MCPcopy
hub / github.com/jipegit/OSXAuditor / MHRLookup

Function MHRLookup

osxauditor.py:254–284  ·  view source on GitHub ↗

Perform of lookup in Team Cymru\'s MHR

()

Source from the content-addressed store, hash-verified

252 HTMLLog(LogStr, TYPE)
253
254def MHRLookup():
255 ''' Perform of lookup in Team Cymru\'s MHR '''
256
257 PrintAndLog(u'Team Cymru MHR lookup', 'SECTION')
258 PrintAndLog(u'Got %s hashes to verify' % len(HASHES), 'DEBUG')
259
260 Query = 'begin\r\n'
261 for Hash in HASHES:
262 Query += Hash + '\r\n'
263 Query += 'end\r\n'
264
265 S = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
266 S.connect((MRH_HOST, MRH_PORT))
267 S.sendall(Query)
268
269 Response = u''
270 while True:
271 Data = S.recv(4096)
272 Response += Data
273 if not Data: break
274 S.close()
275
276 Lines = Response.split('\n')
277 Lines = Lines[2:-1]
278
279 for line in Lines:
280 Status = line.split(' ')
281 if Status[2] == 'NO_DATA':
282 PrintAndLog(line.decode('utf-8'), 'INFO')
283 else:
284 PrintAndLog(line.decode('utf-8'), 'WARNING')
285
286def VTLookup():
287 ''' Perform of lookup in VirusTotal database '''

Callers 1

MainFunction · 0.85

Calls 1

PrintAndLogFunction · 0.85

Tested by

no test coverage detected