def main(args): if len(args) != 2: pass else: ds_config, meta_data_file = args if not os.path.exists(ds_config): print >> sys.stderr, "%s does not exists" % ds_config return 1 if os.path.exists(meta_data_file): print >> sys.stderr, "%s already exists, please remove it first" % meta_data_file return 1 if not os.path.exists(os.path.dirname(meta_data_file)): print >> sys.stderr, "dir %s does not exists, please create it first" % os.path.dirname( meta_data_file) return 1 sc = SearchConfiguration(ds_config) sc.get_search_config() sc.parse() for handle in sc.handles: handle.connect() handle.copy_raw_meta_data(meta_data_file, append=True) handle.close() # meta to database doc = Document() doc.clear() with open(meta_data_file) as metadata: reader = csv.reader(metadata) for row in reader: if len(row) > 3: doc.create(row[0], row[1], row[2], row[3]) else: doc.create(row[0], row[1], row[2]) doc.update_filters() doc.close() # database to solr s = Solr() db = Database() db.connect() cursor = db.cursor() cursor.execute("SELECT * FROM documents") datalist = [] for row in cursor.fetchall(): datalist.append({ "universal_id_s": row["universal_id"], "title_s": row["title"], "all_txt_ng": row["keywords"], "path_s": row["path"], }) cursor.close() db.close() s.solr().delete(q="*:*") s.solr().add(datalist) return 0
class Core(object): """ class core """ def __init__(self, malware_path, vt_key): self.malware_path = malware_path self.db = Database(malware_path) Rules.db = self.db self.string_list = None self.vt = Vt(vt_key, self.malware_path) self.ipAddr = IpAddr() self.url = Url() self.cmd = Cmd() self.id = Id() self.path = Path() self.section = Section() self.symbol = Symbol(self.malware_path) self.formatStr = FormatStr() self.msg = Msg() self.undef = Undefined() self.err_bad_path = "[Error] invalide malware file path." self.err_string_recovery = "[Error] string recovery failed." self.err_empty_bin = "[Error] no strings found." def load_strings(self): if not os.path.isfile(self.malware_path): print self.err_bad_path return False try: self.string_list = Parser.strings(self.malware_path) except: print self.err_string_recovery return False if self.string_list is None: print self.err_empty_bin return False return True def print_msa_logo(self): print """ ___ ________ ___ | \/ / ___|/ _ \\ | . . \ `--./ /_\ \\ | |\/| |`--. | _ | | | | /\__/ | | | | \_| |_\____/\_| |_/ """ def run(self): """ Entry point of the MSA functions. :param self: blabla :type self: object :return: If the function success or not. :rtype: Boolean """ self.print_msa_logo() print "File information:" print "-----------------" print "-> path:\t\t" + self.malware_path \ + "\n-> db table:\t\t" + self.db.malware_name print "-> Strings number:\t" + str(len(self.string_list)) + "\n" if self.vt.isActivate() == True: print "Virus total file analysis:" print "--------------------------" self.vt.file_analysis() isValid, error_msg = Parser.isValidBin(self.malware_path) if isValid == False: print error_msg sys.exit(2) print "\nStrings analysis:" print "-----------------" self.string_list = self.symbol.run_analysis(self.string_list) self.string_list = self.url.run_analysis(self.string_list) self.string_list = self.ipAddr.run_analysis(self.string_list) self.string_list = self.cmd.run_analysis(self.string_list) self.string_list = self.id.run_analysis(self.string_list) self.string_list = self.path.run_analysis(self.string_list) self.string_list = self.section.run_analysis(self.string_list) self.string_list = self.formatStr.run_analysis(self.string_list) self.string_list = self.string_list = self.msg.run_analysis( self.string_list) self.undef.run_analysis(self.string_list) print "\nVirus total URLs information:" print "-----------------------------" urls = list(set(self.db.getUrls())) for url in urls: self.vt.url_analysis(url) print "\nVirus total IP addresses information:" print "-------------------------------------" ips = list(set(self.db.getIpAddresses())) for ip in ips: self.vt.ip_analysis(ip) self.db.close() return True
