Closed sroberts closed 9 years ago
Useful Regexs:
listResults = []
MD5 = '\W([a-fA-F0-9]{32})\W'
SHA1 = '[a-fA-F0-9]{40}'
SHA256 = '[a-fA-F0-9]{64}'
LM = '[a-fA-F0-9]{32}'
DOMAIN = '\W(\w+\.){1,4}(com|net|biz|cat|aero|asia|coop|info|int|jobs|mobi|museum|name|org|post|pre|tel|travel|xxx|edu|gov|mil|br|cc|ca|uk|ch|co|cx|de|fr|hk|jp|kr|nl|nr|ru|tk|ws|tw)[^a-fA-F0-9_-]'
URL = '(http\:\/\/|https\:\/\/)(.+\S)'
IP4 = '((?<![0-9])(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))(?![0-9]))'
IP6 = '(((([01]? d?\\d)|(2[0-5]{2}))\\.){3}(([01]?\\d?\\d)|(2[0-5]{2})))|(([A-F0-9]){4}(:|::)){1,7}(([A-F0-9]){4})'
SSN = '(\d{3}\-\d{2}\-\d{3})|(\d{3}\s\d{2}\s\d{3})'
EMAIL = '([a-zA-Z0-9\.-_]+@)([a-zA-Z0-9-]+\.)(com|net|biz|cat|aero|asia|coop|info|int|jobs|mobi|museum|name|org|post|pre|tel|travel|xxx|edu|gov|mil|br|cc|ca|uk|ch|co|cx|de|fr|hk|jp|kr|nl|nr|ru|tk|ws|tw)\W'
CCN = '\d{4}\s\d{4}\s\d{4}\s\d{2,4}|\d{4}\-\d{4}\-\d{4}\-\d{2,4}'
TWITTER = '(?<=^|(?<=[^a-zA-Z0-9-_\.]))(@)([A-Za-z]+[A-Za-z0-9]+)'
PHONE = ''
NTLM = ''
WDIR = '[a-zA-Z]\:\\\\.+'
DOC = '\W([\w-]+\.)(docx|doc|csv|pdf|xlsx|xls|rtf|txt|pptx|ppt)'
EXE = '\W([\w-]+\.)(exe|dll)'
ZIP = '\W([\w-]+\.)(zip|zipx|7z|rar|tar|gz)'
IMG = '\W([\w-]+\.)(jpeg|jpg|gif|png|tiff|bmp)'
FLASH = '\W([\w-]+\.)(flv|swf)'
MYSQL = '\*[a-fA-F0-9]{40}'
WP = '\$P\$\w{31}'
I'm going to assume you found those someplace sekret.
Where do I find most things? No idea. Just wanted to make sure I held on to it. Seems useful.
:laughing: :trollface:
is_cve()
I dig it.
So... I started working on this, but honestly I'm not sure it's the best approach. You can already use the prebuilt regex's with utilitybelt.re_md5.match("foo")
. Do we really need to over do it?
Well, for that matter do we need to reimplement stuff that's in other libraries? (Not criticizing, thinking "out loud".) For example, just using netaddr more.
My point really is it's already implemented. it's just a question of if we want to make things that overly complicated. The difficult thing is finding the regular expression, not figuring out how to do re.match(foo)
. I just think it would lead to a lot of 3 line methods that basically don't save you much.
@technoskald Any further thoughts or disagreement? Otherwise I'm going to close this out.
Nope, I think we can close for now. This ends up being subsumed into the larger discussions about scoping and nomenclature anyway.
@technoskald added a nice "is_IPv4Address" method, but we could use quite a few more:
And I'm sure others.