本文整理汇总了Python中viper.core.session.__sessions__.is_set函数的典型用法代码示例。如果您正苦于以下问题:Python is_set函数的具体用法?Python is_set怎么用?Python is_set使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了is_set函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: run
def run(self):
super(BulkExtractor, self).run()
if self.args is None:
return
if not HAVE_BULK_EXTRACTOR:
self.log('error',"Missing dependency, install bulk_extractor with hashdb")
self.log('info',"https://github.com/simsong/bulk_extractor")
if not __sessions__.is_set():
self.log('error',"No session opened")
if __sessions__.is_set():
if self.args.scan:
self.scan()
elif self.args.email:
self.email()
elif self.args.ip:
self.ip()
elif self.args.domain:
self.domain()
elif self.args.blocks:
self.blocks()
elif self.args.view:
self.view()
elif self.args.list:
self.list()
else:
self.log('error','At least one of the parameters is required')
self.usage()
开发者ID:pombredanne,项目名称:hashdb-api,代码行数:30,代码来源:bulk_extractor.py
示例2: autorun_module
def autorun_module(file_hash):
if not file_hash:
return
# We need an open session
if not __sessions__.is_set():
# Open session
__sessions__.new(get_sample_path(file_hash))
for cmd_line in cfg.autorun.commands.split(','):
split_commands = cmd_line.split(';')
for split_command in split_commands:
split_command = split_command.strip()
if not split_command:
continue
root, args = parse(split_command)
try:
if root in __modules__:
module = __modules__[root]['obj']()
module.set_commandline(args)
module.run()
print_info("Running Command {0}".format(split_command))
if cfg.modules.store_output and __sessions__.is_set():
Database().add_analysis(file_hash, split_command, module.output)
if cfg.autorun.verbose:
print_output(module.output)
del(module.output[:])
else:
print_error('{0} is not a valid command. Please check your viper.conf file.'.format(cmd_line))
except:
print_error('Viper was unable to complete the command {0}'.format(cmd_line))
return
开发者ID:dgrif,项目名称:viper,代码行数:30,代码来源:autorun.py
示例3: pehash
def pehash(self):
if not HAVE_PEHASH:
self.log('error', "PEhash is missing. Please copy PEhash to the modules directory of Viper")
return
current_pehash = None
if __sessions__.is_set():
current_pehash = calculate_pehash(__sessions__.current.file.path)
self.log('info', "PEhash: {0}".format(bold(current_pehash)))
if self.args.all or self.args.cluster or self.args.scan:
db = Database()
samples = db.find(key='all')
rows = []
for sample in samples:
sample_path = get_sample_path(sample.sha256)
pe_hash = calculate_pehash(sample_path)
if pe_hash:
rows.append((sample.name, sample.md5, pe_hash))
if self.args.all:
self.log('info', "PEhash for all files:")
header = ['Name', 'MD5', 'PEhash']
self.log('table', dict(header=header, rows=rows))
elif self.args.cluster:
self.log('info', "Clustering files by PEhash...")
cluster = {}
for sample_name, sample_md5, pe_hash in rows:
cluster.setdefault(pe_hash, []).append([sample_name, sample_md5])
for item in cluster.items():
if len(item[1]) > 1:
self.log('info', "PEhash cluster {0}:".format(bold(item[0])))
self.log('table', dict(header=['Name', 'MD5'], rows=item[1]))
elif self.args.scan:
if __sessions__.is_set() and current_pehash:
self.log('info', "Finding matching samples...")
