diff options
| author | jvoisin | 2015-06-30 18:12:09 +0200 |
|---|---|---|
| committer | jvoisin | 2015-06-30 18:12:09 +0200 |
| commit | f10b059f9d0c5fbfdf57d7e778e183d07c1cdace (patch) | |
| tree | b04b8597519e5afc1c0e2c62bb421a1cf9ff762d | |
| parent | 6e6a8279c90cdd0e1728835bba712dbeba015dbe (diff) | |
Throttle the python poc
Every 1000 files, sleep for 3 seconds
| -rw-r--r-- | poc.py | 5 |
1 files changed, 4 insertions, 1 deletions
| @@ -2,6 +2,7 @@ import fnmatch | |||
| 2 | import glob | 2 | import glob |
| 3 | import os | 3 | import os |
| 4 | import sys | 4 | import sys |
| 5 | import time | ||
| 5 | 6 | ||
| 6 | try: | 7 | try: |
| 7 | import yara | 8 | import yara |
| @@ -14,8 +15,10 @@ if len(sys.argv) != 2: | |||
| 14 | 15 | ||
| 15 | rules = yara.compile('malwares.yara') | 16 | rules = yara.compile('malwares.yara') |
| 16 | 17 | ||
| 17 | for root, dirnames, filenames in os.walk(sys.argv[1]): | 18 | for cpt, (root, dirnames, filenames) in enumerate(os.walk(sys.argv[1])): |
| 18 | for filename in fnmatch.filter(filenames, '*.ph*'): | 19 | for filename in fnmatch.filter(filenames, '*.ph*'): |
| 20 | if not cpt % 1000: | ||
| 21 | time.sleep(3) | ||
| 19 | fname = os.path.join(root, filename) | 22 | fname = os.path.join(root, filename) |
| 20 | if os.stat(fname).st_size: | 23 | if os.stat(fname).st_size: |
| 21 | matches = rules.match(os.path.join(root, filename), fast=True) | 24 | matches = rules.match(os.path.join(root, filename), fast=True) |