-
-
[原创]python_mmdt:从2到3--mmdt_hash的在线使用(四)
-
发表于: 2022-1-21 16:48
-
使用pip进行安装,安装命令:pip install python_mmdt
建议使用.whl发行包进行安装,发行包下载地址:
安装命令:pip install python_mmdt-0.3.1-cp38-cp38-win_amd64.whl
pip install python_mmdt命令安装成功之后,系统会添加mmdt-scan-online命令,使用mmdt-scan-online可快速实现在线扫描,如下所示:
pip install python_mmdt命令安装成功以后,可参考mmdt-scan-online命令行工具源码使用python_mmdt库,实现在线扫描:
# 第一次执行会提交任务,并返回任务状态[root@VM-0-8-centos ~]# mmdt-scan-online 2f04b8eb993ca4a3d98607824a10acfb
{ "sha1": "a5ad744088e2739dc8b6a0622432106158d0abd8",
"md5": "2f04b8eb993ca4a3d98607824a10acfb",
"file_name": "2f04b8eb993ca4a3d98607824a10acfb",
"message": "查询任务已添加至查询队列,当前队列中还有0个任务",
"status": 20001,
"data": {}
}# 第二次执行会获取任务结果,返回10个最相似文件的标签及其sha1[root@VM-0-8-centos ~]# mmdt-scan-online 2f04b8eb993ca4a3d98607824a10acfb
{ "sha1": "a5ad744088e2739dc8b6a0622432106158d0abd8",
"md5": "2f04b8eb993ca4a3d98607824a10acfb",
"file_name": "2f04b8eb993ca4a3d98607824a10acfb",
"message": "success",
"status": 20000,
"data": {
"label": "APT28",
"labels": [
{
"label": "APT28",
"ratio": "20.00%"
},
{
"label": "virlock",
"ratio": "50.00%"
},
{
"label": "coinminer",
"ratio": "30.00%"
}
],
"similars": [
{
"hash": "a5ad744088e2739dc8b6a0622432106158d0abd8",
"label": "APT28",
"sim": 1.0
},
{
"hash": "9001f4cfe62367a282efc08b072a13a5e2e403db",
"label": "APT28",
"sim": 0.9896245046624919
},
{
"hash": "0d3d452a7e8d7d328bfe9862cbcee33ad1ce4cf4",
"label": "virlock",
"sim": 0.8511449567066024
},
...
]
}
}# 第一次执行会提交任务,并返回任务状态[root@VM-0-8-centos ~]# mmdt-scan-online 2f04b8eb993ca4a3d98607824a10acfb
{ "sha1": "a5ad744088e2739dc8b6a0622432106158d0abd8",
"md5": "2f04b8eb993ca4a3d98607824a10acfb",
"file_name": "2f04b8eb993ca4a3d98607824a10acfb",
"message": "查询任务已添加至查询队列,当前队列中还有0个任务",
"status": 20001,
"data": {}
}# 第二次执行会获取任务结果,返回10个最相似文件的标签及其sha1[root@VM-0-8-centos ~]# mmdt-scan-online 2f04b8eb993ca4a3d98607824a10acfb
{ "sha1": "a5ad744088e2739dc8b6a0622432106158d0abd8",
"md5": "2f04b8eb993ca4a3d98607824a10acfb",
"file_name": "2f04b8eb993ca4a3d98607824a10acfb",
"message": "success",
"status": 20000,
"data": {
"label": "APT28",
"labels": [
{
"label": "APT28",
"ratio": "20.00%"
},
{
"label": "virlock",
"ratio": "50.00%"
},
{
"label": "coinminer",
"ratio": "30.00%"
}
],
"similars": [
{
"hash": "a5ad744088e2739dc8b6a0622432106158d0abd8",
"label": "APT28",
"sim": 1.0
},
{
"hash": "9001f4cfe62367a282efc08b072a13a5e2e403db",
"label": "APT28",
"sim": 0.9896245046624919
},
{
"hash": "0d3d452a7e8d7d328bfe9862cbcee33ad1ce4cf4",
"label": "virlock",
"sim": 0.8511449567066024
},
...
]
}
}# -*- coding: utf-8 -*-import sys
import json
import requests
from python_mmdt.mmdt.common import gen_md5, gen_sha1
from python_mmdt.mmdt.mmdt import MMDT
def mmdt_scan_online():
# 构造mmdt对象
mmdt = MMDT()
# 命令行参数
file_name = sys.argv[1]
# 计算文件md5、sha1、mmdt
file_md5 = gen_md5(file_name)
file_sha1 = gen_sha1(file_name)
file_mmdt = mmdt.mmdt_hash(file_name)
data = {
"md5": file_md5,
"sha1": file_sha1,
"file_name": file_name,
"mmdt": file_mmdt,
"data": {}
}
# 提交数据,获取结果
r = requests.post(url='http://146.56.242.184/mmdt/scan', json=data)
r_data = r.json()
print(json.dumps(r_data, indent=4, ensure_ascii=False))
def main():
mmdt_scan_online()
if __name__ == '__main__':
main()
# -*- coding: utf-8 -*-import sys
import json
import requests
from python_mmdt.mmdt.common import gen_md5, gen_sha1
from python_mmdt.mmdt.mmdt import MMDT
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
|
|
|---|---|
