def test_rar_decryption_fail(self): z = RarFile(f("sflock_encrypted2.rar")) assert z.handles() is True assert not z.f.selected with pytest.raises(DecryptionFailedError) as e: z.unpack()
def test_norar_plain(): assert "RAR archive" in f("rar_plain.rar").magic t = RarFile(f("rar_plain.rar")) assert t.handles() is True with pytest.raises(UnpackException): t.unpack()
def test_garbage(self): t = RarFile(f("garbage.bin")) assert t.handles() is False assert not t.f.selected with pytest.raises(UnpackException) as e: t.unpack() assert e.value.state == Errors.NOTHING_EXTRACTED
def test_garbage2(self): t = RarFile(f("rar_garbage.rar")) assert t.handles() is True assert not t.f.selected files = t.unpack() assert len(files) == 1 assert not files[0].children assert files[0].mode == "failed"
def test_garbage2(self): t = RarFile(f(b"rar_garbage.rar")) assert t.handles() is True assert not t.f.selected files = t.unpack() assert len(files) == 1 assert not files[0].children assert files[0].mode == "failed"
def test_rar_encrypted(self): assert "RAR archive" in f("sflock_encrypted.rar").magic z = RarFile(f("sflock_encrypted.rar")) assert z.handles() is True files = list(z.unpack("infected")) assert len(files) == 1 assert files[0].filepath == "sflock.txt" assert files[0].contents == "sflock_encrypted_rar" assert files[0].password == "infected" assert "ASCII text" in files[0].magic assert files[0].parentdirs == []
def test_garbage2(self): t = RarFile(f("rar_garbage.rar")) assert t.handles() is True assert not t.f.selected files = t.unpack() # The child file is garbage data. It should not be attempted # to unpack. assert len(files) == 1 assert not files[0].children assert files[0].mode is None
def test_rar_encrypted(self): assert "RAR archive" in f("sflock_encrypted.rar").magic z = RarFile(f("sflock_encrypted.rar")) assert z.handles() is True assert not z.f.selected files = list(z.unpack()) assert len(files) == 1 assert files[0].relapath == "sflock.txt" assert files[0].contents == b"sflock_encrypted_rar" assert "ASCII text" in files[0].magic assert files[0].parentdirs == [] assert not files[0].selected
def test_plain(self): assert "RAR archive" in f("rar_plain.rar").magic t = RarFile(f("rar_plain.rar")) assert t.handles() is True assert not t.f.selected files = list(t.unpack()) assert len(files) == 1 assert files[0].relapath == "bar.txt" assert files[0].contents == "hello world\n" assert files[0].magic == "ASCII text" assert files[0].parentdirs == [] assert not files[0].selected
def test_nested2_plain(self): assert "RAR archive" in f(b"rar_nested2.rar").magic t = RarFile(f(b"rar_nested2.rar")) assert t.handles() is True assert not t.f.selected files = list(t.unpack()) assert len(files) == 1 assert files[0].relapath == b"deepfoo/foo/bar.txt" assert files[0].parentdirs == [b"deepfoo", b"foo"] assert files[0].contents == b"hello world\n" assert not files[0].password assert files[0].magic == "ASCII text" assert not files[0].selected
def test_nested2_plain(self): assert "RAR archive" in f("rar_nested2.rar").magic t = RarFile(f("rar_nested2.rar")) assert t.handles() is True files = list(t.unpack()) assert len(files) == 1 assert files[0].filepath == "deepfoo/foo/bar.txt" assert files[0].parentdirs == ["deepfoo", "foo"] assert files[0].contents == "hello world\n" assert not files[0].password assert files[0].magic == "ASCII text" s = f("rar_nested2.rar").get_signature() assert s is None
def test_plain(self): assert "RAR archive" in f("rar_plain.rar").magic t = RarFile(f("rar_plain.rar")) assert t.handles() is True files = list(t.unpack()) assert len(files) == 1 assert files[0].filepath == "bar.txt" assert files[0].contents == "hello world\n" assert files[0].magic == "ASCII text" assert files[0].parentdirs == [] # TODO A combination of file extension, file magic, and initial bytes # signature should be used instead of just the bytes (as this call # should not yield None). assert f("rar_plain.rar").get_signature() is None
def extract_archive(cls, f): logger.debug(f"Extracting {f.filename}") content = f.blob if f.password: # Sflock expects byte string pw = f.password.encode("utf-8") else: pw = None if f.extension == "zip": if "v5.1" in f.content_guess: # Unzip is not capable to process this version, 7z is required (Zip7File) archive_file = Zip7File( SflockFile(contents=content, password=pw)) else: archive_file = ZipFile( SflockFile(contents=content, password=pw)) elif f.extension == "rar": archive_file = RarFile(SflockFile(contents=content, password=pw)) elif f.extension == "tar": archive_file = TarFile(SflockFile(contents=content, password=pw)) else: # Fallback to zip archive_file = Zip7File(SflockFile(contents=content, password=pw)) files_in_zip = list(archive_file.unpack(password=pw, duplicates=[])) extracted_files = [] for zf in files_in_zip: h = HashFactory.get_hashstruct_from_bytes(zf.contents) cg = zf.magic fn = zf.filename.decode("utf-8") ext = fn.rsplit(".", 1)[-1] if "." in fn else "" f.extractions.append( Extraction(content_guess=cg, extension=ext, description=fn, hash=h)) file_struct = File( content_guess=cg, extension=ext, encoding='application/octet-stream', # alternative: "hex" filename=fn, hash=h, blob=zf.contents, timestamp=f.timestamp) extracted_files.append(file_struct) logger.info(f"Extracted {zf.filename}") f.is_enriched = True return f, extracted_files
def test_count_supported(): count = 15 if AceFile(None).supported(): count += 1 if CabFile(None).supported(): count += 1 if RarFile(None).supported(): count += 1 if Zip7File(None).supported(): count += 7 assert count == len(supported())
def test_count_supported(): count = 10 if DaaFile(None).supported(): count += 1 if VHDFile(None).supported(): count += 2 if AceFile(None).supported(): count += 1 if CabFile(None).supported(): count += 1 if RarFile(None).supported(): count += 1 if Zip7File(None).supported(): count += 5 assert count == len(supported())
def test_norar_plain(): assert "RAR archive" in f("rar_plain.rar").magic t = RarFile(f("rar_plain.rar")) assert t.handles() is True assert not t.f.selected
def test_garbage(self): t = RarFile(f("garbage.bin")) assert t.handles() is False with pytest.raises(UnpackException): t.unpack()
def test_norar_plain(): assert "RAR archive" in f(b"rar_plain.rar").magic t = RarFile(f(b"rar_plain.rar")) assert t.handles() is True assert not t.f.selected
def test_suffix(): assert "RAR archive" in f(b"rar_suffix.docx").magic t = RarFile(f(b"rar_suffix.docx")) assert t.handles() is True assert t.f.package == "rar"
def test_garbage(self): t = RarFile(f(b"garbage.bin")) assert t.handles() is False assert not t.f.selected assert not t.unpack() assert t.f.mode == "failed"
def test_garbage(self): t = RarFile(f("garbage.bin")) assert t.handles() is False assert not t.f.selected assert not t.unpack() assert t.f.mode == "failed"