telfhash: add support for new TLSH hash format, which has been the
default since TLSH 4.0.0. Deprecate support for the old format.
This commit is contained in:
parent
2f06be9f99
commit
f13dbcd79c
|
@ -17,6 +17,8 @@ buildPythonPackage {
|
||||||
sha256 = "jNu6qm8Q/UyJVaCqwFOPX02xAR5DwvCK3PaH6Fvmakk=";
|
sha256 = "jNu6qm8Q/UyJVaCqwFOPX02xAR5DwvCK3PaH6Fvmakk=";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patches = [ ./telfhash-new-tlsh-hash.patch ];
|
||||||
|
|
||||||
# The tlsh library's name is just "tlsh"
|
# The tlsh library's name is just "tlsh"
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
substituteInPlace requirements.txt --replace "python-tlsh" "tlsh"
|
substituteInPlace requirements.txt --replace "python-tlsh" "tlsh"
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
diff --git a/telfhash/grouping.py b/telfhash/grouping.py
|
||||||
|
index c62f8d9..4ee9f0b 100644
|
||||||
|
--- a/telfhash/grouping.py
|
||||||
|
+++ b/telfhash/grouping.py
|
||||||
|
@@ -32,10 +32,10 @@ import tlsh
|
||||||
|
def get_combination(telfhash_data):
|
||||||
|
|
||||||
|
#
|
||||||
|
- # TLSH hash is 70 characters long. if the telfhash is not 70
|
||||||
|
+ # The new TLSH hash is 72 characters long. if the telfhash is not 72
|
||||||
|
# characters in length, exclude from the list
|
||||||
|
#
|
||||||
|
- files_list = [x for x in list(telfhash_data.keys()) if telfhash_data[x]["telfhash"] is not None and len(telfhash_data[x]["telfhash"]) == 70]
|
||||||
|
+ files_list = [x for x in list(telfhash_data.keys()) if telfhash_data[x]["telfhash"] is not None and len(telfhash_data[x]["telfhash"]) == 72]
|
||||||
|
|
||||||
|
#
|
||||||
|
# get the combination of all the possible pairs of filenames
|
||||||
|
diff --git a/telfhash/telfhash.py b/telfhash/telfhash.py
|
||||||
|
index f2bbd25..c6e346c 100755
|
||||||
|
--- a/telfhash/telfhash.py
|
||||||
|
+++ b/telfhash/telfhash.py
|
||||||
|
@@ -132,7 +132,7 @@ def get_hash(symbols_list):
|
||||||
|
symbol_string = ",".join(symbols_list)
|
||||||
|
encoded_symbol_string = symbol_string.encode("ascii")
|
||||||
|
|
||||||
|
- return tlsh.forcehash(encoded_symbol_string).lower()
|
||||||
|
+ return tlsh.forcehash(encoded_symbol_string)
|
||||||
|
|
||||||
|
|
||||||
|
def elf_get_imagebase(elf):
|
Loading…
Reference in a new issue