Python个人代码库---t3scan扫描器

<pre name="code" class="python">#!/usr/bin/python
# -*- coding: utf-8 -*-

import sys
import os
import bslog 
import bsutil      
import bsmysql 
import bsqueuec   
import time  
import pickle 
import commands
import re
LOGGER = bslog.init_log(os.path.join(os.path.dirname(__file__) + '/log/', "scan.log"))

 
 
def filter_virusname(vname):
    virus_behav = virus_fam = virus_var = ''
    matched = re.match('(.*)\.?AndroidOS\.?(.*)', vname) 
    if matched:
        virus_behav = matched.group(1).strip()
        virus_fam = matched.group(2).strip()
    return  (virus_behav, virus_fam, virus_var)
        
        
def get_current_time():
    current_time = time.strftime('%Y-%m-%d %H:%M:%S')
    return current_time        

def insert2db(dic_info, apk_id, cur, conn):
    virus_name = ''
    injected_file = ''
    if dic_info.has_key('virus_name'):
        virus_name = dic_info['virus_name']
    if dic_info.has_key('injected_file'):
        injected_file = dic_info['injected_file']
    sql = """REPLACE INTO test_huangpeng.t3scan_result(apk_id, scanner_id, result_id, virus_name, infected_file, ts, virus_behav, virus_fam, virus_var) VALUES(%s, %s, %s, '%s', '%s', '%s', '%s', '%s', '%s')"""  \
    % (apk_id, 29, 1, virus_name, injected_file, get_current_time(), dic_info['virus_behav'], dic_info['virus_fam'], dic_info['virus_var'])
    print sql
    count = cur.execute(sql)
    print 'insert_count->' + str(count)
    conn.commit()

def get_virus_info(output):
    lis = output.split("\r")
    dic_info = {}
    dic_info['virus_name'] = ''
    for line in lis:
        if ".apk:" in line.strip() and "found" in line.strip():
            injected_file = line.strip().split('-')[0].strip()
            dic_info['injected_file'] = injected_file
        elif ".apk" in line.strip() and "found" in line.strip():
            macthed = re.search("'(.*)'", line.strip()) 
            if macthed:
                virus_name = macthed.group(1)
                dic_info['virus_name'] = virus_name
    (virus_behav, virus_fam, virus_var) = filter_virusname(dic_info['virus_name'])
    dic_info['virus_behav'] = virus_behav
    dic_info['virus_fam'] = virus_fam
    dic_info['virus_var'] = virus_var
    return dic_info
    
def scan(apk_fullpath, apk_id, cur, conn):
    cmd = "/home/ks/t3scan_l64/t3scan_l64 %s" % apk_fullpath
    status, output = commands.getstatusoutput(cmd)
    dic_info = get_virus_info(output)
    if dic_info['virus_name'] != None and dic_info['virus_name'] != '':
        insert2db(dic_info, apk_id, cur, conn)

def t3scan(bsc, cur, conn):
    print 'start...'
    while True: 
        apks_dict = {}
        for i in xrange(50):
            job = bsc.reserve('t3scan') 
            if job is None:
                LOGGER.info("wait, job is none")
                time.sleep(10)  
                continue
            apk_dict = pickle.loads(job.body)
            job.delete()
            apk_fullpath = apk_dict[0]
            apk_id = apk_dict[1]
            scan(apk_fullpath, apk_id, cur, conn)
            
if __name__ == '__main__':  
    reload(sys)
    sys.setdefaultencoding("utf-8")
    host = bsutil.parse_cfg('mysql', 'host')
    user = bsutil.parse_cfg('mysql', 'user')
    passwd = bsutil.parse_cfg('mysql', 'passwd')
    dbname = bsutil.parse_cfg('mysql', 'dbname')
    pool = bsmysql.mysql_pool(host, user, passwd, dbname)
    conn = pool.connection()
    cur = conn.cursor()
    bq_host = bsutil.parse_cfg('queue', 'host')
    bsc = bsqueuec.BSQueueC(bq_host)
    t3scan(bsc, cur, conn)
    conn.commit()
    cur.close()
    conn.close()