本文整理汇总了Python中lib.cuckoo.core.database.Database.find_sample方法的典型用法代码示例。如果您正苦于以下问题:Python Database.find_sample方法的具体用法?Python Database.find_sample怎么用?Python Database.find_sample使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类lib.cuckoo.core.database.Database
的用法示例。
在下文中一共展示了Database.find_sample方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: run
# 需要导入模块: from lib.cuckoo.core.database import Database [as 别名]
# 或者: from lib.cuckoo.core.database.Database import find_sample [as 别名]
def run(self, results):
filesdict = {}
report = dict(results)
if report["target"]["category"] == "url":
for dropped in report["dropped"]:
if os.path.isfile(dropped["path"]):
if re.search(r"PE32 executable",dropped["type"]) != None and re.search(r"\(DLL\)",dropped["type"]) == None:
if not filesdict.has_key(dropped['sha256']):
filesdict[dropped['sha256']] = dropped['path']
if report.has_key("suricata") and report["suricata"]:
if report["suricata"].has_key("files") and report["suricata"]["files"]:
for suricata_file_e in results["suricata"]["files"]:
if suricata_file_e.has_key("file_info"):
tmp_suricata_file_d = dict(suricata_file_e)
if os.path.isfile(suricata_file_e["file_info"]["path"]):
if re.search(r"PE32 executable",suricata_file_e["file_info"]["type"]) != None and re.search(r"\(DLL\)",suricata_file_e["file_info"]["type"]) == None:
if not filesdict.has_key(suricata_file_e["file_info"]["sha256"]):
filesdict[suricata_file_e["file_info"]["sha256"]] = suricata_file_e["file_info"]["path"]
db = Database()
for e in filesdict:
if not File(filesdict[e]).get_size():
continue
if not db.find_sample(sha256=e) is None:
continue
task_id = db.add_path(file_path=filesdict[e],
package='exe',
timeout=200,
options=None,
priority=1,
machine=None,
platform=None,
custom=None,
memory=False,
enforce_timeout=False,
clock=None,
tags=None)
if task_id:
print("Success" + u": File \"{0}\" added as task with ID {1}".format(filesdict[e], task_id))
else:
print("Error" + ": adding task to database")
示例2: main
# 需要导入模块: from lib.cuckoo.core.database import Database [as 别名]
# 或者: from lib.cuckoo.core.database.Database import find_sample [as 别名]
#.........这里部分代码省略.........
else:
files.append(path)
if args.shuffle:
random.shuffle(files)
for file_path in files:
if not File(file_path).get_size():
if not args.quiet:
print(bold(yellow("Empty") + ": sample {0} (skipping file)".format(file_path)))
continue
if not args.max is None:
# Break if the maximum number of samples has been reached.
if not args.max:
break
args.max -= 1
if args.remote:
if not HAVE_REQUESTS:
print(bold(red("Error")) + ": you need to install python-requests (`pip install requests`)")
return False
if args.ssl:
url = "https://{0}/tasks/create/file".format(args.remote)
else:
url = "http://{0}/tasks/create/file".format(args.remote)
files = dict(
file=open(file_path, "rb"),
filename=os.path.basename(file_path)
)
data = dict(
package=args.package,
timeout=args.timeout,
options=args.options,
priority=args.priority,
machine=args.machine,
platform=args.platform,
memory=args.memory,
enforce_timeout=args.enforce_timeout,
custom=args.custom,
tags=args.tags
)
try:
if args.user and args.password:
if args.ssl:
if args.sslnoverify:
verify = False
else:
verify = True
response = requests.post(url, auth=(args.user,args.password), files=files,data=data,verify=verify)
else:
response = requests.post(url, auth=(args.user,args.password), files=files,data=data)
else:
if args.ssl:
if args.sslnoverify:
verify = False
else:
verify = True
response = requests.post(url, files=files, data=data, verify=verify)
else:
response = requests.post(url, files=files, data=data)
except Exception as e:
print(bold(red("Error")) + ": unable to send file: {0}".format(e))
return False
json = response.json()
task_id = json["task_id"]
else:
if args.unique:
sha256 = File(file_path).get_sha256()
if not db.find_sample(sha256=sha256) is None:
msg = ": Sample {0} (skipping file)".format(file_path)
if not args.quiet:
print(bold(yellow("Duplicate")) + msg)
continue
task_id = db.add_path(file_path=file_path,
package=args.package,
timeout=args.timeout,
options=args.options,
priority=args.priority,
machine=args.machine,
platform=args.platform,
custom=args.custom,
memory=args.memory,
enforce_timeout=args.enforce_timeout,
clock=args.clock,
tags=args.tags)
if task_id:
if not args.quiet:
print(bold(green("Success")) + u": File \"{0}\" added as task with ID {1}".format(file_path, task_id))
else:
print(bold(red("Error")) + ": adding task to database")
示例3: run
# 需要导入模块: from lib.cuckoo.core.database import Database [as 别名]
# 或者: from lib.cuckoo.core.database.Database import find_sample [as 别名]
def run(self, results):
self.noinject = self.options.get("noinject", False)
filesdict = {}
self.task_options_stack = []
self.task_options = None
self.task_custom = None
report = dict(results)
if report["info"].has_key("options") and "resubmitjob=true" in report["info"]["options"]:
return
else:
self.task_options_stack.append("resubmitjob=true")
if self.noinject:
self.task_options_stack.append("free=true")
if self.task_options_stack:
self.task_options=','.join(self.task_options_stack)
report = dict(results)
for dropped in report["dropped"]:
if os.path.isfile(dropped["path"]):
if ("PE32" in dropped["type"] or "MS-DOS" in dropped["type"]) and "DLL" not in dropped["type"]:
if not filesdict.has_key(dropped['sha256']):
filesdict[dropped['sha256']] = dropped['path']
if report.has_key("suricata") and report["suricata"]:
if report["suricata"].has_key("files") and report["suricata"]["files"]:
for suricata_file_e in results["suricata"]["files"]:
if suricata_file_e.has_key("file_info"):
tmp_suricata_file_d = dict(suricata_file_e)
if os.path.isfile(suricata_file_e["file_info"]["path"]):
ftype = suricata_file_e["file_info"]["type"]
if ("PE32" in ftype or "MS-DOS" in ftype) and "DLL" not in ftype:
if not filesdict.has_key(suricata_file_e["file_info"]["sha256"]):
filesdict[suricata_file_e["file_info"]["sha256"]] = suricata_file_e["file_info"]["path"]
db = Database()
for e in filesdict:
if not File(filesdict[e]).get_size():
continue
if not db.find_sample(sha256=e) is None:
continue
self.task_custom="Parent_Task_ID:%s" % report["info"]["id"]
if report["info"].has_key("custom") and report["info"]["custom"]:
self.task_custom = "%s Parent_Custom:%s" % (self.task_custom,report["info"]["custom"])
task_id = db.add_path(file_path=filesdict[e],
package='exe',
timeout=200,
options=self.task_options,
priority=1,
machine=None,
platform=None,
custom=self.task_custom,
memory=False,
enforce_timeout=False,
clock=None,
tags=None)
if task_id:
log.info(u"Resubmitexe file \"{0}\" added as task with ID {1}".format(filesdict[e], task_id))
else:
log.warn("Error adding resubmitexe task to database")
示例4: run
# 需要导入模块: from lib.cuckoo.core.database import Database [as 别名]
# 或者: from lib.cuckoo.core.database.Database import find_sample [as 别名]
def run(self, results):
self.noinject = self.options.get("noinject", False)
self.resublimit = int(self.options.get("resublimit",5))
filesdict = {}
self.task_options_stack = []
self.task_options = None
self.task_custom = None
self.machine = None
self.resubcnt = 0
report = dict(results)
if report["info"].has_key("options") and report["info"]["options"].has_key("resubmitjob") and report["info"]["options"]["resubmitjob"]:
return
# copy all the options from current
if "options" in report["info"] and report["info"]["options"]:
for key,val in report["info"]["options"].items():
self.task_options_stack.append(key + "=" + str(val))
# copy machine label from current
if "machine" in report["info"] and report["info"]["machine"]:
self.machine = report["info"]["machine"]["label"]
self.task_options_stack.append("resubmitjob=true")
if self.noinject:
self.task_options_stack.append("free=true")
if self.task_options_stack:
self.task_options=','.join(self.task_options_stack)
report = dict(results)
for dropped in report["dropped"]:
if self.resubcnt >= self.resublimit:
break
if os.path.isfile(dropped["path"]):
if ("PE32" in dropped["type"] or "MS-DOS" in dropped["type"]) and "DLL" not in dropped["type"] and "native" not in dropped["type"]:
if not filesdict.has_key(dropped['sha256']):
srcpath = os.path.join(CUCKOO_ROOT, "storage", "analyses", str(report["info"]["id"]), "files", dropped['sha256'])
linkdir = os.path.join(CUCKOO_ROOT, "storage", "analyses", str(report["info"]["id"]), "files", dropped['sha256'] + "_link")
guest_paths = [line.strip() for line in open(srcpath + "_info.txt")]
guest_name = guest_paths[0].split("\\")[-1]
linkpath = os.path.join(linkdir, guest_name)
if not os.path.exists(linkdir):
os.makedirs(linkdir, mode=0755)
try:
if not os.path.exists(linkpath):
os.symlink(srcpath, linkpath)
filesdict[dropped['sha256']] = linkpath
self.resubcnt += 1
except:
filesdict[dropped['sha256']] = dropped['path']
self.resubcnt += 1
if report.has_key("suricata") and report["suricata"]:
if report["suricata"].has_key("files") and report["suricata"]["files"]:
for suricata_file_e in results["suricata"]["files"]:
# don't resubmit truncated files
if suricata_file_e["file_info"]["size"] != suricata_file_e["size"]:
continue
if self.resubcnt >= self.resublimit:
break
if suricata_file_e.has_key("file_info"):
tmp_suricata_file_d = dict(suricata_file_e)
if os.path.isfile(suricata_file_e["file_info"]["path"]):
ftype = suricata_file_e["file_info"]["type"]
if ("PE32" in ftype or "MS-DOS" in ftype) and "DLL" not in ftype and "native" not in ftype:
if not filesdict.has_key(suricata_file_e["file_info"]["sha256"]):
filesdict[suricata_file_e["file_info"]["sha256"]] = suricata_file_e["file_info"]["path"]
self.resubcnt = self.resubcnt + 1
db = Database()
for e in filesdict:
if not File(filesdict[e]).get_size():
continue
if not db.find_sample(sha256=e) is None:
continue
self.task_custom="Parent_Task_ID:%s" % report["info"]["id"]
if report["info"].has_key("custom") and report["info"]["custom"]:
self.task_custom = "%s Parent_Custom:%s" % (self.task_custom,report["info"]["custom"])
task_id = db.add_path(file_path=filesdict[e],
package='exe',
timeout=200,
options=self.task_options,
priority=1,
machine=self.machine or "",
platform=None,
custom=self.task_custom,
memory=False,
enforce_timeout=False,
clock=None,
tags=None,
parent_id=int(report["info"]["id"]))
if task_id:
log.info(u"Resubmitexe file \"{0}\" added as task with ID {1}".format(filesdict[e], task_id))
else:
log.warn("Error adding resubmitexe task to database")