def main(): try: signal.signal(signal.SIGPIPE, signal.SIG_DFL) except AttributeError: # Windows pass # set_encoding() options = parse_opts() if options['debug']: logger = logging.getLogger() if options['debug'] == 3: logger.setLevel(pan.wfapi.DEBUG3) elif options['debug'] == 2: logger.setLevel(pan.wfapi.DEBUG2) elif options['debug'] == 1: logger.setLevel(pan.wfapi.DEBUG1) # log_format = '%(levelname)s %(name)s %(message)s' log_format = '%(message)s' handler = logging.StreamHandler() formatter = logging.Formatter(log_format) handler.setFormatter(formatter) logger.addHandler(handler) if options['cafile'] or options['capath'] or options['ssl']: ssl_context = create_ssl_context(options['cafile'], options['capath'], options['ssl']) else: ssl_context = None try: wfapi = pan.wfapi.PanWFapi(tag=options['tag'], api_key=options['api_key'], hostname=options['hostname'], timeout=options['timeout'], http=options['http'], ssl_context=ssl_context) except pan.wfapi.PanWFapiError as msg: print('pan.wfapi.PanWFapi:', msg, file=sys.stderr) sys.exit(1) if options['debug'] > 2: print('wfapi.__str__()===>\n', wfapi, '\n<===', sep='', file=sys.stderr) try: hashes = process_hashes(options['hash']) if options['submit'] is not None: action = 'submit' kwargs = {} if os.path.isfile(options['submit']): kwargs['file'] = options['submit'] else: o = urlparse(options['submit']) if options['debug']: print(o, file=sys.stderr) if o.scheme == 'file': if o.path and os.path.isfile(o.path): kwargs['file'] = o.path else: print('Invalid URL: file not found:', options['submit'], file=sys.stderr) sys.exit(1) else: if o.scheme in ['http', 'https', 'ftp']: kwargs['url'] = options['submit'] else: print('Invalid file or URL:', options['submit'], file=sys.stderr) sys.exit(1) wfapi.submit(**kwargs) print_status(wfapi, action) print_response(wfapi, options) if options['submit-link'] is not None: action = 'submit' kwargs = {} kwargs['links'] = process_arg(options['submit-link'], list=True) wfapi.submit(**kwargs) print_status(wfapi, action) print_response(wfapi, options) if options['change-request']: action = 'change-request' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] if options['new-verdict'] is not None: kwargs['verdict'] = process_verdict(options['new-verdict']) if options['email'] is not None: kwargs['email'] = options['email'] if options['comment'] is not None: kwargs['comment'] = process_arg(options['comment']) wfapi.change_request(**kwargs) print_status(wfapi, action) print_response(wfapi, options) if options['report']: action = 'report' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] if options['format'] is not None: kwargs['format'] = options['format'] wfapi.report(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['verdict']: kwargs = {} if len(hashes) == 1: action = 'verdict' kwargs['hash'] = hashes[0] wfapi.verdict(**kwargs) elif len(hashes) > 1: action = 'verdicts' kwargs['hashes'] = hashes wfapi.verdicts(**kwargs) else: action = 'verdict' wfapi.verdict(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['sample']: action = 'sample' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] wfapi.sample(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['pcap']: action = 'pcap' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] if options['platform'] is not None: kwargs['platform'] = options['platform'] wfapi.pcap(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['changed']: action = 'verdicts_changed' kwargs = {} if options['date'] is not None: kwargs['date'] = options['date'] try: x = int(options['date']) except ValueError: pass else: if x < 1: d = date.today() d = d - timedelta(-x) kwargs['date'] = d.isoformat() if options['debug']: print('relative date(%d): %s' % (x, kwargs['date']), file=sys.stderr) wfapi.verdicts_changed(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['testfile']: action = 'testfile' wfapi.testfile(options['type']) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) except pan.wfapi.PanWFapiError as msg: print_status(wfapi, action, msg) print_response(wfapi, options) sys.exit(1) sys.exit(0)
