36
app.any.run 样本
source link: http://shxi.me/posts/61225802.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
以前对 malwr.com 写过样本下载的爬虫,但是现在网站一直实在维护中。最近发现一个网站 app.any.run 这个网站也提供样本下载。
网站有反爬虫,尝试使用scrapy+splash时返回403.使用selenium时发现能返回正确的结构.
想来看看网页长啥样子。
总共有1w多页,
随便点击一项,显示的是样本在虚拟机的运行结果,我们需要的样本下载的按钮在右上角。
下载功能是需要账号登陆的。
我们可以根据下图位置的值来确定是否处于登陆状态
driver = webdriver.ChromiumEdge()
driver.get("https://app.any.run/submissions")
time.sleep(5)
try:
driver.find_element_by_css_selector('.menu-item.logout')
except:
login_anyrun(driver)
如果出现logout则处于登陆状态,否则需要登陆。
找到输入属于账号密码的地方模拟点击
def login_anyrun(driver):
time.sleep(3)
driver.find_element_by_xpath(
"/html/body/nav/ul[2]/li[1]").click()
driver.find_element_by_id("at-field-email").click()
driver.find_element_by_id("at-field-email").clear()
driver.find_element_by_id("at-field-email").send_keys("[email protected]")
driver.find_element_by_id("at-field-password").clear()
driver.find_element_by_id("at-field-password").send_keys("a1256430")
driver.find_element_by_id("at-pwd-form").submit()
登陆成功,接下来就是找到下载按钮并点击了。
先取得列表项所有项的网址,然后进这个网址下载对应的样本
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
items = driver.find_elements_by_css_selector(".history-table--content__row")
for item in items:
if "Malicious activity" in item.text:
href = item.find_element_by_css_selector(".history-table--content__row a").get_attribute('href')
url_list.append(href)
for u in url_list:
try:
driver.get(u)
element = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.ID, "downloadSample"))
)
element.click()
except:
pass
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK