本文整理汇总了Python中viper.common.out.bold函数的典型用法代码示例。如果您正苦于以下问题:Python bold函数的具体用法?Python bold怎么用?Python bold使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了bold函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: scan
def scan(self, to_search, verbose=True, submit=False, path_to_submit=None):
response = self.vt.get_file_report(to_search)
if self._has_fail(response):
return False
virustotal = response['results']
if virustotal['response_code'] == 0:
# Unknown hash
self.log('info', "{}: {}".format(bold("VirusTotal message"), virustotal['verbose_msg']))
if submit and path_to_submit:
response = self.vt.scan_file(path_to_submit)
if not self._has_fail(response):
self.log('info', "{}: {}".format(bold("VirusTotal message"), response['results']['verbose_msg']))
return True
else:
self.log('warning', "{}: {}".format(bold("VirusTotal message"), response['results']['verbose_msg']))
return False
return True
elif virustotal['response_code'] == -2:
# Queued for analysis
self.log('info', "The file is in the queue and will be processed soon, please try again later")
return True
if verbose:
self._display_verbose_scan(virustotal, to_search)
self.log('info', "{} out of {} antivirus detected {} as malicious.".format(virustotal['positives'], virustotal['total'], bold(to_search)))
self.log('info', virustotal['permalink'] + '\n')
return virustotal['md5'], virustotal['sha1'], virustotal['sha256']示例2: _prepare_urls
def _prepare_urls(self, query, detected_urls, verbose):
if detected_urls:
self.log('success', "VirusTotal Detected URLs for {}:".format(bold(query)))
res_rows = [(r['scan_date'], r['url'], r['positives'], r['total']) for r in detected_urls]
res_rows.sort()
if not verbose:
res_rows = res_rows[-10:]
self.log('table', dict(header=['Scan date', 'URL', 'positives', 'total'], rows=res_rows))
else:
self.log('warning', 'No URLs found for {}.'.format(bold(query)))示例3: pehash
def pehash(self):
if not HAVE_PEHASH:
self.log('error', "PEhash is missing. Please copy PEhash to the modules directory of Viper")
return
current_pehash = None
if __sessions__.is_set():
current_pehash = calculate_pehash(__sessions__.current.file.path)
self.log('info', "PEhash: {0}".format(bold(current_pehash)))
if self.args.all or self.args.cluster or self.args.scan:
db = Database()
samples = db.find(key='all')
rows = []
for sample in samples:
sample_path = get_sample_path(sample.sha256)
pe_hash = calculate_pehash(sample_path)
if pe_hash:
rows.append((sample.name, sample.md5, pe_hash))
if self.args.all:
self.log('info', "PEhash for all files:")
header = ['Name', 'MD5', 'PEhash']
self.log('table', dict(header=header, rows=rows))
elif self.args.cluster:
self.log('info', "Clustering files by PEhash...")
cluster = {}
for sample_name, sample_md5, pe_hash in rows:
cluster.setdefault(pe_hash, []).append([sample_name, sample_md5])
for item in cluster.items():
if len(item[1]) > 1:
self.log('info', "PEhash cluster {0}:".format(bold(item[0])))
self.log('table', dict(header=['Name', 'MD5'], rows=item[1]))
elif self.args.scan:
if __sessions__.is_set() and current_pehash:
self.log('info', "Finding matching samples...")
matches = []
for row in rows:
if row[1] == __sessions__.current.file.md5:
continue
if row[2] == current_pehash:
matches.append([row[0], row[1]])
if matches:
self.log('table', dict(header=['Name', 'MD5'], rows=matches))
else:
self.log('info', "No matches found")示例4: compiletime
def compiletime(self):
def get_compiletime(pe):
return datetime.datetime.fromtimestamp(pe.FILE_HEADER.TimeDateStamp)
if not self.__check_session():
return
compile_time = get_compiletime(self.pe)
self.log('info', "Compile Time: {0}".format(bold(compile_time)))
if self.args.scan:
self.log('info', "Scanning the repository for matching samples...")
