Ejemplo n.º 1
	def __init__(self, path, plist=None):

		#init path for bundle
		self.bundle = None

		#if its a directory (e.g. an app)
		# ->get binary (from info.plist)
		if os.path.isdir(path):

			#save bundle path
			self.bundle = path

			#get path
			self.path = utils.getBinaryFromBundle(path)


			#save path
			self.path = path

		#convert file path to utf-8 if needed
		if isinstance(self.path, unicode):

			self.path = self.path.encode('utf-8')

		#save plist
		# ->this will be set for launch daemons/agents
		self.plist = plist

		#compute/save name
		self.name = os.path.split(self.path)[1]

		#compute/save hash
		self.hash = utils.md5sum(self.path)

		#compute/save size
		self.size = os.path.getsize(self.path)

		#init whitelist info
		self.whitelistInfo = None

		#init signing authorities
		self.signingAuthorities = None

		#check if its whitelisted
		# ->hash is key for whitelist info
		if self.hash in whitelist.whitelistedFiles:

			#grab whitelist info
		 	self.whitelistInfo = whitelist.whitelistedFiles[self.hash]

		self.signatureStatus = utils.errSecCSUnsigned

		#check if signed and if so, by apple
		# note: sets class's signatureStatus and signingAuthorities iVars

Ejemplo n.º 2
    def scan(self):

        kexts = []

        utils.logMessage(utils.MODE_INFO, 'running scan')

        #init results dictionary
        results = self.initResults(KEXT_NAME, KEXT_DESCRIPTION)

        #get all files in kext directories
        for kextDir in KEXT_DIRECTORIES:

            utils.logMessage(utils.MODE_INFO, 'scanning %s' % kextDir)

            #get kexts
            kexts.extend(glob.glob(kextDir + '*'))

        # ->gets kext's binary, then create file object and add to results
        for kextBundle in kexts:

            #skip kext bundles that don't have kext's
            if not utils.getBinaryFromBundle(kextBundle):


            #create and append
            # ->pass bundle, since want to access info.plist, etc

        return results
Ejemplo n.º 3
	def scan(self):

		kexts = []

		utils.logMessage(utils.MODE_INFO, 'running scan')

		#init results dictionary
		results = self.initResults(KEXT_NAME, KEXT_DESCRIPTION)

		#get all files in kext directories
		for kextDir in KEXT_DIRECTORIES:

			utils.logMessage(utils.MODE_INFO, 'scanning %s' % kextDir)

			#get kexts
			kexts.extend(glob.glob(kextDir + '*'))

		# ->gets kext's binary, then create file object and add to results
		for kextBundle in kexts:

			#skip kext bundles that don't have kext's
			if not utils.getBinaryFromBundle(kextBundle):


			#create and append
			# ->pass bundle, since want to access info.plist, etc

		return results
Ejemplo n.º 4
	def scan(self):

		importers = []

		utils.logMessage(utils.MODE_INFO, 'running scan')

		#init results dictionary
		results = self.initResults(IMPORTER_NAME, IMPORTER_DESCRIPTION)

		#get all files in importer directories
		for importerDir in IMPORTERS_DIRECTORIES:

			utils.logMessage(utils.MODE_INFO, 'scanning %s' % importerDir)

			#get imports
			importers.extend(glob.glob(importerDir + '*'))

		# ->gets bundle's binary, then create file object and add to results
		for importerBundle in importers:

			#skip any non-bundles
			# ->just do a directory check
			if not os.path.isdir(importerBundle):


			#skip any invalid bundles
			if not utils.getBinaryFromBundle(importerBundle):


			#create and append
			# ->pass bundle, since want to access info.plist, etc

		return results
Ejemplo n.º 5
    def scan(self):

        #auth plugins
        authPlugins = []

        utils.logMessage(utils.MODE_INFO, 'running scan')

        #init results dictionary
        results = self.initResults(AUTH_PLUGIN_NAME, AUTH_PLUGIN_DESCRIPTION)

        #get all files in auth plugin directories
        for authPluginDir in AUTH_PLUGIN_DIRECTORIES:

            utils.logMessage(utils.MODE_INFO, 'scanning %s' % authPluginDir)

