Python wide_pattern示例

示例#1

def process_search(options):
    search_query = []
    search_query.extend(
        [hex_pattern(val.replace(' ', '')) for val in options.hex])
    search_query.extend(
        [ascii_pattern(val) for lst in options.a for val in lst])
    search_query.extend(
        [wide_pattern(val) for lst in options.w for val in lst])

    result = BINOBJ.search(search_query,
                           limit=options.limit,
                           exact=options.exact,
                           test=options.test)
    if 'error' in result:
        print(Style.BRIGHT + Fore.RED + result['error']['message'])
        return

    if 'stats' in result:
        show_stats_new(result['stats'], options.limit)

    if len(result['results']) == 0:
        return


#    if len(result['results']) >= options.limit:
#        print("Showing top {0} results:".format(options.limit))
#    else:
#        print("Results:")

    show_results(result['results'], pretty_print=options.pretty_print)

示例#2

def query_all_imports(limit, wide):
    query = []
    imps = r2p.cmdj("iij")
    for i in imps:
        n = i['name']
        pos = n.find('.dll_')
        if pos != -1:
            n = n[pos + 5:]
        print n
        if wide:
            query.append(wide_pattern(n))
        else:
            query.append(ascii_pattern(n))
    result = bly.search(query, limit=limit, exact=True)
    if result.has_key('error'):
        print("Error" + result['error']['message'])
        return
    return result

示例#3

def query_all_strings(minlen, limit):
    query = []
    strs = r2p.cmdj("izj")
    for s in strs:
        if s['length'] > minlen:
            msg = base64.b64decode(s['string'])
            print msg
            if s['type'] == 'ascii':
                query.append(ascii_pattern(msg))
            elif s['type'] == 'wide':
                query.append(wide_pattern(msg))
            else:
                print "Unknown/unhandled string type %s" % (s['type'])
    result = bly.search(query, limit=limit, exact=False)
    if result.has_key('error'):
        print("Error" + result['error']['message'])
        return
    return result

示例#4

文件： r2bly.py 项目： Maijin/radare2-extras

def query_all_imports(limit, wide):
	query = []
	imps = r2p.cmdj("iij")
	for i in imps:
		n = i['name']
		pos = n.find('.dll_')
		if pos != -1:
			n = n[pos + 5:]
		print n
		if wide:
			query.append(wide_pattern(n))
		else:
			query.append(ascii_pattern(n))
	result = bly.search(query, limit=limit, exact=True)
	if result.has_key('error'):
		print ("Error" + result['error']['message'])
		return
	return result

示例#5

文件： r2bly.py 项目： Maijin/radare2-extras

def query_all_strings(minlen, limit):
	query = []
	strs = r2p.cmdj("izj")
	for s in strs:
		if s['length'] > minlen:
			msg = base64.b64decode(s['string'])
			print msg
			if s['type'] == 'ascii':
				query.append(ascii_pattern(msg))
			elif s['type'] == 'wide':
				query.append(wide_pattern(msg))
			else:
				print "Unknown/unhandled string type %s"%(s['type'])
	result = bly.search(query, limit=limit, exact=False)
	if result.has_key('error'):
		print ("Error" + result['error']['message'])
		return
	return result

示例#6

文件： binarly_query.py 项目： binarlyhq/binarly-query

def process_search(options):
    search_query = []
    search_query.extend([hex_pattern(val.replace(' ', '')) for val in options.hex])
    search_query.extend([ascii_pattern(val) for lst in options.a for val in lst])
    search_query.extend([wide_pattern(val) for lst in options.w for val in lst])

    result = BINOBJ.search(
        search_query, limit=options.limit, exact=options.exact, test=options.test)
    if 'error' in result:
        print(Style.BRIGHT + Fore.RED + result['error']['message'])
        return

    if 'stats' in result:
        show_stats_new(result['stats'], options.limit)

    if len(result['results']) == 0:
        return

#    if len(result['results']) >= options.limit:
#        print("Showing top {0} results:".format(options.limit))
#    else:
#        print("Results:")

    show_results(result['results'], pretty_print=options.pretty_print)