reorganized git repo

author: Julien "shaddai" Reveret 2015-10-08 17:44:47 +0200
committer: Mathieu Deous 2015-10-29 14:55:04 +0100
commit: ff0c609ce15299fcd0da5f5b471d3519495977ff (patch)
tree: b217ff3ed047ad0f63c4e39b8f400eebafa0d1a3 /generate_whitelist.py
parent: 1b88cf3b85d8e3225fb55526f53cbf4df75d9813 (diff)
1 files changed, 0 insertions, 35 deletions
diff --git a/generate_whitelist.py b/generate_whitelist.py
deleted file mode 100644
index 791bab9..0000000
--- a/generate_whitelist.py
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/usr/bin/env python
-import fnmatch
-import hashlib
-import os
-import sys
-try:
-    import yara
-except ImportError:
-    print 'Please install python-yara'
-    sys.exit(0)
-if len(sys.argv) != 3:
-    print 'Usage: %s name_of_the_rule_and_version folder_to_scan' % sys.argv[0]
-rules = yara.compile('./malwares.yara', includes=True, error_on_warning=True)
-output_list = list()
-for cpt, (root, dirnames, filenames) in enumerate(os.walk(sys.argv[2])):
-    for filename in fnmatch.filter(filenames, '*.ph*'):
-        fname = os.path.join(root, filename)
-        if os.stat(fname).st_size:
-            matches = rules.match(os.path.join(root, filename), fast=True)
-            if matches:
-                matches = matches.pop()  #  only one match, since we're scaning files
-                output_list.append('hash.sha1(0, filename) == %s or // %s' % (hashlib.sha1(fname).hexdigest(), fname))
-output_rule = 'private rule %s\n{\n\tcondition:\n\t\t/* %s */\n\t\t' % (sys.argv[1].split(' ')[0], sys.argv[1])
-output_list.append(output_list.pop().replace(' or ', '    '))
-output_rule += '\n\t\t'.join(output_list)
-output_rule +='\n}'
-print output_rule
author	Julien "shaddai" Reveret	2015-10-08 17:44:47 +0200
committer	Mathieu Deous	2015-10-29 14:55:04 +0100
commit	ff0c609ce15299fcd0da5f5b471d3519495977ff (patch)
tree	b217ff3ed047ad0f63c4e39b8f400eebafa0d1a3 /generate_whitelist.py
parent	1b88cf3b85d8e3225fb55526f53cbf4df75d9813 (diff)

diff --git a/generate_whitelist.py b/generate_whitelist.py deleted file mode 100644 index 791bab9..0000000 --- a/generate_whitelist.py +++ /dev/null
@@ -1,35 +0,0 @@
1	#!/usr/bin/env python
2
3	import fnmatch
4	import hashlib
5	import os
6	import sys
7
8	try:
9	import yara
10	except ImportError:
11	print 'Please install python-yara'
12	sys.exit(0)
13
14	if len(sys.argv) != 3:
15	print 'Usage: %s name_of_the_rule_and_version folder_to_scan' % sys.argv[0]
16
17	rules = yara.compile('./malwares.yara', includes=True, error_on_warning=True)
18
19	output_list = list()
20
21	for cpt, (root, dirnames, filenames) in enumerate(os.walk(sys.argv[2])):
22	for filename in fnmatch.filter(filenames, '.ph'):
23	fname = os.path.join(root, filename)
24	if os.stat(fname).st_size:
25	matches = rules.match(os.path.join(root, filename), fast=True)
26	if matches:
27	matches = matches.pop() # only one match, since we're scaning files
28	output_list.append('hash.sha1(0, filename) == %s or // %s' % (hashlib.sha1(fname).hexdigest(), fname))
29
30
31	output_rule = 'private rule %s\n{\n\tcondition:\n\t\t/* %s */\n\t\t' % (sys.argv[1].split(' ')[0], sys.argv[1])
32	output_list.append(output_list.pop().replace(' or ', ' '))
33	output_rule += '\n\t\t'.join(output_list)
34	output_rule +='\n}'
35	print output_rule