-
Notifications
You must be signed in to change notification settings - Fork 1
/
Recog.py
80 lines (60 loc) · 2.37 KB
/
Recog.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
from subprocess import Popen, PIPE, DEVNULL
import re
import json
from enum import Enum
class MatchLevel(Enum):
RAW = 1
SPLIT_HEX = 2
SPLIT_NON_ALPHABETIC = 3
# Comparison operator for checking level
def __ge__(self, other):
return self.value >= other.value
# Filter nmap output and then try to match
def match_nmap(banner, filename, level=MatchLevel.RAW):
match_result = None
try:
MIN_WORD_LENGTH = 2
# Level RAW
match_result = match(banner, filename)
if match_result is None and level >= MatchLevel.SPLIT_HEX:
# Level SPLIT_HEX
split_hex = re.split(r"\\x\w\w+|\n", banner)
for word in split_hex:
if len(word) > MIN_WORD_LENGTH:
match_result = match(word, filename)
if match_result is not None:
return match_result
if level >= MatchLevel.SPLIT_NON_ALPHABETIC:
# Level SPLIT_NON_ALPHABETIC
for word in split_hex:
for part_word in re.split(r"\W+", word):
# Do not process numbers only, causes high probability of false match
if len(part_word) > MIN_WORD_LENGTH and not part_word.isdigit():
match_result = match(part_word, filename)
if match_result is not None:
return match_result
except Exception as e:
print("Error matching ", banner, " ", e)
return match_result
# Match a banner from provided xml filename to a recog result
def match(banner, filename):
proc = Popen(["recog/bin/recog_match", "recog/xml/" + filename + ".xml"],
stdout=PIPE,
stdin=PIPE,
stderr=DEVNULL
)
grep_stdout = proc.communicate(input=bytearray(banner, encoding='utf8'))[0]
proc.terminate()
match_result = grep_stdout.decode()
try:
if match_result.startswith("MATCH:"):
match_result = match_result[7:].replace("=>", ":")
match_result = match_result.replace(":nil", ":\"\"")
match_object = json.loads(match_result)
else:
match_object = None
except Exception as e:
match_object = None
print("Error parsing recog result: ", e)
print(match_result)
return match_object