def login(self, module='', user='', passwd=''):
if not user: user = '******'
if not passwd: passwd = 'www'
if not module: module = 'www'
self.putline(self.server_protocol_version)
# self.putline('@RSYNCD: 28.0')
# self.protocol_version = 28
resp = self.sendcmd(module)
challenge = resp[resp.find('AUTHREQD ') + 9:]
if self.protocol_version >= 30:
md5 = hashlib.md5()
md5.update(passwd)
md5.update(challenge)
hash = base64.b64encode(md5.digest())
else:
md4 = hashlib.new('md4')
tmp = '\0\0\0\0' + passwd + challenge
md4.update(tmp)
hash = base64.b64encode(md4.digest())
response, number = re.subn(r'=+$', '', hash)
print response
resp = self.sendcmd(user + ' ' + response)
if resp.find('OK') == -1:
raise Error, resp
return resp
def make_md5(data):
"""Make a md5 hash based on``data``.
Specifically, this knows about ``Hunk`` objects, and makes sure
the actual content is hashed.
This is very conservative, and raises an exception if there are
data types that it does not explicitly support. This is because
we had in the past some debugging headaches with the cache not
working for this very reason.
MD5 is faster than sha, and we don't care so much about collisions.
We care enough however not to use hash().
"""
def walk(obj):
if isinstance(obj, (tuple, list)):
for item in obj:
for d in walk(item): yield d
elif isinstance(obj, dict):
for k in sorted(obj.keys()):
for d in walk(k): yield d
for d in walk(obj[k]): yield d
elif isinstance(obj, BaseHunk):
yield obj.data()
elif isinstance(obj, Filter):
yield str(hash(obj))
elif isinstance(obj, (int, basestring)):
yield str(obj)
else:
raise ValueError('Cannot MD5 type %s' % type(obj))
md5 = md5_constructor()
for d in walk(data):
md5.update(d)
return md5.hexdigest()
def login(self, module='', user = '', passwd = ''):
if not user: user = '******'
if not passwd: passwd = 'www'
if not module: module = 'www'
self.putline(self.server_protocol_version)
# self.putline('@RSYNCD: 28.0')
# self.protocol_version = 28
resp = self.sendcmd(module)
challenge = resp[resp.find('AUTHREQD ')+9:]
if self.protocol_version >= 30:
md5=hashlib.md5()
md5.update(passwd)
md5.update(challenge)
hash = base64.b64encode(md5.digest())
else:
md4=hashlib.new('md4')
tmp = '\0\0\0\0' + passwd + challenge
md4.update(tmp)
hash = base64.b64encode(md4.digest())
response, number = re.subn(r'=+$','',hash)
resp = self.sendcmd(user + ' ' + response)
if resp.find('OK') == -1:
raise Error, resp
return resp
def _assemble(nzf, path, dupe):
if os.path.exists(path):
unique_path = get_unique_filename(path)
if dupe:
path = unique_path
else:
renamer(path, unique_path)
fout = open(path, 'ab')
if cfg.quick_check():
md5 = new_md5()
else:
md5 = None
_type = nzf.type
decodetable = nzf.decodetable
for articlenum in decodetable:
sleep(0.001)
article = decodetable[articlenum]
data = ArticleCache.do.load_article(article)
if not data:
logging.info(T('%s missing'), article)
else:
# yenc data already decoded, flush it out
if _type == 'yenc':
fout.write(data)
if md5:
md5.update(data)
# need to decode uu data now
elif _type == 'uu':
data = data.split('\r\n')
chunks = []
for line in data:
if not line:
continue
if line == '-- ' or line.startswith('Posted via '):
continue
try:
tmpdata = binascii.a2b_uu(line)
chunks.append(tmpdata)
except binascii.Error, msg:
# Workaround for broken uuencoders by
# /Fredrik Lundh
nbytes = (((ord(line[0]) - 32) & 63) * 4 + 5) / 3
try:
tmpdata = binascii.a2b_uu(line[:nbytes])
