本文整理汇总了Python中Malcom.auxiliary.toolbox.debug_output函数的典型用法代码示例。如果您正苦于以下问题:Python debug_output函数的具体用法?Python debug_output怎么用?Python debug_output使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了debug_output函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __init__
def __init__(self, analytics_instance):
super(AnalyticsMessenger, self).__init__()
self.name = 'analytics'
self.analytics_instance = analytics_instance
self.subscribe_channel('analytics', self.message_handler)
#self.status_update()
debug_output("[+] Analytics Messenger started")示例2: analyze
def analyze(self, line):
line = line.strip()
sline = line.split()
try:
if line[0] != "#" and len(sline) > 2: # ignore comments and entries with no clear reference
if sline[0].isdigit():
del sline[0] # remove the useless first field
_hostname = Hostname(hostname=sline[0])
evil = {}
evil["source"] = self.name
evil["id"] = md5.new(sline[0] + sline[1]).hexdigest()
evil["description"] = sline[1] # malware, EK, etc
evil["reference"] = sline[2] # GG safe browsing, blog, other blacklist, etc...
if sline[3]: # add the last date of inclusion in the feed
if sline[3] == "relisted" and sline[4]:
evil["date_added"] = datetime.datetime.strptime(sline[4], "%Y%m%d")
else:
evil["date_added"] = datetime.datetime.strptime(sline[3], "%Y%m%d")
_hostname.add_evil(evil)
_hostname.seen(first=evil["date_added"])
self.commit_to_db(_hostname)
except Exception, e:
toolbox.debug_output(str(e), type="error")示例3: analytics
def analytics(self):
debug_output( "(host analytics for %s)" % self.value)
new = []
# only resolve A and CNAME records for subdomains
if toolbox.is_subdomain(self.value):
dns_info = toolbox.dns_get_records(self.value, ['A', 'CNAME'])
else:
dns_info = toolbox.dns_get_records(self.value)
for rtype in dns_info:
for entry in dns_info[rtype]:
art = toolbox.find_artifacts(entry)
for t in art:
for findings in art[t]:
if t == 'hostnames':
new.append((rtype, Hostname(findings)))
if t == 'urls':
new.append((rtype, Url(findings)))
if t == 'ips':
new.append((rtype, Ip(findings)))
# is _hostname a subdomain ?
if len(self.value.split(".")) > 2:
domain = toolbox.is_subdomain(self.value)
if domain:
new.append(('domain', Hostname(domain)))
self['last_analysis'] = datetime.datetime.utcnow()
self['next_analysis'] = self['last_analysis'] + datetime.timedelta(seconds=self['refresh_period'])
return new示例4: send_nodes
def send_nodes(self, elts=[], edges=[]):
for e in elts:
e['fields'] = e.display_fields
data = { 'querya': {}, 'nodes':elts, 'edges': edges, 'type': 'nodeupdate'}
try:
if (len(elts) > 0 or len(edges) > 0) and self.ws:
self.ws.send(dumps(data))
except Exception, e:
debug_output("Could not send nodes: %s" % e)示例5: analytics
def analytics(self):
debug_output("(url analytics for %s)" % self['value'])
new = []
#link with hostname
# host = toolbox.url_get_host(self['value'])
# if host == None:
# self['hostname'] = "No hostname"
# else:
# self['hostname'] = host
# find path
path, scheme, hostname = toolbox.split_url(self['value'])
self['path'] = path
self['scheme'] = scheme
self['hostname'] = hostname
if toolbox.is_ip(self['hostname']):
new.append(('host', Ip(toolbox.is_ip(self['hostname']))))
elif toolbox.is_hostname(self['hostname']):
new.append(('host', Hostname(toolbox.is_hostname(self['hostname']))))
else:
debug_output("No hostname found for %s" % self['value'], type='error')
return
self['last_analysis'] = datetime.datetime.utcnow()
return new示例6: generate_pcap
def generate_pcap(self):
if len (self.pkts) > 0:
debug_output("Generating PCAP for %s (length: %s)" % (self.name, len(self.pkts)))
filename = Malcom.config['SNIFFER_DIR'] + "/" + self.pcap_filename
wrpcap(filename, self.pkts)
debug_output("Saving session to DB")
self.analytics.data.save_sniffer_session(self)示例7: __init__
def __init__(self, feedengine_instance):
super(FeedsMessenger, self).__init__()
self.name = "feeds"
self.feedengine_instance = feedengine_instance
debug_output("[+] Feed messenger started")
self.subscribe_channel('feeds', self.message_handler)示例8: send_nodes
def send_nodes(self, elts=[], edges=[]):
data = {"querya": {}, "nodes": elts, "edges": edges, "type": "nodeupdate"}
try:
if (len(elts) > 0 or len(edges) > 0) and self.ws:
self.ws.send(dumps(data))
except Exception, e:
debug_output("Could not send nodes: %s" % e)示例9: get_pcap
def get_pcap(self):
debug_output("Generating PCAP (length: %s)" % len(self.pkts))
if len(self.pkts) == 0:
return ""
wrpcap("/tmp/temp.cap", self.pkts)
pcap = open("/tmp/temp.cap").read()
return pcap示例10: __init__
def __init__(self):
super(SnifferMessenger, self).__init__()
self.name = 'sniffer'
self.snifferengine = None
self.subscribe_channel('sniffer-commands', self.command_handler)
self.command_lock = threading.Lock()
debug_output("[+] Sniffer Messenger started")示例11: load_yara_rules
def load_yara_rules(self, path):
debug_output("Compiling YARA rules from %s" % path)
if path[-1] != '/': path += '/' # add trailing slash if not present
filepaths = {}
for file in os.listdir(path):
filepaths[file] = path + file
debug_output("Loaded %s YARA rule files in %s" % (len(filepaths), path))
return yara.compile(filepaths=filepaths)示例12: run_scheduled_feeds
def run_scheduled_feeds(self):
for feed_name in [f for f in self.feeds if (self.feeds[f].next_run < datetime.utcnow() and self.feeds[f].enabled)]:
debug_output('Starting thread for feed %s...' % feed_name)
self.run_feed(feed_name)
for t in self.threads:
if self.threads[t].is_alive():
self.threads[t].join()示例13: run_all_feeds
def run_all_feeds(self):
debug_output("Running all feeds")
for feed_name in [f for f in self.feeds if self.feeds[f].enabled]:
debug_output("Starting thread for feed %s..." % feed_name)
self.run_feed(feed_name)
for t in self.threads:
if self.threads[t].is_alive():
self.threads[t].join()示例14: broadcast
def broadcast(self, msg, channel, type="bcast"):
queryid = str(random.random())
message = json.dumps({'msg': msg, 'queryid': queryid, 'src': self.name, 'type':type})
try:
# print "broadcast [%s] : %s" % (channel, type)
self.r.publish(channel, message)
except Exception, e:
debug_output("Could not broadcast: %s" % (e), 'error')示例15: load_pcap
def load_pcap(self):
filename = self.pcap_filename
debug_output("Loading PCAP from %s " % filename)
self.pkts += self.sniff(stopper=self.stop_sniffing, filter=self.filter, prn=self.handlePacket, stopperTimeout=1, offline=Malcom.config['SNIFFER_DIR']+"/"+filename)
debug_output("Loaded %s packets from file." % len(self.pkts))
return True