本文整理汇总了Python中viper.core.session.__sessions__.new函数的典型用法代码示例。如果您正苦于以下问题:Python new函数的具体用法?Python new怎么用?Python new使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了new函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: autorun_module
def autorun_module(file_hash):
if not file_hash:
return
# We need an open session
if not __sessions__.is_set():
# Open session
__sessions__.new(get_sample_path(file_hash))
for cmd_line in cfg.autorun.commands.split(','):
split_commands = cmd_line.split(';')
for split_command in split_commands:
split_command = split_command.strip()
if not split_command:
continue
root, args = parse(split_command)
try:
if root in __modules__:
module = __modules__[root]['obj']()
module.set_commandline(args)
module.run()
print_info("Running Command {0}".format(split_command))
if cfg.modules.store_output and __sessions__.is_set():
Database().add_analysis(file_hash, split_command, module.output)
if cfg.autorun.verbose:
print_output(module.output)
del(module.output[:])
else:
print_error('{0} is not a valid command. Please check your viper.conf file.'.format(cmd_line))
except:
print_error('Viper was unable to complete the command {0}'.format(cmd_line))
return
开发者ID:dgrif,项目名称:viper,代码行数:30,代码来源:autorun.py
示例2: test_create_event
def test_create_event(self, capsys):
instance = misp.MISP()
instance.command_line = ['--url', url, '-k', apikey, '-v', 'create_event', '-i', 'Viper test event']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Session opened on MISP event.*", out)
event_id = re.findall(r".*Session opened on MISP event (.*)\..*", out)[0]
instance.command_line = ['--url', url, '-k', apikey, '-v', 'add', 'ip-dst', '8.8.8.8']
instance.run()
out, err = capsys.readouterr()
assert re.search(rf".*Session on MISP event {event_id} refreshed.*", out)
instance.command_line = ['--url', url, '-k', apikey, '-v', 'show']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*ip-dst | 8.8.8.8.*", out)
__sessions__.new(os.path.join(FIXTURE_DIR, 'chromeinstall-8u31.exe'))
instance.command_line = ['add_hashes']
instance.run()
instance.command_line = ['--url', url, '-k', apikey, '-v', 'show']
instance.run()
out, err = capsys.readouterr()
assert re.search(rf".*Session on MISP event {event_id} refreshed.*", out)
开发者ID:cvandeplas,项目名称:viper,代码行数:28,代码来源:test_misp.py
示例3: store
def store(self):
try:
event_path = os.path.join(self.cur_path, 'misp_events')
if not os.path.exists(event_path):
os.mkdir(event_path)
if self.args.list:
header = ['Event ID', 'Title']
rows = []
for eid, path, title in self._get_local_events(event_path):
rows.append((eid, title))
self.log('table', dict(header=header, rows=sorted(rows, key=lambda i: (int(i[0])))))
elif self.args.update:
for eid, path, title in self._get_local_events(event_path):
event = self.misp.get(eid)
with open(path, 'w') as f:
f.write(json.dumps(event))
self.log('success', '{} updated successfully.'.format(eid))
elif self.args.delete:
path = os.path.join(event_path, '{}.json'.format(self.args.delete))
if os.path.exists(path):
os.remove(path)
self.log('success', '{} removed successfully.'.format(self.args.delete))
else:
self.log('error', '{} does not exists.'.format(self.args.delete))
elif self.args.open:
path = os.path.join(event_path, '{}.json'.format(self.args.open))
if os.path.exists(path):
e_json = json.loads(open(path, 'r').read())
__sessions__.new(misp_event=MispEvent(e_json))
else:
self.log('error', '{} does not exists.'.format(self.args.open))
elif __sessions__.is_attached_misp():
self._dump(__sessions__.current.misp_event.event)
except IOError as e:
self.log('error', e.strerror)
开发者ID:GuardianRG,项目名称:viper,代码行数:35,代码来源:misp.py
示例4: bupextract
def bupextract():
# Check for valid OLE
if not OleFileIO_PL.isOleFile(__sessions__.current.file.path):
print_error("Not a valid BUP File")
return
ole = OleFileIO_PL.OleFileIO(__sessions__.current.file.path)
# We know that BUPS are xor'd with 6A which is dec 106 for the decoder
print_info("Switching Session to Embedded File")
data = xordata(ole.openstream('File_0').read(), 106)
# this is a lot of work jsut to get a filename.
data2 = xordata(ole.openstream('Details').read(), 106)
ole.close()
lines = data2.split('\n')
for line in lines:
if line.startswith('OriginalName'):
fullpath = line.split('=')[1]
pathsplit = fullpath.split('\\')
filename = str(pathsplit[-1][:-1])
# now lets write the data out to a file and get a session on it
if data:
tempName = os.path.join('/tmp', filename)
with open(tempName, 'w') as temp:
temp.write(data)
__sessions__.new(tempName)
return
else:
print_error("Unble to Switch Session")
开发者ID:JeskeCode,项目名称:viper,代码行数:27,代码来源:debup.py
示例5: create_event
def create_event(self):
if self.args.threat is not None:
