-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathstraceExtractor
executable file
·51 lines (38 loc) · 30.1 KB
/
straceExtractor
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/usr/bin/env python
__author__ = 'AR'
import json, sys, subprocess, string, os, time
if len(os.sys.argv) < 3:
print "Usage: ./classify [startIndex] [endIndex]"
os.sys.exit()
start = int(os.sys.argv[1])
end = int(os.sys.argv[2])
if start > end:
start, end = end, start
########## Execute the command as child process ##########
def executeChildProcess(command):
#print "Executing Command " + command + " Output will be dumped to outputs file"
modifiedCommand = 'strace ' + command
with open('/home/currentanalyst/007/' + str(command)[2:6] + '.txt', 'a') as f:
#f.write(str('Output for ' + command + '\n'))
ps = subprocess.Popen(modifiedCommand, stderr=f, stdout=subprocess.PIPE, shell=True)
time.sleep(0.5)
ps.terminate()
def main():
########## Json Data (Commands and Args) ##########
data = '{"samples":[{"path":"0000","args":["/etc/passwd"]},{"path":"0001","args":["/"]},{"path":"0002","args":[]},{"path":"0003","args":["/etc/passwd"]},{"path":"0004","args":[]},{"path":"0005","args":["/"]},{"path":"0006","args":["31337"]},{"path":"0007","args":["1"]},{"path":"0008","args":["/etc/passwd"]},{"path":"0009","args":["/etc/passwd"]},{"path":"0010","args":["/etc/passwd"]},{"path":"0011","args":["a-z","A-Z"]},{"path":"0012","args":["/etc/passwd","/etc/group"]},{"path":"0013","args":[]},{"path":"0014","args":[]},{"path":"0015","args":["/etc/passwd"]},{"path":"0016","args":["/etc/passwd"]},{"path":"0017","args":[]},{"path":"0018","args":["-f","/","]"]},{"path":"0019","args":["/etc/passwd"]},{"path":"0020","args":[]},{"path":"0021","args":["/etc/passwd"]},{"path":"0022","args":[]},{"path":"0023","args":["/etc/passwd","/"]},{"path":"0024","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0025","args":["1"]},{"path":"0026","args":["/etc/passwd"]},{"path":"0027","args":["/etc/passwd","/etc/group"]},{"path":"0028","args":["/etc/passwd"]},{"path":"0029","args":["/dev/blah","c","1","1"]},{"path":"0030","args":["31337"]},{"path":"0031","args":["/etc/passwd"]},{"path":"0032","args":["/etc/passwd","/"]},{"path":"0033","args":["/"]},{"path":"0034","args":["1"]},{"path":"0035","args":["/etc/passwd"]},{"path":"0036","args":[]},{"path":"0037","args":[]},{"path":"0038","args":["/etc/passwd"]},{"path":"0039","args":["/"]},{"path":"0040","args":["0","/"]},{"path":"0041","args":[]},{"path":"0042","args":["/etc/passwd"]},{"path":"0043","args":["/etc/passwd"]},{"path":"0044","args":["/etc/passwd"]},{"path":"0045","args":["/etc/passwd","/etc/group"]},{"path":"0046","args":[]},{"path":"0047","args":[]},{"path":"0048","args":["/etc/passwd"]},{"path":"0049","args":["1"]},{"path":"0050","args":["/etc/passwd"]},{"path":"0051","args":["/etc/passwd"]},{"path":"0052","args":["/etc/passwd","/etc/group"]},{"path":"0053","args":["31337"]},{"path":"0054","args":[]},{"path":"0055","args":[]},{"path":"0056","args":["/etc/passwd"]},{"path":"0057","args":[]},{"path":"0058","args":["/etc/passwd"]},{"path":"0059","args":[]},{"path":"0060","args":[]},{"path":"0061","args":["31337"]},{"path":"0062","args":["/etc/passwd","4"]},{"path":"0063","args":[]},{"path":"0064","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0065","args":["31337"]},{"path":"0066","args":[]},{"path":"0067","args":["a-z","A-Z"]},{"path":"0068","args":["/etc/passwd"]},{"path":"0069","args":["/etc/passwd","/etc/group"]},{"path":"0070","args":["/etc/passwd","/etc/group"]},{"path":"0071","args":["--reference=/","/"]},{"path":"0072","args":[]},{"path":"0073","args":["/etc/passwd","/etc/group"]},{"path":"0074","args":["-u","root","/"]},{"path":"0075","args":[]},{"path":"0076","args":["/etc/passwd"]},{"path":"0077","args":[]},{"path":"0078","args":["1"]},{"path":"0079","args":["31337"]},{"path":"0080