Technical details

Software components

Our DOCtor is fully written in Python and the web service is provided through the Flask framework served with NGINX. To provide you with more statistics, we use the well-known oletools.

API

This section will be soon populated with more details. For the time being, we provide the instructions to use the Blind DOCtor via API calls which respond with a JSON object.

Quota

Due to infrastructure constraints, you may use the API at a rate of 120 calls per hour and 1200 per day. Each file that you submit for analysis must not exceed 3MB.

File submission

To submit a file for analysis located at file2submit, you may use the following:

curl -A "API" -F 'file=@file2submit' https://blinddoctor.eu/
import requests
headers = {'User-Agent': 'API'}
files = {'file': ('file2submit', open('file2submit', 'rb'))}
response = requests.post('https://blinddoctor.eu/', headers=headers, files=files)
using (var httpClient = new HttpClient()){
    using (var request = new HttpRequestMessage(new HttpMethod("POST"), "https://blinddoctor.eu/")){
        request.Headers.TryAddWithoutValidation("User-Agent", "API"); 
        var multipartContent = new MultipartFormDataContent();
        multipartContent.Add(new ByteArrayContent(File.ReadAllBytes("file2submit")), "file", Path.GetFileName("file2submit"));
        request.Content = multipartContent; 
        var response = await httpClient.SendAsync(request);
    }
}

Retrieve a report

To retrieve the analysis of a file, you should use its SHA-256 hash. If the hash is file_sha256, you can use the following:

curl -A "API" https://blinddoctor.eu/report?sha256=file_sha256
import requests
headers = {'User-Agent': 'API'}
params = (('sha256', 'file_sha256'))
response = requests.get('https://blinddoctor.eu/report', headers=headers, params=params)
using (var httpClient = new HttpClient()){
    using (var request = new HttpRequestMessage(new HttpMethod("GET"), "https://blinddoctor.eu/report?sha256=file_sha256")){
        request.Headers.TryAddWithoutValidation("User-Agent", "API"); 
        var response = await httpClient.SendAsync(request);
    }
}

Download a sample

To download a sample, you should use its SHA-256 hash. If the hash is file_sha256, you can use the following:

curl -A "API" https://blinddoctor.eu/get_sample/file_sha256
import requests
headers = {'User-Agent': 'API'}
response = requests.get('https://blinddoctor.eu/get_sample/file_sha256', headers=headers)
open('targetlocation', 'wb').write(response.content)
using (var httpClient = new HttpClient()){
    using (var request = new HttpRequestMessage(new HttpMethod("POST"), "https://blinddoctor.eu/"))
    {
        request.Headers.TryAddWithoutValidation("User-Agent", "API"); 
        var multipartContent = new MultipartFormDataContent();
        multipartContent.Add(new ByteArrayContent(File.ReadAllBytes("file2submit")), "file", Path.GetFileName("file2submit"));
        request.Content = multipartContent;
        var response = await httpClient.SendAsync(request);
    }
}