#!/usr/bin/envpythonimportosimportcsv # importqueueimportzipfileimportrequestsimportargparseimportmultiprocesssing # todo 333333 envs/utils/samples/' hashes _ path=' gym _ malware/envs/utils/sample _ hath download ' defget _ sample _ hashare withopen ) hashes_path ) ascs vfile 3360 forrowincsv.dict 3360 hash _ rows.append (row ) return hash _ rowsdefvt _ downlows vtapikey ) : tries=0success=falsewhilenotsuccessandtries 103360 resp=requests.get (vt URL, Params={'Hash'3366666 ) ) ) ) ) 652 'APIkey':vtapikey} if notre sp.ok : tries=1continue else : success=trueifnotsuccess 3360 returnfalsewithopen (' WB ' ) aso file : ofile.ofile ad_worker_function ) download_queue,vtapikey (: while true : try : sha 256=download _ queue.get () ) except queue.empty : continueifsha 256==' stop ' : download _ queue.task _ done (returntrueprint ({ } download ).task_done ) ) returntrueprint (652 sample _ path=OS.path.join (samples _ path,sha256 ) success=vt tapi key (if not success 3360 print ({} hada problem ).format (sha 256 ) }print ) { } done ).format (sha 256 ) ) Downlling efuse_virustotal(args ) : ' ' usevirustotaltodownloadtheeenvironmentmalware ' ' download _ queue=m.joinablequeue (args.nconcurrent ) archive _ procs=[ multi processing.process ] target=downloable args.vtapikey () forIinrange(args.nconcurrent ) ) ] for w in archive _ procs : w.start ) ) forro winget _ sample _ has son 3360 download _ queue.put (row (sha 256 ) ) ) foriiis ut ) stop forwinarchive _ procs : w.join (defuse _ virus share (args ) : ''' Use庄重的帽子zipfilesasthesourcefortheeeeeere
"ascii") md5_to_sha256_dict = {d["md5"]: d["sha256"] for d in get_sample_hashes()} for path in args.zipfile: z = zipfile.ZipFile(path) for f in z.namelist(): z_object_md5 = f.split("_")[1] if z_object_md5 in md5_to_sha256_dict: sample_bytez = z.open(f, "r", pwd).read() with open(md5_to_sha256_dict[z_object_md5], "wb") as ofile: ofile.write(sample_bytez) print("Extracted {}".format(md5_to_sha256_dict[z_object_md5]))if __name__ == '__main__': prog = "download_samples" descr = "Download the samples that define the malware gym environment" parser = argparse.ArgumentParser(prog=prog, description=descr) parser.add_argument( "--virustotal", default=False, action="store_true", help="Use Virustotal to download malware samples") parser.add_argument( "--vtapikey", type=str, default=None, help="Virustotal API key") parser.add_argument( "--nconcurrent", type=int, default=6, help="Maximum concurrent downloads from Virustotal") parser.add_argument( "--virusshare", default=False, action="store_true", help="Use malware samples from 沉静的帽子 torrents") parser.add_argument( "--zipfile", type=str, nargs="+", help="The path of 沉静的帽子 zipfile 290 or 291") parser.add_argument( "--zipfilepassword", type=str, default=None, help="Password for the 沉静的帽子 zipfiles 290 or 291") args = parser.parse_args() if not args.virustotal and not args.virusshare: parser.error("Must use either Virustotal or 沉静的帽子") if args.virusshare: if len(args.zipfile) == 0: parser.error("Must the paths for one or more Virusshare zip files") if args.zipfilepassword is None: parser.error("Must enter a password for the 沉静的帽子 zip files") use_virusshare(args) if args.virustotal: if args.vtapikey is None: parser.error("Must enter a VirusTotal API key") use_virustotal(args)csv文件格式:
sha256,sha1,md50007df5e92070f8d12411078070bdcafb24df81c837d8113a1e047ed7ac9fba1,e760b4ae027975928735024273a4240995442e2b,002e5581fabb21af4d4e7ec070561d380026b14f896934c621eccca48474353fff08f592ebc2949dde4b881f2353e3d2,f5cc8bd5accc281a8a41a9b13d870734361ec26b,292bd61f51ef0983b058a3b0f16ad26300341b912ae7a9fc5bd25ac544bb2525cdc10f7dfcf51e6d96e9221a9ca06525,0329a4316eea3cf6d1376ea1eab5e2806258193b,c0370cb71216559beef7fe943b52003e007792005ee9d835d5d0d4e0d6f7b886605272252a202e97a04bbc30bbbe12ae,f8190fe3936eff91a011901e30d66d0ad96e7e0c,64fed9d345dec9156090832c2b768982009868767950256d823b0e9c6a89b8a7b2cef63424adc1840d1350ffa0bd3e42,50d4083adcd17910c2889842daf0d5e6ec41ab40,2f7a71e7abfd8536b9dee243656e0a8a00a52b54695bac31830bdecf1c0e71b10da9bf3e9ff3d52cf1fc90f110458475,26f7549b66b2578112a77ceda7be7647ce5bc763,84b7490cae7fb84010863e006988951a00c00e802109d0a3cb122c90168380ca23dfd3c28b1f03711b6218a8b1800f7c,eca4d84561c6440975ca64402e92ab01cf1bf4c8,d40cf7ae9174d5dc79c2e9db8cdb1bbb0105e7aadf4e069b10aea00a43d90b753acfdd81c8db6e37df2c5b563162c30b,310a76a010cb58b510da8eb743f53ff517e441a9,2d4dcc983545014af6c8994ffa4784880106fb2d96d5643f7ccb4a3e9fe8f3bb34c7d65d03333370648915991a3b200d,ad073b1ada3bb0aff0cae2edd7d41f6f09816cbe,f3e5b6b8c47211d54c2031d7a9a8f54f012244e5a30708451b0b8b36a45e7d36fc8694f999adec739ef21efbc5f8e922,ef0ce82ca912e79a4fe64879ceb7fc30605367bb,ef24712cdbd8bd210e44d1546f5b91ab014b392af2230b6275acf08a1384b1dd578e7fa3e7aba70c1b5b2ea6956c2108,43336578eb0efb1f9096836ff420fba635527020,d8f99268a5727a64bbac9a149b169afc01640574490f32ba3d84bef60bdc30794edacf32932e93bada4d068dc5e27457,320c06678b0253ef5e30933d341a981744702c49,06c7dcdcdc887e052c2b6ee0dc88a2a6