mirror of https://github.com/CIRCL/AIL-framework
Add first version of Source Code
parent
be86737ca7
commit
701d771aa5
|
@ -0,0 +1,56 @@
|
|||
#!/usr/bin/env python2
|
||||
# -*-coding:UTF-8 -*
|
||||
import time
|
||||
from packages import Paste
|
||||
from pubsublogger import publisher
|
||||
from Helper import Process
|
||||
import re
|
||||
|
||||
if __name__ == "__main__":
|
||||
publisher.port = 6380
|
||||
publisher.channel = "Script"
|
||||
config_section = "SourceCode"
|
||||
p = Process(config_section)
|
||||
publisher.info("Finding Source Code")
|
||||
|
||||
critical = 0 # AS TO BE IMPORTANT
|
||||
|
||||
shell = "[a-zA-Z0-9]+@[a-zA-Z0-9\-]+\:\~\$"
|
||||
c = "\#include\ \<[a-z\/]+.h\>"
|
||||
php = "\<\?php"
|
||||
python = "import\ [\w]+"
|
||||
bash = "#!\/[\w]*\/bash"
|
||||
javascript = "function\(\)"
|
||||
ruby = "require \ [\w]+"
|
||||
adr = "0x[a-f0-9]{2}"
|
||||
#asm = "\"((?s).{1}x[0-9a-f]{2}){3,}" ISSUES WITH FINDALL, pattern like \x54\xaf\x23\..
|
||||
|
||||
languages = [shell, c, php, bash, python, javascript, bash, ruby, adr]
|
||||
regex = '|'.join(languages)
|
||||
print regex
|
||||
|
||||
while True:
|
||||
message = p.get_from_set()
|
||||
if message is None:
|
||||
publisher.debug("Script Credential is Idling 10s")
|
||||
print('Sleeping')
|
||||
time.sleep(10)
|
||||
continue
|
||||
|
||||
filepath, count = message.split()
|
||||
|
||||
paste = Paste.Paste(filepath)
|
||||
content = paste.get_p_content()
|
||||
match_set = set(re.findall(regex, content))
|
||||
if len(match_set) == 0:
|
||||
continue
|
||||
|
||||
to_print = 'SourceCode;{};{};{};{}'.format(paste.p_source, paste.p_date, paste.p_name, message)
|
||||
|
||||
print filepath
|
||||
print(match_set)
|
||||
|
||||
if len(match_set) > critical:
|
||||
publisher.warning(to_print)
|
||||
else:
|
||||
publisher.info(to_print)
|
|
@ -27,7 +27,7 @@ subscribe = Redis_Words
|
|||
|
||||
[Categ]
|
||||
subscribe = Redis_Global
|
||||
publish = Redis_CreditCards,Redis_Mail,Redis_Onion,Redis_Web,Redis_Credential
|
||||
publish = Redis_CreditCards,Redis_Mail,Redis_Onion,Redis_Web,Redis_Credential,Redis_SourceCode
|
||||
|
||||
[CreditCards]
|
||||
subscribe = Redis_CreditCards
|
||||
|
@ -56,5 +56,8 @@ subscribe = Redis_Credential
|
|||
[Phone]
|
||||
subscribe = Redis_Global
|
||||
|
||||
[SourceCode]
|
||||
subscribe = Redis_SourceCode
|
||||
|
||||
[Keys]
|
||||
subscribe = Redis_Global
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
CVE
|
||||
exploit
|
||||
vulnerability
|
||||
payload
|
||||
uname
|
||||
gcc
|
Loading…
Reference in New Issue