","args":["/etc/passwd"]},{"path":"0081","args":[]},{"path":"0082","args":[]},{"path":"0083","args":[]},{"path":"0084","args":["/etc/passwd","/"]},{"path":"0085","args":["/etc/passwd"]},{"path":"0086","args":["/etc/passwd"]},{"path":"0087","args":["/etc/passwd"]},{"path":"0088","args":["/etc/passwd","/etc/group"]},{"path":"0089","args":[]},{"path":"0090","args":["/etc/passwd"]},{"path":"0091","args":["/etc/passwd","/"]},{"path":"0092","args":[]},{"path":"0093","args":["/etc/passwd"]},{"path":"0094","args":["/etc/passwd"]},{"path":"0095","args":["a-z","A-Z"]},{"path":"0096","args":["/etc/passwd"]},{"path":"0097","args":["/etc/passwd"]},{"path":"0098","args":[]},{"path":"0099","args":["31337"]},{"path":"0100","args":["/etc/passwd"]},{"path":"0101","args":[]},{"path":"0102","args":["/etc/passwd","/etc/group"]},{"path":"0103","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0104","args":[]},{"path":"0105","args":["/etc/passwd"]},{"path":"0106","args":["1","ls"]},{"path":"0107","args":["/"]},{"path":"0108","args":[]},{"path":"0109","args":["/tmp"]},{"path":"0110","args":["1","ls"]},{"path":"0111","args":["/dev/blah","c","1","1"]},{"path":"0112","args":[]},{"path":"0113","args":["/etc/passwd"]},{"path":"0114","args":["31337"]},{"path":"0115","args":["/etc/passwd","/etc/group"]},{"path":"0116","args":[]},{"path":"0117","args":["/"]},{"path":"0118","args":[]},{"path":"0119","args":["/etc/passwd"]},{"path":"0120","args":["0","/"]},{"path":"0121","args":[]},{"path":"0122","args":["/etc/passwd"]},{"path":"0123","args":["/etc/passwd","/etc/group"]},{"path":"0124","args":[]},{"path":"0125","args":[]},{"path":"0126","args":["-u","root","/"]},{"path":"0127","args":["/etc/passwd"]},{"path":"0128","args":[]},{"path":"0129","args":["/etc/passwd"]},{"path":"0130","args":["/etc/passwd"]},{"path":"0131","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0132","args":["/etc/passwd","/"]},{"path":"0133","args":["/dev/blah","c","1","1"]},{"path":"0134","args":[]},{"path":"0135","args":["/etc/passwd"]},{"path":"0136","args":["/etc/passwd"]},{"path":"0137","args":["0","/"]},{"path":"0138","args":["/etc/passwd"]},{"path":"0139","args":[]},{"path":"0140","args":["31337"]},{"path":"0141","args":["/etc/passwd"]},{"path":"0142","args":["/"]},{"path":"0143","args":["--reference=/","/"]},{"path":"0144","args":["/etc/passwd"]},{"path":"0145","args":["/etc/passwd"]},{"path":"0146","args":["/tmp"]},{"path":"0147","args":["/etc/passwd"]},{"path":"0148","args":["/etc/passwd","/etc/group"]},{"path":"0149","args":["/etc/passwd"]},{"path":"0150","args":["/etc/passwd"]},{"path":"0151","args":["/etc/passwd"]},{"path":"0152","args":["/etc/passwd"]},{"path":"0153","args":["-f","/"]},{"path":"0154","args":[]},{"path":"0155","args":[]},{"path":"0156","args":["0","/"]},{"path":"0157","args":["/etc/passwd"]},{"path":"0158","args":["1","ls"]},{"path":"0159","args":["-f","/"]},{"path":"0160","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0161","args":["/etc/passwd"]},{"path":"0162","args":[]},{"path":"0163","args":[]},{"path":"0164","args":["31337"]},{"path":"0165","args":[]},{"path":"0166","args":["31337"]},{"path":"0167","args":["/etc/passwd"]},{"path":"0168","args":["/etc/passwd","/etc/group"]},{"path":"0169","args":["/tmp"]},{"path":"0170","args":[]},{"path":"0171","args":["0","/"]},{"path":"0172","args":[]},{"path":"0173","args":["/etc/passwd"]},{"path":"0174","args":["/etc/passwd"]},{"path":"0175","args":["a-z","A-Z"]},{"path":"0176","args":["/etc/passwd"]},{"path":"0177","args":["/etc/passwd"]},{"path":"0178","args":[]},{"path":"0179","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0180","args":[]},{"path":"0181","args":[]},{"path":"0182","args":[]},{"path":"0183","args":["/etc/passwd"]},{"path":"0184","args":["/etc/passwd","4"]},{"path":"0185","args":[]},{"path":"0186","args":[]},{"path":"0187","args":[]},{"path":"0188","args":["/etc/passwd"]},{"path":"0189","args":["/etc/passwd"]},{"path":"0190","args":["/etc/passwd"]},{"path":"0191","args":["/etc/passwd"]},{"path":"0192","args":["/etc/passwd"]},{"path":"0193","args":["/etc/passwd"]},{"path":"0194","args":["/etc/passwd"]},{"path":"0195","args":[]},{"path":"0196","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0197","args":["-f","/","]"]},{"path":"0198","args":["0","/"]},{"path":"0199","args":["--reference=/","/"]},{"path":"0200","args":[]},{"path":"0201","args":["/etc/passwd","4"]},{"path":"0202","args":["/etc/passwd"]},{"path":"0203","args":["0","/"]},{"path":"0204","args":["/dev/blah","c","1","1"]},{"path":"0205","args":["/etc/passwd"]},{"path":"0206","args":["-u","root","/"]},{"path":"0207","args":["/etc/passwd"]},{"path":"0208","args":[]},{"path":"0209","args":[]},{"path":"0210","args":["/dev/blah","c","1","1"]},{"path":"0211","args":["/etc/passwd"]},{"path":"0212","args":[]},{"path":"0213","args":[]},{"path":"0214","args":["--input=0","ls"]},{"path":"0215","args":["/etc/passwd","/"]},{"path":"0216","args":["/etc/passwd","/etc/group"]},{"path":"0217","args":["ls"]},{"path":"0218","args":["/etc/passwd","/etc/group"]},{"path":"0219","args":[]},{"path":"0220","args":["/etc/passwd"]},{"path":"0221","args":[]},{"path":"0222","args":["/etc/passwd"]},{"path":"0223","args":[]},{"path":"0224","args":["/etc/passwd","/etc/group"]},{"path":"0225","args":["0","/"]},{"path":"0226","args":[]},{"path":"0227","args":["/etc/passwd","/"]},{"path":"0228","args":[]},{"path":"0229","args":[]},{"path":"0230","args":["--input=0","ls"]},{"path":"0231","args":["/etc/passwd"]},{"path":"0232","args":[]},{"path":"0233","args":["/etc/passwd","/etc/group"]},{"path":"0234","args":[]},{"path":"0235","args":["31337"]},{"path":"0236","args":[]},{"path":"0237","args":["31337"]},{"path":"0238","args":["/etc/passwd"]},{"path":"0239","args":["/etc/passwd"]},{"path":"0240","args":["/etc/passwd"]},{"path":"0241","args":["/etc/passwd","/etc/group"]},{"path":"0242","args":["31337"]},{"path":"0243","args":["/etc/passwd"]},{"path":"0244","args":["ls"]},{"path":"0245","args":["/etc/passwd"]},{"path":"0246","args":[]},{"path":"0247","args":["/etc/passwd"]},{"path":"0248","args":["-f","/","]"]},{"path":"0249","args":["/etc/passwd","/etc/group"]},{"path":"0250","args":["/"]},{"path":"0251","args":[]},{"path":"0252","args":["/etc/passwd"]},{"path":"0253","args":[]},{"path":"0254","args":["/etc/passwd"]},{"path":"0255","args":["/etc/passwd"]},{"path":"0256","args":[]},{"path":"0257","args":["/etc/passwd"]},{"path":"0258","args":["/etc/passwd"]},{"path":"0259","args":["/etc/passwd"]},{"path":"0260","args":["/etc/passwd","4"]},{"path":"0261","args":[]},{"path":"0262","args":["/"]},{"path":"0263","args":["0","/"]},{"path":"0264","args":[]},{"path":"0265","args":["/"]},{"path":"0266","args":[]},{"path":"0267","args":[]},{"path":"0268","args":["31337"]},{"path":"0269","args":["/"]},{"path":"0270","args":["/etc/passwd"]},{"path":"0271","args":[]},{"path":"0272","args":["/etc/passwd","/"]},{"path":"0273","args":["/etc/passwd"]},{"path":"0274","args":["-f","/"]},{"path":"0275","args":[]},{"path":"0276","args":[]},{"path":"0277","args":[]},{"path":"0278","args":["/etc/passwd","/etc/group"]},{"path":"0279","args":["/etc/passwd"]},{"path":"0280","args":["0","/"]},{"path":"0281","args":["/etc/passwd"]},{"path":"0282","args":["/etc/passwd"]},{"path":"0283","args":["/etc/passwd"]},{"path":"0284","args":["/etc/passwd"]},{"path":"0285","args":["/etc/passwd"]},{"path":"0286","args":["/etc/passwd"]},{"path":"0287","args":["/etc/passwd","/etc/group"]},{"path":"0288","args":[]},{"path":"0289","args":["/etc/passwd"]},{"path":"0290","args":[]},{"path":"0291","args":["/etc/passwd"]},{"path":"0292","args":["31337"]},{"path":"0293","args":["/etc/passwd"]},{"path":"0294","args":["/etc/passwd"]},{"path":"0295","args":["