prompted for your password.
4. Verify this works with `mdb_client whoami`. This will show your user information, including groups and sources you have access to.
5. Run `mdb_client server-info` to see some overall stats about the server.
6. Run `mdb_client server-types` to see which file types the server knows about, and will store samples of these types.

### Submitting samples
1. Run `mdb_client whoami` to ensure you're logged in.
2. Submit one or more files by providing the paths for one or more files and/or directories, along with the ID number of the source: `mdb_client submit-samples -s 1 /path/to/files/`.
    * You may provide `-p password` and a Zip file to load files from a password-protected Zip file. There is logic to distinquish from a Zip file that's actually an MS Office document versus an archive of files.
    * You may only submit samples to sources that your group has access to.

### Retrieving samples
1. Run `mdb_client whoami` to ensure you're logged in.
2. Run `mdb_client retrieve-sample c8a9335b95774a30addf372395e9a148` to retrieve a sample by it's hash.
    * Hashes may be MD-5, SHA-1, SHA-256, SHA-384, or SHA-512. This is determined based on the hash length.
    * Files may be retrieved if you're part of a group which has access to a source containing the file you want to retrieve.

### Finding similar files
1. Run `mdb_client whoami` to ensure you're logged in.
2. Run `mdb_client find-similar /path/to/file`. This will calculate the various similarity hashes for the file, and send them to the server to find samples which are similar.