diff --git a/imports/globals.py b/imports/globals.py index dc5eafc..9ba2555 100644 --- a/imports/globals.py +++ b/imports/globals.py @@ -20,8 +20,9 @@ import sys class init: def init(self): # Global Variables - version = "0.4.2 Arthur" - appname = "Malware DB" + version = "0.5.0 Citadel" + appname = "theZoo" + codename = "Citadel" authors = "Yuval Nativ, Lahad Ludar, 5fingers" licensev = "GPL v3.0" fulllicense = appname + " Copyright (C) 2014 " + authors + "\n" @@ -83,12 +84,16 @@ class vars: main_csv_file = conf_folder + '/index.csv' giturl = 'https://raw.github.com/ytisf/theZoo/master/' + with file(maldb_ver_file) as f: + db_ver = f.read() + maldb_banner = " __ ___ __ ____ ____\n" maldb_banner += " / |/ /___ _/ / ______ _________ / __ \/ __ )\n" maldb_banner += " / /|_/ / __ `/ / | /| / / __ `/ ___/ _ \______/ / / / __ |\n" maldb_banner += " / / / / /_/ / /| |/ |/ / /_/ / / / __/_____/ /_/ / /_/ /\n" - maldb_banner += " /_/ /_/\__,_/_/ |__/|__/\__,_/_/ \___/ /_____/_____/\n" + maldb_banner += " /_/ /_/\__,_/_/ |__/|__/\__,_/_/ \___/ /_____/_____/\n\n" maldb_banner += " version: " + version + "\n" + maldb_banner += " db_version: " + db_ver + "\n" maldb_banner += " built by: " + authors + "\n\n" addrs = ['reverce_tcp/', 'crazy_mal/', 'mal/', 'show malwares'] diff --git a/imports/muchmuchstrings.py b/imports/muchmuchstrings.py index 18f92e8..b9f35e6 100644 --- a/imports/muchmuchstrings.py +++ b/imports/muchmuchstrings.py @@ -37,6 +37,6 @@ class banners: print globals.vars.useage def print_available_payloads(self, array): - answer = array[globals.vars.column_for_uid] + "\t" + array[globals.vars.column_for_name]+ "\t" + array[globals.vars.column_for_version] + "\t\t" - answer += array[globals.vars.column_for_location] + "\t\t" + array[globals.vars.colomn_for_time] + answer = str(array[globals.vars.column_for_uid]) + "\t" + str(array[globals.vars.column_for_name]) + "\t" + str(array[globals.vars.column_for_version]) + "\t\t" + answer += str(array[globals.vars.column_for_location]) + "\t\t" + str(array[globals.vars.colomn_for_time]) print answer diff --git a/imports/terminal_handler.py b/imports/terminal_handler.py index 7e32744..fe42389 100644 --- a/imports/terminal_handler.py +++ b/imports/terminal_handler.py @@ -27,7 +27,7 @@ class Controller: self.modules = self.GetPayloads() - print 'im at init' + #print 'im at init' self.plat = '' self.arch = '' self.lang = '' diff --git a/malware-db.py b/malware-db.py index 746a6ad..acac5e0 100644 --- a/malware-db.py +++ b/malware-db.py @@ -17,17 +17,19 @@ #along with this program. If not, see . from imports import muchmuchstrings -__version__ = "0.4.2 Arthur" -__appname__ = "Malware DB" +__version__ = "0.5.0 Citadel" +__codename__ = "Citadel" +__appname__ = "theZoo" __authors__ = ["Yuval Nativ","Lahad Ludar","5Fingers"] __licensev__ = "GPL v3.0" __maintainer = "Yuval Nativ" -__status__ = "Development" +__status__ = "Beta" import sys import getopt import csv import os +from optparse import OptionParser from imports.updatehandler import Updater from imports.eula_handler import EULA from imports.globals import vars @@ -63,70 +65,96 @@ def main(): answer += array[vars.column_for_location] + "\t\t" + array[vars.colomn_for_time] print answer + def getArgvs(): + parser = OptionParser() + parser = OptionParser() + parser.add_option("-t", "--type", dest="type_of_mal", default='', help="Type of malware to search. \nFor example botnet,trojan,virus,etc...") + parser.add_option("-l", "--language", dest="lang_of_mal", default='', help="Language of the version of the malware which is in the databse.\nFor example: vbs,vb,c,cpp,bin,etc...") + parser.add_option("-a", "--architecture", dest="arch_of_mal", default='', help="The architecture the malware is intended for.\nFor example: x86,x64,arm7,etc...") + parser.add_option("-p", "--platform", dest="plat_of_mal", default="", help="Platform the malware is inteded for.\nFor example: win32,win64,ios,android,etc...") + parser.add_option("-u", "--update", dest="update_bol", default=0, help="Updates the DB of theZoo.", action="store_true") + parser.add_option("-v", "--version" , dest="ver_bol", default=0, help="Shows version and licensing information.", action="store_true") + parser.add_option("-w", "--license", dest="license_bol", default=0, help="Prints the GPLv3 license information.", action="store_true") + (options, args) = parser.parse_args() + return options + # Here actually starts Main() - - options, remainder = getopt.getopt(sys.argv[1:], 'hwuvs:p:t:', ['type=', 'language=', 'search=', 'help', 'update', 'version', 'dbv' ]) - # Zeroing everything type_of_mal = "" pl = "" search = "" - new ="" - update=0 - m=[]; + new = "" + update = 0 + m = []; f = "" + arguments = getArgvs() + # Checking for EULA Agreement a = eulaHandler.check_eula_file() if a == 0: eulaHandler.prompt_eula() # Get arguments - for opt, arg in options: - if opt in ('-h', '--help'): - print vars.fulllicense - print vars.useage - sys.exit(1) - elif opt in ('-u', '--update'): - updateHandler.update_db() - sys.exit(1) - elif opt in ('-v', '--version'): - bannerHandler.versionbanner() - sys.exit(1) - elif opt in '-w': - bannerHandler.print_license() - sys.exit(1) - elif opt in ('-t', '--type'): - type_of_mal = arg - elif opt in ('-p', '--language'): - pl = arg - elif opt in ('-s', '--search'): - search = arg - elif opt in '--dbv': - # Getting version of malware-DB's database - a = updateHandler.get_maldb_ver() - if a == 0: - sys.exit(0) - elif len(a) > 0: - print '' - print "Malware-DB Database's version is: " + a - sys.exit() + + # Check if update flag is on + if arguments.update_bol == 1: + a = Updater() + a.update_db() + sys.exit(1) - # Take index.csv and convert into array m - csvReader = csv.reader(open(vars.main_csv_file, 'rb'), delimiter=',') - for row in csvReader: - m.append(row) + # Check if version flag is on + if arguments.ver_bol == 1: + print vars.maldb_banner + sys.exit(1) - # Filter by type - if len(type_of_mal) > 0: - m = filter_array(m, vars.column_for_type, type_of_mal) + # Check if license flag is on + if arguments.license_bol == 1: + bannerHandler.print_license() + sys.exit(1) - # Filter by programming language - if len(pl) > 0: - m = filter_array(m, vars.column_for_pl, pl) + if ((len(arguments.type_of_mal) > 0) or (len(arguments.arch_of_mal) > 0) or (len(arguments.lang_of_mal) > 0) or (len(arguments.plat_of_mal) > 0)): + # Take index.csv and convert into array m + csvReader = csv.reader(open(vars.main_csv_file, 'rb'), delimiter=',') + for row in csvReader: + m.append(row) + + # Filter by type + if len(arguments.type_of_mal) > 0: + m = filter_array(m, vars.column_for_type, arguments.type_of_mal) + + # Filter by programming language + if len(arguments.lang_of_mal) > 0: + m = filter_array(m, vars.column_for_plat, arguments.lang_of_mal) + + # Filter by architecture + if len(arguments.arch_of_mal) > 0: + m = filter_array(m, vars.column_for_arch, arguments.arch_of_mal) + + # Filter by Platform + if len(arguments.plat_of_mal) > 0: + m = filter_array(m, vars.column_for_plat, arguments.plat_of_mal) + + i=0 + print vars.maldb_banner + print 'ID\tName\t\tType\t\tVersion\t\tLanguage' + print '--\t----\t\t----\t\t-------\t\t--------' + for g in m: + #print 'now' + answer = m[i][vars.column_for_uid] + answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_name])) + answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_type])) + answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_version])) + answer += '\t%s' % ('{0: <12}'.format(m[i][vars.column_for_pl])) + print answer + i=i+1 + + sys.exit(1) + + # Initiate normal run. No arguments given. os.system('clear') print vars.maldb_banner while 1: