Perform of lookup in Team Cymru\'s MHR
()
| 252 | HTMLLog(LogStr, TYPE) |
| 253 | |
| 254 | def MHRLookup(): |
| 255 | ''' Perform of lookup in Team Cymru\'s MHR ''' |
| 256 | |
| 257 | PrintAndLog(u'Team Cymru MHR lookup', 'SECTION') |
| 258 | PrintAndLog(u'Got %s hashes to verify' % len(HASHES), 'DEBUG') |
| 259 | |
| 260 | Query = 'begin\r\n' |
| 261 | for Hash in HASHES: |
| 262 | Query += Hash + '\r\n' |
| 263 | Query += 'end\r\n' |
| 264 | |
| 265 | S = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| 266 | S.connect((MRH_HOST, MRH_PORT)) |
| 267 | S.sendall(Query) |
| 268 | |
| 269 | Response = u'' |
| 270 | while True: |
| 271 | Data = S.recv(4096) |
| 272 | Response += Data |
| 273 | if not Data: break |
| 274 | S.close() |
| 275 | |
| 276 | Lines = Response.split('\n') |
| 277 | Lines = Lines[2:-1] |
| 278 | |
| 279 | for line in Lines: |
| 280 | Status = line.split(' ') |
| 281 | if Status[2] == 'NO_DATA': |
| 282 | PrintAndLog(line.decode('utf-8'), 'INFO') |
| 283 | else: |
| 284 | PrintAndLog(line.decode('utf-8'), 'WARNING') |
| 285 | |
| 286 | def VTLookup(): |
| 287 | ''' Perform of lookup in VirusTotal database ''' |