From f67699601d9f70ee786478ef767dcfba2793456c Mon Sep 17 00:00:00 2001 From: grayddq Date: Tue, 30 Apr 2019 15:41:26 +0800 Subject: [PATCH] user_bug --- lib/User_Analysis.py | 4 ++++ lib/common.py | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/User_Analysis.py b/lib/User_Analysis.py index 6d35ad4..5555632 100644 --- a/lib/User_Analysis.py +++ b/lib/User_Analysis.py @@ -133,6 +133,10 @@ def run(self): suspicious, malice = self.check_authorized_keys() result_output_tag(suspicious, malice) + string_output(u' [5]账户密码文件扫描') + suspicious, malice = self.passwd_file_analysis() + result_output_tag(suspicious, malice) + # 检测结果输出到文件 result_output_file(u'可疑账户类信息如下:', self.user_malware) diff --git a/lib/common.py b/lib/common.py index 11e11ba..4beda20 100644 --- a/lib/common.py +++ b/lib/common.py @@ -250,7 +250,7 @@ def analysis_file(file): if " " in file: return "" if 'GScan' in file: return "" if os.path.splitext(file)[1] == '.log': return "" - if '.log' in file: return "" + #if '.log' in file: return "" if (os.path.getsize(file) == 0) or (round(os.path.getsize(file) / float(1024 * 1024)) > 10): return "" strings = os.popen("strings %s" % file).readlines() if len(strings) > 200: return ""