Python Manager.add_block_by_hash_ruleの例

コード例 #1

ファイル: block_filehash.py プロジェクト: leaderdevops/DevOps

'''

username, password, tenant = utils.parse_dsas_crendentials()
dsm = Manager(username=username, password=password, tenant=tenant)

rules = dsm.list_block_by_hash_rules(
)  # returns json object representing list of Block by Hash Rules

print(rules)
# How to get the sha256 has of a file on a mac: shasum -a 256 test.sh

# adds new block by hash rule. based on sha256 file hash.
# The blacklist rules are then applied and enforced on any agent that has AppControl turned on.
dsm.add_block_by_hash_rule(
    "3c65c5bf26a8cb8912387e5f28c4b6192699185b70084739f4fcbe4200bc413c",
    "Block test.sh File")

dsm.delete_block_by_hash_rule(1)  #deletes block by hash rule by rule id

dsm.end_session()

# ssh to host
# wget https://www.dropbox.com/s/icw8fnkufexetuo/test.sh
# chmod 755 test.sh
# ./test.sh

# run this script then try again
# ./test.sh

コード例 #2

ファイル: block_by_hash_sec_automation.py プロジェクト: SecurityForCloudBuilders/DS-Block-by-Hash-File-Automation

	print('3 - Delete File Hash by hash')
	print('4 - Delete File Hash by text file')
	print('5 - List File Hash')
	print('6 - Close the session' + '\n')
	print ("##########################################################################################################################" + '\n')
	case = int(input("Please enter with one option: "))


	if (case == 1):
		with open('add_file_hash.txt') as f:
   			hashes = f.readlines()	
		for info in hashes:
			info = info.split('\0')[0].strip()
			print (info)
			hash,description = info.split(' - ')
			detail = json.dumps(dsm.add_block_by_hash_rule(hash, description))
			message = json.loads(detail)
			print (message)
			print ('\n')
		
		input("Press Enter to continue...")
		print ("\n" * 100)
		
		case = 0

	elif case == 2:
		data = dsm.list_block_by_hash_rules()
		data = data['DescribeGlobalRulesetResponse']['ruleset']['rules']
		hash = str(input("Pleas enter the hash that you would like to search: "))
		for into in data:
			if (into['sha256']) == hash:

コード例 #3

ファイル: block_by_hash.py プロジェクト: henryar/DSP3

from dsp3.models.manager import Manager

dsm = Manager(username="******",
              password="******",
              host="127.0.0.1",
              port="4119")

rules = dsm.list_block_by_hash_rules(
)  # returns json object representing list of Block by Hash Rules

# adds new block by hash rule. based on sha256 file hash.
# The blacklist rules are then applied and enforced on any agent that has AppControl turned on.
dsm.add_block_by_hash_rule(
    "0143f7ba86d17cabdfffdc5247362871ba35ffd431f2c3d314a09b8c568b692a",
    "Block test.sh File")
dsm.delete_block_by_hash_rule(1)  #deletes block by hash rule by rule id

dsm.end_session()