reworked search.py to support printing of only mismatched hashes
This commit is contained in:
TKE
@@ -1,26 +1,16 @@
|
|||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
"""
|
|
||||||
search.py
|
|
||||||
~~~~~~~~
|
|
||||||
|
|
||||||
This module searches the bloomfilter for a given MD5 hash.
|
|
||||||
|
|
||||||
:copyright: (c) 2014 by Josh "blacktop" Maine.
|
|
||||||
:license: MIT
|
|
||||||
:improved_by: https://github.com/kost
|
|
||||||
"""
|
|
||||||
|
|
||||||
import argparse
|
import argparse
|
||||||
import binascii
|
import binascii
|
||||||
|
|
||||||
from pybloom import BloomFilter
|
from pybloom import BloomFilter
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
parser = argparse.ArgumentParser(prog='blacktop/nsrl')
|
parser = argparse.ArgumentParser(prog='nsrl')
|
||||||
parser.add_argument("-v", "--verbose", help="Display verbose output message", action="store_true", required=False)
|
parser.add_argument("-v", "--verbose", help="Display verbose output message", action="store_true", required=False)
|
||||||
parser.add_argument('hash', metavar='MD5', type=str, nargs='+', help='a md5 hash to search for.')
|
parser.add_argument("-m", "--mismatched", help="Echo only mismatched Hashvalues", action="store_true", required=False)
|
||||||
|
parser.add_argument('hash', metavar='MD5', type=str, nargs='+', help='md5 hash to search for.')
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
with open('nsrl.bloom', 'rb') as nb:
|
with open('nsrl.bloom', 'rb') as nb:
|
||||||
@@ -28,21 +18,23 @@ def main():
|
|||||||
|
|
||||||
for hash_hex in args.hash:
|
for hash_hex in args.hash:
|
||||||
hash = binascii.unhexlify(hash_hex)
|
hash = binascii.unhexlify(hash_hex)
|
||||||
if args.verbose:
|
output=""
|
||||||
if hash in bf:
|
|
||||||
print "Hash {} found in NSRL Database.".format(hash_hex)
|
|
||||||
else:
|
|
||||||
print "Hash {} was NOT found in NSRL Database.".format(hash_hex)
|
|
||||||
else:
|
|
||||||
print hash in bf
|
|
||||||
return
|
|
||||||
|
|
||||||
|
# only print output if for mismatches if selected
|
||||||
|
if ((not hash in bf) or (not args.mismatched)):
|
||||||
|
if args.verbose:
|
||||||
|
output = "{}:{}".format(hash_hex,hash in bf)
|
||||||
|
else:
|
||||||
|
if args.mismatched:
|
||||||
|
output = "{}".format(hash_hex)
|
||||||
|
else:
|
||||||
|
output = "{}".format(hash in bf)
|
||||||
|
|
||||||
|
print output
|
||||||
|
return
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
try:
|
try:
|
||||||
main()
|
main()
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
print "Error: %s" % e
|
print "Error: %s" % e
|
||||||
|
|
||||||
# test_hash = 'AABCA0896728846A9D5B841617EBE746'
|
|
||||||
# calc_hash = '60B7C0FEAD45F2066E5B805A91F4F0FC'
|
|
||||||
|
|||||||
Reference in New Issue
Block a user