我有4个列表:
“criticallist”`
[ade4c7059e17ab9e47d2aaec6cf04a9d, 882edee4cc71806190ca43993e8b2eb5, nekspzwjxhqroiu.com, htfbzqewll.org]`
“主人”
[4d7d1c89529bcfcbbbbf9d6a2ba42cb5, 9f26da4de1653f609e7b4bcaade63daa]
然后每个函数都有单独的md5列表 - [例如。 49f12a7b358c7f7cba005610210418aa] “md5-ThreatExpert”和“md5-HybridAnalysis”,都在我们各自的功能中,我将其重命名为“md5threat”。
然后在每个函数中我试图将“criticallist”和“master”与“md5threat”进行比较。
“md5threat”中任何不在“criticallist”或“master”中的内容都会添加到“md5broinput”。
和
如果它被添加到“md5broinput”,它也会附加回“master”。
“md5broinput”每天都是新的,我每周都会擦“主人”。
def md5threatexpertcritical():
filename = open("md5-ThreatExpert-bro", 'w') #input file for bro script gone through critical checks
md5threat = "md5-ThreatExpert" #latest md5's from MISP
#create bromaster if doesn't exist
if os.path.exists("bromasterlist"):
pass
else:
f = file("bromasterlist", "w")
f.close()
master = "bromasterlist" #master bro list that we've already added to bro
PATH = "/opt/critical-stack/frameworks/intel"
CRITICAL = "master-public.bro.dat"
CRITICALSTACK = os.path.join(PATH, CRITICAL)
criticallist = "/home/money/Documents/hybrid/critical"
whitelist = open(criticallist,'w')
with open(CRITICALSTACK,'r') as CRITICALSTACK1:
reader = csv.reader(CRITICALSTACK1, delimiter='\t')
CRITICAL = []
for row in reader:
CRITICAL.append(row[0])
whitelist.write("\n".join(CRITICAL))
x=[]
y=[]
z=[]
md5broinput=[]
with open(criticallist, 'r') as critical:
for line in critical:
line = line.strip()
x.append(line)
with open(master, 'r') as bromaster:
for line in bromaster:
line = line.strip()
y.append(line)
with open(md5threat, 'r') as md5threat:
for line in md5threat:
line = line.strip()
z.append(line)
for md5 in z:
if md5 in y:
print md5+" is in bromaster"
pass
elif md5 in x:
print md5+" is in critical"
pass
elif md5 not in x and y:
y.append(md5)
md5broinput.append(md5)
filename.write("\n".join(md5broinput))
filename.close()
f=open(master,'a')
f.write("\n".join(set(y)))
f.write("\n")
f.close()
def md5hybridanalysiscritical():
filename = open("md5-HybridAnalysis-bro", 'w+')
md5threat = "md5-HybridAnalysis" #latest md5's from MISP
master = "bromasterlist" #master bro list that we've already added to bro
PATH = "/opt/critical-stack/frameworks/intel"
CRITICAL = "master-public.bro.dat"
CRITICALSTACK = os.path.join(PATH, CRITICAL)
criticallist = "/home/money/Documents/hybrid/critical"
x=[]
y=[]
z=[]
md5broinput=[]
with open(criticallist, 'r') as critical:
for line in critical:
line = line.strip()
x.append(line)
with open(master, 'r') as bromaster:
for line in bromaster:
line = line.strip()
y.append(line)
with open(md5threat, 'r') as md5threat:
for line in md5threat:
line = line.strip()
z.append(line)
for md5 in z:
if md5 in y:
print md5+" is in bromaster"
pass
elif md5 in x:
print md5+" is in critical"
pass
elif md5 not in x and y:
y.append(md5)
md5broinput.append(md5)
filename.write("\n".join(md5broinput))
filename.close()
f=open(master,'a')
f.write("\n".join(set(y)))
f.write("\n")
f.close()
答案 0 :(得分:3)
尝试将其作为代码的重构。当"with"更加pythonic时,代码使用list comprehension作为上下文。添加@nbryans回答..