matches = []
for row in rows:
if row[1] == __sessions__.current.file.md5:
continue
if row[2] == current_pehash:
matches.append([row[0], row[1]])
if matches:
self.log('table', dict(header=['Name', 'MD5'], rows=matches))
else:
self.log('info', "No matches found")
开发者ID:asymptotic,项目名称:viper,代码行数:54,代码来源:pe.py
示例4: cmd_delete
def cmd_delete(self, *args):
parser = argparse.ArgumentParser(prog='delete', description="Delete a file")
parser.add_argument('-a', '--all', action='store_true', help="Delete ALL files in this project")
parser.add_argument('-f', '--find', action="store_true", help="Delete ALL files from last find")
try:
args = parser.parse_args(args)
except:
return
while True:
choice = input("Are you sure? It can't be reverted! [y/n] ")
if choice == 'y':
break
elif choice == 'n':
return
if args.all:
if __sessions__.is_set():
__sessions__.close()
samples = self.db.find('all')
for sample in samples:
self.db.delete_file(sample.id)
os.remove(get_sample_path(sample.sha256))
self.log('info', "Deleted a total of {} files.".format(len(samples)))
elif args.find:
if __sessions__.find:
samples = __sessions__.find
for sample in samples:
self.db.delete_file(sample.id)
os.remove(get_sample_path(sample.sha256))
self.log('info', "Deleted {} files.".format(len(samples)))
else:
self.log('error', "No find result")
else:
if __sessions__.is_set():
rows = self.db.find('sha256', __sessions__.current.file.sha256)
if rows:
malware_id = rows[0].id
if self.db.delete_file(malware_id):
self.log("success", "File deleted")
else:
self.log('error', "Unable to delete file")
os.remove(__sessions__.current.file.path)
__sessions__.close()
self.log('info', "Deleted opened file.")
else:
self.log('error', "No session open, and no --all argument. Nothing to delete.")
开发者ID:chubbymaggie,项目名称:viper,代码行数:53,代码来源:commands.py
示例5: run
def run(self, *args):
try:
args = self.parser.parse_args(args)
except SystemExit:
return
while True:
choice = input("Are you sure? It can't be reverted! [y/n] ")
if choice == 'y':
break
elif choice == 'n':
return
db = Database()
if args.all:
if __sessions__.is_set():
__sessions__.close()
samples = db.find('all')
for sample in samples:
db.delete_file(sample.id)
os.remove(get_sample_path(sample.sha256))
self.log('info', "Deleted a total of {} files.".format(len(samples)))
elif args.find:
if __sessions__.find:
samples = __sessions__.find
for sample in samples:
db.delete_file(sample.id)
os.remove(get_sample_path(sample.sha256))
self.log('info', "Deleted {} files.".format(len(samples)))
else:
self.log('error', "No find result")
else:
if __sessions__.is_set():
rows = db.find('sha256', __sessions__.current.file.sha256)
if rows:
malware_id = rows[0].id
if db.delete_file(malware_id):
self.log("success", "File deleted")
else:
self.log('error', "Unable to delete file")
os.remove(__sessions__.current.file.path)
__sessions__.close()
self.log('info', "Deleted opened file.")
else:
self.log('error', "No session open, and no --all argument. Nothing to delete.")
开发者ID:cvandeplas,项目名称:viper,代码行数:51,代码来源:delete.py
示例6: upload
def upload(self):
if not __sessions__.is_set():
self.log('error', "No session opened")
return False
categ = self.categories.get(self.args.categ)
if self.args.info is not None:
info = ' '.join(self.args.info)
else:
info = None
# No need to check the output: is the event_id is none, we create a new one.
event_id = self._get_eventid(True)
try:
result = self.misp.upload_sample(__sessions__.current.file.name, __sessions__.current.file.path,
event_id, self.args.distrib, self.args.ids, categ, info,
self.args.analysis, self.args.threat)
except Exception as e:
self.log('error', e)
return
if not self._has_error_message(result):
self.log('success', "File uploaded sucessfully")
if event_id is None:
event_id = result['id']
full_event = self.misp.get(event_id)
if not self._has_error_message(full_event):
return __sessions__.new(misp_event=MispEvent(full_event))
开发者ID:johnfellers,项目名称:viper,代码行数:26,代码来源:misp.py
示例7: upload
def upload(self):
