From 04791f324f595aef6819fd11428e6b4f19ee988e Mon Sep 17 00:00:00 2001
From: Silas <silas.cutler@blacklistthisdomain.com>
Date: Mon, 12 Nov 2018 21:41:01 -0500
Subject: [PATCH] Clear old notifications.  Working on update to v3 API

---
 crowdfms.py  |   9 ++++++++-
 lib/core.py  |  15 +++++++++++++++
 lib/core.pyc | Bin 0 -> 4432 bytes
 3 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 lib/core.pyc

diff --git a/crowdfms.py b/crowdfms.py
index 1e6bc24..fc2a207 100755
--- a/crowdfms.py
+++ b/crowdfms.py
@@ -8,7 +8,7 @@
 import thread
 import time
 
-from lib.core import funct_parse_rule_actions, func_pull_feed, func_to_epoch, func_download_sample, func_set_api_key, funct_run_rule_action
+from lib.core import funct_parse_rule_actions, func_pull_feed, func_to_epoch, func_download_sample, func_set_api_key, funct_run_rule_action, func_delete_notif
 from lib.objects import sample
 from lib.db import db_shutdown
 
@@ -39,12 +39,19 @@ def loop_pull_feed():
 	global LOOP_TIME
 	
 	rule_actions = funct_parse_rule_actions()
+	vtIDS = []
 	
 	json_notif_feed = func_pull_feed(API_KEY)
 	if (json_notif_feed == 0):
 		print "Problem pulling feed.  Sleeping..."
 		return
 
+	# Notification Purge
+	for vt_notif in json_notif_feed["notifications"]:
+		vtIDS.append( int(vt_notif["id"]) )
+	func_delete_notif(API_KEY, vtIDS)
+
+
 	for vt_notif in json_notif_feed["notifications"]:
 
 		if (func_to_epoch(vt_notif["date"]) > tmp_newest):
diff --git a/lib/core.py b/lib/core.py
index be25636..16388f7 100644
--- a/lib/core.py
+++ b/lib/core.py
@@ -14,6 +14,21 @@
 
 from lib.db import *
 
+# Purge old notifications
+def func_delete_notif(str_api_key, notificationList):
+	req_user_agent = {'User-agent': 'VirusTotal FMS'}
+	try:
+		vt_request_results = requests.post("https://www.virustotal.com/intelligence/hunting/delete-notifications/programmatic/?key=%s" % (str_api_key),
+		headers=req_user_agent,
+			data=json.dumps(notificationList),
+			timeout=30,
+			verify=False)
+	except Exception, e:
+		print " [x] Exception in purge request: %s" % e
+		return "ERROR"
+
+	return None
+
 # Read ~/.virustotal and read the first line.  This file only needs the API string in it.
 def func_set_api_key():
 	try:
diff --git a/lib/core.pyc b/lib/core.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..2f7759111324a1ffeaa631b967fa0a5d94ef9352
GIT binary patch
literal 4432
zcmbtXT~i##744Z_78Zeo6&b7~vc|GW){$YIRP4lxV#kG$<VZsDKm>-6tzo8NXPKQ@
zP4@zu5`IzM^O#q^<S*nO<Rw2PulWJVIk$IVl~kqd0+{CZclW*L+<Uw7ui5F3KKbWP
ztcE{6{{IG_`5TG^f1b*e+CGy#we5}CeYNe6<civ^jO41?u8!mhwLLMCYiheTk|)*n
zq{zO?rqo7KQGdcVb(K^_m{!Sz2$xh+6JbUrlOoKjWJ-j~DyfTbMJ3ZB%<;JEjY~Ls
z`fvQKH9Uxx#ZO}1Yy#gjz7>2XMUmn%`194rr@k8eQdy-ss8`fWrRI~WdWj28DC?^Z
znmqLieYgTnKBa6G)#_<QZRR&r)lR6xX;mi5JFO}Y2YXpn^A8^4VC!2@qdU}^xr{xZ
zr)A%46gJ9&`%l&l&+|K@%cbZ*=hl3MYTMeLxzlVOA0ICtakS;=<+$iJ)7<JTOEEOo
z&2~SxX@1a5bf&Fd$_tzBr*UM{A~(%mSsav6w~K1r{OnK<e!XbyBv;o_qDzDG!>W;u
zq|v5bUG#1GHX3aW#gQ)4{egKGVz6_v8?2thy2q7+G!J_H@<0cre$m&)-U+ZUHM<&y
zPs0Ycuu~|8-EN~^VXW-fF-0z;lYY17=G~7nqivllj5d*>YelXbT-eg0#+I$9m$q;d
zJBRxCZ6Bvtow~)Itv;055@p(}Xgad3;Ysk{^fPM&5W0arC58C_QnOujb<?C-WSaN%
zk<N-<7xrkbl*MrZJ2kU(uNfDmUhWO-8<?=)&*PTUd`r&4&CEOs<;{8(Z_cZESMbfE
zta}r_P>fKdb_Ia{fH3&$5OW=WB!EW_X}($j;L2S>%>ffAe68=#3+fc=nIK#{HT6mn
zq3fFf+?QMVgV7{lxWbO|FI>sV|99rB0wy|BBqOGIoB7)ScwGSgcjbBBYrVOr9Kva-
zHPP+YW(IO|47-LF9IyWZ^<ZafH+Yum$mrl%-v*yQ`yzOx2L#yH<CBA;494a*$QV#k
zDPW2q?nSmOnAIo1fwAn@C%q_72n88Z^k7RGNUYY2N~6!fMBtU+M3&}2a|Jasa0_ES
zEA05<>1tUPrE@1&FrtmcGq=Qknq3G>#Il?U92lMH9UkHu3I!nD@@{(9y{mxHb^i^(
zDJF<`eI8YSbQc0}(NV+!ECv?_D4cpj#|8IB-{q_FHidO)qywicnDE3oQHyJU7<MI#
z{;>1;(ss1;#}Ai2*}eUqSwfSuRaxw1x*Hs)wjG#$ua~7d5wn4m!G2M~+0Y?12yxMS
zr+~v^4gRJ~dt$Xx3;!`TZihcWU-&~54c<tIo*CP+-JTGAMEqg>0-O!6WBn#RL*Jyl
zH=)t0FS?{230~19lsFz0JT<s6<Pj7G^-5GAKRrZ@&3uY{K!{l18eAL22}BDa&iZEl
z{j<oRIS}ClT?h-DAeyIc)(nyPdRPd4y8PjPhlbx`)OQUH<6hD%?Q5NkVnIk4F$O9z
zS12~4Dh{*_sUxvcRz!&l8!`MgNF?lf9%X&)D8U)wEDQ1?B$_W^C2``8qx~#v@x1gD
zLoU#*-oQ73?;4meb<Tw|`+bVxgC^-f{Nom&16(UgF&`}hng|`h6#T(T&WQfVCcM&`
zp^snuYH6{%w3q~o5AQ5KxwE*Ad;#~9n8Z;4x4@jyQ()db6p`u!;1MsoI=saxf^Mpb
zVT{ejM%|vwalE;R(zvcD%@!@)E8_M&ZbUao|55YaM;Y_HjLo$33O>p3pa^JcfoYDf
zf`xM#V1MVVil|c^R*~-vLlK;cco6ekTA*F$P;$o~IG7r;Dnu^lZ6=vZfj|2`C^W_N
zh!jF@RpUhTEg)%vk78g#Q%!X+V}el#Hu5$>mM^!41J@-2xKPtf#SXkwN=N=JGAv&H
z+tMg0j&o9=`B^(MZDdeCLJHz?DdCSewBx-7w+`vB!#7zl3y>VB8y)H-Esd}%{4x99
zVjmH7T&7ls??aNDNk}A<2oZ^CLm0KVx8z4AI?~d0PPX&*iv}VdUr;o<bjtvunSP9R
zLtZQI=l)f1&Y$&eR_48Vm(ehEoIz>>6$g)3h(F?9z(R7-S0^7ymI4s?H0izF_Y}b-
zxB>XCqYY>r)+<uK`=X&X8L=ANWz8(3Twi^>y0Q_J{Y>XkSAP&7ShtWFcM*|;`{C0k
z($$J$$%2Ki&dG5JQE#&6@--n}+%HX0N|4tlI__KTG5}l3o}yh$7!IS0V<>W~w~{or
zl8c%bS&JtcZ7b_>Ad<(65Sv(`Ni2-clx2L6-=k0REalCB<27&IyXDI(hc_j3gyr8r
za3+Bpge9P6-0%>|KttM*5K5y5-U61e1QP?F7K4IFLMMQSzVbj|*kc}sLvu%-Yar!3
zDT<gz@xenxh|VR-Z~z#E*Ah!Sm}anfg>Rz=4>^05p4j6HNnUJghNM_-X2pSFRv=PS
zpIBYyQ8qHMSw_DknUO@zo!fkx&~V5*@DK^6r8)SYcCogx2_88kQJ19<(X{cTGPKih
zn%goMp~?Y+Pam{^5LP=xF;zMzy)2a)usx*bm1_5p)icKL$GOd<V?Qh6LqW;orz?+I
zt6Sm6oWqHxzlWz=tc`mdJ(JXxCfz9eE^~^r!e|Fi9)a1a?v51X-bzAT=S0TRRj95-
zFX6_V^X4KDrN46!E&KU6K=*kx_Z)f)PUDLAJ%1YcYu&$z$I!IbV0?AyA03Z#knd6=
zbVKHx;TnraD8yoTfGsC`A#<hhCJSbC;cXT_WAQ5%_gFkfaegO}zWW=G$GF=q643fn
cIye)cm;u+ue*Ni6{Yw3EeX2f-Z>~Q59~FDi&j0`b

literal 0
HcmV?d00001