baderj / domain_generation_algorithms Goto Github PK

unknown_malware is in fact DMSniff. It's named as such in this article.

In Orchard, when you look for the last transaction that happened before a certain date, you sort the database according to the transaction timestamps:
transactions = sorted( transactions.values(), key=lambda x: x['time'], reverse=True )
In the database are multiple entries that share a timestamp, making it impossible to see which of them is the latest. I'm still trying to figure out a better sorting criterion then the timestamp but could not find one up to now. Do you have an idea how to solve this?

Hi,
is the expiro algorithm also date-sensitive? We try to figure out how to get a seed by date so we can precalculate the domains for blocking. Any idea?

please apply the patch or not at your discretion.
ramnit-patch.diff.zip

(I am merely the messenger here)

It was observed many of the DGA mechanisms here are not in Python 3, suggesting that either they are no longer supported or no longer relevant. Is this the case? And if so, should those Py2 algos be ignored for modern information gathering?

Alternatively, if someone did a Python3 port of those functions would you consider reviewing that as a pull/merge request?

Hi,
The cmdline arg date is passed as a string to dga(), then to seed_data(), which tries to handle it as if an datetime object. Should there be "strptime" somewhere?

I just test the md6.py use the method in the head of the script but the script couldn't work.

Error info:
TypeError: unsupported operand type(s) for &: 'str' and 'int'

Hello!
I think there might be a bug in the DGA from Orchard. When you calculate the domains for a date in the past (e.g. 2022-05-09), then update the db (or rebuild it from scratch) and calculate the domains for the same date again you get different results in the second block of domains. That should not be the case, or am I missing something here?