def main():
# Much much imports :)
updateHandler = Updater
eulaHandler = EULA()
bannerHandler = muchmuchstrings.banners()
terminalHandler = Controller()
def checkresults(array):
if len(array) == 0:
print "No results found\n\n"
sys.exit(1)
def checkargs():
print "Type: " + type_of_mal
print "Lang: " + pl
print "Search: " + search
def filter_array(array, colum, value):
ret_array = [row for row in array if value in row[colum]]
return ret_array
def print_results(array):
# print_results will suprisingly print the results...
answer = array[vars.column_for_uid] + "\t" + array[vars.column_for_name]+ "\t" + array[vars.column_for_version] + "\t\t"
answer += array[vars.column_for_location] + "\t\t" + array[vars.colomn_for_time]
print answer
def getArgvs():
parser = OptionParser()
parser = OptionParser()
parser.add_option("-t", "--type", dest="type_of_mal", default='', help="Type of malware to search. \nFor example botnet,trojan,virus,etc...")
parser.add_option("-l", "--language", dest="lang_of_mal", default='', help="Language of the version of the malware which is in the databse.\nFor example: vbs,vb,c,cpp,bin,etc...")
parser.add_option("-a", "--architecture", dest="arch_of_mal", default='', help="The architecture the malware is intended for.\nFor example: x86,x64,arm7,etc...")
parser.add_option("-p", "--platform", dest="plat_of_mal", default="", help="Platform the malware is inteded for.\nFor example: win32,win64,ios,android,etc...")
parser.add_option("-u", "--update", dest="update_bol", default=0, help="Updates the DB of theZoo.", action="store_true")
parser.add_option("-v", "--version" , dest="ver_bol", default=0, help="Shows version and licensing information.", action="store_true")
parser.add_option("-w", "--license", dest="license_bol", default=0, help="Prints the GPLv3 license information.", action="store_true")
(options, args) = parser.parse_args()
return options
# Here actually starts Main()
# Zeroing everything
type_of_mal = ""
pl = ""
search = ""
new = ""
update = 0
m = [];
f = ""
arguments = getArgvs()
# Checking for EULA Agreement
a = eulaHandler.check_eula_file()
if a == 0:
eulaHandler.prompt_eula()
# Get arguments
# Check if update flag is on
if arguments.update_bol == 1:
a = Updater()
a.update_db()
sys.exit(1)
# Check if version flag is on
if arguments.ver_bol == 1:
print vars.maldb_banner
sys.exit(1)
# Check if license flag is on
if arguments.license_bol == 1:
bannerHandler.print_license()
sys.exit(1)
if ((len(arguments.type_of_mal) > 0) or (len(arguments.arch_of_mal) > 0) or (len(arguments.lang_of_mal) > 0) or (len(arguments.plat_of_mal) > 0)):
# Take index.csv and convert into array m
csvReader = csv.reader(open(vars.main_csv_file, 'rb'), delimiter=',')
for row in csvReader:
m.append(row)
# Filter by type
if len(arguments.type_of_mal) > 0:
m = filter_array(m, vars.column_for_type, arguments.type_of_mal)
# Filter by programming language
if len(arguments.lang_of_mal) > 0:
m = filter_array(m, vars.column_for_plat, arguments.lang_of_mal)
# Filter by architecture
if len(arguments.arch_of_mal) > 0:
m = filter_array(m, vars.column_for_arch, arguments.arch_of_mal)
# Filter by Platform
if len(arguments.plat_of_mal) > 0:
m = filter_array(m, vars.column_for_plat, arguments.plat_of_mal)
i=0
print vars.maldb_banner
print 'ID\tName\t\tType\t\tVersion\t\tLanguage'
print '--\t----\t\t----\t\t-------\t\t--------'
for g in m:
#print 'now'
answer = m[i][vars.column_for_uid]
answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_name]))
answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_type]))
answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_version]))
answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_pl]))
print answer
i=i+1
sys.exit(1)
# Initiate normal run. No arguments given.
os.system('clear')
print vars.maldb_banner
while 1:
terminalHandler.MainMenu()
sys.exit(1)
def MainMenu(self):
if len(self.currentmodule) > 0:
g = int(self.currentmodule) - 1
just_print = self.modules[int(g)][int(globals.vars.column_for_name)]
cmd = raw_input(
globals.bcolors.GREEN + 'mdb ' + globals.bcolors.RED + str(just_print) + globals.bcolors.GREEN + '#> ' + globals.bcolors.WHITE).strip()
else:
cmd = raw_input(globals.bcolors.GREEN + 'mdb ' + globals.bcolors.GREEN + '#> ' + globals.bcolors.WHITE).strip()
try:
while cmd == "":
#print 'no cmd'
self.MainMenu()
if cmd == 'help':
print " Available commands:\n"
for (cmd, desc) in self.commands:
print "\t%s\t%s" % ('{0: <12}'.format(cmd), desc)
print ''
self.MainMenu()
if cmd == 'search':
ar = self.modules
manySearch = manysearches.MuchSearch()
# function to sort by arch
if len(self.arch) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_arch, self.arch)
# function to sort by plat
if len(self.plat) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_plat, self.plat)
# function to sort by lang
if len(self.lang) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_pl, self.lang)
if len(self.type) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_type, self.type)
if len(self.vip) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_vip, self.vip)
printController = manysearches.MuchSearch()
printController.PrintPayloads(ar)
self.MainMenu()
if re.match('^set', cmd):
try:
cmd = re.split('\s+', cmd)
print cmd[1] + ' => ' + cmd[2]
if cmd[1] == 'arch':
self.arch = cmd[2]
if cmd[1] == 'plat':
self.plat = cmd[2]
if cmd[1] == 'lang':
self.lang = cmd[2]
if cmd[1] == 'type':
self.type = cmd[2]
except:
print 'Need to use the set method with two arguments.'
cmd = ''
self.MainMenu()
if cmd == 'show':
if len(self.currentmodule) == 0:
print "No modules have been chosen. Use 'use' command."
if len(self.currentmodule) > 0:
print 'Currently selected Module: ' + self.currentmodule
print '\tarch => ' + str(self.arch)
print '\tplat => ' + str(self.plat)
print '\tlang => ' + str(self.lang)
print '\ttype => ' + str(self.type)
print ''
self.MainMenu()
if cmd == 'exit':
sys.exit(1)
if cmd == 'update-db':
updateHandler = Updater()
updateHandler.get_maldb_ver()
self.MainMenu()
if cmd == 'get':
updateHandler = Updater()
try:
updateHandler.get_malware(self.currentmodule, self.modules)
self.MainMenu()
except:
print globals.bcolors.RED + '[-]' + globals.bcolors.WHITE + 'Error getting malware.'
self.MainMenu()
if re.match('^use', cmd):
try:
cmd = re.split('\s+', cmd)
self.currentmodule = cmd[1]
cmd = ''
except:
print 'The use method needs an argument.'
self.MainMenu()
if cmd == 'back':
print 'im at back - WTF?'
self.arch = ''
self.plat = ''
self.lang = ''
self.type = ''
self.currentmodule = ''
self.MainMenu()
if cmd == 'list all':
print "\nAvailable Payloads:"
array = self.modules
i = 0
print "ID\tName\tType"
print '-----------------'
for element in array:
answer = array[i][globals.vars.column_for_uid]
answer += '\t%s' % ('{0: <12}'.format(array[i][globals.vars.column_for_name]))
answer += '\t%s' % ('{0: <12}'.format(array[i][globals.vars.column_for_type]))
print answer
i=i+1
self.MainMenu()
if cmd == 'quit':
print ":("
sys.exit(1)
except KeyboardInterrupt:
print ("i'll just go now...")
sys.exit()
def MainMenu(self):
if len(self.currentmodule) > 0:
g = int(self.currentmodule) - 1
just_print = self.modules[int(g)][int(globals.vars.column_for_name)]
cmd = raw_input(
globals.bcolors.GREEN
+ "mdb "
+ globals.bcolors.RED
+ str(just_print)
+ globals.bcolors.GREEN
+ "#> "
+ globals.bcolors.WHITE
).strip()
else:
cmd = raw_input(
globals.bcolors.GREEN + "mdb " + globals.bcolors.GREEN + "#> " + globals.bcolors.WHITE
).strip()
try:
while cmd == "":
# print 'no cmd'
self.MainMenu()
if cmd == "help":
print " Available commands:\n"
for (cmd, desc) in self.commands:
print "\t%s\t%s" % ("{0: <12}".format(cmd), desc)
print ""
self.MainMenu()
if cmd == "search":
ar = self.modules
manySearch = manysearches.MuchSearch()
# function to sort by arch
if len(self.arch) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_arch, self.arch)
# function to sort by plat
if len(self.plat) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_plat, self.plat)
# function to sort by lang
if len(self.lang) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_pl, self.lang)
if len(self.type) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_type, self.type)
printController = manysearches.MuchSearch()
printController.PrintPayloads(ar)
self.MainMenu()
if re.match("^set", cmd):
try:
cmd = re.split("\s+", cmd)
print cmd[1] + " => " + cmd[2]
if cmd[1] == "arch":
self.arch = cmd[2]
if cmd[1] == "plat":
self.plat = cmd[2]
if cmd[1] == "lang":
self.lang = cmd[2]
if cmd[1] == "type":
self.type = cmd[2]
except:
print "Need to use the set method with two arguments."
cmd = ""
self.MainMenu()
if cmd == "show":
if len(self.currentmodule) == 0:
print "No modules have been chosen. Use 'use' command."
if len(self.currentmodule) > 0:
print "Currently selected Module: " + self.currentmodule
print "\tarch => " + str(self.arch)
print "\tplat => " + str(self.plat)
print "\tlang => " + str(self.lang)
print "\ttype => " + str(self.type)
print ""
self.MainMenu()
if cmd == "exit":
sys.exit(1)
if cmd == "update-db":
updateHandler = Updater()
updateHandler.get_maldb_ver()
self.MainMenu()
if cmd == "get":
updateHandler = Updater()
try:
updateHandler.get_malware(self.currentmodule, self.modules)
self.MainMenu()
except:
print globals.bcolors.RED + "[-]" + globals.bcolors.WHITE + "Error getting malware."
self.MainMenu()
if re.match("^use", cmd):
try:
cmd = re.split("\s+", cmd)
self.currentmodule = cmd[1]
cmd = ""
except:
print "The use method needs an argument."
self.MainMenu()
if cmd == "back":
print "im at back - WTF?"
self.arch = ""
self.plat = ""
self.lang = ""
self.type = ""
self.currentmodule = ""
self.MainMenu()
if cmd == "list all":
print "\nAvailable Payloads:"
array = self.modules
i = 0
print "ID\tName\tType"
print "-----------------"
for element in array:
answer = array[i][globals.vars.column_for_uid]
answer += "\t%s" % ("{0: <12}".format(array[i][globals.vars.column_for_name]))
answer += "\t%s" % ("{0: <12}".format(array[i][globals.vars.column_for_type]))
print answer
i = i + 1
self.MainMenu()
if cmd == "quit":
print ":("
sys.exit(1)
except KeyboardInterrupt:
print ("i'll just go now...")
sys.exit()
def MainMenu(self):
# This will give you the nice prompt you like to much
if len(self.currentmodule) > 0:
g = int(self.currentmodule) - 1
just_print = self.modules[int(g)][int(
globals.vars.column_for_name)]
cmd = raw_input(globals.bcolors.GREEN + 'mdb ' +
globals.bcolors.RED + str(just_print) +
globals.bcolors.GREEN + '#> ' +
globals.bcolors.WHITE).strip()
else:
cmd = raw_input(globals.bcolors.GREEN + 'mdb ' +
globals.bcolors.GREEN + '#> ' +
globals.bcolors.WHITE).strip()
try:
while cmd == "":
#print 'no cmd'
self.MainMenu()
if cmd == 'help':
print " Available commands:\n"
for (cmd, desc) in self.commands:
print "\t%s\t%s" % ('{0: <12}'.format(cmd), desc)
print ''
self.MainMenu()
if cmd == 'search':
ar = self.modules
manySearch = manysearches.MuchSearch()
# function to sort by arch
if len(self.arch) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_arch,
self.arch)
# function to sort by plat
if len(self.plat) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_plat,
self.plat)
# function to sort by lang
if len(self.lang) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_pl,
self.lang)
if len(self.type) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_type,
self.type)
if len(self.vip) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_vip,
self.vip)
printController = manysearches.MuchSearch()
printController.print_payloads(ar)
self.MainMenu()
if re.match('^set', cmd):
try:
cmd = re.split('\s+', cmd)
print cmd[1] + ' => ' + cmd[2]
if cmd[1] == 'arch':
self.arch = cmd[2]
if cmd[1] == 'plat':
self.plat = cmd[2]
if cmd[1] == 'lang':
self.lang = cmd[2]
if cmd[1] == 'type':
self.type = cmd[2]
except:
print 'Need to use the set method with two arguments.'