/etc/passwd"]},{"path":"0296","args":["/etc/passwd"]},{"path":"0297","args":["/etc/passwd"]},{"path":"0298","args":["/"]},{"path":"0299","args":["/etc/passwd","/etc/group"]},{"path":"0300","args":["-f","/"]},{"path":"0301","args":[]},{"path":"0302","args":["/etc/passwd"]},{"path":"0303","args":[]},{"path":"0304","args":["/etc/passwd"]},{"path":"0305","args":["/"]},{"path":"0306","args":[]},{"path":"0307","args":["/etc/passwd"]},{"path":"0308","args":["/etc/passwd"]},{"path":"0309","args":[]},{"path":"0310","args":["/etc/passwd","/"]},{"path":"0311","args":[]},{"path":"0312","args":["/etc/passwd","/etc/group"]},{"path":"0313","args":["ls"]},{"path":"0314","args":[]},{"path":"0315","args":[]},{"path":"0316","args":["--input=0","ls"]},{"path":"0317","args":["/etc/passwd"]},{"path":"0318","args":["/etc/passwd"]},{"path":"0319","args":["-f","/","]"]},{"path":"0320","args":["/etc/passwd"]},{"path":"0321","args":["/etc/passwd"]},{"path":"0322","args":[]},{"path":"0323","args":["/"]},{"path":"0324","args":["/etc/passwd"]},{"path":"0325","args":["ls"]},{"path":"0326","args":[]},{"path":"0327","args":["/etc/passwd"]},{"path":"0328","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0329","args":[]},{"path":"0330","args":["/"]},{"path":"0331","args":[]},{"path":"0332","args":["/etc/passwd"]},{"path":"0333","args":["/etc/passwd"]},{"path":"0334","args":["/etc/passwd"]},{"path":"0335","args":[]},{"path":"0336","args":["/etc/passwd"]},{"path":"0337","args":["/etc/passwd"]},{"path":"0338","args":[]},{"path":"0339","args":["/etc/passwd"]},{"path":"0340","args":["0","/"]},{"path":"0341","args":[]},{"path":"0342","args":[]},{"path":"0343","args":[]},{"path":"0344","args":[]},{"path":"0345","args":["/"]},{"path":"0346","args":["/etc/passwd"]},{"path":"0347","args":[]},{"path":"0348","args":[]},{"path":"0349","args":["/etc/passwd"]},{"path":"0350","args":["/"]},{"path":"0351","args":["/tmp"]},{"path":"0352","args":["ls"]},{"path":"0353","args":["/etc/passwd"]},{"path":"0354","args":[]},{"path":"0355","args":[]},{"path":"0356","args":["/tmp"]},{"path":"0357","args":["/tmp"]},{"path":"0358","args":[]},{"path":"0359","args":["/etc/passwd"]},{"path":"0360","args":["/etc/passwd"]},{"path":"0361","args":[]},{"path":"0362","args":["/"]},{"path":"0363","args":["/etc/passwd"]},{"path":"0364","args":["/etc/passwd"]},{"path":"0365","args":["/etc/passwd"]},{"path":"0366","args":["/etc/passwd"]},{"path":"0367","args":["31337"]},{"path":"0368","args":["--reference=/","/"]},{"path":"0369","args":[]},{"path":"0370","args":["/etc/passwd"]},{"path":"0371","args":["/etc/passwd","/etc/group"]},{"path":"0372","args":[]},{"path":"0373","args":[]},{"path":"0374","args":["/etc/passwd"]},{"path":"0375","args":["/etc/passwd"]},{"path":"0376","args":["--reference=/","/"]},{"path":"0377","args":[]},{"path":"0378","args":["31337"]},{"path":"0379","args":[]},{"path":"0380","args":[]},{"path":"0381","args":[]},{"path":"0382","args":["/etc/passwd"]},{"path":"0383","args":["/etc/passwd"]},{"path":"0384","args":[]},{"path":"0385","args":["31337"]},{"path":"0386","args":[]},{"path":"0387","args":["/etc/passwd"]},{"path":"0388","args":["-f","/"]},{"path":"0389","args":["1","ls"]},{"path":"0390","args":[]},{"path":"0391","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0392","args":["31337"]},{"path":"0393","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0394","args":["/etc/passwd"]},{"path":"0395","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0396","args":[]},{"path":"0397","args":[]},{"path":"0398","args":["/etc/passwd"]},{"path":"0399","args":[]},{"path":"0400","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0401","args":["/etc/passwd"]},{"path":"0402","args":["/etc/passwd"]},{"path":"0403","args":[]},{"path":"0404","args":[]},{"path":"0405","args":["1"]},{"path":"0406","args":[]},{"path":"0407","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0408","args":["/"]},{"path":"0409","args":["/etc/passwd","/etc/group"]},{"path":"0410","args":["/"]},{"path":"0411","args":[]},{"path":"0412","args":["/etc/passwd"]},{"path":"0413","args":["/etc/passwd"]},{"path":"0414","args":[]},{"path":"0415","args":["1"]},{"path":"0416","args":["/etc/passwd"]},{"path":"0417","args":["/"]},{"path":"0418","args":["/etc/passwd"]},{"path":"0419","args":[]},{"path":"0420","args":[]},{"path":"0421","args":["/etc/passwd"]},{"path":"0422","args":["/etc/passwd"]},{"path":"0423","args":[]},{"path":"0424","args":[]},{"path":"0425","args":[]},{"path":"0426","args":["/etc/passwd"]},{"path":"0427","args":["/etc/passwd"]},{"path":"0428","args":["/etc/passwd"]},{"path":"0429","args":["31337"]},{"path":"0430","args":[]},{"path":"0431","args":["/etc/passwd","4"]},{"path":"0432","args":[]},{"path":"0433","args":["/etc/passwd","/"]},{"path":"0434","args":["/etc/passwd"]},{"path":"0435","args":["/etc/passwd"]},{"path":"0436","args":["0","/"]},{"path":"0437","args":[]},{"path":"0438","args":["/etc/passwd","/etc/group"]},{"path":"0439","args":[]},{"path":"0440","args":["/etc/passwd"]},{"path":"0441","args":[]},{"path":"0442","args":["1","ls"]},{"path":"0443","args":["/etc/passwd"]},{"path":"0444","args":["-u","root","/"]},{"path":"0445","args":["/etc/passwd","/etc/group"]},{"path":"0446","args":["/etc/passwd"]},{"path":"0447","args":["/dev/blah","c","1","1"]},{"path":"0448","args":[]},{"path":"0449","args":["/etc/passwd"]},{"path":"0450","args":[]},{"path":"0451","args":["/etc/passwd"]},{"path":"0452","args":["31337"]},{"path":"0453","args":["31337"]},{"path":"0454","args":["/"]},{"path":"0455","args":["0","/"]},{"path":"0456","args":[]},{"path":"0457","args":[]},{"path":"0458","args":["/etc/passwd"]},{"path":"0459","args":["/etc/passwd"]},{"path":"0460","args":["a-z","A-Z"]},{"path":"0461","args":[]},{"path":"0462","args":[]},{"path":"0463","args":[]},{"path":"0464","args":[]},{"path":"0465","args":["31337"]},{"path":"0466","args":["/etc/passwd"]},{"path":"0467","args":[]},{"path":"0468","args":["/etc/passwd"]},{"path":"0469","args":["/etc/passwd"]},{"path":"0470","args":["/etc/passwd","/"]},{"path":"0471","args":["/etc/passwd"]},{"path":"0472","args":["/etc/passwd"]},{"path":"0473","args":["/etc/passwd"]},{"path":"0474","args":["31337"]},{"path":"0475","args":[]},{"path":"0476","args":[]},{"path":"0477","args":["/etc/passwd","/etc/group"]},{"path":"0478","args":["/etc/passwd"]},{"path":"0479","args":["/etc/passwd"]},{"path":"0480","args":["/etc/passwd","/"]},{"path":"0481","args":["/etc/passwd"]},{"path":"0482","args":[]},{"path":"0483","args":["/etc/passwd","/"]},{"path":"0484","args":["/etc/passwd"]},{"path":"0485","args":[]},{"path":"0486","args":["/etc/passwd","/etc/group"]},{"path":"0487","args":["-u","root","/"]},{"path":"0488","args":["/etc/passwd"]},{"path":"0489","args":[]},{"path":"0490","args":["/etc/passwd"]},{"path":"0491","args":[]},{"path":"0492","args":["-u","root","/"]},{"path":"0493","args":[]},{"path":"0494","args":[]},{"path":"0495","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0496","args":["/etc/passwd"]},{"path":"0497","args":["/etc/passwd"]},{"path":"0498","args":["/etc/passwd"]},{"path":"0499","args":[]},{"path":"0500","args":[]},{"path":"0501","args":["/etc/passwd"]},{"path":"0502","args":["/etc/passwd","4"]},{"path":"0503","args":[]},{"path":"0504","args":["0","/"]},{"path":"0505","args":["/etc/passwd","/"]},{"path":"0506","args":[]},{"path":"0507","args":["-f","/","]"]},{"path":"0508","args":["--input=0","ls"]},{"path":"0509","args":["/etc/passwd"]},{"path":"0510","args":["/etc/passwd"]},{"path":"0511","args":["1","ls"]},{"path":"0512","args":[]},{"path":"0513","args":[]},{"path":"0514","args":[]},{"path":"0515","args":[]},{"path":"0516","args":[]},{"path":"0517","args":["/etc/passwd"]},{"path":"0518","args":[]},{