Python FlagFramework Exemples, FlagFramework Python Exemples

Exemple #1

0

Afficher le fichier

Fichier : compare.py Projet : anarchivist/pyflag

def open_image(filename):
    if not options.subsys:
        io=open(filename, 'r')

    else:
        import Registry, FlagFramework, IO
        Registry.Init()
        
        driver = Registry.IMAGES.dispatch(options.subsys)()
        q = FlagFramework.query_type(filename = filename)
        io = driver.open(None, None, q)

    return io

Exemple #2

0

Afficher le fichier

def open_image(filename):
    if not options.subsys:
        io = open(filename, 'r')

    else:
        import Registry, FlagFramework, IO
        Registry.Init()

        driver = Registry.IMAGES.dispatch(options.subsys)()
        q = FlagFramework.query_type(filename=filename)
        io = driver.open(None, None, q)

    return io

Exemple #3

0

Afficher le fichier

Fichier : mapper.py Projet : olivierh59500/pyflag

def open_image(filename, subsys):
    print "Opening image %s" % filename
    if not subsys:
        io = open(filename, 'r')

    else:
        import Registry, FlagFramework, IO
        Registry.Init()

        driver = Registry.IMAGES.dispatch(subsys)()
        q = FlagFramework.query_type(filename=filename)
        io = driver.open(None, None, q)

    return io

Exemple #4

0

Afficher le fichier

Fichier : mapper.py Projet : anarchivist/pyflag

def open_image(filename, subsys):
    print "Opening image %s" % filename
    if not subsys:
        io=open(filename, 'r')

    else:
        import Registry, FlagFramework, IO
        Registry.Init()
        
        driver = Registry.IMAGES.dispatch(subsys)()
        q = FlagFramework.query_type(filename = filename)
        io = driver.open(None, None, q)

    return io

Exemple #5

0

Afficher le fichier

Fichier : SysLog.py Projet : olivierh59500/pyflag

    def form(self, query, result):
        def test(query, result):
            self.parse(query)

            result.text(
                "The following is the result of importing the first few lines from the log file into the database.\nPlease check that the importation was successfull before continuing.\n\n"
            )
            result.text(
                "You can adjust the year of the syslog below. Please note it does currently assume that all entries are from the one year.\n"
            )
            result.textfield("Year of syslog:", 'year_of_syslog')
            self.display_test_log(result)
            return True

        result.wizard(
            names=[
                "Step 1: Select Log File", "Step 2: View Preview",
                "Step 3: Save Preset", "Step 4: End"
            ],
            callbacks=[
                LogFile.get_file, test,
                FlagFramework.Curry(LogFile.save_preset, log=self), LogFile.end
            ],
        )

Exemple #6

0

Afficher le fichier

Fichier : EventLogTool.py Projet : olivierh59500/pyflag


if config.mode == 'dll':
    import FileFormats.PElib as PElib
    import FlagFramework

    dbh = DB.DBO()
    dbh.execute("""CREATE TABLE if not exists `EventMessages` (
    `filename` VARCHAR( 50 ) NOT NULL ,
    `message_id` INT unsigned NOT NULL ,
    `message` TEXT NOT NULL ,
    `offset` INT NOT NULL,
    UNIQUE KEY `filename,message_id` (`filename`,`message_id`)
    ) """)

    Magic = FlagFramework.Magic()

    for directory in config.args:
        for F in recurse(directory):
            f = F.lower()
            fd = open(F)
            data = fd.read(1024)
            magic = Magic.buffer(data)
            if "PE" in magic:
                fd.seek(0)
                b = Buffer(fd=fd)

                logging.log(logging.DEBUG,
                            "Opening %s to extract messages" % F)
                dbh.mass_insert_start('EventMessages')
                try: