PSGlimpsMalware

1.0.3.1

Public/Send-FileToGlimpsMalware.ps1

                                function Send-FileToGlimpsMalware {

    <#

    .SYNOPSIS

    Send file to Glimps

    .DESCRIPTION

    .PARAMETER FilePath

    Provide FilePath to a file to check.

    .PARAMETER FileInformation

    Provide FileInformation to a file to check.

    .EXAMPLE

    .NOTES

    #>

    [CmdletBinding(DefaultParameterSetName = 'none')]

    Param(

        [Parameter(Mandatory, ParameterSetName = 'FileInformation', ValueFromPipeline, Position = 0)]

        [System.IO.FileInfo]

        $FileInformation,

        [Parameter(Mandatory, ParameterSetName = 'FilePath', ValueFromPipeline, Position = 0)]

        [string]

        $FilePath,

        [Parameter()]

        [switch] $AsZip

    )

    Begin {

        Test-GlimpsMalwareConnection

        $listFiles = [System.Collections.ArrayList]@()

        $results = [System.Collections.ArrayList]@()

    }

    Process {

        if ($FilePath) {

            Write-Verbose "Path received" 

            Try {

                $FileInformation = Get-Item $FilePath

            } Catch {

                throw "Can't get file at $FilePath"

            }

        }

        if ($FileInformation) {

            Write-Verbose "File Information received $($FileInformation.GetType())"

            $listFiles.Add($FileInformation) | Out-Null

        }

    }

    End {

        if ($AsZip) {

            $archiveName = "$([guid]::NewGuid() | Select-Object -ExpandProperty Guid).zip"

            Write-Verbose "Adding  as $archiveName"

            $compressArguments = @{

                LiteralPath = $listFiles | Select-Object -ExpandProperty FullName

                CompressionLevel = "NoCompression"

                DestinationPath = $(Join-Path $($env:temp) $archiveName)

            }

            $ProgressPreference = 'silentlycontinue'

            Compress-Archive @compressArguments

            $listFiles = Get-Item $compressArguments.DestinationPath

        }

        foreach ($file in $listFiles) {

            Write-Verbose "Sending file $($file.FullName)"

            $Boundary = [Guid]::NewGuid().ToString()

            $params = @{

                Method      = "POST"

                Uri         = $($_ApiURL.AbsoluteUri + "submit")

                ContentType = "multipart/form-data; boundary=`"$boundary`""

                Headers     = @{"Accept"="application/json"; "X-Auth-Token"=$(New-Object PSCredential 0, $_ApiKey).GetNetworkCredential().Password}

                Body        = $(ConvertTo-GlimpsMalwareBody -FileInformation $file -Boundary $Boundary)

            }

            if ($AsZip) {

                Write-Verbose "Remove item $($file.fullName)"

                Remove-Item $file | Out-Null

            }

            Try {

                $WebResponse = Invoke-WebRequest @params

            } Catch {

                Write-Verbose "Response $($WebResponse.Content)"

                $details = $_.Exception

                throw $details

            }

            Try {

                Write-Verbose "Response $($WebResponse.Content)"

                $response = $WebResponse.Content | ConvertFrom-Json

            } Catch {

                throw "Can't parse content $($WebResponse.Content): $_"

            }

            If ($response.status) {

                $results.Add($response.uuid) | Out-Null

            } else {

                throw "Status Wrong $($result)"

            }

        }

        Write-Verbose "Return $($results.Count)"

        $results

    }

}