def main(): try: signal.signal(signal.SIGPIPE, signal.SIG_DFL) except AttributeError: # Windows pass # set_encoding() options = parse_opts() if options['debug']: logger = logging.getLogger() if options['debug'] == 3: logger.setLevel(pan.wfapi.DEBUG3) elif options['debug'] == 2: logger.setLevel(pan.wfapi.DEBUG2) elif options['debug'] == 1: logger.setLevel(pan.wfapi.DEBUG1) # log_format = '%(levelname)s %(name)s %(message)s' log_format = '%(message)s' handler = logging.StreamHandler() formatter = logging.Formatter(log_format) handler.setFormatter(formatter) logger.addHandler(handler) try: wfapi = pan.wfapi.PanWFapi(tag=options['tag'], api_key=options['api_key'], hostname=options['hostname'], timeout=options['timeout'], http=options['http'], cacloud=options['cacloud'], cafile=options['cafile'], capath=options['capath']) except pan.wfapi.PanWFapiError as msg: print('pan.wfapi.PanWFapi:', msg, file=sys.stderr) sys.exit(1) if options['debug'] > 2: print('wfapi.__str__()===>\n', wfapi, '\n<===', sep='', file=sys.stderr) try: hashes = process_hashes(options['hash']) if options['submit'] is not None: action = 'submit' kwargs = {} if os.path.isfile(options['submit']): kwargs['file'] = options['submit'] else: o = urlparse(options['submit']) if options['debug']: print(o, file=sys.stderr) if o.scheme == 'file': if o.path and os.path.isfile(o.path): kwargs['file'] = o.path else: print('Invalid URL: file not found:', options['submit'], file=sys.stderr) sys.exit(1) else: if o.scheme in ['http', 'https', 'ftp']: kwargs['url'] = options['submit'] else: print('Invalid file or URL:', options['submit'], file=sys.stderr) sys.exit(1) wfapi.submit(**kwargs) print_status(wfapi, action) print_response(wfapi, options) if options['submit-link'] is not None: action = 'submit' kwargs = {} kwargs['links'] = process_arg(options['submit-link'], list=True) wfapi.submit(**kwargs) print_status(wfapi, action) print_response(wfapi, options) if options['change-request']: action = 'change-request' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] if options['new-verdict'] is not None: kwargs['verdict'] = process_verdict(options['new-verdict']) if options['email'] is not None: kwargs['email'] = options['email'] if options['comment'] is not None: kwargs['comment'] = process_arg(options['comment']) wfapi.change_request(**kwargs) print_status(wfapi, action) print_response(wfapi, options) if options['report']: action = 'report' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] if options['format'] is not None: kwargs['format'] = options['format'] wfapi.report(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['verdict']: kwargs = {} if len(hashes) == 1: action = 'verdict' kwargs['hash'] = hashes[0] wfapi.verdict(**kwargs) elif len(hashes) > 1: action = 'verdicts' kwargs['hashes'] = hashes wfapi.verdicts(**kwargs) else: action = 'verdict' wfapi.verdict(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['sample']: action = 'sample' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] wfapi.sample(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['pcap']: action = 'pcap' kwargs = {} if len(hashes) > 1: print('Only 1 hash allowed for %s' % action, file=sys.stderr) sys.exit(1) if len(hashes) == 1: kwargs['hash'] = hashes[0] if options['platform'] is not None: kwargs['platform'] = options['platform'] wfapi.pcap(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['changed']: action = 'verdicts_changed' kwargs = {} if options['date'] is not None: kwargs['date'] = options['date'] try: x = int(options['date']) except ValueError: pass else: if x < 1: d = date.today() d = d - timedelta(-x) kwargs['date'] = d.isoformat() if options['debug']: print('relative date(%d): %s' % (x, kwargs['date']), file=sys.stderr) wfapi.verdicts_changed(**kwargs) print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) if options['testfile']: action = 'testfile' wfapi.testfile() print_status(wfapi, action) print_response(wfapi, options) save_file(wfapi, options) except pan.wfapi.PanWFapiError as msg: print_status(wfapi, action, msg) print_response(wfapi, options) sys.exit(1) sys.exit(0)
password=redisauth) r.ping() except redis.ConnectionError as e: print('Can not connect to Redis on ' + redishost + ': ' + repr(e)) sys.exit(1) print("======== Redis Verdict Change Updater ========\n") try: kwargs = {} if delta > 0: d = date.today() d = d - timedelta(delta) kwargs["date"] = d.isoformat() wfapi.verdicts_changed(**kwargs) if wfapi.xml_element_root is None: sys.exit(0) elem = wfapi.xml_element_root nelem = len(wfapi.xml_element_root.getchildren()) print("Changed verdicts from %s: %d" % (kwargs["date"], nelem), file=sys.stderr) cont = 0 for child in elem: for verdict in child: if verdict.tag == 'sha256': key = verdict.text if verdict.tag == 'verdict': kvalue = verdict.text