More "is_" Methods

[sroberts]

@technoskald added a nice "is_IPv4Address" method, but we could use quite a few more:

• [ ] is_IPv6Address
• [ ] is_EmailAddress
• [ ] is_Domain
• [x] is_Url

And I'm sure others.

[sroberts]

Useful Regexs:

listResults = []
MD5 = '\W([a-fA-F0-9]{32})\W'
SHA1 = '[a-fA-F0-9]{40}'
SHA256 = '[a-fA-F0-9]{64}'
LM = '[a-fA-F0-9]{32}'
DOMAIN = '\W(\w+\.){1,4}(com|net|biz|cat|aero|asia|coop|info|int|jobs|mobi|museum|name|org|post|pre|tel|travel|xxx|edu|gov|mil|br|cc|ca|uk|ch|co|cx|de|fr|hk|jp|kr|nl|nr|ru|tk|ws|tw)[^a-fA-F0-9_-]'
URL = '(http\:\/\/|https\:\/\/)(.+\S)'
IP4 = '((?<![0-9])(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))(?![0-9]))'
IP6 = '(((([01]? d?\\d)|(2[0-5]{2}))\\.){3}(([01]?\\d?\\d)|(2[0-5]{2})))|(([A-F0-9]){4}(:|::)){1,7}(([A-F0-9]){4})'
SSN = '(\d{3}\-\d{2}\-\d{3})|(\d{3}\s\d{2}\s\d{3})'
EMAIL = '([a-zA-Z0-9\.-_]+@)([a-zA-Z0-9-]+\.)(com|net|biz|cat|aero|asia|coop|info|int|jobs|mobi|museum|name|org|post|pre|tel|travel|xxx|edu|gov|mil|br|cc|ca|uk|ch|co|cx|de|fr|hk|jp|kr|nl|nr|ru|tk|ws|tw)\W'
CCN = '\d{4}\s\d{4}\s\d{4}\s\d{2,4}|\d{4}\-\d{4}\-\d{4}\-\d{2,4}'
TWITTER = '(?<=^|(?<=[^a-zA-Z0-9-_\.]))(@)([A-Za-z]+[A-Za-z0-9]+)'
PHONE = ''
NTLM = ''
WDIR = '[a-zA-Z]\:\\\\.+'
DOC = '\W([\w-]+\.)(docx|doc|csv|pdf|xlsx|xls|rtf|txt|pptx|ppt)'
EXE = '\W([\w-]+\.)(exe|dll)'
ZIP = '\W([\w-]+\.)(zip|zipx|7z|rar|tar|gz)'
IMG = '\W([\w-]+\.)(jpeg|jpg|gif|png|tiff|bmp)'
FLASH = '\W([\w-]+\.)(flv|swf)'
MYSQL = '\*[a-fA-F0-9]{40}'
WP = '\$P\$\w{31}'

[krmaxwell]

I'm going to assume you found those someplace sekret.

[sroberts]

Where do I find most things? No idea. Just wanted to make sure I held on to it. Seems useful.

[krmaxwell]

:laughing: :trollface:

[krmaxwell]

is_cve()

[sroberts]

I dig it.

[sroberts]

So... I started working on this, but honestly I'm not sure it's the best approach. You can already use the prebuilt regex's with utilitybelt.re_md5.match("foo"). Do we really need to over do it?

[krmaxwell]

Well, for that matter do we need to reimplement stuff that's in other libraries? (Not criticizing, thinking "out loud".) For example, just using netaddr more.

[sroberts]

My point really is it's already implemented. it's just a question of if we want to make things that overly complicated. The difficult thing is finding the regular expression, not figuring out how to do re.match(foo). I just think it would lead to a lot of 3 line methods that basically don't save you much.

[sroberts]

@technoskald Any further thoughts or disagreement? Otherwise I'm going to close this out.

[krmaxwell]

Nope, I think we can close for now. This ends up being subsumed into the larger discussions about scoping and nomenclature anyway.