db = Database()
samples = db.find(key='all')
matches = []
for sample in samples:
if sample.sha256 == __sessions__.current.file.sha256:
continue
sample_path = get_sample_path(sample.sha256)
if not os.path.exists(sample_path):
continue
try:
cur_pe = pefile.PE(sample_path)
cur_compile_time = get_compiletime(cur_pe)
except:
continue
if compile_time == cur_compile_time:
matches.append([sample.name, sample.md5, cur_compile_time])
else:
if self.args.window:
if cur_compile_time > compile_time:
delta = (cur_compile_time - compile_time)
elif cur_compile_time < compile_time:
delta = (compile_time - cur_compile_time)
delta_minutes = int(delta.total_seconds()) / 60
if delta_minutes <= self.args.window:
matches.append([sample.name, sample.md5, cur_compile_time])
self.log('info', "{0} relevant matches found".format(bold(len(matches))))
if len(matches) > 0:
self.log('table', dict(header=['Name', 'MD5', 'Compile Time'], rows=matches))示例5: pdns_domain
def pdns_domain(self, domain, verbose=False):
response = self.vt.get_domain_report(domain)
if self._has_fail(response):
return False
virustotal = response['results']
if virustotal.get('resolutions'):
res_rows = [(r['last_resolved'], r['ip_address']) for r in virustotal['resolutions']]
res_rows.sort()
if not verbose:
res_rows = res_rows[-10:]
self.log('success', "VirusTotal domain resolutions for {}:".format(bold(domain)))
self.log('table', dict(header=['Last resolved', 'IP Address'], rows=res_rows))
else:
self.log('warning', 'No resolutions found for {}.'.format(bold(domain)))
self._prepare_urls(domain, virustotal.get('detected_urls'), verbose)
self.log('info', 'https://www.virustotal.com/en/domain/{}/information/\n'.format(domain))示例6: size_cluster
def size_cluster(self):
db = Database()
samples = db.find(key='all')
cluster = {}
for sample in samples:
sample_path = get_sample_path(sample.sha256)
if not os.path.exists(sample_path):
continue
try:
cur_size = os.path.getsize(sample_path)
except Exception as e:
self.log('error', "Error {0} for sample {1}".format(e, sample.sha256))
continue
if cur_size not in cluster:
cluster[cur_size] = []
cluster[cur_size].append([sample.md5, sample.name])
for cluster_name, cluster_members in cluster.items():
# Skipping clusters with only one entry.
if len(cluster_members) == 1:
continue
self.log('info', "Cluster size {0} with {1} elements".format(bold(cluster_name), len(cluster_members)))
self.log('table', dict(header=['MD5', 'Name'], rows=cluster_members))示例7: ghiro
def ghiro(self):
if not HAVE_REQUESTS:
self.log('error', "Missing dependency, install requests (`pip install requests`)")
return
payload = dict(private='true', json='true')
files = dict(image=BytesIO(__sessions__.current.file.data))
response = requests.post('http://www.imageforensic.org/api/submit/', data=payload, files=files,
proxies=cfg.http_client.proxies, verify=cfg.http_client.verify, cert=cfg.http_client.cert)
results = response.json()
if results['success']:
report = results['report']
if len(report['signatures']) > 0:
self.log('', bold("Signatures:"))
for signature in report['signatures']:
self.log('item', signature['description'])
for k, v in report.items():
if k == 'signatures':
continue
if isinstance(v, dict):
for k1, v1 in v.items():
self.log('info', '{}: {}'.format(k1, v1))
else:
self.log('info', '{}: {}'.format(k, v))
else:
self.log('error', "The analysis failed")示例8: get_config
def get_config(self, family):
if not __sessions__.is_set():
self.log('error', "No open session")
return
try:
module = importlib.import_module('viper.modules.rats.{0}'.format(family))
except ImportError:
self.log('error', "There is no module for family {0}".format(bold(family)))
return
try:
config = module.config(__sessions__.current.file.data)
except:
config = None
if not config:
self.log('error', "No Configuration Detected")
return
rows = []
for key, value in config.items():
rows.append([key, value])
rows = sorted(rows, key=lambda entry: entry[0])
self.log('info', "Configuration:")
self.log('table', dict(header=['Key', 'Value'], rows=rows))示例9: peid
def peid(self):
def get_signatures():
with file(os.path.join(VIPER_ROOT, 'data/peid/UserDB.TXT'), 'rt') as f:
sig_data = f.read()
signatures = peutils.SignatureDatabase(data=sig_data)
return signatures
def get_matches(pe, signatures):
matches = signatures.match_all(pe, ep_only=True)
return matches
if not self.__check_session():
return
signatures = get_signatures()
peid_matches = get_matches(self.pe, signatures)
if peid_matches:
self.log('info', "PEiD Signatures:")
for sig in peid_matches:
if type(sig) is list:
self.log('item', sig[0])
else:
self.log('item', sig)
else:
self.log('info', "No PEiD signatures matched.")
if self.args.scan and peid_matches:
self.log('info', "Scanning the repository for matching samples...")
