You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: misp_modules/modules/export_mod/osqueryexport.py
-3Lines changed: 0 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -84,7 +84,6 @@ def handle_service(value):
84
84
85
85
86
86
defhandle_yara(value):
87
-
return"// WARNING make sure you examine and modify the path parameter below otherwise this is a very expensive search"
88
87
return"SELECT * FROM file JOIN yara USING (path) WHERE (path LIKE '/%%' AND type = 'regular' AND size < 8000000 AND sigrule='%s' AND count > 0);"%value
89
88
90
89
@@ -101,12 +100,10 @@ def handle_ip_src(value):
101
100
102
101
103
102
defhandle_filename(value):
104
-
return"// WARNING make sure you examine and modify the path parameter below otherwise this is a very expensive search"
105
103
return"select * from file where path LIKE '%s';"%value
106
104
107
105
108
106
defhandle_sha256(value):
109
-
return"// WARNING make sure you examine and modify the file.directory parameter below otherwise this is a very expensive search"
110
107
return"SELECT *, sha256 FROM file JOIN hash USING (path) WHERE file.directory LIKE '/%%' AND sha256 like '%s' ORDER BY mtime DESC LIMIT 1;"%value
0 commit comments