Beispiel #1
0
def analyze_parallel(executables, args):
    count = 0
    for executable in sorted(executables):
        count += 1
        try:
            file_info = UF.get_path_filename_deps('x86-pe', executable)
        except UF.CHBDirectoryNotFoundError as e:
            print(e)
            continue
        (path, filename, deps) = file_info

        while (len(multiprocessing.active_children()) >= args.maxprocesses):
            pass

        if (os.path.isfile(UF.get_executable_targz_filename(path, filename))):
            # and os.path.isdir(UF.get_statistics_dir(path, filename)))
            print("Analyzing executable " + str(count) + " of " +
                  str(len(executables)) + " ... ")
            multiprocessing.Process(target=call_analysis,
                                    args=(file_info, args.iterations,
                                          args.asm)).start()
        else:
            print('Not analyzing: ' + filename)

    while (len(multiprocessing.active_children()) > 0):
        pass
Beispiel #2
0
def set_profiles(atfi, records, includes, excludes):
    for atxi in records:
        r = records[atxi]
        if satisfies_spec(r, includes, excludes):
            name = UF.mk_atsc(atfi, atxi)
            if 'clusters' in r and len(r['clusters']) > 0:
                listedclusters[name] = r['clusters']
            if is_representative(r):
                try:
                    (path, filename,
                     _) = UF.get_path_filename_deps('x86-pe', name)
                except:
                    print('**** problem with ' + name)
                    continue
                md5filename = UF.get_md5profile_filename(path, filename)
                if os.path.isfile(md5filename):
                    with open(md5filename, 'r') as fp:
                        profiles.setdefault(name, {})
                        profiles[name]['md5s'] = json.load(fp)['md5s']
                else:
                    missingmd5s.append(name)
                    print('Missing: ' + name)
            else:
                rep = get_representative(atfi, r)
                profiles.setdefault(rep, {})
                profiles[rep].setdefault('md5s', [])
                profiles[rep].setdefault('duplicates', [])
                profiles[rep]['duplicates'].append(name)
Beispiel #3
0
def extract_parallel(executables, args):
    count = 0
    for executable in sorted(executables):
        count += 1
        try:
            file_info = UF.get_path_filename_deps('x86-pe', executable)
        except UF.CHBDirectoryNotFoundError as e:
            print(e)
            continue

        while (len(multiprocessing.active_children()) >= args.maxprocesses):
            pass

        print("Extracting executable " + str(count) + " of " +
              str(len(executables)) + " ... ")
        multiprocessing.Process(target=call_extraction,
                                args=(file_info, args.extracthex, args.reset,
                                      args.annotate)).start()

    while (len(multiprocessing.active_children()) > 0):
        pass
Beispiel #4
0
def disassemble_parallel(executables, args):
    count = 0
    for executable in sorted(executables):
        count += 1
        try:
            file_info = UF.get_path_filename_deps('x86-pe', executable)
        except UF.CHBDirectoryNotFoundError as e:
            print(e)
            continue
        (path, filename, deps) = file_info

        while (len(multiprocessing.active_children()) >= args.maxprocesses):
            pass

        if os.path.isfile(UF.get_executable_targz_filename(path, filename)):
            print('Disassembling executable ' + filename + ' (' + str(count) +
                  ' of ' + str(len(executables)) + ') ... ')
            multiprocessing.Process(target=call_disassembly,
                                    args=(file_info, args.xml,
                                          args.reduce)).start()

    while (len(multiprocessing.active_children()) > 0):
        pass
Beispiel #5
0
            print('*' * 80)
            exit(1)
        am.save_extract()
    except subprocess.CalledProcessError as e:
        print(e.output)
        print(e.args)
        exit(1)


if __name__ == '__main__':

    args = parse()

    try:
        (path, filename,
         deps) = UF.get_path_filename_deps('x86-pe', args.filename)
        if not UF.check_executable(path, filename):
            extract(path, filename, deps, args.extracthex)
    except UF.CHBError as e:
        print(str(e.wrap()))
        exit(1)

    UF.check_analyzer()
    am = AM.AnalysisManager(path, filename, deps=deps)

    if args.reset:
        chdir = UF.get_ch_dir(path, filename)
        if os.path.isdir(chdir):
            print('Removing ' + chdir)
            shutil.rmtree(chdir)
        if not UF.unpack_tar_file(path, filename):
Beispiel #6
0
            print('*' * 80)
            exit(1)
        am.save_extract()
    except subprocess.CalledProcessError as e:
        print(e.output)
        print(e.args)
        exit(1)


if __name__ == '__main__':

    args = parse()

    try:
        (path, filename,
         deps) = UF.get_path_filename_deps('mips-elf', args.filename)
        UF.check_analyzer()
    except UF.CHBError as e:
        print(str(e.wrap()))
        exit(1)

    fixup = {}
    if args.fixup:
        try:
            with open(args.fixup) as fp:
                fixup = json.load(fp)['fixups']
        except Exception as e:
            print('*' * 80)
            print('Error in loading fixup file: ' + str(e))
            print('*' * 80)
            exit(1)