Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //Trust payload until abnormal activity
- //Currently under analysis
- #include <stdio.h>
- //receive argv[0] is the payload
- int main(int argc, char *argv[])
- //begin
- {
- char* abnormal;
- int x;
- //initialization to false
- x = 0;
- do
- {
- /* "check for abnormal activity
- by calling specific Suricata function*/
- if (check_abnormal(argv[0]) == 1);
- }
- while ( x != 0 );
- alert(threat_identified);
- //reset counter
- {x = 0;}
- check_abnormal(char* check_discover)
- //pass variable to Suricata Engine
- call_Suricata (check_discover, check_compare);
- if (call_Suricata == "check_validate")
- {
- x = 1;
- return x;
- }
- //end
- }
- //see to include Network IP, pass, MAC Address
- //see if we need to add these variables
- //char* known_threat;
- //char* unknown_threat;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement