def __init__(self): try: self.log_name = "Log SurfNet" conffile = "conf/log-surfnet.conf" self.AS_POSSIBLE_MALICIOUS_CONNECTION = 0 self.AS_DEFINITLY_MALICIOUS_CONNECTION = 1 self.AS_DOWNLOAD_OFFER = 16 self.AS_DOWNLOAD_SUCCESS = 32 self.DT_DIALOGUE_NAME = 1 self.DT_SHELLCODEHANDLER_NAME = 2 self.ATYPE = 4 config = amun_config_parser.AmunConfigParser(conffile) self.sensorIP = config.getSingleValue("sensorIP") self.pghost = config.getSingleValue("PGHost") self.pgport = int(config.getSingleValue("PGPort")) self.pguser = config.getSingleValue("PGUser") self.pgpass = config.getSingleValue("PGPass") self.pgdb = config.getSingleValue("PGDB") self.conn = psycopg2.connect( "dbname='%s' user='******' host='%s' password='******' port=%s" % (self.pgdb, self.pguser, self.pghost, self.pgpass, self.pgport)) self.cur = self.conn.cursor() del config except KeyboardInterrupt: raise
def __init__(self): try: self.log_name = "Log Sarcophagus" conffile = "conf/log-sarcophagus.conf" self.config = amun_config_parser.AmunConfigParser(conffile) self.sensor_id = self.config.getSingleValue("sensorID") except KeyboardInterrupt: raise
def __init__(self): try: self.submit_name = "Submit MWPortal" conffile = "conf/submit-mwportal.conf" config = amun_config_parser.AmunConfigParser(conffile) self.token = config.getSingleValue("token") self.mwportalURL = config.getSingleValue("mwportalURL") del config except KeyboardInterrupt: raise Exception("KeyboardError")
def __init__(self): try: self.log_name = "Log Json" conffile = "conf/log-json.conf" config = amun_config_parser.AmunConfigParser(conffile) self.sensorid = config.getSingleValue("sensorid") self.fname = config.getSingleValue("file") del config except KeyboardInterrupt: raise
def __init__(self): try: self.submit_name = "Submit Joebox" self.resultRex = re.compile('page=samdet.*?>(.*?)</a>', re.S) conffile = "conf/submit-joebox.conf" config = amun_config_parser.AmunConfigParser(conffile) self.reportToEmail = config.getSingleValue("reportToEmail") self.joeboxservletURL = config.getSingleValue("joeboxservletURL") del config except KeyboardInterrupt: raise
def __init__(self): try: self.log_name = "Log MySQL" conffile = "conf/log-mysql.conf" config = amun_config_parser.AmunConfigParser(conffile) self.myHost = config.getSingleValue("MySQLHost") self.myUser = config.getSingleValue("MySQLUser") self.myPass = config.getSingleValue("MySQLPass") self.myDB = config.getSingleValue("MySQLDB") del config except KeyboardInterrupt: raise
def __init__(self): try: self.submit_name = "Submit Anubis" conffile = "conf/submit-anubis.conf" config = amun_config_parser.AmunConfigParser(conffile) self.reportToEmail = config.getSingleValue("reportToEmail") self.anubisURL = config.getSingleValue("anubisURL") self.anubisResultURL = config.getSingleValue("anubisResultURL") self.alwaysLog = config.getSingleValue("alwaysLog") del config except KeyboardInterrupt: raise
def __init__(self): try: self.submit_name = "Submit CWSandbox" self.resultRex = re.compile('page=samdet.*?>(.*?)</a>', re.S) self.resultRex2 = re.compile('href=".(page=details.*?)">.*?</a>', re.S) conffile = "conf/submit-cwsandbox.conf" config = amun_config_parser.AmunConfigParser(conffile) self.reportToEmail = config.getSingleValue("reportToEmail") self.cwsandboxURL = config.getSingleValue("cwsandboxURL") del config except KeyboardInterrupt: raise
def __init__(self): try: self.log_name = "log hpfeeds" conffile = "conf/log-hpfeeds.conf" config = amun_config_parser.AmunConfigParser(conffile) self.server = config.getSingleValue("server") self.port = config.getSingleValue("port") self.ident = config.getSingleValue("identifier") self.secret = config.getSingleValue("secret") self.debug = int(config.getSingleValue("debug")) del config except KeyboardInterrupt: raise
def __init__(self): try: self.log_name = "Log eMail" conffile = "conf/log-mail.conf" config = amun_config_parser.AmunConfigParser(conffile) self.smtpServer = config.getSingleValue("smtpServer") self.smtpPort = int(config.getSingleValue("smtpPort")) self.mailFrom = config.getSingleValue("mailFrom") self.mailReplyTo = config.getSingleValue("mailReplyTo") if self.mailReplyTo == "None": self.mailReplyTo = "" self.RecipientList = config.getSingleValue("recipientList").split( ',') if self.RecipientList == "None": self.RecipientList = "" self.mailCCList = config.getSingleValue("mailCCList").split(',') if self.mailCCList == "None": self.mailCCList = "" self.mailBody = config.getSingleValue("mailBody").replace( '\\n', '\n').replace('\\t', '\t') del config except KeyboardInterrupt: raise