move utility scripts to a ./utils/ subfolder

author: Mathieu Deous 2016-07-26 18:28:39 +0200
committer: Mathieu Deous 2016-07-28 17:56:19 +0200
commit: 216702a22dac24e54c88404cf9cd38bca4f0645b (patch)
tree: 20b82103ee100434737c07a6d4ba388f6fe40fa8
parent: c70a72ec79b78f9a90dd012a2ec47756f341581d (diff)
1 files changed, 7 insertions, 6 deletions
diff --git a/php-malware-finder/generate_whitelist.py b/php-malware-finder/utils/generate_whitelist.py
index af6be27..231eb1f 100755
--- a/php-malware-finder/generate_whitelist.py
+++ b/php-malware-finder/utils/generate_whitelist.py
@@ -19,7 +19,7 @@ if not os.path.isdir(sys.argv[2]):
    print('%s is not a folder !' % sys.argv[2])
    sys.exit(1)
-rules = yara.compile('./php.yar', includes=True, error_on_warning=True)
+rules = yara.compile('../php.yar', includes=True, error_on_warning=True)
 output_list = list()
@@ -34,8 +34,9 @@ for curdir, dirnames, filenames in os.walk(sys.argv[2]):
                output_list.append('hash.sha1(0, filesize) == "%s" or // %s' % (digest, fname))
-output_rule = 'import "hash"\n\nrule %s\n{\n\tcondition:\n\t\t/* %s */\n\t\t' % (sys.argv[1].split(' ')[0], sys.argv[1])
+if output_list:
-output_list.append(output_list.pop().replace(' or ', '    '))
+    output_rule = 'import "hash"\n\nrule %s\n{\n\tcondition:\n\t\t/* %s */\n\t\t' % (sys.argv[1].split(' ')[0], sys.argv[1])
-output_rule += '\n\t\t'.join(output_list)
+    output_list.append(output_list.pop().replace(' or ', '    '))
-output_rule += '\n}'
+    output_rule += '\n\t\t'.join(output_list)
-print(output_rule)
+    output_rule += '\n}'
+    print(output_rule)
author	Mathieu Deous	2016-07-26 18:28:39 +0200
committer	Mathieu Deous	2016-07-28 17:56:19 +0200
commit	216702a22dac24e54c88404cf9cd38bca4f0645b (patch)
tree	20b82103ee100434737c07a6d4ba388f6fe40fa8
parent	c70a72ec79b78f9a90dd012a2ec47756f341581d (diff)

diff --git a/php-malware-finder/generate_whitelist.py b/php-malware-finder/utils/generate_whitelist.py index af6be27..231eb1f 100755 --- a/php-malware-finder/generate_whitelist.py +++ b/php-malware-finder/utils/generate_whitelist.py
@@ -19,7 +19,7 @@ if not os.path.isdir(sys.argv[2]):
19	print('%s is not a folder !' % sys.argv[2])	19	print('%s is not a folder !' % sys.argv[2])
20	sys.exit(1)	20	sys.exit(1)
21		21
22	rules = yara.compile('./php.yar', includes=True, error_on_warning=True)	22	rules = yara.compile('../php.yar', includes=True, error_on_warning=True)
23		23
24	output_list = list()	24	output_list = list()
25		25
@@ -34,8 +34,9 @@ for curdir, dirnames, filenames in os.walk(sys.argv[2]):
34	output_list.append('hash.sha1(0, filesize) == "%s" or // %s' % (digest, fname))	34	output_list.append('hash.sha1(0, filesize) == "%s" or // %s' % (digest, fname))
35		35
36		36
37	output_rule = 'import "hash"\n\nrule %s\n{\n\tcondition:\n\t\t/* %s */\n\t\t' % (sys.argv[1].split(' ')[0], sys.argv[1])	37	if output_list:
38	output_list.append(output_list.pop().replace(' or ', ' '))	38	output_rule = 'import "hash"\n\nrule %s\n{\n\tcondition:\n\t\t/* %s */\n\t\t' % (sys.argv[1].split(' ')[0], sys.argv[1])
39	output_rule += '\n\t\t'.join(output_list)	39	output_list.append(output_list.pop().replace(' or ', ' '))
40	output_rule += '\n}'	40	output_rule += '\n\t\t'.join(output_list)
41	print(output_rule)	41	output_rule += '\n}'
		42	print(output_rule)