Last active
January 6, 2021 16:50
-
-
Save noahbliss/d781a6cdbd8927e3ae58ed3d52ab6c3f to your computer and use it in GitHub Desktop.
Reference TrendMicro API client written in Julia
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env julia | |
| # Noah Bliss - 2020-1-6 | |
| using HTTP | |
| using JSON | |
| using JSONWebTokens | |
| using Dates | |
| using SHA | |
| using Base64 | |
| # These will stay the same for your tenant. See below for more vars you need to fill. | |
| app_id = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" | |
| api_key = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" | |
| url_base = "https://xxxxxx.manage.trendmicro.com" | |
| function create_checksum(http_method, raw_url, headers, request_body) | |
| string_to_hash = "$(uppercase(http_method))|$(lowercase(raw_url))|$headers|$request_body" | |
| base64_string = base64encode(sha256(string_to_hash)) | |
| return base64_string | |
| end | |
| function create_jwt_token(app_id, api_key, http_method, raw_url, headers, request_body) | |
| iat=Int(floor(datetime2unix(Dates.now(UTC)))) | |
| version="V1" | |
| checksum = create_checksum(http_method, raw_url, headers, request_body) | |
| payload = json(Dict("appid" => app_id, | |
| "iat" => iat, | |
| "version" => version, | |
| "checksum" => checksum)) | |
| encoding = JSONWebTokens.HS256(api_key) | |
| token = JSONWebTokens.encode(encoding, payload) | |
| return token | |
| end | |
| # productAgentAPIPath needs to be set depending on what you're trying to do. | |
| canonicalRequestHeaders = "" | |
| useQueryString = "" | |
| productAgentAPIPath = "/WebApp/API/AgentResource/ProductAgents" | |
| # If you want to interate over multiple machines, etc. I'd make this next area into a function. | |
| # Details of your action. This uninstalls the agent on ComputerNameHere. | |
| useRequestBody = json(Dict( | |
| "host_name" => "ComputerNameHere", | |
| "act" => "cmd_uninstall_agent", | |
| "allow_multiple_match" => false | |
| )) | |
| # Actually do the request: generate jwt, and post it. | |
| jwt_token = create_jwt_token(app_id, api_key, "POST", "$productAgentAPIPath$useQueryString", canonicalRequestHeaders, useRequestBody) | |
| headers = ["Authorization" => "Bearer $jwt_token", "Content-Type" => "application/json;charset=utf-8"] | |
| response = HTTP.request("POST", "$url_base$productAgentAPIPath$useQueryString", headers, useRequestBody; require_ssl_verification = true) | |
| response.status == 200 && println("Success") | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment