2014-01-15 11:01:23 +02:00
#!/usr/bin/env python
2014-02-03 00:57:14 +02:00
#Malware DB - the most awesome free malware database on the air
#Copyright (C) 2014, Yuval Nativ, Lahad Ludar, 5Fingers
2014-01-15 11:01:23 +02:00
2014-02-03 00:57:14 +02:00
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
2014-01-15 11:01:23 +02:00
2014-02-03 00:57:14 +02:00
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
2014-01-15 11:01:23 +02:00
2014-02-03 00:57:14 +02:00
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <http://www.gnu.org/licenses/>.
from imports import muchmuchstrings
2014-01-15 11:01:23 +02:00
2014-02-19 13:57:32 +02:00
__version__ = " 0.5.0 Citadel "
__codename__ = " Citadel "
__appname__ = " theZoo "
2014-02-03 00:57:14 +02:00
__authors__ = [ " Yuval Nativ " , " Lahad Ludar " , " 5Fingers " ]
2014-01-15 19:01:37 +02:00
__licensev__ = " GPL v3.0 "
2014-02-03 00:57:14 +02:00
__maintainer = " Yuval Nativ "
2014-02-19 13:57:32 +02:00
__status__ = " Beta "
2014-01-15 19:01:37 +02:00
2014-01-15 11:01:23 +02:00
import sys
import getopt
import csv
2014-02-03 00:57:14 +02:00
import os
2014-02-19 13:57:32 +02:00
from optparse import OptionParser
2014-02-03 00:57:14 +02:00
from imports . updatehandler import Updater
from imports . eula_handler import EULA
from imports . globals import vars
from imports . terminal_handler import Controller
2014-01-20 10:21:05 +02:00
2014-01-15 11:01:23 +02:00
def main ( ) :
2014-02-03 00:57:14 +02:00
# Much much imports :)
updateHandler = Updater
eulaHandler = EULA ( )
bannerHandler = muchmuchstrings . banners ( )
terminalHandler = Controller ( )
2014-01-20 10:21:05 +02:00
2014-01-20 12:28:57 +02:00
2014-01-20 10:21:05 +02:00
def checkresults ( array ) :
if len ( array ) == 0 :
print " No results found \n \n "
sys . exit ( 1 )
def checkargs ( ) :
print " Type: " + type_of_mal
print " Lang: " + pl
print " Search: " + search
2014-01-20 12:28:57 +02:00
def filter_array ( array , colum , value ) :
2014-01-20 10:21:05 +02:00
ret_array = [ row for row in array if value in row [ colum ] ]
return ret_array
def print_results ( array ) :
2014-02-03 00:57:14 +02:00
# print_results will suprisingly print the results...
answer = array [ vars . column_for_uid ] + " \t " + array [ vars . column_for_name ] + " \t " + array [ vars . column_for_version ] + " \t \t "
answer + = array [ vars . column_for_location ] + " \t \t " + array [ vars . colomn_for_time ]
2014-01-20 10:21:05 +02:00
print answer
2014-02-19 13:57:32 +02:00
def getArgvs ( ) :
parser = OptionParser ( )
parser = OptionParser ( )
parser . add_option ( " -t " , " --type " , dest = " type_of_mal " , default = ' ' , help = " Type of malware to search. \n For example botnet,trojan,virus,etc... " )
parser . add_option ( " -l " , " --language " , dest = " lang_of_mal " , default = ' ' , help = " Language of the version of the malware which is in the databse. \n For example: vbs,vb,c,cpp,bin,etc... " )
parser . add_option ( " -a " , " --architecture " , dest = " arch_of_mal " , default = ' ' , help = " The architecture the malware is intended for. \n For example: x86,x64,arm7,etc... " )
parser . add_option ( " -p " , " --platform " , dest = " plat_of_mal " , default = " " , help = " Platform the malware is inteded for. \n For example: win32,win64,ios,android,etc... " )