cmd = ''
self.MainMenu()
if cmd == 'show':
if len(self.currentmodule) == 0:
print "No modules have been chosen. Use 'use' command."
if len(self.currentmodule) > 0:
print 'Currently selected Module: ' + self.currentmodule
print '\tarch => ' + str(self.arch)
print '\tplat => ' + str(self.plat)
print '\tlang => ' + str(self.lang)
print '\ttype => ' + str(self.type)
print ''
self.MainMenu()
if cmd == 'exit':
sys.exit(1)
if cmd == 'update-db':
updateHandler = Updater()
updateHandler.get_maldb_ver()
self.MainMenu()
if cmd == 'report-mal':
rprt_name = raw_input("Name of malware: ")
rprt_type = raw_input("Type of malware: ")
rprt_version = raw_input("Version: ")
rprt_lang = raw_input("Language: ")
rprt_src = raw_input("Source / Binary (s/b): ")
rprt_arch = raw_input("Win32, ARM etc. ? ")
rprt_reporter = raw_input(
"Your name for a thanks note on theZoo.\nPlease notice that this will be public!\n\nName: "
)
rprt_comments = raw_input("Comments? ")
report = ("//%s//\n" % rprt_name)
report += ("///type/%s///\n" % rprt_type)
report += ("///ver/%s///\n" % rprt_version)
report += ("///lang/%s///\n" % rprt_lang)
report += ("///src/%s///\n" % rprt_src)
report += ("///arch/%s///\n" % rprt_arch)
report += ("//reporter/%s//\n" % rprt_reporter)
report += ("//comments/%s//\n" % rprt_comments)
# Just to avoid bots spamming us...
email = "info"
email += "\x40"
email += "morirt\x2ecom"
print "-------------- Begin of theZoo Report --------------"
print report
print "-------------- Ending of theZoo Report --------------"
print "To avoid compromising your privacy we have chose this method of reporting."
print "If you have not stated your name we will not write a thanks in our README."
print "Your email will remain private in scenario and will not be published."
print ""
print "Please create an archive file with the structure as in the README file"
print "And attach it to the email. "
print("Please send this report to %s" % email)
self.MainMenu()
# 'get' command. Not yet fully operational
if cmd == 'get':
updateHandler = Updater()
try:
updateHandler.get_malware(self.currentmodule, self.modules)
self.MainMenu()
except:
print globals.bcolors.RED + '[-]' + globals.bcolors.WHITE + 'Error getting malware.'
self.MainMenu()
# If used the 'use' command
if re.match('^use', cmd):
try:
cmd = re.split('\s+', cmd)
self.currentmodule = cmd[1]
cmd = ''
except:
print 'The use method needs an argument.'
self.MainMenu()
# Rests all current data
if cmd == 'back':
self.arch = ''
self.plat = ''
self.lang = ''
self.type = ''
self.currentmodule = ''
self.MainMenu()
if cmd == 'list all':
print "\nAvailable Payloads:"
array = self.modules
i = 0
print "ID\tName\tType"
print '-----------------'
for element in array:
answer = array[i][globals.vars.column_for_uid]
answer += '\t%s' % ('{0: <12}'.format(
array[i][globals.vars.column_for_name]))
answer += '\t%s' % ('{0: <12}'.format(
array[i][globals.vars.column_for_type]))
print answer
i = i + 1
self.MainMenu()
if cmd == 'quit':
print ":("
sys.exit(1)
except KeyboardInterrupt:
print("i'll just go now...")
sys.exit()
def MainMenu(self):
# This will give you the nice prompt you like to much
if len(self.currentmodule) > 0:
g = int(self.currentmodule) - 1
just_print = self.modules[int(g)][int(globals.vars.column_for_name)]
cmd = raw_input(
globals.bcolors.GREEN + 'mdb ' + globals.bcolors.RED + str(
just_print) + globals.bcolors.GREEN + '#> ' + globals.bcolors.WHITE).strip()
else:
cmd = raw_input(
globals.bcolors.GREEN + 'mdb ' + globals.bcolors.GREEN + '#> ' + globals.bcolors.WHITE).strip()
try:
while cmd == "":
#print 'no cmd'
self.MainMenu()
if cmd == 'help':
print " Available commands:\n"
for (cmd, desc) in self.commands:
print "\t%s\t%s" % ('{0: <12}'.format(cmd), desc)
print ''
self.MainMenu()
if cmd == 'search':
ar = self.modules
manySearch = manysearches.MuchSearch()
# function to sort by arch
if len(self.arch) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_arch, self.arch)
# function to sort by plat
if len(self.plat) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_plat, self.plat)
# function to sort by lang
if len(self.lang) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_pl, self.lang)
if len(self.type) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_type, self.type)
if len(self.vip) > 0:
ar = manySearch.sort(ar, globals.vars.column_for_vip, self.vip)
printController = manysearches.MuchSearch()
printController.print_payloads(ar)
self.MainMenu()
if re.match('^set', cmd):
try:
cmd = re.split('\s+', cmd)
print cmd[1] + ' => ' + cmd[2]
if cmd[1] == 'arch':
self.arch = cmd[2]
if cmd[1] == 'plat':
self.plat = cmd[2]
if cmd[1] == 'lang':
self.lang = cmd[2]
if cmd[1] == 'type':
self.type = cmd[2]
except:
print 'Need to use the set method with two arguments.'
