示例#1
0
def parse(data, verb):
    data = t.parse(data, verb, zeus)
    #print `data`
    for id in range(20009, 20021) + range(20101, 20204):
        if id in data and id == 20009:
            d = t.string_list(data[id].data)
            data['dns_filter'] = d
            del data[id]

        elif id in data and id == 20010:
            d = t.string_list(data[id].data)
            data['cmds'] = d
            del data[id]
        elif id in data and id == 20011:
            pass

        elif id in data and id == 20012:
            pass
        elif id in data and id == 20013:
            pass
        elif id in data and id == 20014:
            pass

        elif id in data and id == 20015:
            d = data[id].data.strip("\x00")
            data['keyloger'] = d
            del data[id]

        elif id in data and id == 20016:
            d = unpack('I', data[id].data)
            data['keyloger_time'] = d
            del data[id]

        elif id in data and id == 20017:
            pass

        elif id in data and id == 20018:
            d = data[id].data.strip("\x00")
            data['webinj_url'] = d
            del data[id]

        elif id in data and id == 20019:
            pass

        elif id in data and id == 20020:
            d = t.string_list(data[id].data)
            d['httpvip'] = d
            del data[id]

        elif id in data and id == 20101:
            d = unpack('I', data[id].data)
            data['video_length'] = d
            del data[id]

        elif id in data and id == 20102:
            d = unpack('I', data[id].data)
            data['video_qual'] = d
            del data[id]

    return data
示例#2
0
文件: citadel.py 项目: mak/libzpy
def parse(data,verb):
    data = t.parse(data,verb,zeus)
    #print `data`
    for id in range(20009,20021) + range(20101,20204):
        if id in data and id == 20009:
            d = t.string_list(data[id].data)
            data['dns_filter'] =d 
            del data[id]

        elif id in data and id == 20010:
            d = t.string_list(data[id].data)
            data['cmds'] =d 
            del data[id]
        elif id in data and id == 20011:
            pass

        elif id in data and id == 20012:
            pass
        elif id in data and id == 20013:
            pass
        elif id in data and id == 20014:
            pass

        elif id in data and id == 20015:
            d = data[id].data.strip("\x00")
            data['keyloger'] = d
            del data[id]

        elif id in data and id == 20016:
            d = unpack('I',data[id].data)
            data['keyloger_time'] = d
            del data[id]

        elif id in data and id == 20017:
            pass

        elif id in data and id == 20018:
            d = data[id].data.strip("\x00")
            data['webinj_url'] = d
            del data[id]

        elif id in data and id == 20019:
            pass
            
        elif id in data and id == 20020:
            d = t.string_list(data[id].data)
            d['httpvip'] = d
            del data[id]

        elif id in data and id == 20101:
            d = unpack('I',data[id].data)
            data['video_length'] = d
            del data[id]

        elif id in data and id == 20102:
            d = unpack('I',data[id].data)
            data['video_qual' ] =d
            del data[id]

    return data
示例#3
0
文件: chthonic.py 项目: mak/libzpy
def parse(data, verb):
    ret =  t.parse(data, verb, cht)

    for i in data['items']:
        if i.data.startswith("MZ"):
            ret['PE'] = i.data
    return ret
示例#4
0
def parse(data, verb):
    ret = t.parse(data, verb, cht)

    for i in data['items']:
        if i.data.startswith("MZ"):
            ret['PE'] = i.data
    return ret
示例#5
0
文件: zeus.py 项目: threathive/libzpy
def parse(data, verb):
    return t.parse(data, verb, zeus)
示例#6
0
文件: torment.py 项目: mak/libzpy
def parse(data,verb):
    return t.parse(data,verb,zeus)
示例#7
0
def parse(data,verb):
    return t.parse(data,verb,pz)