"path":"0519","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0520","args":[]},{"path":"0521","args":[]},{"path":"0522","args":["/etc/passwd"]},{"path":"0523","args":["/etc/passwd"]},{"path":"0524","args":["/etc/passwd"]},{"path":"0525","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0526","args":["/etc/passwd"]},{"path":"0527","args":["/etc/passwd"]},{"path":"0528","args":["/etc/passwd"]},{"path":"0529","args":["/tmp"]},{"path":"0530","args":["31337"]},{"path":"0531","args":["31337"]},{"path":"0532","args":["31337"]},{"path":"0533","args":["-f","/","]"]},{"path":"0534","args":["-f","/"]},{"path":"0535","args":["/etc/passwd"]},{"path":"0536","args":[]},{"path":"0537","args":["1","ls"]},{"path":"0538","args":[]},{"path":"0539","args":["/"]},{"path":"0540","args":["/etc/passwd"]},{"path":"0541","args":["/"]},{"path":"0542","args":[]},{"path":"0543","args":[]},{"path":"0544","args":["/etc/passwd"]},{"path":"0545","args":["/etc/passwd"]},{"path":"0546","args":["/etc/passwd"]},{"path":"0547","args":["/etc/passwd","/"]},{"path":"0548","args":[]},{"path":"0549","args":["/etc/passwd"]},{"path":"0550","args":[]},{"path":"0551","args":[]},{"path":"0552","args":["/etc/passwd"]},{"path":"0553","args":[]},{"path":"0554","args":["/etc/passwd","/etc/group"]},{"path":"0555","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0556","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0557","args":["/etc/passwd"]},{"path":"0558","args":["/etc/passwd","/"]},{"path":"0559","args":["/etc/passwd"]},{"path":"0560","args":["/etc/passwd","/etc/group"]},{"path":"0561","args":["/etc/passwd"]},{"path":"0562","args":["/etc/passwd"]},{"path":"0563","args":[]},{"path":"0564","args":["/etc/passwd"]},{"path":"0565","args":["/etc/passwd","/etc/group"]},{"path":"0566","args":["/etc/passwd"]},{"path":"0567","args":["/etc/passwd"]},{"path":"0568","args":["/etc/passwd","4"]},{"path":"0569","args":["/etc/passwd"]},{"path":"0570","args":[]},{"path":"0571","args":[]},{"path":"0572","args":["/etc/passwd"]},{"path":"0573","args":["/etc/passwd"]},{"path":"0574","args":["/etc/passwd"]},{"path":"0575","args":[]},{"path":"0576","args":["/etc/passwd"]},{"path":"0577","args":["/"]},{"path":"0578","args":["/etc/passwd","4"]},{"path":"0579","args":["/etc/passwd","/"]},{"path":"0580","args":["/etc/passwd"]},{"path":"0581","args":["/"]},{"path":"0582","args":["/etc/passwd"]},{"path":"0583","args":["/"]},{"path":"0584","args":[]},{"path":"0585","args":["--input=0","ls"]},{"path":"0586","args":["-u","root","/"]},{"path":"0587","args":[]},{"path":"0588","args":["--reference=/","/"]},{"path":"0589","args":["/etc/passwd"]},{"path":"0590","args":[]},{"path":"0591","args":["31337"]},{"path":"0592","args":["/etc/passwd"]},{"path":"0593","args":["/etc/passwd"]},{"path":"0594","args":["0","/"]},{"path":"0595","args":["/etc/passwd"]},{"path":"0596","args":[]},{"path":"0597","args":["/etc/passwd"]},{"path":"0598","args":["/etc/passwd","/etc/group"]},{"path":"0599","args":["/"]},{"path":"0600","args":[]},{"path":"0601","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0602","args":["/etc/passwd"]},{"path":"0603","args":["ls"]},{"path":"0604","args":["/etc/passwd"]},{"path":"0605","args":["/etc/passwd"]},{"path":"0606","args":["/etc/passwd","/"]},{"path":"0607","args":[]},{"path":"0608","args":["/etc/passwd"]},{"path":"0609","args":[]},{"path":"0610","args":[]},{"path":"0611","args":["/etc/passwd"]},{"path":"0612","args":[]},{"path":"0613","args":[]},{"path":"0614","args":["31337"]},{"path":"0615","args":[]},{"path":"0616","args":["--input=0","ls"]},{"path":"0617","args":[]},{"path":"0618","args":[]},{"path":"0619","args":["/etc/passwd"]},{"path":"0620","args":["/etc/passwd","/"]},{"path":"0621","args":["/etc/passwd","/etc/group"]},{"path":"0622","args":["/etc/passwd"]},{"path":"0623","args":[]},{"path":"0624","args":[]},{"path":"0625","args":["/etc/passwd"]},{"path":"0626","args":["/etc/passwd","/etc/group"]},{"path":"0627","args":[]},{"path":"0628","args":["ls"]},{"path":"0629","args":["/etc/passwd","/"]},{"path":"0630","args":["/etc/passwd"]},{"path":"0631","args":["/etc/passwd"]},{"path":"0632","args":[]},{"path":"0633","args":[]},{"path":"0634","args":["/etc/passwd","/etc/group"]},{"path":"0635","args":["/etc/passwd"]},{"path":"0636","args":["--reference=/","/"]},{"path":"0637","args":["0","/"]},{"path":"0638","args":["/etc/passwd"]},{"path":"0639","args":["/dev/blah","c","1","1"]},{"path":"0640","args":["/etc/passwd"]},{"path":"0641","args":[]},{"path":"0642","args":["a-z","A-Z"]},{"path":"0643","args":[]},{"path":"0644","args":["/etc/passwd","/etc/group"]},{"path":"0645","args":[]},{"path":"0646","args":["/etc/passwd"]},{"path":"0647","args":["/etc/passwd"]},{"path":"0648","args":["31337"]},{"path":"0649","args":["--input=0","ls"]},{"path":"0650","args":[]},{"path":"0651","args":["/etc/passwd"]},{"path":"0652","args":["/etc/passwd"]},{"path":"0653","args":["/"]},{"path":"0654","args":[]},{"path":"0655","args":[]},{"path":"0656","args":[]},{"path":"0657","args":["/"]},{"path":"0658","args":["/etc/passwd","/"]},{"path":"0659","args":[]},{"path":"0660","args":["/etc/passwd"]},{"path":"0661","args":[]},{"path":"0662","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0663","args":["/etc/passwd","/"]},{"path":"0664","args":["/etc/passwd"]},{"path":"0665","args":[]},{"path":"0666","args":["-f","/"]},{"path":"0667","args":["/etc/passwd"]},{"path":"0668","args":["-f","1","-d",":","/etc/passwd"]},{"path":"0669","args":[]},{"path":"0670","args":[]},{"path":"0671","args":["31337"]},{"path":"0672","args":["31337"]},{"path":"0673","args":[]},{"path":"0674","args":["/etc/passwd","/etc/group"]},{"path":"0675","args":["/etc/passwd"]},{"path":"0676","args":["a-z","A-Z"]},{"path":"0677","args":["/etc/passwd"]},{"path":"0678","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0679","args":["/etc/passwd"]},{"path":"0680","args":["/etc/passwd"]},{"path":"0681","args":["/"]},{"path":"0682","args":[]},{"path":"0683","args":["/dev/blah","c","1","1"]},{"path":"0684","args":["0","/"]},{"path":"0685","args":["/etc/passwd","/etc/group"]},{"path":"0686","args":["/"]},{"path":"0687","args":["/etc/passwd","/etc/group"]},{"path":"0688","args":[]},{"path":"0689","args":["/etc/passwd"]},{"path":"0690","args":["/etc/passwd","/etc/group"]},{"path":"0691","args":["/etc/passwd"]},{"path":"0692","args":["/etc/passwd"]},{"path":"0693","args":["/etc/passwd","/etc/group"]},{"path":"0694","args":[]},{"path":"0695","args":["/etc/passwd"]},{"path":"0696","args":["/"]},{"path":"0697","args":["/etc/passwd"]},{"path":"0698","args":["/etc/passwd"]},{"path":"0699","args":["if=/etc/passwd","of=/dev/null"]},{"path":"0700","args":["/etc/passwd"]},{"path":"0701","args":["/etc/passwd"]},{"path":"0702","args":["/etc/passwd"]},{"path":"0703","args":[]},{"path":"0704","args":["/etc/passwd","/"]},{"path":"0705","args":["0","/"]},{"path":"0706","args":[]},{"path":"0707","args":["31337"]},{"path":"0708","args":[]},{"path":"0709","args":[]},{"path":"0710","args":["1"]},{"path":"0711","args":["0","/"]},{"path":"0712","args":[]},{"path":"0713","args":["/etc/passwd"]},{"path":"0714","args":["/etc/passwd"]},{"path":"0715","args":["-f","/","]"]},{"path":"0716","args":["0","/"]},{"path":"0717","args":[]},{"path":"0718","args":["/etc/passwd"]},{"path":"0719","args":["/etc/passwd"]},{"path":"0720","args":[]},{"path":"0721","args":["/etc/passwd"]},{"path":"0722","args":["0","/"]},{"path":"0723","args":["0","/"]},{"path":"0724","args":[]},{"path":"0725","args":["/etc/passwd","/etc/group"]},{"path":"0726","args":["/etc/passwd"]},{"path":"0727","args":["/etc/passwd"]},{"path":"0728","args":[]},{"path":"0729","args":[]},{"path":"0730","args":["--input=0","ls"]},{"path":"0731","args":["--reference