chunks.append(tmpdata)
except binascii.Error, msg:
logging.info('Decode failed in part %s: %s',
article.article, msg)
data = ''.join(chunks)
fout.write(data)
if md5:
md5.update(data)
def _assemble(nzf, path, dupe):
if os.path.exists(path):
unique_path = get_unique_filename(path)
if dupe:
path = unique_path
else:
renamer(path, unique_path)
fout = open(path, 'ab')
if cfg.quick_check():
md5 = new_md5()
else:
md5 = None
_type = nzf.type
decodetable = nzf.decodetable
for articlenum in decodetable:
sleep(0.001)
article = decodetable[articlenum]
data = ArticleCache.do.load_article(article)
if not data:
logging.info(T('%s missing'), article)
else:
# yenc data already decoded, flush it out
if _type == 'yenc':
fout.write(data)
if md5:
md5.update(data)
# need to decode uu data now
elif _type == 'uu':
data = data.split('\r\n')
chunks = []
for line in data:
if not line:
continue
if line == '-- ' or line.startswith('Posted via '):
continue
try:
tmpdata = binascii.a2b_uu(line)
chunks.append(tmpdata)
except binascii.Error, msg:
# Workaround for broken uuencoders by
# /Fredrik Lundh
nbytes = (((ord(line[0]) - 32) & 63) * 4 + 5) / 3
try:
tmpdata = binascii.a2b_uu(line[:nbytes])
chunks.append(tmpdata)
except binascii.Error, msg:
logging.info('Decode failed in part %s: %s', article.article, msg)
data = ''.join(chunks)
fout.write(data)
if md5:
md5.update(data)
def feed(data):
for d in data:
if isinstance(d, list):
feed(d)
elif isinstance(d, Filter):
md5.update("%d" % d.id())
else:
md5.update(str(d))
def feed(data):
for d in data:
if isinstance(d, list):
feed(d)
elif isinstance(d, Filter):
md5.update("%d" % d.id())
else:
md5.update(str(d))
def key(self):
"""Return a key we can use to cache this hunk.
"""
# MD5 is faster than sha, and we don't care so much about collisions.
# We care enough however not to use hash().
md5 = md5_constructor()
md5.update(self.data())
return md5.hexdigest()
def key(self):
"""Return a key we can use to cache this hunk.
"""
# MD5 is faster than sha, and we don't care so much about collisions.
# We care enough however not to use hash().
md5 = md5_constructor()
md5.update(self.data())
return md5.hexdigest()
def md5sum(fname):
md5 = hashlib.md5()
f=open(fname)
while True:
chunk=f.read(8192)
if not len(chunk):
break
md5.update(chunk)
return md5.hexdigest()
def md5sum(fname):
md5 = hashlib.md5()
f = open(fname)
while True:
chunk = f.read(8192)
if not len(chunk):
break
md5.update(chunk)
return md5.hexdigest()
def get_md5(self, content):
md5 = hashlib.md5()
try:
content = unicode(content).encode('utf-8')
except:
pass
md5.update(content)
return md5.hexdigest()
def get_md5(self, content):
md5 = hashlib.md5()
try:
content = unicode(content).encode('utf-8')
except:
pass
md5.update(content)
return md5.hexdigest()
def get_md5(filename, block_size=2 ** 20):
"""Returns an MD5 hash for a filename."""
f = open(filename, 'rb')
md5 = hashlib.md5()
while True:
data = f.read(block_size)
if not data:
break
md5.update(data)
return md5.hexdigest()
def get_file_md5sum(filename):
"""Compute MD5Sum of a file.
:param fileid: Either a filename or a File object.
:returns: md5sum in 32 character hexdigest format.
"""
fd = open(filename)
md5 = hashlib.md5()
for chunk in iter(lambda: fd.read(8192), b''):
md5.update(chunk)
return md5.hexdigest()
def get_file_md5sum(filename):
"""Compute MD5Sum of a file.
:param fileid: Either a filename or a File object.
:returns: md5sum in 32 character hexdigest format.
