Add first version of Source Code

pull/52/head
MaximeStor 2016-03-12 11:21:29 +01:00
parent be86737ca7
commit 701d771aa5
3 changed files with 66 additions and 1 deletions

56
bin/SourceCode.py Normal file
View File

@ -0,0 +1,56 @@
#!/usr/bin/env python2
# -*-coding:UTF-8 -*
import time
from packages import Paste
from pubsublogger import publisher
from Helper import Process
import re
if __name__ == "__main__":
publisher.port = 6380
publisher.channel = "Script"
config_section = "SourceCode"
p = Process(config_section)
publisher.info("Finding Source Code")
critical = 0 # AS TO BE IMPORTANT
shell = "[a-zA-Z0-9]+@[a-zA-Z0-9\-]+\:\~\$"
c = "\#include\ \<[a-z\/]+.h\>"
php = "\<\?php"
python = "import\ [\w]+"
bash = "#!\/[\w]*\/bash"
javascript = "function\(\)"
ruby = "require \ [\w]+"
adr = "0x[a-f0-9]{2}"
#asm = "\"((?s).{1}x[0-9a-f]{2}){3,}" ISSUES WITH FINDALL, pattern like \x54\xaf\x23\..
languages = [shell, c, php, bash, python, javascript, bash, ruby, adr]
regex = '|'.join(languages)
print regex
while True:
message = p.get_from_set()
if message is None:
publisher.debug("Script Credential is Idling 10s")
print('Sleeping')
time.sleep(10)
continue
filepath, count = message.split()
paste = Paste.Paste(filepath)
content = paste.get_p_content()
match_set = set(re.findall(regex, content))
if len(match_set) == 0:
continue
to_print = 'SourceCode;{};{};{};{}'.format(paste.p_source, paste.p_date, paste.p_name, message)
print filepath
print(match_set)
if len(match_set) > critical:
publisher.warning(to_print)
else:
publisher.info(to_print)

View File

@ -27,7 +27,7 @@ subscribe = Redis_Words
[Categ]
subscribe = Redis_Global
publish = Redis_CreditCards,Redis_Mail,Redis_Onion,Redis_Web,Redis_Credential
publish = Redis_CreditCards,Redis_Mail,Redis_Onion,Redis_Web,Redis_Credential,Redis_SourceCode
[CreditCards]
subscribe = Redis_CreditCards
@ -56,5 +56,8 @@ subscribe = Redis_Credential
[Phone]
subscribe = Redis_Global
[SourceCode]
subscribe = Redis_SourceCode
[Keys]
subscribe = Redis_Global

6
files/SourceCode Normal file
View File

@ -0,0 +1,6 @@
CVE
exploit
vulnerability
payload
uname
gcc