我正在编写一个代码,它将采用布谷鸟生成报告。 我只需要特定的数据,所以我写了一个python程序。然而, 我遇到了产生所需输出的问题。
以下是我的代码:
import os
import json
import pandas as pd
from pprint import pprint
with open('/home/shaunak/Desktop/Scripts/report.json') as json_file:
data = json.load(json_file)
virustotal_sha256 = (str(data['virustotal']['sha256']))
static_pdb_path = (str(data['static']['pdb_path']))
write_in_file = open('resultFile.txt','w')
write_in_file.write(virustotal_sha256 +'\n')
write_in_file.write(static_pdb_path + '\n')
#write_in_file.write()
to_dict = data
for item in to_dict['behavior']['generic']:
behavior_generic = str(item['summary'])
write_in_file.write(behavior_generic)
#write_in_file.write('\n'+'\n'+ strings + '\n')
to_dict = data
for item in to_dict['static']['pe_imports']:
static_pe_imports = str(item['imports'])
write_in_file.write('\n'+static_pe_imports+'\n')
write_in_file.close()
with open('resultFile.txt', 'r') as file :
filedata = file.read()
# Replace the target string
filedata = filedata.replace("u'name': u'", 'name: ')
filedata = filedata.replace("u'address': u'", '')
filedata = filedata.replace('{', '')
filedata = filedata.replace('}', '')
filedata = filedata.replace('[', '')
filedata = filedata.replace(']', '')
filedata = filedata.replace("'", '')
# Write the file out again
with open('filteredResult.txt', 'w') as file:
file.write(filedata)
write_in_file.close()
os.remove("/home/shaunak/Desktop/Scripts/resultFile.txt")
现在的问题是我得到的文件输出为
这是md5值
0442cfabb3212644c4b894a7e4a7e84c00fd23489cc4f96490f9988e6074b6ab
None
ufile_opened: uC:\\Documents and Settings\\M0rt\\Local Settings\\Temp\\0442cfabb3212644c4b894a7e4a7e84c00fd23489cc4f96490f9988e6074b6ab.exe, ufile_exists: uC:\\Documents and Settings\\M0rt\\Local Settings\\Temp\\, uregkey_opened: uHKEY_CURRENT_USER\\Software\\Borland\\Delphi\\Locales, uHKEY_LOCAL_MACHINE\\Software\\Borland\\Locales, uHKEY_CURRENT_USER\\Software\\Borland\\Locales, ufile_failed: uC:\\Documents and Settings\\M0rt\\Local Settings\\Temp\\0442cfabb3212644c4b894a7e4a7e84c00fd23489cc4f96490f9988e6074b6ab.exe
name: DeleteCriticalSection, 0x444118, name: LeaveCriticalSection, 0x44411c, name: EnterCriticalSection, 0x444120, name: InitializeCriticalSection, 0x444124, name: VirtualFree, 0x444128, name: VirtualAlloc, 0x44412c, name: LocalFree, 0x444130, name: LocalAlloc, 0x444134, name: GetTickCount, 0x444138, name: QueryPerformanceCounter, 0x44413c, name: GetVersion, 0x444140, name: GetCurrentThreadId, 0x444144, name: InterlockedDecrement, 0x444148, name: InterlockedIncrement, 0x44414c, name: VirtualQuery, 0x444150, name: WideCharToMultiByte, 0x444154, name: MultiByteToWideChar, 0x444158, name: lstrlenA, 0x44415c, name: lstrcpynA, 0x444160, name: LoadLibraryExA, 0x444164, name: GetThreadLocale, 0x444168, name: GetStartupInfoA, 0x44416c, name: GetProcAddress, 0x444170, name: GetModuleHandleA, 0x444174, name: GetModuleFileNameA, 0x444178, name: GetLocaleInfoA, 0x44417c, name: GetLastError, 0x444180, name: GetCommandLineA, 0x444184, name: FreeLibrary, 0x444188, name: FindFirstFileA, 0x44418c, name: FindClose, 0x444190, name: ExitProcess, 0x444194, name: WriteFile, 0x444198, name: UnhandledExceptionFilter, 0x44419c, name: SetFilePointer, 0x4441a0, name: SetEndOfFile, 0x4441a4, name: RtlUnwind, 0x4441a8, name: ReadFile, 0x4441ac, name: RaiseException, 0x4441b0, name: GetStdHandle, 0x4441b4, name: GetFileSize, 0x4441b8, name: GetFileType, 0x4441bc, name: CreateFileA, 0x4441c0, name: CloseHandle, 0x4441c4
name: GetKeyboardType, 0x4441cc, name: LoadStringA, 0x4441d0, name: MessageBoxA, 0x4441d4, name: CharNextA, 0x4441d8
name: RegQueryValueExA, 0x4441e0, name: RegOpenKeyExA, 0x4441e4, name: RegCloseKey, 0x4441e8
name: SysFreeString, 0x4441f0, name: SysReAllocStringLen, 0x4441f4, name: SysAllocStringLen, 0x4441f8
name: TlsSetValue, 0x444200, name: TlsGetValue, 0x444204, name: LocalAlloc, 0x444208, name: GetModuleHandleA, 0x44420c
name: RegSetValueExA, 0x444214, name: RegOpenKeyExA, 0x444218, name: RegFlushKey, 0x44421c, name: RegCreateKeyExA, 0x444220, name: RegCloseKey, 0x444224, name: OpenThreadToken, 0x444228, name: OpenProcessToken, 0x44422c, name: GetTokenInformation, 0x444230, name: FreeSid, 0x444234, name: EqualSid, 0x444238, name: AllocateAndInitializeSid, 0x44423c
现在我希望它能以
的方式出现md5_value name1 name2 name3 name4 name_etc
这样我可以在它们下方有一个计数器,以防重复名称。
任何帮助或建议都非常有用..
我想要实现的最终目标是确保我可以将数据提供给深度学习(机器学习)