gitea-mirror/theZoo
1
0
Fork 0
mirror of https://github.com/ytisf/theZoo.git synced 2025-12-27 05:03:09 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
7be318fb1c4d412ffa944bf6464e2f84aeeb339e
theZoo/malware-db.py
Yuval Nativ 7be318fb1c Update next MileStones
2014-01-15 19:01:37 +02:00

193 lines
5.7 KiB
Python
Raw Blame History

#!/usr/bin/env python
#Malware DB - the most awesome free malware database on the air
#Copyright (C) 2014, Yuval Nativ, Lahad Ludar, 5fingers
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <http://www.gnu.org/licenses/>.
__version__ = "0.1 Alpha"
__appname__ = "Malware DB"
__authors__ = ["Yuval Nativ","Lahad Ludar","5fingers"]
__licensev__ = "GPL v3.0"
__maintainer = "Yuval Nativ"
__status__ = "Development"
import sys
import getopt
import os
import inspect
import subprocess
import csv
def main():
# Set general variables.
version='0.1 Alpha'
appname="Malware DB"
authors="Yuval Nativ, Lahad Ludar, 5fingers"
licensev="GPL v3.0"
fulllicense = appname + " Copyright (C) 2014 " + authors + "\n"
fulllicense += "This program comes with ABSOLUTELY NO WARRANTY; for details type '" + sys.argv[0] +" -w'.\n"
fulllicense += "This is free software, and you are welcome to redistribute it."
useage='\nUsage: ' + sys.argv[0] + ' -s search_query -t trojan -p vb\n\n'
useage+='The search engine can search by regular search or using specified arguments:\n\nOPTIONS:\n -h --help\t\tShow this message\n -t --type\t\tMalware type, can be virus/trojan/botnet/spyware/ransomeware.\n -p --language\tProgramming language, can be c/cpp/vb/asm/bin/java.\n -u --update\t\tUpdate malware index. Rebuilds main CSV file. \n -s --search\t\tSearch query for name or anything. \n -v --version\tPrint the version information.\n -w\t\t\tPrint GNU license.\n'
column_for_pl=6
column_for_type=2
column_for_location=1
colomn_for_time=7
column_for_version=4
column_for_name=3
column_for_uid=0
eula_file='eula_run.conf'
def print_license():
print ""
print fulllicense
print ""
def check_eula_file():
try:
with open(eula_file):
return 1
except IOError:
return 0
def versionbanner():
print ""
print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
print "\t\t " + appname + ' v' + version
print "Built by:\t\t" + authors
print "Is licensed under:\t" + licensev
print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
print fulllicense
print useage
def checkresults(array):
if len(array) == 0:
print "No results found\n\n"
sys.exit(1)
def checkargs():
print "Type: " + type_of_mal
print "Lang: " + pl
print "Search: " + search
def filter_array(array,colum,value):
ret_array = [row for row in array if value in row[colum]]
return ret_array
def res_banner():
# A function to print banner header
print "\nUID\tName\t\tVersion\t\tLocation\t\tTime"
print "---\t----\t\t-------\t\t--------\t\t----"
def print_results(array):
# print_results will suprisingly print the results...
answer = array[column_for_uid] + "\t" + array[column_for_name]+ "\t" + array[column_for_version] + "\t\t"
answer += array[column_for_location] + "\t\t" + array[colomn_for_time]
print answer
options, remainder = getopt.getopt(sys.argv[1:], 'hwuvs:p:t:', ['type=', 'language=', 'search=', 'help', 'update', 'version' ])
# Zeroing everything
type_of_mal = ""
pl = ""
search = ""
new =""
update=0
m=[];
a=0
eula_answer='no'
# Checking for EULA Agreement
a = check_eula_file()
if a == 0:
print appname + ' v' + version
print 'This program contain live and dangerous malware files'
print 'This program is intended to be used only for malware analysis and research'
print 'and by agreeing the EULA you agree to only use it for legal purposes and '
print 'studying malware.'
print 'You understand that these file are dangerous and should only be run on VMs'
print 'you can control and know how to handle. Running them on a live system will'
print 'infect you machines will live and dangerous malwares!.'
print ''
eula_answer = raw_input('Type YES in captial letters to accept this EULA.\n')
if eula_answer == 'YES':
print 'you types YES'
new = open(eula_file, 'a')
new.write(eula_answer)
else:
print 'You need to accept the EULA.\nExiting the program.'
sys.exit(1)
# Get arguments
for opt, arg in options:
if opt in ('-h','--help'):
print fulllicense
print useage
sys.exit(1)
elif opt in ('-u', '--update'):
update=1
elif opt in ('-v', '--version'):
versionbanner()
sys.exit(1)
elif opt in ('-w'):
print_license()
sys.exit(1)
elif opt in ('-t', '--type'):
type_of_mal = arg
elif opt in ('-p', '--language'):
pl = arg
elif opt in ('-s', '--search'):
search = arg
# Rebuild CSV
if update == 1:
subprocess.call("./Rebuild_CSV.sh", shell=True)
sys.exit(1)
# Take index.csv and convert into array m
csvReader = csv.reader(open('index.csv', 'rb'), delimiter=',');
for row in csvReader:
m.append(row);
# Filter by type
if len(type_of_mal) > 0:
m = filter_array(m,column_for_type,type_of_mal)
# Filter by programming language
if len(pl) > 0:
m = filter_array(m,column_for_pl,pl)
# Free search handler
if len(search) > 0:
res_banner()
matching = [y for y in m if search in y]
for line in matching:
checkresults(matching)
print_results(line)
if len(search) <= 0:
res_banner()
for line in m:
print_results(line)
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink