本文整理汇总了Python中re2.match函数的典型用法代码示例。如果您正苦于以下问题:Python match函数的具体用法?Python match怎么用?Python match使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了match函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: on_call
def on_call(self, call, process):
if call["api"] == "CreateServiceA" or call["api"] == "CreateServiceW":
starttype = call["arguments"]["start_type"]
servicename = call["arguments"]["service_name"]
servicepath = call["arguments"]["filepath"]
if starttype < 3:
self.mark(
service_name=servicename,
service_path=servicepath,
)
elif call["status"]:
regkey = call["arguments"]["regkey"]
regvalue = call["arguments"]["value"]
in_whitelist = False
for whitelist in self.whitelists:
if re.match(whitelist, regkey, re.IGNORECASE):
in_whitelist = True
break
if not in_whitelist:
for indicator in self.regkeys_re:
if re.match(indicator, regkey, re.IGNORECASE) and regvalue != "c:\\program files\\java\\jre7\\bin\jp2iexp.dll":
self.mark(
reg_key=regkey,
reg_value=regvalue,
)
开发者ID:RicoVZ,项目名称:community,代码行数:26,代码来源:persistence_autorun.py
示例2: test_bug_527371
def test_bug_527371(self):
# bug described in patches 527371/672491
self.assertEqual(re.match(r'(a)?a','a').lastindex, None)
self.assertEqual(re.match(r'(a)(b)?b','ab').lastindex, 1)
self.assertEqual(re.match(r'(?P<a>a)(?P<b>b)?b','ab').lastgroup, 'a')
self.assertEqual(re.match("(?P<a>a(b))", "ab").lastgroup, 'a')
self.assertEqual(re.match("((a))", "a").lastindex, 1)
开发者ID:PeterScott,项目名称:pyre2,代码行数:7,代码来源:test_re.py
示例3: on_call
def on_call(self, call, process):
continueChain = False
if call["status"]:
if call["api"] == "LdrGetProcedureAddress":
resolved = self.get_argument(call, "FunctionName")
if resolved and resolved == "IsWow64Process":
continueChain = True
elif call["api"] == "NtCreateEvent":
if self.lastapi == "LdrGetProcedureAddress" and self.chain:
event = self.get_argument(call, "EventName")
if event and re.match("^[0-9A-F]{32}$", event):
continueChain = True
elif call["api"] == "NtCreateSection":
if self.lastapi == "NtCreateEvent" and self.chain:
attribs = self.get_argument(call, "ObjectAttributes")
if attribs and re.match("^[0-9A-F]{32}$", attribs):
continueChain = True
elif call["api"] == "CreateThread":
if self.lastapi == "NtCreateSection" and self.chain:
return True
self.chain = continueChain
self.lastapi = call["api"]
开发者ID:453483289,项目名称:community-modified,代码行数:26,代码来源:kovter_apis.py
示例4: test_getlower
def test_getlower(self):
import _sre
self.assertEqual(_sre.getlower(ord('A'), 0), ord('a'))
self.assertEqual(_sre.getlower(ord('A'), re.LOCALE), ord('a'))
self.assertEqual(_sre.getlower(ord('A'), re.UNICODE), ord('a'))
self.assertEqual(re.match("abc", "ABC", re.I).group(0), "ABC")
self.assertEqual(re.match("abc", u"ABC", re.I).group(0), "ABC")
开发者ID:PeterScott,项目名称:pyre2,代码行数:8,代码来源:test_re.py
示例5: test_bug_448951
def test_bug_448951(self):
# bug 448951 (similar to 429357, but with single char match)
# (Also test greedy matches.)
for op in '','?','*':
self.assertEqual(re.match(r'((.%s):)?z'%op, 'z').groups(),
(None, None))
self.assertEqual(re.match(r'((.%s):)?z'%op, 'a:z').groups(),
('a:', 'a'))
开发者ID:PeterScott,项目名称:pyre2,代码行数:8,代码来源:test_re.py
示例6: test_ignore_case
def test_ignore_case(self):
self.assertEqual(re.match("abc", "ABC", re.I).group(0), "ABC")
self.assertEqual(re.match("abc", u"ABC", re.I).group(0), "ABC")
self.assertEqual(re.match(r"(a\s[^a])", "a b", re.I).group(1), "a b")
self.assertEqual(re.match(r"(a\s[^a]*)", "a bb", re.I).group(1), "a bb")
self.assertEqual(re.match(r"(a\s[abc])", "a b", re.I).group(1), "a b")
self.assertEqual(re.match(r"(a\s[abc]*)", "a bb", re.I).group(1), "a bb")
self.assertEqual(re.match(r"((a)\s\2)", "a a", re.I).group(1), "a a")
self.assertEqual(re.match(r"((a)\s\2*)", "a aa", re.I).group(1), "a aa")
self.assertEqual(re.match(r"((a)\s(abc|a))", "a a", re.I).group(1), "a a")
self.assertEqual(re.match(r"((a)\s(abc|a)*)", "a aa", re.I).group(1), "a aa")
开发者ID:PeterScott,项目名称:pyre2,代码行数:11,代码来源:test_re.py
示例7: test_bug_418626
def test_bug_418626(self):
# bugs 418626 at al. -- Testing Greg Chapman's addition of op code
# SRE_OP_MIN_REPEAT_ONE for eliminating recursion on simple uses of
# pattern '*?' on a long string.
self.assertEqual(re.match('.*?c', 10000*'ab'+'cd').end(0), 20001)
self.assertEqual(re.match('.*?cd', 5000*'ab'+'c'+5000*'ab'+'cde').end(0),
20003)
self.assertEqual(re.match('.*?cd', 20000*'abc'+'de').end(0), 60001)
# non-simple '*?' still used to hit the recursion limit, before the
# non-recursive scheme was implemented.
self.assertEqual(re.search('(a|b)*?c', 10000*'ab'+'cd').end(0), 20001)
开发者ID:PeterScott,项目名称:pyre2,代码行数:11,代码来源:test_re.py
示例8: test_search_star_plus
def test_search_star_plus(self):
self.assertEqual(re.search('x*', 'axx').span(0), (0, 0))
self.assertEqual(re.search('x*', 'axx').span(), (0, 0))
self.assertEqual(re.search('x+', 'axx').span(0), (1, 3))
self.assertEqual(re.search('x+', 'axx').span(), (1, 3))
self.assertEqual(re.search('x', 'aaa'), None)
self.assertEqual(re.match('a*', 'xxx').span(0), (0, 0))
self.assertEqual(re.match('a*', 'xxx').span(), (0, 0))
self.assertEqual(re.match('x*', 'xxxa').span(0), (0, 3))
self.assertEqual(re.match('x*', 'xxxa').span(), (0, 3))
self.assertEqual(re.match('a+', 'xxx'), None)
开发者ID:PeterScott,项目名称:pyre2,代码行数:11,代码来源:test_re.py
示例9: test_re_escape
def test_re_escape(self):
p=""
# This had to change from the original test of range(0,256)
# because we can't support non-ascii non-utf8 strings
for i in range(0, 128):
p = p + chr(i)
self.assertEqual(re.match(re.escape(chr(i)), chr(i)) is not None,
True)
self.assertEqual(re.match(re.escape(chr(i)), chr(i)).span(), (0,1))
pat=re.compile(re.escape(p))
self.assertEqual(pat.match(p) is not None, True)
self.assertEqual(pat.match(p).span(), (0,128))
开发者ID:PeterScott,项目名称:pyre2,代码行数:13,代码来源:test_re.py
示例10: on_call
def on_call(self, call, process):
if call["api"] == "RegSetValueExA":
key = self.get_argument(call, "FullName")
if key and re.match(self.configkey, key):
value = self.get_argument(call, "ValueName").lower()
if value == "autoconfigurl":
self.keybuf = self.get_argument(call, "Buffer")
elif call["api"] == "NtWriteFile":
path = self.get_argument(call, "HandleName")
if path and re.match(self.configpath, path):
buf = self.get_argument(call, "Buffer")
if "user_pref" in buf and "network.proxy.autoconfig_url" in buf:
tmp = buf.split("(")[1].split(")")[0].split(",")[1]
self.pathbuf = tmp.strip().replace("\"","").replace("'","")
开发者ID:453483289,项目名称:community-modified,代码行数:15,代码来源:setsautoconfigurl.py
示例11: run
def run(self):
# will need to turn this into an evented signature later, as IE will read the existing value of some of these entries
# and write them back as the same value
reg_indicators = [
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\ProxyEnable$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\ProxyServer$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\ZoneMap\\\\ProxyBypass$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\ProxyOverride$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\Wpad\\\\.*",
]
whitelist = [
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\Wpad\\\\WpadLastNetwork$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\Wpad\\\\[^\\\\]*\\\\WpadDecisionReason$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\Wpad\\\\[^\\\\]*\\\\WpadDecisionTime$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\Wpad\\\\[^\\\\]*\\\\WpadDecision$",
".*\\\\SOFTWARE\\\\(Wow6432Node\\\\)?Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet\\ Settings\\\\Wpad\\\\[^\\\\]*\\\\WpadNetworkName$",
]
# Get rid of a PDF false positive
if "file" in self.results["target"]:
if "PDF" in self.results["target"]["file"]["type"]:
del reg_indicators[0]
for indicator in reg_indicators:
matches = self.check_write_key(pattern=indicator, regex=True, all=True)
if matches:
for match in matches:
foundwhite = False
for white in whitelist:
if re.match(white, match, re.IGNORECASE):
foundwhite = True
if not foundwhite:
return True
return False
开发者ID:poly-lab,项目名称:community-modified,代码行数:34,代码来源:browser_proxy.py
示例12: doPrivmsg
def doPrivmsg(self, irc, msg):
""" Handle everything.
The name is misleading. This hook actually gets called for all
IRC activity in every channel.
"""
# We don't handle this if we've been addressed because invalidCommand
# will handle it for us. This prevents us from accessing the db twice
# and therefore crashing.
if (msg.addressed or msg.repliedTo):
return
channel = msg.args[0]
if irc.isChannel(channel) and self.allow_unaddressed_karma:
irc = callbacks.SimpleProxy(irc, msg)
agent = msg.nick
line = msg.args[1].strip()
# First try to handle karma commands
words = line.split()
for word in words:
if word[-2:] in self.karma_tokens:
self._do_karma(
irc, channel, agent, word, line, explicit=False)
blacklist = self.registryValue('naked_ping_channel_blacklist')
if irc.isChannel(channel) and not channel in blacklist:
# Also, handle naked pings for
# https://github.com/fedora-infra/supybot-fedora/issues/26
pattern = '\w* ?[:,] ?ping\W*$'
if re.match(pattern, line):
admonition = self.registryValue('naked_ping_admonition')
irc.reply(admonition)
开发者ID:abompard,项目名称:supybot-fedora,代码行数:33,代码来源:plugin.py
示例13: validate_regex
def validate_regex(check, key, pattern):
"""Validates that a dict value matches a regex."""
if key not in check:
return
if not re.match(pattern, check[key]):
raise ValueError('Invalid {0}: {1}'.format(key, check[key]))
开发者ID:Dakta,项目名称:AutoModerator,代码行数:7,代码来源:automoderator.py
示例14: run
def run(self):
# There are more, but these are the only ones I've observed
execs = [
"exe",
"scr",
]
exts = {
"doc": "Word 97-2003 document",
"docx": "Word 2007+ document",
"xls": "Excel 97-2003 spreadsheet",
"xlsx": "Excel 2007+ spreadsheet",
"ppt": "PowerPoint 97-2003 file",
"pptx": "PowerPoint 2007+ file",
"jpeg": "JPEG image",
"jpg": "JPG image",
"png": "PNG image",
"gif": "GIF image",
"pdf": "PDF document",
"xml": "XML document",
}
pat = ".*[ _\-\.](?P<FakeExtension>{0})\.(?:{1})".format(
"|".join(exts.keys()), "|".join(execs))
if self.results["target"]["category"] == "file":
check = re.match(pat, self.results["target"]["file"]["name"])
if check:
ext = check.group("FakeExtension")
self.description = self.description.format(ext,
exts[ext.lower()])
return True
return False
开发者ID:453483289,项目名称:community-modified,代码行数:31,代码来源:mimics_filename.py
示例15: on_call
def on_call(self, call, process):
# Legacy, modern Dyre doesn't have hardcoded hashes in
# CryptHashData anymore
iocs = [
"J7dnlDvybciDvu8d46D\\x00",
"qwererthwebfsdvjaf+\\x00",
]
pipe = [
"\\??\\pipe\\3obdw5e5w4",
"\\??\\pipe\\g2fabg5713",
]
if call["api"] == "CryptHashData":
buf = self.get_argument(call, "Buffer")
if buf in iocs:
self.cryptoapis = True
tmp = re.sub(r"\\x[0-9A-Fa-f]{2}", "", buf)
if self.compname in tmp:
if re.match("^" + self.compname + "[0-9 ]+$", tmp):
self.cryptoapis = True
elif call["api"] == "HttpOpenRequestA":
buf = self.get_argument(call, "Path")
if len(buf) > 10:
self.networkapis.add(buf)
elif call["api"] == "NtCreateNamedPipeFile":
buf = self.get_argument(call, "PipeName")
for npipe in pipe:
if buf == npipe:
self.syncapis = True
break
return None
开发者ID:453483289,项目名称:community-modified,代码行数:31,代码来源:dyre_apis.py
示例16: run
def run(self):
urls = []
whitelist = [
"^http://(crl|ctldl)\.microsoft\.com/.*",
]
if "file" in self.results["target"]:
if "PDF" in self.results["target"]["file"]["type"] or self.results["info"]["package"] == "pdf":
whitelist.append("^http://.*\.adobe\.com/.*")
if "network" in self.results and "http" in self.results["network"]:
for req in self.results["network"]["http"]:
is_whitelisted = False
for white in whitelist:
if re.match(white, req["uri"], re.IGNORECASE):
is_whitelisted = True
if not is_whitelisted and req["uri"] not in urls:
urls.append(req["uri"])
for url in urls:
self.data.append({"url" : url})
if urls:
return True
return False
开发者ID:KillerInstinct,项目名称:community-modified,代码行数:25,代码来源:network_http.py
示例17: run
def run(self, lines):
_code = False
_cseq = ""
for l in lines:
m = re.match(r"^(?P<spaces>\s*)(?P<cseq>```|~~~)\s*(?P<lang>.*)$", l)
if m:
yield "\r"
if not _code:
_code = True
_cseq = m.group("cseq")
if m.group("lang"):
yield " #!%s\r" % m.group("lang")
else:
if _cseq == m.group("cseq"):
_code = False
_cseq = ""
else:
yield l
continue
if _code:
yield " %s" % l
else:
yield l
开发者ID:isqua-test,项目名称:point-core,代码行数:25,代码来源:md.py
示例18: update_from
def update_from(self, form, field, formfield=None, cb=False):
''' convenience method for updating fields in objects from a
submitted form. allows for a callback on failure.
