示例#1
0
 def csv_sha256(self, path=os.environ['SYSTEMDRIVE'] + '\\'):
     try:
         list_files = os.listdir(unicode(path))
     except Exception as e:
         self.logger.warn("Cannot list " + path)
         return
     for f in list_files:
         d = os.path.join(path, f)
         if os.path.isdir(d):
             self.csv_sha256(d)
         elif os.path.isfile(d):
             try:
                 sha = process_sha256(d)
                 with open(
                         self.output_dir + '\\' + self.computer_name +
                         '_sha256.csv', 'ab') as output:
                     csv_writer = get_csv_writer(output)
                     write_to_csv(
                         ['sha256', d, sha.hexdigest()], csv_writer)
             except UnicodeError:
                 pass
             except IOError:
                 pass
             except ValueError:
                 pass
示例#2
0
	def csv_sha256(self,path=os.environ['SYSTEMDRIVE']+'\\'):
		try:
			list_files=os.listdir(unicode(path))
		except Exception as e:
			self.logger.warn("Cannot list " + path)
			return
		for f in list_files:
			d=os.path.join(path,f)
			if os.path.isdir(d):
				self.csv_sha256(d)
			elif os.path.isfile(d):
				try:
					sha = process_sha256(d)
					with open(self.output_dir + '\\' + self.computer_name + '_sha256.csv', 'ab') as output:
						csv_writer = get_csv_writer(output)	
						write_to_csv(['sha256',d,sha.hexdigest()], csv_writer)
				except UnicodeError:
					pass
				except IOError:
					pass
				except ValueError:
					pass
示例#3
0
 def csv_yara(self,path=os.environ['SYSTEMDRIVE']+'\\'):
     try:
         if os.path.isdir(path):
             list_files=os.listdir(unicode(path))
     except Exception as e:
         self.logger.warn(traceback.format_exc().decode(sys.stdin.encoding))
         return
     for f in list_files:
         d=os.path.join(path,f)
         if os.path.isdir(d):
             self.csv_yara(d)
         try:
             if os.path.isfile(d):    
                 matches = self.rules.match(data=open(d,'rb').read())
                 if matches: 
                     sha = process_sha256(d)
                     for m in matches.get('main',[]):
                         with open(self.output_dir + '\\' + self.computer_name + '_yara.csv', 'ab') as output:
                             csv_writer = get_csv_writer(output)    
                             write_to_csv(['yara',d,f,m,sha.hexdigest()], csv_writer)
         except Exception as e:
             self.logger.error(traceback.format_exc())
示例#4
0
 def csv_sha256(self,path=os.environ['SYSTEMDRIVE']+'\\'):
     try:
         if os.path.isdir(path):
             list_files=os.listdir(unicode(path))
     except Exception as e:
         self.logger.error(traceback.format_exc().decode(sys.stdin.encoding))    
         return
     for f in list_files:
         d=os.path.join(path,f)
         if os.path.isdir(d):
             self.csv_sha256(d)
         elif os.path.isfile(d):
             try:
                 sha = process_sha256(d)
                 issuer=''
                 subject=''
                 if self.extractCerfif:
                     issuer,subject=self._extractSignature(d)
                 with open(self.output_dir + '\\' + self.computer_name + '_sha256.csv', 'ab') as output:
                     csv_writer = get_csv_writer(output)    
                     write_to_csv(['sha256',d,sha.hexdigest(),issuer,subject], csv_writer)
             except Exception as e:
                 self.logger.error(traceback.format_exc())