https://docs.python.org/3/tutorial/datastructures.html#list-comprehensions
filename = open("md5-HybridAnalysis-bro", 'wb+')
md5threat = open("md5-HybridAnalysis" , 'rb') #
x = [line.strip() for line in criticallist ]
y = [line.strip() for line in master]
z = [line.strip() for line in md5threat]
md5broinput = []
#print x[:6]
#print y[:6]
#print z[:6]
for md5 in z:
if md5 in y:
print md5+" is in bromaster"
elif md5 in x:
print md5+" is in critical"
else:
y.append(md5)
md5broinput.append(md5)
filename.write("\n".join(md5broinput))
filename.close()
f=open(master,'a')
f.write("\n".join(y))
f.write("\n")
f.close()
答案 1 :(得分:1)
如果我正确理解了这个问题,你想要
for md5 in z:
if md5 in y:
print md5+" is in bromaster"
pass
正如现在所写的那样,你说的是#34;在经纪人面前。"在您检查if md5 not in y后,y是主人。
答案 2 :(得分:0)
我建议清理代码,以免在想要相互比较的多个级别的信息中迷失。一种方法是不将内容从关键列表命名为x(当检索为列表时)等待一秒......
这个怎么样:
#! /usr/bin/env python
from __future__ import print_function
md5threat = "md5-HybridAnalysis"
criticallist = "some_criticallist.txt"
master = "some_master.txt"
x_crit, y_mast, z_md5t = [], [], []
md5broinput = []
with open(criticallist, 'r') as critical:
for line in critical:
x_crit.append(line.strip())
with open(master, 'r') as bromaster:
for line in bromaster:
y_mast.append(line.strip())
with open(md5threat, 'r') as md5threat:
for line in md5threat:
z_md5t.append(line.strip())
for a_md5 in z_md5t:
if a_md5 in y_mast:
print(a_md5 + " is in bromaster")
pass
elif a_md5 in x_crit:
print(a_md5 + " is in critical")
pass
else:
y_mast.append(a_md5)
md5broinput.append(a_md5)
with open("md5-HybridAnalysis-bro", 'w+') as o_f:
o_f.write("\n".join(md5broinput))
with open(master, 'a') as m_f:
m_f.write("\n".join(y_mast) + '\n')
然后@nbryans已经发现变化:
for a_md5 in z_md5t:
if a_md5 not in y_mast:
print(a_md5 + " is in bromaster")
pass
为:
for a_md5 in z_md5t:
if a_md5 in y_mast:
print(a_md5 + " is in bromaster")
pass
我更喜欢@merlins的答案。如果您想进一步使用上下文管理器并同时构建完整列表,那么为什么不首先从文件加载,一个接一个地保留块,而不是执行分析匹配循环 - 具有串行收集阶段和专注于组合algortihm只有列表。
答案 3 :(得分:0)
所以代码说当md5不在y中时,所以如果不是附加的其他内容,则会触及。
当前代码:
for md5 in z:
if md5 not in y:
print md5+" is in bromaster"
pass
elif md5 in x:
print md5+" is in critical"
pass
else:
y.append(md5)
md5broinput.append(md5)
我认为代码应该说:
for md5 in z:
if md5 in y: #<--- This is the line changed
print md5+" is in bromaster"
pass
elif md5 in x:
print md5+" is in critical"
pass
else:
y.append(md5)
md5broinput.append(md5)
答案 4 :(得分:0)
感谢@Merlin为您提供帮助,我非常感激,并且我正在理解它。我给了你点数,我可以就此而言!
如果你看看我犯了错误的地方,我正在检查列表y然后在循环结束时追加到它,这就像一个无休止的循环 -
我换了 -
for md5 in z:
if md5 in y:
print md5+" is in bromaster"
pass
elif md5 in x:
print md5+" is in critical"
pass
elif md5 not in x and y:
y.append(md5) #I got rid of this line and it works great.
md5broinput.append(md5)
with -
for md5 in z:
if md5 in y:
print md5+" is in bromaster"
pass
elif md5 in x:
print md5+" is in critical"
pass
elif md5 not in x and y:
md5broinput.append(md5)
我很感激,我希望在某些时候我能在这里帮助菜鸟!