From 1b45ad84d6df114ce2f6e661f944c315b550b7fc Mon Sep 17 00:00:00 2001
From: TKE <tobias.kessels@certbw.de>
Date: Tue, 14 Apr 2020 18:17:46 +0200
Subject: [PATCH] reworked search.py to support printing of only mismatched
 hashes

---
 nsrl/search.py | 40 ++++++++++++++++------------------------
 1 file changed, 16 insertions(+), 24 deletions(-)

diff --git a/nsrl/search.py b/nsrl/search.py
index cbf6b57..559a179 100755
--- a/nsrl/search.py
+++ b/nsrl/search.py
@@ -1,26 +1,16 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
-"""
-search.py
-~~~~~~~~
-
-This module searches the bloomfilter for a given MD5 hash.
-
-:copyright: (c) 2014 by Josh "blacktop" Maine.
-:license: MIT
-:improved_by: https://github.com/kost
-"""
 
 import argparse
 import binascii
 
 from pybloom import BloomFilter
 
-
 def main():
-    parser = argparse.ArgumentParser(prog='blacktop/nsrl')
+    parser = argparse.ArgumentParser(prog='nsrl')
     parser.add_argument("-v", "--verbose", help="Display verbose output message", action="store_true", required=False)
-    parser.add_argument('hash', metavar='MD5', type=str, nargs='+', help='a md5 hash to search for.')
+    parser.add_argument("-m", "--mismatched", help="Echo only mismatched Hashvalues", action="store_true", required=False)
+    parser.add_argument('hash', metavar='MD5', type=str, nargs='+', help='md5 hash to search for.')
     args = parser.parse_args()
 
     with open('nsrl.bloom', 'rb') as nb:
@@ -28,21 +18,23 @@ def main():
 
         for hash_hex in args.hash:
             hash = binascii.unhexlify(hash_hex)
-            if args.verbose:
-                if hash in bf:
-                    print "Hash {} found in NSRL Database.".format(hash_hex)
-                else:
-                    print "Hash {} was NOT found in NSRL Database.".format(hash_hex)
-            else:
-                print hash in bf
-    return
+            output=""
 
+            # only print output if for mismatches if selected
+            if ((not hash in bf) or (not args.mismatched)):
+                if args.verbose:
+                    output = "{}:{}".format(hash_hex,hash in bf)
+                else:
+                    if args.mismatched:
+                        output = "{}".format(hash_hex)
+                    else:
+                        output = "{}".format(hash in bf)
+
+                print output
+    return
 
 if __name__ == "__main__":
     try:
         main()
     except Exception as e:
         print "Error: %s" % e
-
-# test_hash = 'AABCA0896728846A9D5B841617EBE746'
-# calc_hash = '60B7C0FEAD45F2066E5B805A91F4F0FC'