Esempio n. 1
0
def run((md5, options)):
    try:
        # do stuff
        games = options.games.split(',')
        md5 = md5 + '.exe'
        md5res = []
        ipres = []
        for game in games:
            pcapfile = os.path.realpath(os.path.join(options.dir, md5) + '-' + game + '.pcap')
            uniqdomains, uniqips = domainsandips(pcapfile, allips=options.allips)
            if options.whitelist:
                uniqdomains = filter(notwhitelisted, uniqdomains)
                uniqips = filter(notwhitelistedip, uniqips)
            md5res.append(uniqdomains)
            ipres.append(uniqips)

        res = []
        domaincounts = [str(len(x)) for x in md5res]
        domainstrs = [','.join(nonewlines(domains)) for domains in md5res]
        ipcounts = [str(len(x)) for x in ipres]
        ipstrs = [','.join(nonewlines(ips)) for ips in ipres]

        for i in range(len(ipstrs)):
            res.append(ipcounts[i])
            res.append(ipstrs[i])
            res.append(domaincounts[i])
            res.append(domainstrs[i])
        res.insert(0, md5)
        return '\t'.join(res)
    except KeyboardInterrupt as e:
        return 'User interrupt!'
Esempio n. 2
0
def _filterdips(pcappath):
    domains, ips = domainsandips(pcappath)
    return (domains, set(filter(isglobalip, ips)))