本文整理汇总了Python中viper.core.session.__sessions__.new函数的典型用法代码示例。如果您正苦于以下问题:Python new函数的具体用法?Python new怎么用?Python new使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了new函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: autorun_module
def autorun_module(file_hash):
if not file_hash:
return
# We need an open session
if not __sessions__.is_set():
# Open session
__sessions__.new(get_sample_path(file_hash))
for cmd_line in cfg.autorun.commands.split(','):
split_commands = cmd_line.split(';')
for split_command in split_commands:
split_command = split_command.strip()
if not split_command:
continue
root, args = parse(split_command)
try:
if root in __modules__:
module = __modules__[root]['obj']()
module.set_commandline(args)
module.run()
print_info("Running Command {0}".format(split_command))
if cfg.modules.store_output and __sessions__.is_set():
Database().add_analysis(file_hash, split_command, module.output)
if cfg.autorun.verbose:
print_output(module.output)
del(module.output[:])
else:
print_error('{0} is not a valid command. Please check your viper.conf file.'.format(cmd_line))
except:
print_error('Viper was unable to complete the command {0}'.format(cmd_line))
return 示例2: test_create_event
def test_create_event(self, capsys):
instance = misp.MISP()
instance.command_line = ['--url', url, '-k', apikey, '-v', 'create_event', '-i', 'Viper test event']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Session opened on MISP event.*", out)
event_id = re.findall(r".*Session opened on MISP event (.*)\..*", out)[0]
instance.command_line = ['--url', url, '-k', apikey, '-v', 'add', 'ip-dst', '8.8.8.8']
instance.run()
out, err = capsys.readouterr()
assert re.search(rf".*Session on MISP event {event_id} refreshed.*", out)
instance.command_line = ['--url', url, '-k', apikey, '-v', 'show']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*ip-dst | 8.8.8.8.*", out)
__sessions__.new(os.path.join(FIXTURE_DIR, 'chromeinstall-8u31.exe'))
instance.command_line = ['add_hashes']
instance.run()
instance.command_line = ['--url', url, '-k', apikey, '-v', 'show']
instance.run()
out, err = capsys.readouterr()
assert re.search(rf".*Session on MISP event {event_id} refreshed.*", out)示例3: store
def store(self):
try:
event_path = os.path.join(self.cur_path, 'misp_events')
if not os.path.exists(event_path):
os.mkdir(event_path)
if self.args.list:
header = ['Event ID', 'Title']
rows = []
for eid, path, title in self._get_local_events(event_path):
rows.append((eid, title))
self.log('table', dict(header=header, rows=sorted(rows, key=lambda i: (int(i[0])))))
elif self.args.update:
for eid, path, title in self._get_local_events(event_path):
event = self.misp.get(eid)
with open(path, 'w') as f:
f.write(json.dumps(event))
self.log('success', '{} updated successfully.'.format(eid))
elif self.args.delete:
path = os.path.join(event_path, '{}.json'.format(self.args.delete))
if os.path.exists(path):
os.remove(path)
self.log('success', '{} removed successfully.'.format(self.args.delete))
else:
self.log('error', '{} does not exists.'.format(self.args.delete))
elif self.args.open:
path = os.path.join(event_path, '{}.json'.format(self.args.open))
if os.path.exists(path):
e_json = json.loads(open(path, 'r').read())
__sessions__.new(misp_event=MispEvent(e_json))
else:
self.log('error', '{} does not exists.'.format(self.args.open))
elif __sessions__.is_attached_misp():
self._dump(__sessions__.current.misp_event.event)
except IOError as e:
self.log('error', e.strerror)示例4: bupextract
def bupextract():
# Check for valid OLE
if not OleFileIO_PL.isOleFile(__sessions__.current.file.path):
print_error("Not a valid BUP File")
return
ole = OleFileIO_PL.OleFileIO(__sessions__.current.file.path)
# We know that BUPS are xor'd with 6A which is dec 106 for the decoder
print_info("Switching Session to Embedded File")
data = xordata(ole.openstream('File_0').read(), 106)
# this is a lot of work jsut to get a filename.
data2 = xordata(ole.openstream('Details').read(), 106)
ole.close()
lines = data2.split('\n')
for line in lines:
if line.startswith('OriginalName'):
fullpath = line.split('=')[1]
pathsplit = fullpath.split('\\')
filename = str(pathsplit[-1][:-1])
# now lets write the data out to a file and get a session on it
if data:
tempName = os.path.join('/tmp', filename)
with open(tempName, 'w') as temp:
temp.write(data)
__sessions__.new(tempName)
return
else:
print_error("Unble to Switch Session")示例5: create_event
def create_event(self):
if self.args.threat is not None:
