import json import logging import os from pastehunter.common import parse_config logger = logging.getLogger('pastehunter') config = parse_config() class JsonOutput(): def __init__(self): base_path = config['outputs']['json_output']['output_path'] self.json_path = base_path if not os.path.exists(base_path): try: os.makedirs(base_path) self.test = True except OSError as e: logger.error("Unable to create Json Path: {0}".format(e)) self.test = False else: self.test = True def store_paste(self, paste_data): if not config['outputs']['json_output']['store_raw']: del paste_data['raw_paste'] if self.test: json_file = os.path.join(self.json_path, str(paste_data['pasteid'])) with open(json_file, 'w') as out:
import hashlib import importlib import gzip import logging from base64 import b64decode # This gets the raw paste and the paste_data json object from pastehunter.common import parse_config conf = parse_config() logger = logging.getLogger('pastehunter') def run(results, raw_paste_data, paste_object): ''' ToDo: Lets look at multiple base64 streams for now only accept if the entire paste is # Figure out which b64 rule fire # The base64 re can hang on occasion with this one # b64_re = '(?:[A-Za-z0-9+/]{4}){2,}(?:[A-Za-z0-9+/]{2}[AEIMQUYcgkosw048]=|[A-Za-z0-9+/][AQgw]==)' # This one has a few empty results i need to catch but doesn't kill pastehunter b64_re = '(?:[A-Za-z0-9+/]{4}){3,}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?' b64_strings = re.findall(b64_re, raw_paste_data) # Set a counter for multiple streams. counter = 0