# Dirty trick to keep consistency in the module: the threat level in the upload
# API can go from 0 import to 3 but it is 1 to 4 in the event mgmt API.
# It will be fixed in a near future, in the meantime, we do that:
self.args.threat += 1
if not self.args.info:
self.log('error', 'Info field is required for a new event')
info = ' '.join(self.args.info)
misp_event = MISPEvent()
misp_event.set_all_values(info=info, distribution=self.args.distrib,
threat_level_id=self.args.threat, analysis=self.args.analysis,
date=self.args.date)
self._search_local_hashes(misp_event)
if self.offline_mode:
# New event created locally, no ID
__sessions__.current.misp_event.current_dump_file = self._dump()
__sessions__.current.misp_event.offline()
else:
misp_event = self.misp.add_event(json.dumps(misp_event, cls=EncodeUpdate))
if self._has_error_message(misp_event):
return
__sessions__.new(misp_event=MispEvent(misp_event, self.offline_mode))
self._dump()
开发者ID:cwtaylor,项目名称:viper,代码行数:26,代码来源:misp.py
示例6: create_event
def create_event(self):
if self.args.threat is not None:
# Dirty trick to keep consistency in the module: the threat level in the upload
# API can go from 0 import to 3 but it is 1 to 4 in the event mgmt API.
# It will be fixed in a near future, in the meantime, we do that:
self.args.threat += 1
if not self.args.info:
self.log('error', 'Info field is required for a new event')
info = ' '.join(self.args.info)
# Check if the following arguments have been set (and correctly set). If not, take the config values
self.args.distrib = self.distribution if self.args.distrib is None else self.args.distrib
self.args.sharing = self.sharinggroup if self.args.sharing is None else self.args.sharing
if self.args.sharing and self.args.distrib != 4:
self.args.sharing = None
self.log('info', "Sharing group can only be set if distribution is 4. Clearing set value")
misp_event = MISPEvent()
misp_event.set_all_values(info=info, distribution=self.args.distrib,
sharing_group_id=self.args.sharing, threat_level_id=self.args.threat,
analysis=self.args.analysis, date=self.args.date)
self._search_local_hashes(misp_event)
if self.offline_mode:
# New event created locally, no ID
__sessions__.current.misp_event.current_dump_file = self._dump()
__sessions__.current.misp_event.offline()
else:
misp_event = self.misp.add_event(json.dumps(misp_event, cls=EncodeUpdate))
if self._has_error_message(misp_event):
return
__sessions__.new(misp_event=MispEvent(misp_event, self.offline_mode))
self._dump()
开发者ID:kevthehermit,项目名称:viper,代码行数:34,代码来源:create_event.py
示例7: module_cmdline
def module_cmdline(cmd_line, file_hash):
html = ""
cmd = Commands()
split_commands = cmd_line.split(';')
for split_command in split_commands:
split_command = split_command.strip()
if not split_command:
continue
root, args = parse(split_command)
try:
if root in cmd.commands:
cmd.commands[root]['obj'](*args)
html += print_output(cmd.output)
del (cmd.output[:])
elif root in __modules__:
# if prev commands did not open a session open one on the current file
if file_hash:
path = get_sample_path(file_hash)
__sessions__.new(path)
module = __modules__[root]['obj']()
module.set_commandline(args)
module.run()
html += print_output(module.output)
if cfg.modules.store_output and __sessions__.is_set():
Database().add_analysis(file_hash, split_command, module.output)
del (module.output[:])
else:
html += '<p class="text-danger">{0} is not a valid command</p>'.format(cmd_line)
except Exception as e:
html += '<p class="text-danger">We were unable to complete the command {0}</p>'.format(cmd_line)
__sessions__.close()
return html
开发者ID:kevthehermit,项目名称:ViperV2,代码行数:33,代码来源:views.py
示例8: cmd_new
def cmd_new(self, *args):
title = input("Enter a title for the new file: ")
# Create a new temporary file.
tmp = tempfile.NamedTemporaryFile(delete=False)
