def test_get_md5_float(self): data = 1.056 # correct value calculated by # $ md5 -s 100500 # MD5 ("100500") = e745a6bad4ffe5a1b35aac134ea148c7 self.assertEqual( get_md5(data).hexdigest(), "a50a79a1862f5ae748ed507f45f244bc")
def test_get_md5_int(self): data = 100500 # correct value calculated by # $ md5 -s 100500 # MD5 ("100500") = e745a6bad4ffe5a1b35aac134ea148c7 self.assertEqual( get_md5(data).hexdigest(), "e745a6bad4ffe5a1b35aac134ea148c7")
def test_get_md5_str(self): data = "a" # correct value calculated by # $ md5 -s a # MD5 ("a") = 0cc175b9c0f1b6a831c399e269772661 self.assertEqual( get_md5(data).hexdigest(), "0cc175b9c0f1b6a831c399e269772661")
def test_get_md5_dict_deep(self): data = { "c": ["ba", "bu", "nm"], "a": 100500, "b": { "c": ["ba", "bu", "nm"], "a": { "c": { "c": ["ba", "bu", "nm"], "a": 100500, "b": { "c": ["ba", "bu", "nm"], "a": 100500, "b": 1056, }, }, "a": 100500, "b": 1056, }, "b": 1056, } } # note, different key order, but same digest as above self.assertEqual( get_md5(data).hexdigest(), "e0614921e306095859c904e487c29f17")
def test_get_md5_dict_2(self): data = { "c": ["ba", "bu", "nm"], "a": 100500, "b": 1056, } # note, different key order, but same digest as above self.assertEqual( get_md5(data).hexdigest(), "e17234cd2697951f7e0116945d11d824")
def upload_form(request): if request.method == 'POST': form = UploadFileForm(request.POST, request.FILES) if form.is_valid(): # handle_uploaded_file(request.FILES['file']) # newsample = Sample(sample = request.FILES['sample']) f = request.FILES['sample'] newsample = Sample( sample = f, ticket = request.POST['ticket'], filename = f.name, size = f.size, # type = f.content_type, type = handler.get_filetype(f), md5 = handler.get_md5(f), sha1 = handler.get_sha1(f), sha256 = handler.get_sha256(f), fuzzy = handler.get_fuzzy(f), ) #breakdebug newsample.save() #Do post-processing stuff here s = Sample.objects.filter().order_by('-id')[0] #s.exif = handler.get_exif(s.sample).encode('ascii', errors='replace') #s.exif = unicode(handler.get_exif(s.sample)) s.exif = handler.get_exif(s.sample) s.strings = handler.get_strings(s.sample) s.balbuzard = handler.get_balbuzard(s.sample) s.trid = handler.get_trid(s.sample) #SSDEEP/Fuzzy hash comparison s.ssdeep_compare = handler.ssdeep_compare(s.fuzzy, s.md5) #VirusTotal Search vt_res, vt_short_res = handler.get_vt(s.md5) if vt_res: s.vt = vt_res s.vt_short = vt_short_res #If EXE file, run EXE-specific checks if "PE32" and "Windows" in s.type: s.peframe = handler.get_peframe(s.sample) s.pescanner = handler.get_pescanner(s.sample) #If PDF file, run PDF-specific checks if "PDF" in s.type: s.pdfid = handler.get_pdfid(s.sample) s.peepdf = handler.get_peepdf(s.sample) s.pdf_strings = handler.get_pdfstrings(s.sample) #If DOC file, run DOC-specific checks if "Document File V2" in s.type: s.oleid = handler.get_oleid(s.sample) #If valid OLE file, run OLEMETA olematch = re.compile(r'\|\s+OLE format\s+\|\s+True\s+\|') if olematch.search(s.oleid): s.olemeta = handler.get_olemeta(s.sample) #If VBA code detected, run OLEVBA vbamatch = re.compile(r'\|\s+VBA Macros\s+\|\s+True\s+\|') if vbamatch.search(s.oleid): s.olevba = handler.get_olevba(s.sample) #If RTF file, run RTFOBJ if "Rich Text Format" in s.type: rtfobj, rtflist = handler.get_rtfobj(s.sample) s.rtfobj = rtfobj #If Objects found, run strings/balbuzard against them #REMOVED - TOO RESOURCE-INTENSIVE # if rtflist: # s.rtfobj_str = handler.get_rtfobj_str(rtflist) # s.rtfobj_balbuz = handler.get_rtfobj_balbuz(rtflist) s.save() newpage = "/sanalysis/md5/" + s.md5 + "/?upload=True" return HttpResponseRedirect(newpage) else: form = UploadFileForm() sample = Sample.objects.filter(created__lte=timezone.now()).order_by('-id')[:25] return render(request, 'sanalysis/upload_form.html', {'form': form, 'sample': sample}, context_instance = RequestContext(request)) # return HttpResponseRedirect('/sanalysis/') # return render(request, 'sanalysis/sample_page.html', {'sample': sample, # 'savename': savename, # 'ta_use': ta_use, # 'ta_analyses': ta_analyses, # 'ta_risks': ta_risks, # 'ta_network': ta_network, # 'ta_ips': ta_ips, # 'ta_domains': ta_domains, # 'ta_commands': ta_commands, # 'ta_submit': ta_submit, # 'crits_use': crits_use, # 'crits': crits_dict, # 'crits_submit': crits_submit, }) else: form = UploadFileForm() sample = Sample.objects.filter(created__lte=timezone.now()).order_by('-id')[:25] return render(request, 'sanalysis/upload_form.html', {'form': form, 'sample': sample})
def test_get_md5_dict_1(self): data = {"a": 100500, "b": 1056, "c": ["ba", "bu", "nm"]} self.assertEqual( get_md5(data).hexdigest(), "e17234cd2697951f7e0116945d11d824")
def test_get_md5_list_2(self): data = [100500, "a", 1.056] self.assertEqual( get_md5(data).hexdigest(), "0943aa9c84423613b63eda3c18c02ce8")
def test_get_md5_list_1(self): data = ["a", 100500, 1.056] self.assertEqual( get_md5(data).hexdigest(), "0023ec2e3fef8f649c130f22ea6b7820")