Pastemon.pl Upgrade

Screen Shot 2012 03 16 at 22 19 29Just a quick blog post to announce that I just committed a new version of my pastemon.pl tool on github.com. I’ll present it (and the associated website leakedin.com) this Thursday at HITB Amsterdam during a SIGINT session.

What’s new with this version? First some bug fixes! (yes, I’m writing buggy code!) But there are also new features/options.

  • Opposite to the “_EXCLUDE_” feature, I added the “_INCLUDE_” one. This could help you to give more granularity to your regular expressions. Example: To search for references to the Visa credit card, use:
    +4[0-9]{12}(?:[0-9]{3})? _INCLUDE_ (visa|credit|card)

    This will reduce false positives. The pastie will be flagged only if it contains a credit card number and one of the three words in the same text.

  •  All the configuration has been moved from command line arguments to an XML file. It became difficult to maintain them in a single command line. The new syntax is simply:
    ./pastemon.pl --config=filepath [--debug] [--help]

    An XML sample configuration is provided in the repository.

  • If you enable the dump of pasties to a directory, the matching regular expressions are added as headers to help you to remind why they were dumped.
  • SMTP notifications have been added.
  • Detection of duplicate pasties is performed based on the Jaro-Winkler algorithm. Pasties which are “close” to an already matching one won’t be reported.

If you’ll attend Hack In The Box in Amsterdam, feel free to come and say hello!

 

Post Navigation