mirror of https://github.com/CIRCL/AIL-framework
create new dashbord alert
parent
8738b7cf75
commit
29c368250e
|
@ -40,10 +40,11 @@ def check_bc(bc):
|
||||||
return False
|
return False
|
||||||
########################################################
|
########################################################
|
||||||
|
|
||||||
def search_key(content, message):
|
def search_key(content, message, paste):
|
||||||
bitcoin_address = re.findall(regex_bitcoin_public_address, content)
|
bitcoin_address = re.findall(regex_bitcoin_public_address, content)
|
||||||
bitcoin_private_key = re.findall(regex_bitcoin_private_key, content)
|
bitcoin_private_key = re.findall(regex_bitcoin_private_key, content)
|
||||||
validate_address = False
|
validate_address = False
|
||||||
|
key = False
|
||||||
if(len(bitcoin_address) >0):
|
if(len(bitcoin_address) >0):
|
||||||
#print(message)
|
#print(message)
|
||||||
for address in bitcoin_address:
|
for address in bitcoin_address:
|
||||||
|
@ -53,14 +54,20 @@ def search_key(content, message):
|
||||||
if(len(bitcoin_private_key) > 0):
|
if(len(bitcoin_private_key) > 0):
|
||||||
for private_key in bitcoin_private_key:
|
for private_key in bitcoin_private_key:
|
||||||
print('Bitcoin private key found : {}'.format(private_key))
|
print('Bitcoin private key found : {}'.format(private_key))
|
||||||
|
key = True
|
||||||
|
|
||||||
if(validate_address):
|
if(validate_address):
|
||||||
p.populate_set_out(message, 'Duplicate')
|
p.populate_set_out(message, 'Duplicate')
|
||||||
to_print = 'bitcoin found: {} address and {} private Keys'.format(len(bitcoin_address), len(bitcoin_private_key))
|
to_print = 'Bitcoin found: {} address and {} private Keys'.format(len(bitcoin_address), len(bitcoin_private_key))
|
||||||
print(to_print)
|
print(to_print)
|
||||||
publisher.warning(to_print)
|
publisher.warning(to_print)
|
||||||
msg = ('bitcoin;{}'.format(message))
|
msg = ('bitcoin;{}'.format(message))
|
||||||
p.populate_set_out( msg, 'alertHandler')
|
p.populate_set_out( msg, 'alertHandler')
|
||||||
|
if(key):
|
||||||
|
to_print = 'Bitcoin;{};{};{};'.format(paste.p_source, paste.p_date,
|
||||||
|
paste.p_name)
|
||||||
|
publisher.warning('{}Detected {} Bitcoin private key;{}'.format(
|
||||||
|
to_print, len(bitcoin_private_key),paste.p_path))
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
publisher.port = 6380
|
publisher.port = 6380
|
||||||
|
@ -91,4 +98,4 @@ if __name__ == "__main__":
|
||||||
# Do something with the message from the queue
|
# Do something with the message from the queue
|
||||||
paste = Paste.Paste(message)
|
paste = Paste.Paste(message)
|
||||||
content = paste.get_p_content()
|
content = paste.get_p_content()
|
||||||
search_key(content, message)
|
search_key(content, message, paste)
|
||||||
|
|
|
@ -149,7 +149,7 @@ if __name__ == "__main__":
|
||||||
PST.p_date,
|
PST.p_date,
|
||||||
PST.p_name)
|
PST.p_name)
|
||||||
for url in fetch(p, r_cache, urls, domains_list, path):
|
for url in fetch(p, r_cache, urls, domains_list, path):
|
||||||
publisher.warning('{}Checked {};{}'.format(to_print, url, PST.p_path))
|
publisher.info('{}Checked {};{}'.format(to_print, url, PST.p_path))
|
||||||
p.populate_set_out('onion;{}'.format(PST.p_path), 'alertHandler')
|
p.populate_set_out('onion;{}'.format(PST.p_path), 'alertHandler')
|
||||||
else:
|
else:
|
||||||
publisher.info('{}Onion related;{}'.format(to_print, PST.p_path))
|
publisher.info('{}Onion related;{}'.format(to_print, PST.p_path))
|
||||||
|
|
Loading…
Reference in New Issue