parser . add_option ( " -u " , " --update " , dest = " update_bol " , default = 0 , help = " Updates the DB of theZoo. " , action = " store_true " )
parser . add_option ( " -v " , " --version " , dest = " ver_bol " , default = 0 , help = " Shows version and licensing information. " , action = " store_true " )
parser . add_option ( " -w " , " --license " , dest = " license_bol " , default = 0 , help = " Prints the GPLv3 license information. " , action = " store_true " )
( options , args ) = parser . parse_args ( )
return options
2014-02-03 00:57:14 +02:00
2014-02-19 13:57:32 +02:00
# Here actually starts Main()
2014-02-03 00:57:14 +02:00
# Zeroing everything
type_of_mal = " "
pl = " "
search = " "
2014-02-19 13:57:32 +02:00
new = " "
update = 0
m = [ ] ;
2014-02-03 00:57:14 +02:00
f = " "
2014-01-20 10:21:05 +02:00
2014-02-19 13:57:32 +02:00
arguments = getArgvs ( )
2014-01-20 10:21:05 +02:00
# Checking for EULA Agreement
2014-02-03 00:57:14 +02:00
a = eulaHandler . check_eula_file ( )
2014-01-20 10:21:05 +02:00
if a == 0 :
2014-02-03 00:57:14 +02:00
eulaHandler . prompt_eula ( )
2014-01-20 10:21:05 +02:00
# Get arguments
2014-02-19 13:57:32 +02:00
# Check if update flag is on
if arguments . update_bol == 1 :
a = Updater ( )
a . update_db ( )
sys . exit ( 1 )
# Check if version flag is on
if arguments . ver_bol == 1 :
print vars . maldb_banner
sys . exit ( 1 )
# Check if license flag is on
if arguments . license_bol == 1 :
bannerHandler . print_license ( )
sys . exit ( 1 )
if ( ( len ( arguments . type_of_mal ) > 0 ) or ( len ( arguments . arch_of_mal ) > 0 ) or ( len ( arguments . lang_of_mal ) > 0 ) or ( len ( arguments . plat_of_mal ) > 0 ) ) :
# Take index.csv and convert into array m
csvReader = csv . reader ( open ( vars . main_csv_file , ' rb ' ) , delimiter = ' , ' )
for row in csvReader :
m . append ( row )
# Filter by type
if len ( arguments . type_of_mal ) > 0 :
m = filter_array ( m , vars . column_for_type , arguments . type_of_mal )
# Filter by programming language
if len ( arguments . lang_of_mal ) > 0 :
m = filter_array ( m , vars . column_for_plat , arguments . lang_of_mal )
# Filter by architecture
if len ( arguments . arch_of_mal ) > 0 :
m = filter_array ( m , vars . column_for_arch , arguments . arch_of_mal )
# Filter by Platform
if len ( arguments . plat_of_mal ) > 0 :
m = filter_array ( m , vars . column_for_plat , arguments . plat_of_mal )
i = 0
print vars . maldb_banner
print ' ID \t Name \t \t Type \t \t Version \t \t Language '
print ' -- \t ---- \t \t ---- \t \t ------- \t \t -------- '
for g in m :
#print 'now'
answer = m [ i ] [ vars . column_for_uid ]
answer + = ' \t %s ' % ( ' {0: <12} ' . format ( m [ i ] [ vars . column_for_name ] ) )
answer + = ' \t %s ' % ( ' {0: <12} ' . format ( m [ i ] [ vars . column_for_type ] ) )
answer + = ' \t %s ' % ( ' {0: <12} ' . format ( m [ i ] [ vars . column_for_version ] ) )
answer + = ' \t %s ' % ( ' {0: <12} ' . format ( m [ i ] [ vars . column_for_pl ] ) )
print answer
i = i + 1
sys . exit ( 1 )
# Initiate normal run. No arguments given.
2014-02-03 00:57:14 +02:00
os . system ( ' clear ' )
print vars . maldb_banner
while 1 :
terminalHandler . MainMenu ( )
sys . exit ( 1 )
2014-01-15 11:01:23 +02:00
2014-01-20 12:28:57 +02:00
2014-01-15 11:01:23 +02:00
if __name__ == " __main__ " :
2014-01-20 10:21:05 +02:00
main ( )