if not __sessions__.is_set():
self.log("error", "No session opened")
return False
categ = self.categories.get(self.args.categ)
out = self.misp.upload_sample(
__sessions__.current.file.name,
__sessions__.current.file.path,
self.args.event,
self.args.distrib,
self.args.ids,
categ,
self.args.info,
self.args.analysis,
self.args.threat,
)
result = out.json()
if out.status_code == 200:
if result.get("errors") is not None:
self.log("error", result.get("errors")[0]["error"]["value"][0])
else:
self.log("success", "File uploaded sucessfully")
else:
self.log("error", result.get("message"))
开发者ID:Enchantertim,项目名称:viper,代码行数:25,代码来源:misp.py
示例8: run
def run(self):
super(Strings, self).run()
if self.args is None:
return
if not (self.args.all or self.args.files or self.args.hosts or self.args.network or self.args.interesting):
self.log('error', 'At least one of the parameters is required')
self.usage()
return
if self.args.scan:
db = Database()
samples = db.find(key='all')
for sample in samples:
sample_path = get_sample_path(sample.sha256)
strings = self.get_strings(File(sample_path))
self.process_strings(strings, sample.name)
else:
if not __sessions__.is_set():
self.log('error', "No open session")
return
if os.path.exists(__sessions__.current.file.path):
strings = self.get_strings(__sessions__.current.file)
self.process_strings(strings)
开发者ID:chubbymaggie,项目名称:viper,代码行数:25,代码来源:strings.py
示例9: run
def run(self):
super(xforce, self).run()
# Get our keys
self.key = cfg.xforce.xforce_key
if self.key is None:
self.log('error', 'This command requires you configure your key and password in the conf file')
return
self.password = cfg.xforce.xforce_password
if self.password is None:
self.log('error', 'This command requires you configure your key and password in the conf file')
return
# Check our session
if not __sessions__.is_set():
self.log('error', "No open session")
return
# Get our md5
if os.path.exists(__sessions__.current.file.path):
filehash = __sessions__.current.file.md5
# Query xforce
try:
url = "https://api.xforce.ibmcloud.com/malware/" + filehash
token = base64.b64encode(self.key + ":" + self.password)
headers = {'Authorization': "Basic " + token, 'Accept': 'application/json'}
response = requests.get(url, params='', headers=headers, timeout=20)
all_json = response.json()
results = json.dumps(all_json, indent=4, sort_keys=True)
self.log('info', 'XForce Results: %s' % (results))
return
except:
self.log('error', 'Issues calling XForce')
return
else:
self.log('error', 'No file found')
return
开发者ID:ahhh,项目名称:SPSE,代码行数:34,代码来源:viper_xforce_module.py
示例10: upload
def upload(self):
if not __sessions__.is_set():
self.log('error', "No session opened")
return False
categ = self.categories.get(self.args.categ)
if self.args.info is not None:
info = ' '.join(self.args.info)
else:
info = None
if __sessions__.current.misp_event and self.args.event is None:
event = __sessions__.current.misp_event.event_id
else:
event = None
try:
out = self.misp.upload_sample(__sessions__.current.file.name, __sessions__.current.file.path,
event, self.args.distrib, self.args.ids, categ, info,
self.args.analysis, self.args.threat)
except Exception as e:
self.log('error', e)
return
result = out.json()
if out.status_code == 200:
if result.get('errors') is not None:
self.log('error', result.get('errors')[0]['error']['value'][0])
else:
if event is not None:
full_event = self.misp.get_event(event)
return __sessions__.new(misp_event=MispEvent(full_event.json()))
# TODO: also open a session when upload_sample created a new event
# (the response doesn't contain the event ID)
# __sessions__.new(misp_event=MispEvent(result))
self.log('success', "File uploaded sucessfully")
else:
self.log('error', result.get('message'))
开发者ID:anmoulton,项目名称:viper,代码行数:35,代码来源:misp.py
示例11: get_config
def get_config(self, family):
if not __sessions__.is_set():
self.log('error', "No open session")
return
try:
module = importlib.import_module('viper.modules.rats.{0}'.format(family))
except ImportError:
self.log('error', "There is no module for family {0}".format(bold(family)))
return
try:
config = module.config(__sessions__.current.file.data)
except:
config = None
if not config:
self.log('error', "No Configuration Detected")
return
rows = []
for key, value in config.items():
rows.append([key, value])
rows = sorted(rows, key=lambda entry: entry[0])
self.log('info', "Configuration:")
self.log('table', dict(header=['Key', 'Value'], rows=rows))
开发者ID:kevthehermit,项目名称:viper,代码行数:27,代码来源:rat.py
示例12: run
def run(self):
super(Cuckoo, self).run()
if self.args is None:
return
if not __sessions__.is_set():
self.log('error', "No session opened")
return
if not HAVE_REQUESTS:
self.log('error', "Missing dependency, install requests (`pip install requests`)")
return
host = self.args.host
port = self.args.port
url = 'http://{0}:{1}/tasks/create/file'.format(host, port)
files = dict(file=open(__sessions__.current.file.path, 'rb'))
try:
response = requests.post(url, files=files)
except requests.ConnectionError:
self.log('error', "Unable to connect to Cuckoo API at {0}:{1}".format(host, port))
return
开发者ID:idiom,项目名称:viper,代码行数:25,代码来源:cuckoo.py
示例13: run
def run(self):
super(vBin, self).run()
if self.args is None:
return
if not HAVE_PYIDB:
self.log('error', "Missing dependancy, install python-idb")
return
if not __sessions__.is_set():
self.log('error', "No open session")
return
current_file = __sessions__.current.file.path
current_dir = self.get_current_file_dir(current_file)
current_idb = self.get_current_idb_path(current_dir)
if not os.path.exists(current_idb):
current_idb = self.get_current_idb_path64(current_dir)
# Loading IDB
db = self.get_db(current_idb)
if self.args.subname == "functions":
self.list_functions(db)
elif self.args.subname == "disass":
func_name = self.args.function
self.disass(db, func_name)
elif self.args.subname == "calls":
func_name = self.args.function
self.show_calls(db, func_name)
else:
self.log('error', 'At least one of the parameters is required')
self.usage()
开发者ID:Rafiot,项目名称:viper,代码行数:34,代码来源:vbin.py
示例14: run
def run(self):
if not __sessions__.is_set():
print_error("No session opened")
return
data = urllib.urlencode({'resource' : __sessions__.current.file.md5, 'apikey' : KEY})
try:
request = urllib2.Request(VIRUSTOTAL_URL, data)
response = urllib2.urlopen(request)
response_data = response.read()
except Exception as e:
print_error("Failed: {0}".format(e))
return
try:
virustotal = json.loads(response_data)
except ValueError as e:
print_error("Failed: {0}".format(e))
rows = []
if 'scans' in virustotal:
for engine, signature in virustotal['scans'].items():
if signature['detected']:
signature = signature['result']
else:
signature = ''
rows.append([engine, signature])
print(table(['Antivirus', 'Signature'], rows))
开发者ID:Oneiroi,项目名称:viper,代码行数:30,代码来源:virustotal.py
示例15: run
def run(self):
super(ViperMetaScan, self).run()
if self.ms.was_api_error:
return
if self.args:
if self.args.workflow:
if isinstance(self.args.workflow, list):
self.ms.workflow = self.dequote(' '.join(self.args.workflow))
else:
self.ms.workflow = self.args.workflow
if self.args.engines:
self.ms.show_engines()
elif self.args.license:
self.ms.show_license()
elif self.args.listworkflows:
self.ms.show_workflows()
elif self.args.find:
if not __sessions__.find:
self.log('error', "No find result")
return
self.ms.files = self.get_files_from_last_find(__sessions__)
else:
if not __sessions__.is_set():
self.log('error', "No session opened")
return
self.ms.files = self.get_file_from_current_session(__sessions__)
if self.ms.files:
summary = self.ms.show_analyzed_info()
self.ms.show_summary(summary)
开发者ID:kovacsbalu,项目名称:viper-metascan,代码行数:31,代码来源:ms4.py
示例16: run
def run(self):
super(Reports, self).run()
if self.args is None:
return
if not HAVE_REQUESTS and not HAVE_BS4:
self.log('error', "Missing dependencies (`pip install requests beautifulsoup4`)")
return
if not __sessions__.is_set():
self.log('error', "No session opened")
return
if self.args.malwr:
self.malwr()
elif self.args.anubis:
self.anubis()
elif self.args.threat:
self.threat()
elif self.args.joe:
self.joe()
elif self.args.meta:
self.meta()
else:
self.log('error', 'At least one of the parameters is required')
self.usage()
开发者ID:kevthehermit,项目名称:ViperV2,代码行数:26,代码来源:reports.py
示例17: auto
def auto(self):
if not HAVE_YARA:
self.log('error', "Missing dependency, install yara (see http://plusvic.github.io/yara/)")
return
if not __sessions__.is_set():
self.log('error', "No open session")
return
rules_paths = [
'/usr/share/viper/yara/rats.yara',
os.path.join(VIPER_ROOT, 'data/yara/rats.yara')
]
rules_path = None
for cur_path in rules_paths:
if os.path.exists(cur_path):
rules_path = cur_path
break
rules = yara.compile(rules_path)
for match in rules.match(__sessions__.current.file.path):
if 'family' in match.meta:
self.log('info', "Automatically detected supported RAT {0}".format(match.rule))
self.get_config(match.meta['family'])
return
self.log('info', "No known RAT detected")
开发者ID:kevthehermit,项目名称:viper,代码行数:28,代码来源:rat.py
示例18: run
def run(self):
super(PEBL, self).run()
if self.args is None:
return
if not __sessions__.is_set():
self.log('error', "No session opened")
return
if not self.pe:
try:
self.pe = pefile.PE(__sessions__.current.file.path)
except pefile.PEFormatError as e:
self.log('error', "Unable to parse PE file: {0}".format(e))
return False
if hasattr(self.pe, 'DIRECTORY_ENTRY_IMPORT'):
pestudio_fct = '/home/mrrobot/viper/modules/functions.xml'
for entry in self.pe.DIRECTORY_ENTRY_IMPORT:
try:
self.log('info', "DLL: {0}".format(entry.dll))
for symbol in entry.imports:
self.log('item', "{0}: {1}".format(hex(symbol.address), symbol.name))
searchstr1 = 'bl="1" ad="1">' + symbol.name + '</fct>'
searchstr2 = 'bl="1" ad="0">' + symbol.name + '</fct>'
if searchstr1 in open(pestudio_fct).read():
self.log('warning', " BLACKLISTED FUNCTION!")
if searchstr2 in open(pestudio_fct).read():
self.log('warning', " BLACKLISTED FUNCTION!")
except:
continue
开发者ID:securitykitten,项目名称:viper-scripts,代码行数:33,代码来源:pebl.py
示例19: run
def run(self):
super(PDF, self).run()
if self.args is None:
return
if not __sessions__.is_set():
self.log('error', "No open session. This command expects a file to be open.")
return False
if 'PDF' not in __sessions__.current.file.type:
# A file with '%PDF' signature inside first 1024 bytes is a valid
# PDF file. magic lib doesn't detect it if there is an offset
header = __sessions__.current.file.data[:1024]
if b'%PDF' not in header:
self.log('error', "The opened file doesn't appear to be a PDF document")
return
if self.args.subname == 'id':
self.pdf_id()
elif self.args.subname == 'streams':
self.streams()
else:
self.log('error', 'At least one of the parameters is required')
self.usage()
开发者ID:cvandeplas,项目名称:viper,代码行数:25,代码来源:pdf.py
示例20: run
def run(self):
super(b64dec, self).run()
if not __sessions__.is_set():
self.log('error', "No open session")
return
regexp = re.compile(ur'(?:[\x20-\x7E][\x00]){3,}')
if os.path.exists(__sessions__.current.file.path):
strings = [w.decode('utf-16le') for w in regexp.findall(__sessions__.current.file.data)]
for w in strings:
if BASE64_REGEX.search(w):
match = BASE64_REGEX.search(w)
try:
decstr = base64.b64decode(match.group(0)).decode('ascii')
# self.log('info', 'base64 string found: %s' % (match.group(0)))
self.log('info', 'decoded string: %s' % decstr)
except:
pass
regexp = '[\x20\x30-\x39\x41-\x5a\x61-\x7a\-\.:\=]{4,}'
strings = re.findall(regexp, __sessions__.current.file.data)
for w in strings:
if BASE64_REGEX.search(w):
match = BASE64_REGEX.search(w)
try:
decstr = base64.b64decode(match.group(0)).decode('ascii')
# self.log('info', 'base64 string found: %s' % (match.group(0)))
self.log('info', 'decoded string: %s' % decstr)
except:
pass
else:
self.log('error', 'No matches found')
开发者ID:pmelson,项目名称:viper-scripts,代码行数:32,代码来源:b64dec.py
注:本文中的viper.core.session.__sessions__.is_set函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论