Python LabFileの例

プログラミング言語: Python

名前空間/パッケージ名: bph.core.sample

クラス/型: LabFile

hotexamples.comのコード掲載数: 14

Python LabFile - 14件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたPythonのbph.core.sample.LabFileの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

よく使われるメソッド

表示非表示

LabFile(14)

よく使われるメソッド

LabFile (14)

コード例 #1

ファイルを表示

from bph.tools.windows.nircmd import BphNirCmd as NirCmd
from bph.tools.windows.procmon import BphProcMon as ProcMon

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

procmon = ProcMon()
procmon.capture()
procmon.execute(delay=10)         

sample_exec = NirCmd(LabFile(session.launcher_abs_path))
sample_exec.configuration.execution.background_run = False
sample_exec.start_process(program='@sample@')
sample_exec.execute()

procmon.terminate()
procmon.execute(delay=15)

procmon.export()
procmon.execute(delay=10)

procmon.files()

コード例 #2

ファイルを表示

ファイル: exeinfope.py プロジェクト: ryanbekabe/ips-bph-framework

# Tool imports
from bph.tools.windows.exeinfope import BphExeInfoPe as ExeInfoPe

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

sample_file = LabFile(session.launcher_abs_path)

exeinfope = ExeInfoPe(sample_file)
exeinfope.default()
exeinfope.execute()
exeinfope.output()

コード例 #3

ファイルを表示

# Tool imports
from bph.tools.windows.xorstrings import BphXorStrings as XorStrings

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

xorstrings = XorStrings(LabFile(session.launcher_abs_path))
xorstrings.search_xored()
xorstrings.execute()
xorstrings.output()
xorstrings.files()

コード例 #4

ファイルを表示

ファイル: reshacker.py プロジェクト: ryanbekabe/ips-bph-framework

# Tool Imports
from bph.tools.windows.resourcehacker import BphResourceHacker as ResourceHacker

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

reshacker = ResourceHacker(LabFile(session.launcher_abs_path))
reshacker.extract_resources()
reshacker.execute()
reshacker.files()

コード例 #5

ファイルを表示

# Tool Imports
from bph.tools.windows.ollydbg import BphOllyDbg as OllyDbg

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

ollydbg = OllyDbg(LabFile(session.launcher_abs_path))
ollydbg.configuration.execution.background_run = True
ollydbg.ollyscript(ollyscript_file_name='msg.osc')
ollydbg.execute()

コード例 #6

ファイルを表示

ファイル: bintext.py プロジェクト: ryanbekabe/ips-bph-framework

# Tool Imports
from bph.tools.windows.bintext import BphBinText as BinText

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

bintext = BinText(LabFile(session.launcher_abs_path))
bintext.default()
bintext.execute(delay=3)
bintext.output()
bintext.files()

コード例 #7

ファイルを表示

ファイル: pestudio.py プロジェクト: ryanbekabe/ips-bph-framework

# Tool Imports
from bph.tools.windows.pestudio import BphPeStudio as PeStudio

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

pestudio = PeStudio(LabFile(session.launcher_abs_path))
pestudio.default()
pestudio.execute()
pestudio.files()

コード例 #8

ファイルを表示

ファイル: floss.py プロジェクト: ryanbekabe/ips-bph-framework

# Tool imports
from bph.tools.windows.floss import BphFloss as Floss

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

floss = Floss(LabFile(session.launcher_abs_path))
floss.search()
floss.execute()
floss.output()

コード例 #9

ファイルを表示

from bph.tools.windows.pd import BphPd as Pd
from bph.tools.windows.dumppe import BphDumpPE as DumpPE

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

sample_exec = NirCmd(LabFile(session.launcher_abs_path))
sample_exec.configuration.execution.background_run = True
sample_exec.start_process(program='@sample@')
sample_exec.execute()

pd = Pd()
pd.dump_process(process_name='@sample_filename@')
pd.execute(delay=5)

files_found = pd.files()

for file_found in files_found:
    dumped_file = LabFile(file_found)
    print("[+] dumped file: {} md5: {}".format(
        file_found.split('__')[-1], dumped_file.md5))

コード例 #10

ファイルを表示

ファイル: pd_calc_imports.py プロジェクト: ryanbekabe/ips-bph-framework

from bph.core.sample import BphLabFile as LabFile
from bph.core.session import BphSession as Session

session = Session(project_name='blackhat_arsenal_2019')
session.start()

templateserver = TemplateServer()
templateserver.start()

nircmd = NirCmd()
nircmd.start_process(program=r'calc.exe')
nircmd.execute(delay=3)

pd = Pd()
pd.dump_process(process_name='calc.exe')
pd.execute(delay=5)

files_found = pd.files()

for file_found in files_found:
    if file_found.endswith('.exe'):

        dumped_file = LabFile(file_found)

        for symbol, function_data in dumped_file.symbols(
                type='imports').items():
            print(symbol)

            for data in function_data:
                print(data)

コード例 #11

ファイルを表示

# Core Imports
from bph.core.sample import BphLabFile as LabFile

sample = LabFile(
    '/home/bph/bph-framework/session/blackhat_arsenal_2019/launcher/bph_upx.exe'
)

print(f"""
  Sample Data:
    
    Absolute Path:\t {sample.abs_path}

    Base Path:\t {sample.path}

    File Name:\t {sample.file_name}

    md5 Hash:\t {sample.md5}

    Imported Symbols:\t {sample.symbols(type='imports').keys()}

    Imported Functions w/symbols:\t {sample.symbols(type='imports').items()}
""")

コード例 #12

ファイルを表示

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

import re

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

sample_file = LabFile(session.launcher_abs_path)

exeinfope = ExeInfoPe(sample_file)
exeinfope.default()
exeinfope.execute()

sig_match = re.search(r'(upx.*3.91.*)', "".join(exeinfope.output()), re.I)

if sig_match:
    print("SAMPLE IS UPX PACKED => VERSION 3.91. DECOMPRESSING...")

    for symbol, function_data in sample_file.symbols(type='imports').items():
        print(symbol)

        for data in function_data:
            print(data)

コード例 #13

ファイルを表示

ファイル: dumppe.py プロジェクト: ryanbekabe/ips-bph-framework

# Tool Modules
from bph.tools.windows.dumppe import BphDumpPE as DumpPE

# Core Modules
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

dumppe = DumpPE(LabFile(session.launcher_abs_path))
dumppe.default()
dumppe.execute()
dumppe.output()
dumppe.files()

コード例 #14

ファイルを表示

# Tool imports
from bph.tools.windows.xorsearch import BphXorSearch as XorSearch

# Core Imports
from bph.core.server.template import BphTemplateServer as TemplateServer
from bph.core.session import BphSession as Session
from bph.core.sample import BphLabFile as LabFile

session = Session(project_name='blackhat_arsenal_2019')
session.start()
session.set_launcher(move_sample=False)

templateserver = TemplateServer()
templateserver.start()

xorsearch = XorSearch(LabFile(session.launcher_abs_path))
xorsearch.search_www()
xorsearch.execute()
xorsearch.output()
xorsearch.files()