def compare(self, hash1, hash2):
if re.search(r'^Error:', hash1) or re.search(r'^Error:', hash2):
return '0'
# Bad hash comparation
return fuzzyhashlib.sdhash(hash=hash1) - fuzzyhashlib.sdhash(
hash=hash2)
def compare(self, hash1, hash2):
if hash1 == '-' or hash2 == '-':
return '-'
# Bad hash comparation
distance = fuzzyhashlib.sdhash(hash=hash1) - fuzzyhashlib.sdhash(
hash=hash2)
return distance #if distance > 0 else '-'
def ToHash(h1,h2, classes):
try:
th = tlsh.hash(h1)
except:
th = 'None'
try:
sh = fuzzyhashlib.sdhash(h1).hexdigest().rstrip()
except:
sh = 'None'
try:
nil = Nilsimsa(h1).hexdigest()
except:
nil = 'None'
try:
ss = fuzzyhashlib.ssdeep(h1).hexdigest()
except:
ss = 'None'
ch = []
if classes!=None:
for c in classes:
name = c[0]
content = c[1]
try:
cnil = Nilsimsa(content).hexdigest()
except:
cnil = 'None'
try:
css = fuzzyhashlib.ssdeep(content).hexdigest()
except:
css = 'None'
try:
csh = 'None'
if len(content) >= 512:
csh = fuzzyhashlib.sdhash(content).hexdigest().rstrip()
except:
csh = 'None'
try:
cth = 'None'
if len(content) >= 256:
cth = tlsh.hash(content)
except:
cth = 'None'
ch.append((name,cth,csh,cnil,css))
return th,sh,nil,ss,ch
def hash(self, data, alghConfig):
try:
retdata = fhash.sdhash(data).hexdigest()
except ValueError:
retdata = '-'
debug.warning("SDHash needs an input of at least 512 bytes. Too short: {!s}".format(len(data)))
return retdata
def get_PE_Hashes(pe, filename):
sdhash = None
imph = pe.get_imphash()
my_fuzzy = pydeep.hash_file(filename)
pehash = peHash.get_peHash(filename)
fh = open(filename, 'rb')
m = hashlib.md5()
d = fh.read()
sdhash = fuzzyhashlib.sdhash(d).hexdigest()
md5 = hashlib.md5(d).hexdigest()
slashed = filename.split('/')
filename = slashed[len(slashed) - 1]
hashes ={"Filename":filename, "MD5":md5,"Imphash":imph,\
"peHash":pehash,"Fuzzy Hash": my_fuzzy, "sdhash": sdhash}
return hashes
def compare(self, h1, h2):
return fhash.sdhash(hash=h1)-fhash.sdhash(hash=h2)
def test_invalid_buffer_size_raises(self):
with self.assertRaises(ValueError) as context:
fuzzyhashlib.sdhash("buffer_too_short")
self.assertEquals(context.exception.message,
"sdhash requires buffer >= 512 in size")
def test_invalid_buffer_size_raises(self):
with self.assertRaises(ValueError) as context:
fuzzyhashlib.sdhash("buffer_too_short")
self.assertEquals(context.exception.message,
"sdhash requires buffer >= 512 in size")
def calculate(self, data):
try:
return fuzzyhashlib.sdhash(data).hexdigest().strip()
except ValueError, reason:
return '-'
def calculate(self, data):
try:
return fuzzyhashlib.sdhash(data).hexdigest().strip()
except ValueError, reason:
return 'Error: {0} ({1:d})'.format(reason, len(data))
def to_hash(content):
try:
sh = fuzzyhashlib.sdhash(content).hexdigest().rstrip()
except:
sh = 'None'
return sh