-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsscompare_functions.go
137 lines (126 loc) · 3.28 KB
/
sscompare_functions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
package main
import (
"os"
"fmt"
"strings"
"github.com/dutchcoders/gossdeep"
)
type result struct {
paths bool
score int
s1 string //path or hash
s2 string
strflag bool //standard string compare not equal
shaflag bool //sha1 comparison not equal
}
func outputpathheader() {
fmt.Fprintf(os.Stdout, "\"FUZZY SCORE\", \"PATH_ONE\", \"PATH TWO\", \"STRCOMP FAIL\", \"SHA1 FAIL\"\n")
}
func outputresults(r result) {
if !r.paths {
fmt.Fprintf(os.Stdout, "\"%d\",\"%s\",\"%s\",\"%t\"\n", r.score, r.s1, r.s2, r.strflag)
} else {
fmt.Fprintf(os.Stdout, "\"%d\",\"%s\",\"%s\",\"%t\",\"%t\"\n", r.score, r.s1, r.s2, r.strflag, r.shaflag)
}
}
//Generates hashes for two strings and compares those values
func CompareStrings(str1 string, str2 string) (result, error) {
var r result
var err error
r.s1, err = hashString(str1)
if err != nil {
return r, err
}
r.s2, err = hashString(str2)
if err != nil {
return r, err
}
r.score, err = ssdeep.Compare(r.s1, r.s2)
if err != nil {
return r, err_sscomp
}
if r.score == 100 { //100 spotted in the wild for non-identifcal files
if strings.Compare(r.s1, r.s2) != 0 {
r.strflag = true
}
}
return r, nil
}
//Generates hashes for two files and compares those values
func Comparefiles(file1 string, file2 string) (result, error) {
var r result
r.paths = true
var err error
f1, _ := fileExists(file1)
f2, _ := fileExists(file2)
if !f1 || !f2 {
return r, fmt.Errorf("Warning: Cannot find file.\n")
}
r.s1, err = createfilehash(file1)
if err != nil {
return r, err
}
r.s2, err = createfilehash(file2)
if err != nil {
return r, err
}
r.score, err = ssdeep.Compare(r.s1, r.s2)
if err != nil {
return r, err
}
if r.score == 100 { //100 spotted in the wild for non-identifcal files
if strings.Compare(r.s1, r.s2) != 0 {
r.strflag = true
}
shaval1, err := hashfile(file1)
if err != nil {
return r, err_sha1_file1
}
shaval2, err := hashfile(file2)
if err != nil {
return r, err_sha1_file2
}
if strings.Compare(shaval1, shaval2) != 0 {
r.shaflag = true
}
}
return r, nil
}
//Runs ssdeep compare for two pre-existing hash strings
func Comparehashes(hash1 string, hash2 string) (result, error) {
var r result
var err error
r.s1 = hash1
r.s2 = hash2
r.score, err = ssdeep.Compare(hash1, hash2)
if err != nil {
return r, err_sscomp
}
if r.score == 100 { //100 spotted in the wild for non-identifcal files
if strings.Compare(r.s1, r.s2) != 0 {
r.strflag = true
}
}
return r, nil
}
//Return the hash of a single string.
func hashString(str string) (string, error) {
hash, err := ssdeep.HashString(str)
if err != nil {
return "", err
}
return hash, nil
}
//Creates a fizzy hash for a single file
func createfilehash(path string) (string, error) {
f, err := os.Open(path)
defer f.Close()
if err != nil {
return "", err
}
hash, err := ssdeep.HashFilename(path) //confusing function title, not mine!
if err != nil {
return "", nil
}
return hash, nil
}