Last active
December 16, 2022 08:36
-
-
Save eybisi/157c76e1491ed26c2e510c4f5a49b4bb to your computer and use it in GitHub Desktop.
dga for alien sample
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from datetime import datetime | |
| import hashlib | |
| def gen_dga_from_day(day): | |
| # https://twitter.com/_CPResearch_/status/1603375823448317953?s=20&t=TkPpJYjVudhg2JnHbeVQFQ | |
| """ | |
| int i2 = 5; | |
| int i3 = calendar.get(5); | |
| int i4 = calendar.get(1); | |
| if (i3 >= 10) { | |
| if (i3 < 20 && i3 > 10) { | |
| i2 = 15; | |
| } else if (i3 > 20) { | |
| i2 = 25; | |
| } | |
| } | |
| """ | |
| year_i = datetime.today().year | |
| month_i = datetime.today().month - 1 | |
| today = day | |
| if today > 10 and today < 20: | |
| day_i = 15 | |
| elif today > 20: | |
| day_i = 25 | |
| else: | |
| day_i = 5 | |
| print(f"Current seed year={year_i},month={month_i+1},day={day_i}") | |
| seed = f"{int(str(month_i) + str(day_i) + str(year_i))*61}" | |
| digest = hashlib.md5(seed.encode("utf-8")).hexdigest() | |
| return f"http://{digest}.xyz" | |
| def gen_dga_domains(): | |
| # only edge cases | |
| k = [10, 11, 20, 30] | |
| for i in k: | |
| print(gen_dga_from_day(i)) | |
| gen_dga_domains() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I think it should be this