64-bit: HKLM|HKCU\SOFTWARE\
32-bit: HKLM|HKCU\SOFTWARE\wow6432node\
所以32位程序在HKLM|HKCU\SOFTWARE\wow6432node\下面找Python安装信息,肯定是找不到了。只能下载64位的程序,可是各种找不到pycrypto-win64。哎,难道64位系统用户没人权吗?哎,64位的孩子就苦逼吧,反正我是搞不出来,根本就没有pycrypto-win64方面的资料嘛。。望知道孩子的告知下哈。
=====================================================================================
工欲善其事必先利其器
准备在ubuntu下架起jsunpack,安装好了vmware,下载ubuntu10.04(版本貌似有点老),安装好vmware-tools,关于怎么安装这个vmware-tools:
http://429006.com/article/technology/1590.htm
Ps:看完文档后,惊奇的发现,竟已经安装好了啊,不需要重新安装这个货。
于是顺利地把jsunpack拖到ubuntu中,开始了新的旅程。
按照INSATLL安装
Blake Hartstein
http://jsunpack.jeek.org/
INSTALL NOTES:
Required:
1) Build and install pynids (nids) from ./depends/pynids-0.6.1.tar.gz
To compile pynids, you may need the following (ubuntu) packages:
libpcap-dev pkg-config python-dev libgtk2.0-dev libnet1-dev
$ cd depends
$ tar xvfz pynids-0.6.1.tar.gz
$ cd pynids-0.6.1/ directory
$ python setup.py build
$ sudo python setup.py install
2) Build SpiderMonkey 'js' from ./depends/js-1.8.0-rc1-src.tar.gz
This package has modifications to the spidermonkey source code; therefore, it is not recommended you use default smjs packages. (Details of the modifications are in INSTALL.spidermonkey.shellcode and INSTALL.spidermonkey, for historical purposes)
$ cd depends/
$ tar xvfz js-1.8.0-rc1-src.tar.gz
$ cd js-1.8.0-rc1-src
$ make BUILD_OPT=1 -f Makefile.ref
Then, make the 'js' binary available within your path.
$ echo "export $PATH="
3) Build and install YARA from ./depends/yara-1.6.tar.gz
(For Ubuntu or other systems, these packages may be required: libpcre3 libpcre3-dev)
$ cd depends
$ tar xvfz yara-1.6.tar.gz
$ cd yara-1.6
$ ./configure
$ make
$ sudo make install
For Ubuntu or other systems, you may need to add the following path after building:
$ sudo echo "/usr/local/lib" >> /etc/ld.so.conf
$ sudo ldconfig
4) Build and install YARA Python from ./depends/yara-python-1.6.tar.gz
$ cd depends
$ tar xvfz yara-python-1.6.tar.gz
$ cd yara-python-1.6
$ python setup.py build
$ sudo python setup.py install
5) Build and install BeautifulSoup from ./depends/BeautifulSoup-3.2.0.tar.gz
(alternatively from the pypi http://pypi.python.org/pypi/BeautifulSoup/3.2.0)
$ cd depends
$ tar xvfz BeautifulSoup-3.2.0.tar.gz
$ cd BeautifulSoup-3.2.0/
$ python setup.py build
$ sudo python setup.py install
6) Install pycrypto (for encrypted PDFs) from ./depends/pycrypto-2.4.1.tar.gz
(alternatively from the pypi http://pypi.python.org/pypi/pycrypto/2.4.1)
$ cd depends
$ tar xvfz pycrypto-2.4.1.tar.gz
$ cd pycrypto-2.4.1
$ python setup.py build
$ sudo python setup.py install
Optional:
a) To use the -g --graph option, you should install the "python-yapgvb" package.
b) Filetype identification: Magic (optional)
If you use Ubuntu, you can install the python-magic package.
Ps:一定要按照INSTALL说的,把要下载的先下载好。
期间遇到的问题以及解决方法:
问题:error: Python.h: No such file or directory
解决方法 :sudo apt-get install python2.6-dev
问题:error: pcap.h: No such file or directory
解决方法:sudo apt-get install libpcap0.8-dev
问题:/bin/bash: g++: command not found
解决方法:sudo apt-get install g++
问题:bash: /etc/ld.so.conf: Permission denied
解决方法:$ sudo bash -c 'echo /usr/local/lib >> /etc/ld.so.conf'
问题:Vmware开启报错 Failed to lock the file
解决方法:删除
问题:在搞这个pynids的时候,sudo python setup.py build 总是报错:gcc: libnids-1.24/src/libnids.a: No such file or directory,这个问题很蛋疼。
解决方法:google 到神贴:http://ondailybasis.com/blog/?p=885
$ cd depends/pynids-0.6.1/libnids-1.24
$ ./configure
$ make
# make install
先编译一下这个libnids,安装好环境,然后再去编译pynids即可。
$ python jsunpackn.py -u http://google.com
看看result in temp/files
发现可以了。终于能够run了,不过只是抓却网站url,没有解析,明天继续研究吧。