each class has a validation_regexp dict '''
formfield = formfield if formfield else field
try:
value = form[formfield]
if value == re.match(self.validation_regexp.get(field, '.*'),
value).group():
fieldtype = type(getattr(self, field))
if fieldtype == BooleanType and type(value) == UnicodeType:
setattr(self, field, value.lower() in ('true', 'yes', 'on'))
else:
setattr(self, field, value)
else:
raise AttributeError('Does not match regexp!')
except KeyError:
# not in form
pass
except AttributeError:
# fails regexp!
err = '"%s" is not a valid %s' % (value, field)
if cb:
cb(err)
else:
raise InvalidValue(err)
开发者ID:Fivebread,项目名称:streetsign,代码行数:27,代码来源:models.py
示例19: _unpack
def _unpack(self, buf):
"""Extract into a list irc messages of a tcp streams.
@buf: tcp stream data
"""
try:
f = cStringIO.StringIO(buf)
lines = f.readlines()
except Exception:
log.error("Failed reading tcp stream buffer")
return False
logirc = False
for element in lines:
if not re.match("^:", element) is None:
command = "([a-zA-Z]+|[0-9]{3})"
params = "(\x20.+)"
irc_server_msg = re.findall("(^:[\w+.{}[email protected]|()]+\x20)" + command + params, element)
if irc_server_msg:
self._sc["prefix"] = convert_to_printable(irc_server_msg[0][0].strip())
self._sc["command"] = convert_to_printable(irc_server_msg[0][1].strip())
self._sc["params"] = convert_to_printable(irc_server_msg[0][2].strip())
self._sc["type"] = "server"
if logirc:
self._messages.append(dict(self._sc))
else:
irc_client_msg = re.findall("([a-zA-Z]+\x20)(.+[\x0a\0x0d])", element)
if irc_client_msg and irc_client_msg[0][0].strip() in self.__methods_client:
self._cc["command"] = convert_to_printable(irc_client_msg[0][0].strip())
if self._cc["command"] in ["NICK", "USER"]:
logirc = True
self._cc["params"] = convert_to_printable(irc_client_msg[0][1].strip())
self._cc["type"] = "client"
if logirc:
self._messages.append(dict(self._cc))
开发者ID:CIRCL,项目名称:cuckoo-modified,代码行数:34,代码来源:irc.py
示例20: run
def run(self):
indicators = [
".*CYBERGATEUPDATE",
".*\(\(SpyNet\)\).*",
".*Spy-Net.*",
".*X_PASSWORDLIST_X.*",
".*X_BLOCKMOUSE_X.*",
#".*PERSIST", # Causes false positive detection on XtremeRAT samples.
".*_SAIR",
]
for indicator in indicators:
if self.check_mutex(pattern=indicator, regex=True):
return True
keys = [
".*\\\\SpyNet\\\\.*",
]
whitelist = [
".*\\\\SOFTWARE\\\\Policies\\\\Microsoft\\\\Windows Defender\\\\.*",
]
for key in keys:
keymatch = self.check_write_key(pattern=key, regex=True)
if keymatch:
is_good = True
for white in whitelist:
if re.match(white, keymatch, re.IGNORECASE):
is_good = False
break
if is_good:
return True
return False
开发者ID:453483289,项目名称:community-modified,代码行数:33,代码来源:rat_spynet.py
注:本文中的re2.match函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论