db = Database()
samples = db.find(key='all')
matches = []
for sample in samples:
if sample.sha256 == __sessions__.current.file.sha256:
continue
sample_path = get_sample_path(sample.sha256)
if not os.path.exists(sample_path):
continue
try:
cur_pe = pefile.PE(sample_path)
cur_peid_matches = get_matches(cur_pe, signatures)
except:
continue
if peid_matches == cur_peid_matches:
matches.append([sample.name, sample.sha256])
self.log('info', "{0} relevant matches found".format(bold(len(matches))))
if len(matches) > 0:
self.log('table', dict(header=['Name', 'SHA256'], rows=matches))示例10: url
def url(self, url, verbose=False, submit=False):
if submit:
response = self.vt.get_url_report(url, '1')
else:
response = self.vt.get_url_report(url)
if self._has_fail(response):
return False
virustotal = response['results']
if virustotal['response_code'] in [0, -2] or not virustotal.get('scans'):
self.log('info', "{}: {}".format(bold("VirusTotal message"), virustotal['verbose_msg']))
return
if verbose:
self._display_verbose_scan(virustotal['scans'], url)
self.log('info', "{} out of {} scans detected {} as malicious.".format(
virustotal['positives'], virustotal['total'], bold(url)))
self.log('info', virustotal['permalink'])示例11: _display_verbose_scan
def _display_verbose_scan(self, scans, query):
rows = []
if scans:
for engine, signature in scans.items():
if signature['detected']:
rows.append([engine, signature['result']])
signature = signature['result']
rows.sort()
if rows:
self.log('success', "VirusTotal Report for {}:".format(bold(query)))
self.log('table', dict(header=['Antivirus', 'Signature'], rows=rows))示例12: _display_verbose_scan
def _display_verbose_scan(self, virustotal, query):
self.log('success', "VirusTotal Report for {}:".format(bold(query)))
if 'times_submitted' in virustotal and 'first_seen' in virustotal:
self.log('info', 'Submitted {} times and seen first on {}.'.format(virustotal['times_submitted'], virustotal['first_seen']))
if 'submission_names' in virustotal:
self.log('info', 'Known names:')
for item in virustotal['submission_names']:
self.log('item', item)
rows = []
if 'scans' in virustotal:
for engine, signature in virustotal['scans'].items():
if signature['detected']:
rows.append([engine, signature['result']])
signature = signature['result']
rows.sort()
if rows:
self.log('info', "Detecting engines:")
self.log('table', dict(header=['Antivirus', 'Signature'], rows=rows))示例13: run
def run(self):
super(Fuzzy, self).run()
if not __sessions__.is_set():
self.log('error', "No session opened")
return
if not HAVE_PYDEEP:
self.log('error', "Missing dependency, install pydeep (`pip install pydeep`)")
return
if not __sessions__.current.file.ssdeep:
self.log('error', "No ssdeep hash available for opened file")
return
arg_verbose = False
if self.args and self.args.verbose:
arg_verbose = True
db = Database()
samples = db.find(key='all')
matches = []
for sample in samples:
if sample.sha256 == __sessions__.current.file.sha256:
continue
if not sample.ssdeep:
continue
score = pydeep.compare(__sessions__.current.file.ssdeep, sample.ssdeep)
if score > 40:
matches.append(['{0}%'.format(score), sample.name, sample.sha256])
if arg_verbose:
self.log('info', "Match {0}%: {2} [{1}]".format(score, sample.name, sample.sha256))
self.log('info', "{0} relevant matches found".format(bold(len(matches))))
if len(matches) > 0:
self.log('table', dict(header=['Score', 'Name', 'SHA256'], rows=matches))示例14: ghiro
def ghiro(self):
if not HAVE_REQUESTS:
self.log('error', "Missing dependency, install requests (`pip install requests`)")
return
payload = dict(private='true', json='true')
files = dict(image=open(__sessions__.current.file.path, 'rb'))
response = requests.post('http://www.imageforensic.org/api/submit/', data=payload, files=files)
results = response.json()
if results['success']:
report = results['report']
if len(report['signatures']) > 0:
self.log('', bold("Signatures:"))
for signature in report['signatures']:
self.log('item', signature['description'])
else:
self.log('error', "The analysis failed")示例15: get_config
def get_config(self, family):
if not __sessions__.is_set():
self.log("error", "No open session")
return
try:
module = importlib.import_module("modules.rats.{0}".format(family))
except ImportError:
self.log("error", "There is no module for family {0}".format(bold(family)))
return
config = module.config(__sessions__.current.file.data)
if not config:
self.log("error", "No Configuration Detected")
return
rows = []
for key, value in config.items():
rows.append([key, value])
rows = sorted(rows, key=lambda entry: entry[0])
self.log("info", "Configuration:")
self.log("table", dict(header=["Key", "Value"], rows=rows))