cmd = ''
self.MainMenu()
if cmd == 'show':
if len(self.currentmodule) == 0:
print "No modules have been chosen. Use 'use' command."
if len(self.currentmodule) > 0:
print 'Currently selected Module: ' + self.currentmodule
print '\tarch => ' + str(self.arch)
print '\tplat => ' + str(self.plat)
print '\tlang => ' + str(self.lang)
print '\ttype => ' + str(self.type)
print ''
self.MainMenu()
if cmd == 'exit':
sys.exit(1)
if cmd == 'update-db':
updateHandler = Updater()
updateHandler.get_maldb_ver()
self.MainMenu()
if cmd == 'report-mal':
rprt_name = raw_input("Name of malware: ")
rprt_type = raw_input("Type of malware: ")
rprt_version = raw_input("Version: ")
rprt_lang = raw_input("Language: ")
rprt_src = raw_input("Source / Binary (s/b): ")
rprt_arch = raw_input("Win32, ARM etc. ? ")
rprt_reporter = raw_input("Your name for a thanks note on theZoo.\nPlease notice that this will be public!\n\nName: ")
rprt_comments = raw_input("Comments? ")
report = ("//%s//\n" % rprt_name)
report += ("///type/%s///\n" % rprt_type)
report += ("///ver/%s///\n" % rprt_version)
report += ("///lang/%s///\n" % rprt_lang)
report += ("///src/%s///\n" % rprt_src)
report += ("///arch/%s///\n" % rprt_arch)
report += ("//reporter/%s//\n" % rprt_reporter)
report += ("//comments/%s//\n" % rprt_comments)
# Just to avoid bots spamming us...
email = "info"
email += "\x40"
email += "morirt\x2ecom"
print "-------------- Begin of theZoo Report --------------"
print report
print "-------------- Ending of theZoo Report --------------"
print "To avoid compromising your privacy we have chose this method of reporting."
print "If you have not stated your name we will not write a thanks in our README."
print "Your email will remain private in scenario and will not be published."
print ""
print "Please create an archive file with the structure as in the README file"
print "And attach it to the email. "
print("Please send this report to %s" % email)
self.MainMenu()
# 'get' command. Not yet fully operational
if cmd == 'get':
updateHandler = Updater()
try:
updateHandler.get_malware(self.currentmodule, self.modules)
self.MainMenu()
except:
print globals.bcolors.RED + '[-]' + globals.bcolors.WHITE + 'Error getting malware.'
self.MainMenu()
# If used the 'use' command
if re.match('^use', cmd):
try:
cmd = re.split('\s+', cmd)
self.currentmodule = cmd[1]
cmd = ''
except:
print 'The use method needs an argument.'
self.MainMenu()
# Rests all current data
if cmd == 'back':
self.arch = ''
self.plat = ''
self.lang = ''
self.type = ''
self.currentmodule = ''
self.MainMenu()
if cmd == 'list all':
print "\nAvailable Payloads:"
array = self.modules
i = 0
print "ID\tName\tType"
print '-----------------'
for element in array:
answer = array[i][globals.vars.column_for_uid]
answer += '\t%s' % ('{0: <12}'.format(array[i][globals.vars.column_for_name]))
answer += '\t%s' % ('{0: <12}'.format(array[i][globals.vars.column_for_type]))
print answer
i = i + 1
self.MainMenu()
if cmd == 'quit':
print ":("
sys.exit(1)
except KeyboardInterrupt:
print ("i'll just go now...")
sys.exit()