#!/usr/bin/env python3
import argparse
import requests 
import sys

'''
    This is a script to decompress shortened URLs
    Additionally, it can be used to submit the
    decompressed URL to virustotal for scanning,
    and to check virustotal for the most recent
    scan on the URL. 

    Run with -h for help

    NOTE: for submitting/checking the script requires
    that a virustotal API key be present in an "apikey"
    file located in the same directory as the script.
    This API key is availabe for free from the virus
    total website
    NOTE: Requires requests library, install with pip
'''

def main():
    parser = argparse.ArgumentParser(description='unfURL a hidden URL. If you'+
            ' want to scan please place your Virus Total API key in a text '+
            'file named "apikey"')
    parser.add_argument('URL', help='compressed URL to scan')
    parser.add_argument('-s', '--scan', action='store_true', help='submit'+
            'shortened URL for virustotal scan')
    parser.add_argument('-c', '--check', action='store_true', help='check '+
            'virus total for scan on URL')
    args = parser.parse_args()
    decompressed_url = decompress(args.URL)

    apikey = ""
    if args.scan:
        with open('apikey', 'r') as f:
            apikey = f.read().rstrip()
        scan(decompressed_url, apikey)
    if args.check:
        with open('apikey', 'r') as f:
            apikey = f.read().rstrip()
        check_scan(decompressed_url, apikey)

# decompress the shortened URL
def decompress(url):
    #default to http
    if 'http://' not in url and 'https://' not in url:
        url = 'http://' + url
    try:
        r = requests.get(url)
        print('uncompressed: ' + r.url)
        return r.url
    except:
        print('invalid URL')
        sys.exit()

# submit the URL to virustotal for scanning
def scan(url, apikey):
    params = {'apikey': apikey, 'url':url}
    r = requests.post('https://www.virustotal.com/vtapi/v2/url/scan',
                      data=params)
    print("scan started, check on status with -c option and the same URL")
    
# check virustotal for the most recent scan on the URL
def check_scan(url, apikey):
    params = {'apikey': apikey, 'resource':url}
    r = requests.post('https://www.virustotal.com/vtapi/v2/url/report',
                      params=params)
    results = r.json()
    if results['response_code'] == 0:
        print('Scan not complete yet, check back later')
    else: #succesful response
        report(results)

# print the results in a nice format
def report(scan_results):
    results = 'unfURL scan complete\nscan date: ' + \
            str(scan_results['scan_date']) + \
            '\ndatabases checked: ' + str(scan_results['total'])\
            + '\npositive results: ' + str(scan_results['positives'])
    print(results)

if __name__ == "__main__":
    main()