Ejemplos de SearchSubfile.main en Python

Ejemplo n.º 1

    def subfile(self, filePath):
        # hachoir-subfile is a tool based on hachoir-parser to find subfiles in any binary stream.
        # Website: http://bitbucket.org/haypo/hachoir/wiki/hachoir-subfile
        # bypass sys.stdout, sys.stderr
        oldStdOut = sys.stdout
        oldStdErr = sys.stderr
        outputStdErr = StringIO.StringIO()
        outputStdOut = StringIO.StringIO()
        sys.stdout = outputStdOut
        sys.stderr = outputStdErr

        stream = FileInputStream(unicodeFilename(filePath),
                                 real_filename=filePath)

        # Search for subfiles
        subfile = SearchSubfile(stream, 0, None)
        subfile.loadParsers(categories=None, parser_ids=None)
        subfile.main()

        # sys.stdout, sys.stderr reset
        sys.stdout = oldStdOut
        sys.stderr = oldStdErr

        # parse stdout, stderr from SearchSubfile
        return self.parse(outputStdOut.getvalue(), outputStdErr.getvalue())

Ejemplo n.º 2

    def save_response_binaries(self, path, hash_value):
        try:
            flow = Flow.objects.get(hash_value=hash_value)
            flow_details = flow.details
            for detail in flow_details:
                # create the orig file ex: contents_192.168.1.5:42825-62.212.84.227:80_resp.dat
                source_str = ":".join([detail.src_ip, str(detail.sport)])
                destination_str = ":".join([detail.dst_ip, str(detail.dport)])
                flow_str = "-".join([source_str, destination_str])
                resp_file = "_".join(["contents", flow_str,"resp.dat"])
                file_path = "/".join([path, resp_file])
                file_path = str(file_path)

                try:
                    stream = FileInputStream(unicodeFilename(file_path), real_filename=file_path)
                except NullStreamError:
                    continue
                subfile = SearchSubfile(stream, 0, None)
                subfile.loadParsers()
                root = "/".join([path, "html-files"])
                if not os.path.exists(root):
                    os.makedirs(root)
                output = "/".join([root, flow_str])
                output = str(output)
                if not os.path.exists(output):
                    os.mkdir(output)
                subfile.setOutput(output)
                ok = subfile.main()

                # save the files info at the db also

            return True

        except Exception, ex:
            return False

Ejemplo n.º 3

Archivo: all_subFile.py Proyecto: Beercow/malware-crawler

 def subfile(self, filePath):
     # hachoir-subfile is a tool based on hachoir-parser to find subfiles in any binary stream.
     # Website: http://bitbucket.org/haypo/hachoir/wiki/hachoir-subfile
     # bypass sys.stdout, sys.stderr
     oldStdOut = sys.stdout
     oldStdErr = sys.stderr
     outputStdErr = StringIO.StringIO()
     outputStdOut = StringIO.StringIO()
     sys.stdout = outputStdOut
     sys.stderr = outputStdErr
     
     stream = FileInputStream(unicodeFilename(filePath), real_filename=filePath)
     
     # Search for subfiles
     subfile = SearchSubfile(stream, 0, None)
     subfile.loadParsers(categories=None, parser_ids=None)
     subfile.main()
     
     # sys.stdout, sys.stderr reset
     sys.stdout = oldStdOut
     sys.stderr = oldStdErr
 
     # parse stdout, stderr from SearchSubfile
     return self.parse(outputStdOut.getvalue(), outputStdErr.getvalue())