=/etc/passwd","/etc/group"]},{"path":"0732","args":["/etc/passwd","/"]},{"path":"0733","args":["-f","/"]},{"path":"0734","args":[]},{"path":"0735","args":[]},{"path":"0736","args":["/etc/passwd","/etc/group"]},{"path":"0737","args":["/etc/passwd"]},{"path":"0738","args":["31337"]},{"path":"0739","args":[]},{"path":"0740","args":["/etc/passwd"]},{"path":"0741","args":["/etc/passwd"]},{"path":"0742","args":["/etc/passwd"]},{"path":"0743","args":["/etc/passwd"]},{"path":"0744","args":["/"]},{"path":"0745","args":["/etc/passwd"]},{"path":"0746","args":[]},{"path":"0747","args":["/etc/passwd","/etc/group"]},{"path":"0748","args":[]},{"path":"0749","args":["1","ls"]},{"path":"0750","args":[]},{"path":"0751","args":["/etc/passwd"]},{"path":"0752","args":["/etc/passwd","/etc/group"]},{"path":"0753","args":["/etc/passwd"]},{"path":"0754","args":["/"]},{"path":"0755","args":["/etc/passwd"]},{"path":"0756","args":["/"]},{"path":"0757","args":["/etc/passwd"]},{"path":"0758","args":["/etc/passwd"]},{"path":"0759","args":["a-z","A-Z"]},{"path":"0760","args":["31337"]},{"path":"0761","args":["ls"]},{"path":"0762","args":["/etc/passwd"]},{"path":"0763","args":["/etc/passwd"]},{"path":"0764","args":["31337"]},{"path":"0765","args":[]},{"path":"0766","args":["31337"]},{"path":"0767","args":[]},{"path":"0768","args":["/etc/passwd"]},{"path":"0769","args":["/etc/passwd"]},{"path":"0770","args":["/etc/passwd"]},{"path":"0771","args":["/etc/passwd"]},{"path":"0772","args":["/etc/passwd"]},{"path":"0773","args":["/etc/passwd"]},{"path":"0774","args":["/etc/passwd"]},{"path":"0775","args":["/"]},{"path":"0776","args":["/etc/passwd"]},{"path":"0777","args":["/"]},{"path":"0778","args":["/"]},{"path":"0779","args":["/etc/passwd"]},{"path":"0780","args":[]},{"path":"0781","args":[]},{"path":"0782","args":["/etc/passwd"]},{"path":"0783","args":["/etc/passwd"]},{"path":"0784","args":["/tmp"]},{"path":"0785","args":["/etc/passwd"]},{"path":"0786","args":[]},{"path":"0787","args":["--reference=/","/"]},{"path":"0788","args":["/etc/passwd"]},{"path":"0789","args":["/etc/passwd"]},{"path":"0790","args":[]},{"path":"0791","args":["/etc/passwd"]},{"path":"0792","args":["/etc/passwd"]},{"path":"0793","args":[]},{"path":"0794","args":[]},{"path":"0795","args":["/etc/passwd"]},{"path":"0796","args":[]},{"path":"0797","args":["0","/"]},{"path":"0798","args":[]},{"path":"0799","args":[]},{"path":"0800","args":["-u","root","/"]},{"path":"0801","args":[]},{"path":"0802","args":[]},{"path":"0803","args":["/etc/passwd"]},{"path":"0804","args":["/etc/passwd"]},{"path":"0805","args":["/etc/passwd","/etc/group"]},{"path":"0806","args":["/etc/passwd"]},{"path":"0807","args":["/etc/passwd"]},{"path":"0808","args":["/"]},{"path":"0809","args":["/etc/passwd"]},{"path":"0810","args":["31337"]},{"path":"0811","args":["31337"]},{"path":"0812","args":[]},{"path":"0813","args":["/etc/passwd"]},{"path":"0814","args":["/etc/passwd"]},{"path":"0815","args":["/etc/passwd"]},{"path":"0816","args":["-f","/","]"]},{"path":"0817","args":["/etc/passwd","/etc/group"]},{"path":"0818","args":["/etc/passwd"]},{"path":"0819","args":["/etc/passwd"]},{"path":"0820","args":[]},{"path":"0821","args":["/etc/passwd"]},{"path":"0822","args":["/etc/passwd"]},{"path":"0823","args":["0","/"]}]}'
j = json.loads(data)
parent = j["samples"]
commands = []
########## Generate the commands from the json data ##########
for item in parent:
argument = [arg.encode('utf-8') for arg in item['args']]
argument = str(argument).strip('[').strip(']').replace("'", '').replace(',', ' ')
commands.append('./' + str(item['path']) + " " + str(argument))
# print commands, commands.__len__()
for command in commands[start:end]:
executeChildProcess(command)
if __name__=="__main__":
print "#" * 10 + " Malware Classification and Triage " + "#" * 10
main()
print
print "#" * 25 + " EOP " + "#" * 25