attr_person2 = 'vassarPersonGroups' value_person2 = 'cn=' + str( res[0]) + ',ou=courses,ou=groups,dc=vassar,dc=edu' if res[2].strip() in ['add']: # Do they already exist as a member of this course: res_cn = ldap.search(dn_course, '(uniqueMember=' + value_course + ')', 'cn') if res_cn: db.crosslistreserve('add', value_course, res[0]) else: ldap.modify(dn_course, attr_course, value_course, 'ADD') ldap.modify(dn_person, attr_person1, value_person1, 'ADD') ldap.modify(dn_person, attr_person2, value_person2, 'ADD') if res[2].strip() in ['drop']: # Is this drop in holding: res_crosslist = db.crosslistsearch(value_course, res[0]) if res_crosslist: db.crosslistreserve('remove', value_course, res[0]) else: ldap.modify(dn_course, attr_course, value_course, 'DELETE') ldap.modify(dn_person, attr_person1, value_person1, 'DELETE') ldap.modify(dn_person, attr_person2, value_person2, 'DELETE') #res_cn = ldap.search('cn=MATH-241-01-2018A,ou=courses,ou=groups,dc=vassar,dc=edu','(uniqueMember=uid=isfurman,ou=people,dc=vassar,dc=edu)','uniqueMember') ldap.close() db.close()
class Core(object): """ class core """ def __init__(self, malware_path, vt_key): self.malware_path = malware_path self.db = Database(malware_path) Rules.db = self.db self.string_list = None self.vt = Vt(vt_key, self.malware_path) self.ipAddr = IpAddr() self.url = Url() self.cmd = Cmd() self.id = Id() self.path = Path() self.section = Section() self.symbol = Symbol(self.malware_path) self.formatStr = FormatStr() self.msg = Msg() self.undef = Undefined() self.err_bad_path = "[Error] invalide malware file path." self.err_string_recovery = "[Error] string recovery failed." self.err_empty_bin = "[Error] no strings found." def load_strings(self): if not os.path.isfile(self.malware_path): print self.err_bad_path return False try: self.string_list = Parser.strings(self.malware_path) except: print self.err_string_recovery return False if self.string_list is None: print self.err_empty_bin return False return True def print_msa_logo(self): print """ ___ ________ ___ | \/ / ___|/ _ \\ | . . \ `--./ /_\ \\ | |\/| |`--. | _ | | | | /\__/ | | | | \_| |_\____/\_| |_/ """ def run(self): """ Entry point of the MSA functions. :param self: blabla :type self: object :return: If the function success or not. :rtype: Boolean """ self.print_msa_logo() print "File information:" print "-----------------" print "-> path:\t\t" + self.malware_path \ + "\n-> db table:\t\t" + self.db.malware_name print "-> Strings number:\t" + str(len(self.string_list)) + "\n" if self.vt.isActivate() == True: print "Virus total file analysis:" print "--------------------------" self.vt.file_analysis() isValid, error_msg = Parser.isValidBin(self.malware_path) if isValid == False: print error_msg sys.exit(2) print "\nStrings analysis:" print "-----------------" self.string_list = self.symbol.run_analysis(self.string_list) self.string_list = self.url.run_analysis(self.string_list) self.string_list = self.ipAddr.run_analysis(self.string_list) self.string_list = self.cmd.run_analysis(self.string_list) self.string_list = self.id.run_analysis(self.string_list) self.string_list = self.path.run_analysis(self.string_list) self.string_list = self.section.run_analysis(self.string_list) self.string_list = self.formatStr.run_analysis(self.string_list) self.string_list = self.string_list = self.msg.run_analysis(self.string_list) self.undef.run_analysis(self.string_list) print "\nVirus total URLs information:" print "-----------------------------" urls = list(set(self.db.getUrls())) for url in urls: self.vt.url_analysis(url) print "\nVirus total IP addresses information:" print "-------------------------------------" ips = list(set(self.db.getIpAddresses())) for ip in ips: self.vt.ip_analysis(ip) self.db.close() return True