signal.signal(signal.SIGINT, lambda *_: None) os.setpgid(os.getpid(), os.getpid()) # reset pgid to self so that "complete_shutdown" doesn't run amok else: signal.signal(signal.SIGINT, shutdown) args, config = program_setup(PROGRAM_NAME, PROGRAM_DESCRIPTION) analysis_service = AnalysisScheduler(config=config) tagging_service = TaggingDaemon(analysis_scheduler=analysis_service) unpacking_service = UnpackingScheduler(config=config, post_unpack=analysis_service.start_analysis_of_object, analysis_workload=analysis_service.get_scheduled_workload) compare_service = CompareScheduler(config=config) intercom = InterComBackEndBinding(config=config, analysis_service=analysis_service, compare_service=compare_service, unpacking_service=unpacking_service) work_load_stat = WorkLoadStatistic(config=config) run = True while run: work_load_stat.update(unpacking_workload=unpacking_service.get_scheduled_workload(), analysis_workload=analysis_service.get_scheduled_workload()) if any((unpacking_service.check_exceptions(), compare_service.check_exceptions(), analysis_service.check_exceptions())): break sleep(5) if args.testing: break logging.info('shutdown components') work_load_stat.shutdown() intercom.shutdown() compare_service.shutdown() unpacking_service.shutdown() tagging_service.shutdown() analysis_service.shutdown() if not args.testing: complete_shutdown()
from helperFunctions.config import load_config from subprocess import check_output, CalledProcessError, STDOUT from tempfile import NamedTemporaryFile from os.path import basename from helperFunctions.process import complete_shutdown try: import yara except ImportError: complete_shutdown( "yara-python not found! Please install Yara: pip3 install yara-python") CONFIG_FILE = "main.cfg" class YaraRuleError(Exception): pass class YaraBinarySearchScanner: def __init__(self, config=None): self.matches = [] if config: self.config = config else: self.config = load_config(CONFIG_FILE) self.db_path = self.config['data_storage'][ 'firmware_file_storage_directory'] def _execute_yara_search(self, rule_file_path): """