尝试动态使用regex findall来获取注册表项。如何将单个转义附加到正则字符串中?
尝试动态使用regex findall来获取注册表项。如何将单个转义附加到正则字符串中?
提问于 2022-09-13 05:34:29
test_str = Monitor for deletion of Windows Registry keys and/or values related to services and startup programs that correspond to security tools such as HKLM:\\SOFTWARE\\Microsoft\\AMSI\\Providers. Monitor for changes made to Windows Registry keys and or values related to services and startup programs that correspond to security tools such as HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender.
for path_found in iocs_found['windows_path']:
path_found = path_found.replace('\\', '\\\\')
print(path_found)
regex_pattern = f"[A-Z]+(?:{path_found})"
matches = re.findall(regex_pattern, test_str)
print(matches)
print('\n')打印声明如下:
软件\Microsoft\AMSI\Provider。
‘’HKLM:\软件\Microsoft\AMSI\Providers.‘.’
M:\软件\策略\Microsoft\Windows
‘’HKLM:\软件\策略\Microsoft\Windows‘
两个问题:
如何更改regex代码,使HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender
- how变为,以便向当前动态regex添加新的regex,以避免双重转义?
请帮帮忙。
回答 1
Stack Overflow用户
发布于 2022-09-13 05:43:53
对于上面显示的特定输入,模式HKLM:\\.*?(?=\.)应该可以工作:
test_str = "Monitor for deletion of Windows Registry keys and/or values related to services and startup programs that correspond to security tools such as HKLM:\\SOFTWARE\\Microsoft\\AMSI\\Providers. Monitor for changes made to Windows Registry keys and or values related to services and startup programs that correspond to security tools such as HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender."
matches = re.findall(r'HKLM:\\.*?(?=\.)', test_str)
print(matches)这些指纹:
['HKLM:\\SOFTWARE\\Microsoft\\AMSI\\Providers',
'HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender']页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/73697920
复制相关文章
相似问题
腾讯云开发者
