在 python 中使用正则表达式提取值
[英]Extract values using regex in python
问题描述
How can I extract Input from the following string using regex:
如何使用正则表达式从以下字符串中提取输入:
{"eventid":"cowrie.command.input","input":"echo \"root:twrHxXE7YmIr\"|chpasswd|bash","message":"CMD: echo \"root:twrHxXE7YmIr\"|chpasswd|bash","sensor":"cowrieHoneypot2","timestamp":"2021-05-06T10:35:25.171419Z","src_ip":"121.201.95.106","session":"1ce15808ec97"}
Following is the regex pattern currently I'm using:以下是我目前正在使用的正则表达式模式:
\"input\":\"[a-zA-z0-9\s=+~_\\$-|]*\"
But it returns half values like:但它返回一半的值,如:
"input":"echo \"
So, how can I modify this regex to get the complete value?那么,我怎样才能修改这个正则表达式来获得完整的值呢?
2 个解决方案
解决方案1
1 已采纳 2021-05-08 18:07:59
You need to add commas between } and { that are separated with a newline, and it can be done with a simple .replace("}\n{", "},\n{") .您需要在}和{之间添加逗号,用换行符分隔,并且可以使用简单的.replace("}\n{", "},\n{")来完成。
Then you can parse the JSON with json module:然后您可以使用json模块解析 JSON :
import json
filepath = r'PATH_TO_FILE'
with open(filepath, 'r') as f:
contents = f.read()
j = json.loads('[{}]'.format(contents.replace("}\n{", "},\n{")))
values = [n["input"] for n in j if 'input' in n]
print(values)
Using your data, the output is使用您的数据,output 是
['enable', 'system', 'system', 'shell', 'shell', 'sh', 'cat /proc/mounts; /bin/busybox KUHJY', 'cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox KUHJY', 'tftp; wget; /bin/busybox KUHJY', 'dd bs=52 count=1 if=.s || cat .s || while read i; do echo $i; done < .s', 'while read i', '/bin/busybox KUHJY', 'rm .s; exit', 'cat /proc/cpuinfo | grep name | wc -l', 'echo "root:QEqRsCr9yFa5"|chpasswd|bash', "cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'", "free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'", 'ls -lh $(which ls)', 'which ls', 'crontab -l', 'w', 'uname -m', 'cat /proc/cpuinfo | grep model | grep name | wc -l', 'top', 'uname', 'uname -a', 'lscpu | grep Model', 'cd ~ && rm -rf .ssh && mkdir .ssh && echo "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXxziIg9eLBHpgLMuakb5+BgTFB+rKJAw9u9FSTDengvS8hX1kNFS4Mjux0hJOK8rvcEmPecjdySYMb66nylAKGwCEE6WEQHmd1mUPgHwGQ0hWCwsQk13yCGPK5w6hYp5zYkFnvlC8hGmd4Ww+u97k6pfTGTUbJk14ujvcD9iUKQTTWYYjIIu5PmUux5bsZ0R4WFwdIe6+i6rBLAsPKgAySVKPRK+oRw== mdrfckr">>.ssh/authorized_keys && chmod -R go= ~/.ssh && cd ~', 'enable', 'system', 'system', 'shell', 'shell', 'sh', 'cat /proc/mounts; /bin/busybox PYIHO', 'cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox PYIHO', 'tftp; wget; /bin/busybox PYIHO', 'dd bs=52 count=1 if=.s || cat .s || while read i; do echo $i; done < .s', 'while read i', '/bin/busybox PYIHO', 'rm .s; exit', 'enable', 'system', 'system', 'shell', 'shell', 'sh', 'cat /proc/mounts; /bin/busybox GYYXE', 'cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox GYYXE', 'tftp; wget; /bin/busybox GYYXE', 'dd bs=52 count=1 if=.s || cat .s || while read i; do echo $i; done < .s', 'while read i', '/bin/busybox GYYXE', 'rm .s; exit']
解决方案2
0 2021-05-08 16:21:10
\"input\":\"([^\,\}\"]|\\\")*\"[,\{]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Python:使用正则表达式提取小数点后的值 - Python: Extract values after decimal using regex
正则表达式使用python提取括号内的值和括号内的单词 - regex to extract values within parentheses and the word before parentheses using python
使用Python中的REGEX从文本文件中提取变量名称和值 - Extract variable names and values using REGEX in Python from a text file
使用正则表达式提取这种形式的值 - Using regex to extract values of this form
使用python正则表达式提取变量 - Extract variables using python regex
使用正则表达式python提取字符串 - extract strings using regex python
在Python中使用RegEx提取内容 - Using RegEx in Python to extract contents
在python中使用正则表达式提取实体 - Extract entity using regex in python
在Python中使用正则表达式提取字符串 - Extract string using regex in Python
在 Python 中使用正则表达式提取模式 - Pattern extract using Regex in Python
相关标签