# Open the temporary file with the default editor, or with nano.
os.system('"${EDITOR:-nano}" ' + tmp.name)
__sessions__.new(tmp.name)
__sessions__.current.file.name = title
print_info('New file with title "{0}" added to the current session'.format(bold(title)))
开发者ID:noscripter,项目名称:viper,代码行数:9,代码来源:commands.py
示例9: test_streams
def test_streams(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-s"]
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Macros/kfjtir .* 2017-04-09 19:03:45.905000 | 2017-04-09 19:03:45.920000.*", out)
开发者ID:cvandeplas,项目名称:viper,代码行数:9,代码来源:test_office.py
示例10: test_oleid
def test_oleid(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-o"]
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Macros .*| True.*", out)
开发者ID:cvandeplas,项目名称:viper,代码行数:9,代码来源:test_office.py
示例11: test_code
def test_code(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-c", 'out_macro']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Writing VBA Code to out_macro.*", out)
开发者ID:cvandeplas,项目名称:viper,代码行数:9,代码来源:test_office.py
示例12: test_export
def test_export(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-e", 'out_all']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*out_all/ObjectPool-_1398590705-Contents*", out)
开发者ID:cvandeplas,项目名称:viper,代码行数:9,代码来源:test_office.py
示例13: _populate
def _populate(self, event, original_attributes):
if len(event.attributes) == original_attributes:
self.log('info', "No new attributes to add.")
return
event.timestamp = int(time.time())
result = self.misp.update(event._json())
if not self._has_error_message(result):
self.log('success', "All attributes updated successfully")
__sessions__.new(misp_event=MispEvent(result, self.offline_mode))
开发者ID:kevthehermit,项目名称:viper,代码行数:9,代码来源:check_hashes.py
示例14: test_no_argument
def test_no_argument(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = Macho()
instance.run()
out, err = capsys.readouterr()
lines = out.split("\n")
assert re.search(r".*Session opened on.*", lines[0])
开发者ID:Rafiot,项目名称:viper,代码行数:9,代码来源:test_macho.py
示例15: test_meta
def test_meta(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = swf.SWF()
instance.command_line = []
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*The opened file doesn't appear to be compressed.*", out)
开发者ID:Rafiot,项目名称:viper,代码行数:9,代码来源:test_swf.py
示例16: file_view
def file_view(request, sha256=False, project='default'):
if not sha256:
return render(request, '404.html')
print sha256
db = open_db(project)
# Open a session
try:
path = get_sample_path(sha256)
__sessions__.new(path)
except:
return render(request, '404.html')
# Get the file info
file_info = {
'name': __sessions__.current.file.name,
'tags': __sessions__.current.file.tags.split(','),
'path': __sessions__.current.file.path,
'size': __sessions__.current.file.size,
'type': __sessions__.current.file.type,
'mime': __sessions__.current.file.mime,
'md5': __sessions__.current.file.md5,
'sha1': __sessions__.current.file.sha1,
'sha256': __sessions__.current.file.sha256,
'sha512': __sessions__.current.file.sha512,
'ssdeep': __sessions__.current.file.ssdeep,
'crc32': __sessions__.current.file.crc32,
'parent': __sessions__.current.file.parent,
'children': __sessions__.current.file.children.split(',')
}
# Get Any Notes
note_list = []
module_history = []
malware = db.find(key='sha256', value=sha256)
if malware:
notes = malware[0].note
if notes:
for note in notes:
note_list.append({'title': note.title,
'body': note.body,
'id': note.id
})
analysis_list = malware[0].analysis
if analysis_list:
for ana in analysis_list:
module_history.append({'id': ana.id,
'cmd_line': ana.cmd_line
})
# Return the page
return render(request, 'file.html', {'file_info': file_info,
'note_list': note_list,
'error_line': False,
'project': project,
'projects': project_list(),
'module_history': module_history
})
开发者ID:kevthehermit,项目名称:ViperV2,代码行数:57,代码来源:views.py
示例17: test_run_session
def test_run_session(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = clamav.ClamAV()
instance.command_line = []
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Clamav identify.*", out)
开发者ID:Rafiot,项目名称:viper,代码行数:9,代码来源:test_clamav.py
示例18: publish
def publish(self):
__sessions__.current.misp_event.event.publish()
if self.offline_mode:
self._dump()
else:
event = self.misp.update(__sessions__.current.misp_event.event)
if not self._has_error_message(event):
self.log('success', 'Event {} published.'.format(event['Event']['id']))
__sessions__.new(misp_event=MispEvent(event, self.offline_mode))
开发者ID:emdel,项目名称:viper,代码行数:9,代码来源:misp.py
示例19: test_run_session
def test_run_session(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = fuzzy.Fuzzy()
instance.command_line = []
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*relevant matches found.*", out)
开发者ID:Rafiot,项目名称:viper,代码行数:9,代码来源:test_fuzzy.py
示例20: test_resources
def test_resources(self, capsys, filename, expected):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = pe.PE()
instance.command_line = ["resources"]
instance.run()
out, err = capsys.readouterr()
assert re.search(expected, expected)
开发者ID:Rafiot,项目名称:viper,代码行数:9,代码来源:test_pe.py
注:本文中的viper.core.session.__sessions__.new函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论