def sdhash_get_from_file(_in):
statinfo = os.stat(_in)
# sdhash cannot deal with file smaller than 512
if statinfo.st_size <= 512 + 50:
with open(_in) as f:
return f.read()
_in1 = sdbf_class.sdbf(_in, 0).to_string()
return _in1[_in1.find(":sha1:")]
def sdhash_compare(_in_1, _in_2):
sdbf_1 = sdbf_class.sdbf(_in_1, 0)
sdbf_2 = sdbf_class.sdbf(_in_2, 0)
return sdbf_1.compare(sdbf_2, 0)
#!/usr/bin/python3
# Import our module, living in the same directory as _sdbf_class.so
import sdbf_class
# Name a few standalone objects to hash
name1 = b"hoge.txt"
name2 = b"test2.txt"
# Create new objects from these names, in "regular" non-block mode.
test1 = sdbf_class.sdbf(name1, 0)
test2 = sdbf_class.sdbf(name2, 0)
# print out some vital statistics and the hash itself
print("test1")
print(test1.name())
print(test1.size())
print(test1.input_size())
print(test1.to_string())
print("test2")
print(test2.name())
print(test2.size())
print(test2.input_size())
print(test1.to_string())
# test2.print_sdbf(test2)
# Compare the two hashes and get back a score
score = test2.compare(test1, 0)
def update(self, arg):
self.h = sdbf_class.sdbf('unknown', arg, 0, len(arg), None)
hash.append(sizeOfHeapCommit[8:16] ^ sizeOfHeapCommit[16:24] ^ sizeOfHeapCommit[24:32])
heapcommit_hash = sizeOfHeapCommit[8:16] ^ sizeOfHeapCommit[16:24] ^ sizeOfHeapCommit[24:32]
sections_holder = []
for section in sections:
section_copy = copy.deepcopy(section)
section_hash = section_copy[1]
section_hash.append(section_copy[2])
section_hash.append(section_copy[3][16:24] ^ section_copy[3][24:32])
section_hash.append(section_copy[4])
hash.append(section[1])
hash.append(section[2])
hash.append(section[3][16:24] ^ section[3][24:32])
hash.append(section[4])
sections_holder.append(str(section_hash))
return hashlib.md5(str(hash)).hexdigest()
pe_data = open(sys.argv[1], 'rb').read()
try:
pehash = peHash(pe_data)
except:
pehash = ''
sdhash = sdbf_class.sdbf(sys.argv[1], 0)
ssdeephash = ssdeep.hash(pe_data)
print anyjson.serialize({
'pe_hash': pehash,
'sdhash': sdhash.to_string(),
'ssdeep': ssdeephash,
'timestamp': int(time.time())
}),
#!/usr/bin/python # Import our module, living in the same directory as _sdbf_class.so import sdbf_class # Name a few standalone objects to hash name = "sdbf_class.py" name2 = "sdbf_class.pyc" # Create new objects from these names, in "regular" non-block mode. test1 = sdbf_class.sdbf(name,0) test2 = sdbf_class.sdbf(name2,0) # print out some vital statistics and the hash itself print "test 1" print test1.name() print test1.size() print test1.input_size() print test1.to_string() print "test 2" print test2.name() print test2.size() print test2.input_size() bar=test2.to_string() print bar #test2.print_sdbf(test2) # Compare the two hashes and get back a score
def test_read_cstring(self):
with open(self.TEST_FILE, 'rb') as f:
data = f.read()
s = sdbf_class.sdbf(self.TEST_FILE, data, 0, len(data), None)
self.check_sdbf(s, "{}\n".format(self.TEST_FILE_SDBF))
def test_read_file(self):
s = sdbf_class.sdbf(self.TEST_FILE, 0)
self.check_sdbf(s, "{}\n".format(self.TEST_FILE_SDBF))
def test_formated_string(self):
s = sdbf_class.sdbf(self.TEST_FILE_SDBF)
self.check_sdbf(s, "{}\n".format(self.TEST_FILE_SDBF))