## MalwareDB Client
[![Test](https://github.com/malwaredb/malwaredb-rs/actions/workflows/test.yml/badge.svg)](https://github.com/malwaredb/malwaredb-rs/actions/workflows/test.yml)[![Lint](https://github.com/malwaredb/malwaredb-rs/actions/workflows/lint.yml/badge.svg)](https://github.com/malwaredb/malwaredb-rs/actions/workflows/lint.yml)[![Cross](https://github.com/malwaredb/malwaredb-rs/actions/workflows/release.yml/badge.svg)](https://github.com/malwaredb/malwaredb-rs/actions/workflows/release.yml)[![Crates.io Version](https://img.shields.io/crates/v/malwaredb-client)](https://crates.io/crates/malwaredb-client)

This application submits and retrieves samples (binaries of any time which MalwareDB knows about) from the MalwareDB server over the http protocol.

### Getting started
1. Install a MalwareDB instance, if you don't have one already. See the main repo for directions.
2. Have an account created on the server.
3. Login with your username, password, and server URL. Example: `mdb_client login http://localhost:8080 myusername`. You'll be prompted for your password.
4. Verify this works with `mdb_client whoami`. This will show your user information, including groups and sources you have access to.
5. Run `mdb_client server-info` to see some overall stats about the server.
6. Run `mdb_client server-types` to see which file types the server knows about, and will store samples of these types.

### Submitting samples
1. Run `mdb_client whoami` to ensure you're logged in.
2. Submit one or more files by providing the paths for one or more files and/or directories, along with the ID number of the source: `mdb_client submit-samples -s 1 /path/to/files/`.
    * You may provide `-p password` and a Zip file to load files from a password-protected Zip file. There is logic to distinquish from a Zip file that's actually an MS Office document versus an archive of files.
    * You may only submit samples to sources that your group has access to.

### Retrieving samples
1. Run `mdb_client whoami` to ensure you're logged in.
2. Run `mdb_client retrieve-sample c8a9335b95774a30addf372395e9a148` to retrieve a sample by it's hash.
    * Hashes may be MD-5, SHA-1, SHA-256, SHA-384, or SHA-512. This is determined based on the hash length.
    * Files may be retrieved if you're part of a group which has access to a source containing the file you want to retrieve.

### Finding similar files
1. Run `mdb_client whoami` to ensure you're logged in.
2. Run `mdb_client find-similar /path/to/file`. This will calculate the various similarity hashes for the file, and send them to the server to find samples which are similar.