# Dirty trick to keep consistency in the module: the threat level in the upload
# API can go from 0 import to 3 but it is 1 to 4 in the event mgmt API.
# It will be fixed in a near future, in the meantime, we do that:
self.args.threat += 1
if not self.args.info:
self.log('error', 'Info field is required for a new event')
info = ' '.join(self.args.info)
misp_event = MISPEvent()
misp_event.set_all_values(info=info, distribution=self.args.distrib,
threat_level_id=self.args.threat, analysis=self.args.analysis,
date=self.args.date)
self._search_local_hashes(misp_event)
if self.offline_mode:
# New event created locally, no ID
__sessions__.current.misp_event.current_dump_file = self._dump()
__sessions__.current.misp_event.offline()
else:
misp_event = self.misp.add_event(json.dumps(misp_event, cls=EncodeUpdate))
if self._has_error_message(misp_event):
return
__sessions__.new(misp_event=MispEvent(misp_event, self.offline_mode))
self._dump()示例6: create_event
def create_event(self):
if self.args.threat is not None:
# Dirty trick to keep consistency in the module: the threat level in the upload
# API can go from 0 import to 3 but it is 1 to 4 in the event mgmt API.
# It will be fixed in a near future, in the meantime, we do that:
self.args.threat += 1
if not self.args.info:
self.log('error', 'Info field is required for a new event')
info = ' '.join(self.args.info)
# Check if the following arguments have been set (and correctly set). If not, take the config values
self.args.distrib = self.distribution if self.args.distrib is None else self.args.distrib
self.args.sharing = self.sharinggroup if self.args.sharing is None else self.args.sharing
if self.args.sharing and self.args.distrib != 4:
self.args.sharing = None
self.log('info', "Sharing group can only be set if distribution is 4. Clearing set value")
misp_event = MISPEvent()
misp_event.set_all_values(info=info, distribution=self.args.distrib,
sharing_group_id=self.args.sharing, threat_level_id=self.args.threat,
analysis=self.args.analysis, date=self.args.date)
self._search_local_hashes(misp_event)
if self.offline_mode:
# New event created locally, no ID
__sessions__.current.misp_event.current_dump_file = self._dump()
__sessions__.current.misp_event.offline()
else:
misp_event = self.misp.add_event(json.dumps(misp_event, cls=EncodeUpdate))
if self._has_error_message(misp_event):
return
__sessions__.new(misp_event=MispEvent(misp_event, self.offline_mode))
self._dump()示例7: module_cmdline
def module_cmdline(cmd_line, file_hash):
html = ""
cmd = Commands()
split_commands = cmd_line.split(';')
for split_command in split_commands:
split_command = split_command.strip()
if not split_command:
continue
root, args = parse(split_command)
try:
if root in cmd.commands:
cmd.commands[root]['obj'](*args)
html += print_output(cmd.output)
del (cmd.output[:])
elif root in __modules__:
# if prev commands did not open a session open one on the current file
if file_hash:
path = get_sample_path(file_hash)
__sessions__.new(path)
module = __modules__[root]['obj']()
module.set_commandline(args)
module.run()
html += print_output(module.output)
if cfg.modules.store_output and __sessions__.is_set():
Database().add_analysis(file_hash, split_command, module.output)
del (module.output[:])
else:
html += '<p class="text-danger">{0} is not a valid command</p>'.format(cmd_line)
except Exception as e:
html += '<p class="text-danger">We were unable to complete the command {0}</p>'.format(cmd_line)
__sessions__.close()
return html示例8: cmd_new
def cmd_new(self, *args):
title = input("Enter a title for the new file: ")
# Create a new temporary file.
tmp = tempfile.NamedTemporaryFile(delete=False)
# Open the temporary file with the default editor, or with nano.
os.system('"${EDITOR:-nano}" ' + tmp.name)
__sessions__.new(tmp.name)
__sessions__.current.file.name = title
print_info('New file with title "{0}" added to the current session'.format(bold(title)))示例9: test_streams
def test_streams(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-s"]
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Macros/kfjtir .* 2017-04-09 19:03:45.905000 | 2017-04-09 19:03:45.920000.*", out)示例10: test_oleid
def test_oleid(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-o"]
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Macros .*| True.*", out)示例11: test_code
def test_code(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-c", 'out_macro']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*Writing VBA Code to out_macro.*", out)示例12: test_export
def test_export(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = office.Office()
instance.command_line = ["-e", 'out_all']
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*out_all/ObjectPool-_1398590705-Contents*", out)示例13: _populate
def _populate(self, event, original_attributes):
if len(event.attributes) == original_attributes:
self.log('info', "No new attributes to add.")
return
event.timestamp = int(time.time())
result = self.misp.update(event._json())
if not self._has_error_message(result):
self.log('success', "All attributes updated successfully")
__sessions__.new(misp_event=MispEvent(result, self.offline_mode))示例14: test_no_argument
def test_no_argument(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = Macho()
instance.run()
out, err = capsys.readouterr()
lines = out.split("\n")
assert re.search(r".*Session opened on.*", lines[0])示例15: test_meta
def test_meta(self, capsys, filename):
__sessions__.new(os.path.join(FIXTURE_DIR, filename))
instance = swf.SWF()
instance.command_line = []
instance.run()
out, err = capsys.readouterr()
assert re.search(r".*The opened file doesn't appear to be compressed.*", out)