malware_config.py 文件源码-python代码片段

malware_config.py 文件源码

python

阅读 20 收藏 0 点赞 0 评论 0

项目：fame_modules 作者: certsocietegenerale 项目源码文件源码

def load_current_state(self):
        self.known = {}
        blocks = store.config_blocks.find({'botnet': self.label})

        # First, we have to get each config block 'type' known
        for type in blocks.distinct('type'):
            self.known[type] = {}

            # This could probably be done in just one (complex) query
            targets = store.config_blocks.find({
                'botnet': self.label,
                'type': type
            }).distinct('target')

            for target in targets:
                last_known = store.config_blocks.find({
                    'botnet': self.label,
                    'type': type,
                    'target': target,
                }).sort('updated', DESCENDING).limit(1)[0]

                if last_known['action'] != ACTION_REMOVED:
                    self.known[type][target] = ConfigBlock(last_known)