def zip_do_zip(azip, afile):
""" azip:ZipFile, afile:source archive(s) name """
# test if encrypted
try:
azip.testzip()
except RuntimeError as e:
if 'encrypted' in str(e):
log_encrypted(BF_ZIP, afile)
return
else:
log_error(str(e), afile)
# iterate directly over file names
for member in azip.namelist():
# sort directories out
if member.endswith('/'):
continue
# check file name
filename = os.path.basename(member).lower()
res = RGX_INFILENAME.search(filename)
if res:
log_secret(res.group(), afile+':'+member)
# check file content, calling other modules
data = azip.read(member)
(ftype, supported) = type_data(data, member)
if supported:
if ftype in ENCRYPTED:
log_encrypted(ftype, member)
else:
do_data(ftype, data, afile+':'+member)
def zip_do_zip(azip, afile):
""" azip:ZipFile, afile:source archive(s) name """
# test if encrypted
try:
azip.testzip()
except RuntimeError as e:
if 'encrypted' in str(e):
log_encrypted(BF_ZIP, afile)
return
else:
log_error(str(e), afile)
# iterate directly over file names
for member in azip.namelist():
# sort directories out
if member.endswith('/'):
continue
# check file name
filename = os.path.basename(member).lower()
res = RGX_INFILENAME.search(filename)
if res:
log_secret(res.group(), afile + ':' + member)
# check file content, calling other modules
data = azip.read(member)
(ftype, supported) = type_data(data, member)
if supported:
if ftype in ENCRYPTED:
log_encrypted(ftype, member)
else:
do_data(ftype, data, afile + ':' + member)
def scan(path, count):
"""selects files to process, checks file names"""
log_comment('scanning %s:' % path)
scanned = 0
bar_width = 32
if count < bar_width:
bar_width = count
if count == 0:
bar_width = 1
sys.stdout.write('%s\n' % ("=" * bar_width))
bar_blocksize = count / bar_width
bar_left = bar_width
bar_count = 0
for root, dirs, files in os.walk(path):
for skip in SKIP:
if skip in dirs:
dirs.remove(skip)
for filename in files:
abspath = os.path.abspath(os.path.join(root, filename))
res = RGX_INFILENAME.search(filename.lower())
if res:
log_secret(res.group(), abspath)
try:
ftype, supported = type_file(abspath)
except TypeError as e:
log_error(str(e), abspath)
continue
if supported:
if ftype in ENCRYPTED:
# report but do not process
log_encrypted(ftype, abspath)
if ftype in EXE:
# report but do not process
if looks_uniform(filename=abspath):
log_packed(ftype, abspath)
else:
log_exe(ftype, abspath)
else:
# process the file
do_file(ftype, abspath)
scanned += 1
# update progress bar
bar_count += 1
if bar_count >= bar_blocksize and bar_left:
sys.stdout.write("=")
sys.stdout.flush()
bar_count = 0
bar_left -= 1
sys.stdout.write("\n")
log_comment('%d files supported were processed' % scanned)
return scanned
def scan(path, count):
"""selects files to process, checks file names"""
log_comment('scanning %s:' % path)
scanned = 0
bar_width = 32
if count < bar_width:
bar_width = count
if count == 0:
bar_width = 1
sys.stdout.write('%s\n' % ("=" * bar_width))
bar_blocksize = count / bar_width
bar_left = bar_width
bar_count = 0
for root, dirs, files in os.walk(path):
for skip in SKIP:
if skip in dirs:
dirs.remove(skip)
for filename in files:
abspath = os.path.abspath(os.path.join(root, filename))
res = RGX_INFILENAME.search(filename.lower())
if res:
log_secret(res.group(), abspath)
try:
ftype, supported = type_file(abspath)
except TypeError as e:
log_error(str(e), abspath)
continue
if supported:
if ftype in ENCRYPTED:
# report but do not process
log_encrypted(ftype, abspath)
if ftype in EXE:
# report but do not process
if looks_uniform(filename=abspath):
log_packed(ftype, abspath)
else:
log_exe(ftype, abspath)
else:
# process the file
do_file(ftype, abspath)
scanned += 1
# update progress bar
bar_count += 1
if bar_count >= bar_blocksize and bar_left:
sys.stdout.write("=")
sys.stdout.flush()
bar_count = 0
bar_left -= 1
sys.stdout.write("\n")
log_comment('%d files supported were processed' % scanned)
return scanned
def tar_do_tar(atar, afile):
""" atar:TarFile, afile:source archive(s) name """
# iterate over TarInfo's
for member in atar.getmembers():
# only process files
if not member.isfile():
continue
# check file name
filename = os.path.basename(member.name).lower()
res = RGX_INFILENAME.search(filename)
if res:
log_secret(res.group(), afile + ':' + member.name)
# check file content, calling other modules
data = atar.extractfile(member).read()
(ftype, supported) = type_data(data, member.name)
if supported:
if ftype in ENCRYPTED:
log_encrypted(ftype, member.name)
else:
do_data(ftype, data, afile + ':' + member.name)