def get_exe_version(path):
stream = FileInputStream(path)
parser = hachoir.parser.guessParser(stream)
metadata = hachoir.metadata.extractMetadata(parser)
version = metadata.get("version")
stream.close()
return version
def embedded_files(self, extract_path: str = None):
"""Search for embedded files and extract them
This method does not change the state.
Args:
extract_path (str, optional): Path to extract files to. Defaults to None.
Returns:
Chepy: The Chepy object.
Examples:
>>> Chepy("/tmp/stego_50.jpg").load_file().embedded_files(extract_path="/tmp/embedded")
[+] Start search on 10757 bytes (10.5 KB)
[+] End of search -- offset=10757 (10.5 KB)
[+] File at 0 size=10541 (10.3 KB): JPEG picture: 430x425 pixels => /tmp/embedded/file-0001.jpg
[+] File at 10541 size=201 (201 bytes): ZIP archive => /tmp/embedded/file-0002.zip
"""
filename = self._temp_file()
inp = FileInputStream(filename)
subfile = SearchSubfile(inp)
if extract_path is not None: # pragma: no cover
subfile.setOutput(extract_path)
subfile.loadParsers()
subfile.main()
# pathlib.Path(filename).unlink()
return self
def parse_packet(file_or_data):
"""Parse a packet into a DeviceFrame object"""
if isinstance(file_or_data, bytes):
stream = StringInputStream(file_or_data)
else:
stream = FileInputStream(file_or_data, file_or_data)
packet = DeviceFrameParser(stream)
return packet
def openParser(parser_id, filename, offset, size):
tags = []
if parser_id:
tags += [("id", parser_id), None]
try:
stream = FileInputStream(filename, offset=offset, size=size, tags=tags)
except InputStreamError as err:
return None, "Unable to open file: %s" % err
parser = guessParser(stream)
if not parser:
return None, "Unable to parse file: %s" % filename
return parser, None
def createParser(filename, real_filename=None, tags=None):
"""
Create a parser from a file or returns None on error.
Options:
- filename (unicode): Input file name ;
- real_filename (str|unicode): Real file name.
"""
if not tags:
tags = []
stream = FileInputStream(filename, real_filename, tags=tags)
return guessParser(stream)
def main():
# Initialize
values, filename, output = parseOptions()
config.quiet = True
stream = FileInputStream(filename)
with stream:
subfile = SearchSubfile(stream, values.offset, values.size)
subfile.verbose = not (values.quiet)
subfile.debug = values.debug
if output:
subfile.setOutput(output)
if values.profiler:
from hachoir.core.profiler import runProfiler
ok = runProfiler(runSearch, (subfile, values))
else:
ok = runSearch(subfile, values)
exit(int(not ok))
import collections
import subprocess
from hachoir.stream import FileInputStream
from hachoir.parser import guessParser, archive
# 1. process the zip file and extract the data (a Deflate stream) for each file
parser = guessParser(FileInputStream("challenge.zip"))
# ignore stuff like zip central directory
files = [entry for entry in parser if type(entry) == archive.zip.FileEntry]
# compressed_data is the last field in the file entry, so index -1
streams = [list(file)[-1].value for file in files]
# 2. use infgen to decode the dynamic huffman tree in each stream
info = []
for stream in streams:
# https://github.com/madler/infgen
p = subprocess.run("./infgen", input=stream, capture_output=True)
info.append(p.stdout.decode())
# 3. copy the code given in the Deflate RFC to rebuild the huffman tree
trees = []
for file in info:
# ignore all the other infgen output
lines = [line for line in file.split("\n") if line.startswith("litlen")]
# litlen 10 7
# litlen 32 3
# litlen 33 12
# ...
# -> [(10, 7), (32, 3), (33, 12), ...]
litlens = [tuple(map(int, line.split()[1:])) for line in lines]