"""
fd = open(filename)
md5 = hashlib.md5()
for chunk in iter(lambda: fd.read(8192), b''):
md5.update(chunk)
return md5.hexdigest()
def vulPocCheck(task_id, task_name, netloc, pluginInfo, queue):
netloc = [netloc["host"],netloc["port"]]
poc_request = set_request(netloc, pluginInfo)
try:
res = urllib2.urlopen(poc_request, timeout=5)
res_html = res.read(204800)
header = res.headers
except urllib2.HTTPError as e:
header = e.headers
res_html = e.read(204800)
except Exception as e:
return
try:
html_code = get_code(header, res_html).strip()
if html_code and len(html_code) < 12:
res_html = res_html.decode(html_code).encode('utf-8')
except Exception as e:
pass
an_type = pluginInfo['analyzing']
vul_tag = pluginInfo['tag']
analyzingdata = pluginInfo['analyzingdata']
vul_scan_result = {
"tags": "vulTask",
"task_id": task_id,
"task_name": task_name,
"host": netloc[0],
"port": netloc[1],
"queue": queue,
"isvul": False
}
if an_type == 'keyword':
if analyzingdata.encode("utf-8") in res_html:
vul_scan_result["isvul"] = '存在漏洞'
elif an_type == 'regex':
if re.search(analyzingdata, res_html, re.I):
vul_scan_result["isvul"] = '存在漏洞'
elif an_type == 'md5':
md5 = hashlib.md5()
md5.update(res_html)
if md5.hexdigest() == analyzingdata:
vul_scan_result["isvul"] = '存在漏洞'
else:
vul_scan_result["isvul"] = None
getPoolBR().lpush(RedisConfig.VULTASKKEY, json.dumps(vul_scan_result))
def _assemble(nzf, path, dupe):
if os.path.exists(path):
unique_path = get_unique_filename(path)
if dupe:
path = unique_path
else:
renamer(path, unique_path)
fout = open(path, 'ab')
if cfg.quick_check():
md5 = new_md5()
else:
md5 = None
decodetable = nzf.decodetable
for articlenum in decodetable:
# Break if deleted during writing
if nzf.nzo.status is Status.DELETED:
break
# Sleep to allow decoder/assembler switching
sleep(0.001)
article = decodetable[articlenum]
data = ArticleCache.do.load_article(article)
if not data:
logging.info(T('%s missing'), article)
else:
# yenc data already decoded, flush it out
fout.write(data)
if md5:
md5.update(data)
fout.flush()
fout.close()
set_permissions(path)
if md5:
nzf.md5sum = md5.digest()
del md5
return path
def _assemble(nzf, path, dupe):
if os.path.exists(path):
unique_path = get_unique_filename(path)
if dupe:
path = unique_path
else:
renamer(path, unique_path)
fout = open(path, "ab")
if cfg.quick_check():
md5 = new_md5()
else:
md5 = None
decodetable = nzf.decodetable
for articlenum in decodetable:
# Break if deleted during writing
if nzf.nzo.status is Status.DELETED:
break
# Sleep to allow decoder/assembler switching
sleep(0.001)
article = decodetable[articlenum]
data = ArticleCache.do.load_article(article)
if not data:
logging.info(T("%s missing"), article)
else:
# yenc data already decoded, flush it out
fout.write(data)
if md5:
md5.update(data)
fout.flush()
fout.close()
set_permissions(path)
if md5:
nzf.md5sum = md5.digest()
del md5
return path
def get_md5_input_file(input_file):
if not os.path.exists(input_file):
raise Exception('Input file not found at: ' + input_file)
logger.info('Computing md5 sum for: ' + input_file)
# open the file in binary mode
f = open(input_file, 'rb')
chunk_size = 2 ** 20
md5 = hashlib.md5()
# read the input file in 1MB pieces
while True:
chunk = f.read(chunk_size)
if not chunk:
break
md5.update(chunk)
return md5.hexdigest()
def _uuid( *args ):
"""
uuid courtesy of Carl Free Jr:
(http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/213761)
"""
t = long( time.time() * 1000 )
r = long( random.random() * 100000000000000000L )
try:
a = socket.gethostbyname( socket.gethostname() )
except:
# if we can't get a network address, just imagine one
a = random.random() * 100000000000000000L
data = str(t) + ' ' + str(r) + ' ' + str(a) + ' ' + str(args)
md5 = md5.md5()
md5.update(data)
data = md5.hexdigest()
return data
def getHashes(self, block_size=2**8): """ Calculate MD5,SHA-1, SHA-256 hashes of APK input file """ md5 = hashlib.md5() sha1 = hashlib.sha1() sha256 = hashlib.sha256() f = open(self.filename, 'rb') while True: data = f.read(block_size) if not data: break md5.update(data) sha1.update(data) sha256.update(data) return [md5.hexdigest(), sha1.hexdigest(), sha256.hexdigest()]
def _uuid(*args):
"""
uuid courtesy of Carl Free Jr:
(http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/213761)
"""
t = long(time.time() * 1000)
r = long(random.random() * 100000000000000000L)
try:
a = socket.gethostbyname(socket.gethostname())
except:
# if we can't get a network address, just imagine one
a = random.random() * 100000000000000000L
data = str(t) + ' ' + str(r) + ' ' + str(a) + ' ' + str(args)
md5 = md5.md5()
md5.update(data)
data = md5.hexdigest()
return data
def getHashes(self, block_size=2**8):
"""
Calculate MD5,SHA-1, SHA-256
hashes of APK input file
"""
md5 = hashlib.md5()
sha1 = hashlib.sha1()
sha256 = hashlib.sha256()
f = open(self.filename, 'rb')
while True:
data = f.read(block_size)
if not data:
break
md5.update(data)
sha1.update(data)
sha256.update(data)
return [md5.hexdigest(), sha1.hexdigest(), sha256.hexdigest()]
def get_md5_input_file(input_file):
if not os.path.exists(input_file):
raise Exception('Input file not found at: ' + input_file)
logger.info('Computing md5 sum for: ' + input_file)
# open the file in binary mode
f = open(input_file, 'rb')
chunk_size = 2**20
md5 = hashlib.md5()
# read the input file in 1MB pieces
while True:
chunk = f.read(chunk_size)
if not chunk:
break
md5.update(chunk)
return md5.hexdigest()
def ParseFilePacket(f, header):
""" Look up and analyse a FileDesc package """
nothing = None, None
if header != 'PAR2\0PKT':
return nothing
# Length must be multiple of 4 and at least 20
len = struct.unpack('<Q', f.read(8))[0]
if int(len / 4) * 4 != len or len < 20:
return nothing
# Next 16 bytes is md5sum of this packet
md5sum = f.read(16)
# Read and check the data
data = f.read(len - 32)
md5 = new_md5()
md5.update(data)
if md5sum != md5.digest():
return nothing
# The FileDesc packet looks like:
# 16 : "PAR 2.0\0FileDesc"
# 16 : FileId
# 16 : Hash for full file **
# 16 : Hash for first 16K
# 8 : File length
# xx : Name (multiple of 4, padded with \0 if needed) **
# See if it's the right packet and get name + hash
for offset in range(0, len, 8):
if data[offset:offset + 16] == "PAR 2.0\0FileDesc":
hash = data[offset + 32:offset + 48]
filename = data[offset + 72:].strip('\0')
return filename, hash
return nothing
def ParseFilePacket(f, header):
""" Look up and analyse a FileDesc package """
nothing = None, None
if header != 'PAR2\0PKT':
return nothing
# Length must be multiple of 4 and at least 20
len = struct.unpack('<Q', f.read(8))[0]
if int(len/4)*4 != len or len < 20:
return nothing
# Next 16 bytes is md5sum of this packet
md5sum = f.read(16)
# Read and check the data
data = f.read(len-32)
md5 = new_md5()
md5.update(data)
if md5sum != md5.digest():
return nothing
# The FileDesc packet looks like:
# 16 : "PAR 2.0\0FileDesc"
# 16 : FileId
# 16 : Hash for full file **
# 16 : Hash for first 16K
# 8 : File length
# xx : Name (multiple of 4, padded with \0 if needed) **
# See if it's the right packet and get name + hash
for offset in range(0, len, 8):
if data[offset:offset+16] == "PAR 2.0\0FileDesc":
hash = data[offset+32:offset+48]
filename = data[offset+72:].strip('\0')
return filename, hash
return nothing
#-*- coding: UTF-8 -*-
import hashlib
import md5
md5 = hashlib.md5()
md5.update('how to use md5 in python hashlib?')
print md5.hexdigest()
#如果数据量很大,可以分块多次调用update(),最后计算的结果是一样的:
md5 = hashlib.md5()
md5.update('how to use md5 in ')
md5.update('python hashlib?')
print md5.hexdigest()
print '-------------------'
# import hashlib
## 所以使用hashlib一定要每次初始化,不然计算的值不对
m = hashlib.md5()
m.update('a')
print m.hexdigest() # 0cc175b9c0f1b6a831c399e269772661
m = hashlib.md5()
m.update('a')
print m.hexdigest() # 4124bc0a9335c27f086f24ba207a4912
m = hashlib.md5()
m.update('aa')
print m.hexdigest() # 4124bc0a9335c27f086f24ba207a4912
#-*- coding: UTF-8 -*-
import hashlib
import md5
md5 = hashlib.md5()
md5.update('how to use md5 in python hashlib?')
print md5.hexdigest()
#如果数据量很大,可以分块多次调用update(),最后计算的结果是一样的:
md5 = hashlib.md5()
md5.update('how to use md5 in ')
md5.update('python hashlib?')
print md5.hexdigest()
print '-------------------'
# import hashlib
## 所以使用hashlib一定要每次初始化,不然计算的值不对
m = hashlib.md5()
m.update('a')
print m.hexdigest() # 0cc175b9c0f1b6a831c399e269772661
m = hashlib.md5()
m.update('a')
print m.hexdigest() # 4124bc0a9335c27f086f24ba207a4912
m = hashlib.md5()
m.update('aa')
print m.hexdigest() # 4124bc0a9335c27f086f24ba207a4912
def unix_md5_crypt(pw, salt, magic=None):
if magic is None:
magic = MAGIC
# Take care of the magic string if present
if salt[:len(magic)] == magic:
salt = salt[len(magic):]
# salt can have up to 8 characters:
import string
salt = string.split(salt, '$', 1)[0]
salt = salt[:8]
ctx = pw + magic + salt
md5 = hash_md5()
md5.update(pw + salt + pw)
final = md5.digest()
for pl in range(len(pw), 0, -16):
if pl > 16:
ctx = ctx + final[:16]
else:
ctx = ctx + final[:pl]
# Now the 'weird' xform (??)
i = len(pw)
while i:
if i & 1:
ctx = ctx + chr(0) #if ($i & 1) { $ctx->add(pack("C", 0)); }
else:
ctx = ctx + pw[0]
i = i >> 1
md5 = hash_md5()
md5.update(ctx)
final = md5.digest()
# The following is supposed to make
# things run slower.
# my question: WTF???
for i in range(1000):
ctx1 = ''
if i & 1:
ctx1 = ctx1 + pw
else:
ctx1 = ctx1 + final[:16]
if i % 3:
ctx1 = ctx1 + salt
if i % 7:
ctx1 = ctx1 + pw
if i & 1:
ctx1 = ctx1 + final[:16]
else:
ctx1 = ctx1 + pw
md5 = hash_md5()
md5.update(ctx1)
final = md5.digest()
# Final xform
passwd = ''
passwd = passwd + to64((int(ord(final[0])) << 16)
| (int(ord(final[6])) << 8)
| (int(ord(final[12]))), 4)
passwd = passwd + to64((int(ord(final[1])) << 16)
| (int(ord(final[7])) << 8)
| (int(ord(final[13]))), 4)
passwd = passwd + to64((int(ord(final[2])) << 16)
| (int(ord(final[8])) << 8)
| (int(ord(final[14]))), 4)
passwd = passwd + to64((int(ord(final[3])) << 16)
| (int(ord(final[9])) << 8)
| (int(ord(final[15]))), 4)
passwd = passwd + to64((int(ord(final[4])) << 16)
| (int(ord(final[10])) << 8)
| (int(ord(final[5]))), 4)
passwd = passwd + to64((int(ord(final[11]))), 2)
return magic + salt + '$' + passwd
if len(sys.argv) != 5:
sys.exit('usage: genSerialVersionUID site-profile top-srcdir source target');
profile = sys.argv[1]
topsrcdir = sys.argv[2]
spath = sys.argv[3]
tpath = sys.argv[4]
cname = spath[len(topsrcdir) + 11 : len(spath)]
print ('Profile = ' + profile);
print ('Class = ' + cname)
md5 = md5.new()
md5.update(profile)
md5.update(cname)
hex = md5.hexdigest()
print ('CheckSum = ' + hex)
uid = int('0x' + hex, 16) >> 64
print ('SerialVersionUID = ' + str(uid) + 'L')
print
prog = re.compile('private static final long serialVersionUID')
source = open(spath, 'rU')
target = open(tpath, 'w')
if len(sys.argv) != 5:
sys.exit(
'usage: genSerialVersionUID site-profile top-srcdir source target')
profile = sys.argv[1]
topsrcdir = sys.argv[2]
spath = sys.argv[3]
tpath = sys.argv[4]
cname = spath[len(topsrcdir) + 11:len(spath)]
print('Profile = ' + profile)
print('Class = ' + cname)
md5 = md5.new()
md5.update(profile)
md5.update(cname)
hex = md5.hexdigest()
print('CheckSum = ' + hex)
uid = int('0x' + hex, 16) >> 64
print('SerialVersionUID = ' + str(uid) + 'L')
print
prog = re.compile('private static final long serialVersionUID')
source = open(spath, 'rU')
target = open(tpath, 'w')
try:
def unix_md5_crypt(pw, salt, magic=None):
if magic==None:
magic = MAGIC
# Take care of the magic string if present
if salt[:len(magic)] == magic:
salt = salt[len(magic):]
# salt can have up to 8 characters:
import string
salt = string.split(salt, '$', 1)[0]
salt = salt[:8]
ctx = pw + magic + salt
md5 = hash_md5()
md5.update(pw + salt + pw)
final = md5.digest()
for pl in range(len(pw),0,-16):
if pl > 16:
ctx = ctx + final[:16]
else:
ctx = ctx + final[:pl]
# Now the 'weird' xform (??)
i = len(pw)
while i:
if i & 1:
ctx = ctx + chr(0) #if ($i & 1) { $ctx->add(pack("C", 0)); }
else:
ctx = ctx + pw[0]
i = i >> 1
md5 = hash_md5()
md5.update(ctx)
final = md5.digest()
# The following is supposed to make
# things run slower.
# my question: WTF???
for i in range(1000):
ctx1 = ''
if i & 1:
ctx1 = ctx1 + pw
else:
ctx1 = ctx1 + final[:16]
if i % 3:
ctx1 = ctx1 + salt
if i % 7:
ctx1 = ctx1 + pw
if i & 1:
ctx1 = ctx1 + final[:16]
else:
ctx1 = ctx1 + pw
md5 = hash_md5()
md5.update(ctx1)
final = md5.digest()
# Final xform
passwd = ''
passwd = passwd + to64((int(ord(final[0])) << 16)
|(int(ord(final[6])) << 8)
|(int(ord(final[12]))),4)
passwd = passwd + to64((int(ord(final[1])) << 16)
|(int(ord(final[7])) << 8)
|(int(ord(final[13]))), 4)
passwd = passwd + to64((int(ord(final[2])) << 16)
|(int(ord(final[8])) << 8)
|(int(ord(final[14]))), 4)
passwd = passwd + to64((int(ord(final[3])) << 16)
|(int(ord(final[9])) << 8)
|(int(ord(final[15]))), 4)
passwd = passwd + to64((int(ord(final[4])) << 16)
|(int(ord(final[10])) << 8)
|(int(ord(final[5]))), 4)
passwd = passwd + to64((int(ord(final[11]))), 2)
return magic + salt + '$' + passwd
def h(s):
import md5
md5 = md5.md5()
md5.update(s + seed)
return md5.hexdigest()
def h(s):
import md5
md5 = md5.md5()
md5.update(s + seed)
return md5.hexdigest()
