MongoDB(<3.6) does not permit storage of field names that contain dots

JPCERTCC / MalConfScan

Volatility plugin for extracts configuration data of known malware

Other

485 stars 67 forks source link

MongoDB(<3.6) does not permit storage of field names that contain dots #2

Closed t-tani closed 5 years ago

t-tani commented 5 years ago

emotetscan.py export a dict data which field name contains dots (i.e. "."). It would cause a bug in MalConfScan-with-Cuckoo if Cuckoo is connected to MongoDB(<3.6).

https://github.com/JPCERTCC/MalConfScan/blob/71dd248721faceee72d03e0fd2ff74a268609363/utils/emotetscan.py#L116

Thanks for the feedback @soji256 Ref: https://soji256.hatenablog.jp/entry/2019/05/23/004911 (Japanese)