            #get auth plugins
            authPlugins.extend(glob.glob(authPluginDir + '*'))

        # ->gets bundle's binary, then create file object and add to results
        for authPlugin in authPlugins:

            #skip any non-bundles
            # ->just do a directory check
            if not os.path.isdir(authPlugin):


            #skip any invalid bundles
            if not utils.getBinaryFromBundle(authPlugin):


            #create and append
            # ->pass bundle, since want to access info.plist, etc

        return results
Ejemplo n.º 6
	def scan(self):

		#auth plugins
		authPlugins = []

		utils.logMessage(utils.MODE_INFO, 'running scan')

		#init results dictionary

		#get all files in auth plugin directories
		for authPluginDir in AUTH_PLUGIN_DIRECTORIES:

			utils.logMessage(utils.MODE_INFO, 'scanning %s' % authPluginDir)

			#get auth plugins
			authPlugins.extend(glob.glob(authPluginDir + '*'))

		# ->gets bundle's binary, then create file object and add to results
		for authPlugin in authPlugins:

			#skip any non-bundles
			# ->just do a directory check
			if not os.path.isdir(authPlugin):


			#skip any invalid bundles
			if not utils.getBinaryFromBundle(authPlugin):


			#create and append
			# ->pass bundle, since want to access info.plist, etc

		return results
Ejemplo n.º 7
    def __init__(self, path, plist=None, parent=None):

        #init path for bundle
        self.bundle = None

        #if its a directory (e.g. an app bundle)
        # ->get binary (from app's Info.plist)
        if os.path.isdir(path):

            #save bundle path
            self.bundle = path

            #get path
            self.path = utils.getBinaryFromBundle(path)

            #if binary could not be found
            # ->default to 'unknown'
            if not self.path:

                #just set to something...
                self.path = '<unknown>'

        #path is to file
        # ->just save into class var

            self.path = path

        #convert file path to utf-8 if needed
        if isinstance(self.path, unicode):

            self.path = self.path.encode('utf-8')

        #save plist
        # ->this will be set for launch daemons/agents, inserted dylibs, etc
        self.plist = plist

        #compute/save name
        self.name = os.path.split(self.path)[1]

        #compute/save hash
        self.hash = utils.md5sum(self.path)

        #init whitelist flag
        self.isWhitelisted = False

        #check if its whitelisted
        # ->path is key
        if self.path in whitelist.whitelistedFiles:

            #check if hash is in white list
            self.isWhitelisted = (self.hash
                                  in whitelist.whitelistedFiles[self.path])

        self.signatureStatus = None

        #init signing authorities
        self.signingAuthorities = None

        #check if signed and if so, by apple
        # note: sets class's signatureStatus and signingAuthorities iVars

Ejemplo n.º 8
	def __init__(self, path, plist=None, parent=None):

		#init path for bundle
		self.bundle = None

		#if its a directory (e.g. an app bundle)
		# ->get binary (from app's Info.plist)
		if os.path.isdir(path):

			#save bundle path
			self.bundle = path

			#get path
			self.path = utils.getBinaryFromBundle(path)

			#if binary could not be found
			# ->default to 'unknown'
			if not self.path:

				#just set to something...
				self.path = '<unknown>'

		#path is to file
		# ->just save into class var

			self.path = path

		#convert file path to utf-8 if needed
		if isinstance(self.path, unicode):

			self.path = self.path.encode('utf-8')

		#save plist
		# ->this will be set for launch daemons/agents, inserted dylibs, etc
		self.plist = plist

		#compute/save name
		self.name = os.path.split(self.path)[1]

		#compute/save hash
		self.hash = utils.md5sum(self.path)

		#compute/save size
		self.size = os.path.getsize(self.path)

		#init whitelist flag
		self.isWhitelisted = False

		#init signing authorities
		self.signingAuthorities = None

		#check if its whitelisted
		# ->path is key
		if self.path in whitelist.whitelistedFiles:

			#check if hash is in white list
		 	self.isWhitelisted = (self.hash in whitelist.whitelistedFiles[self.path])

		self.signatureStatus = utils.errSecCSUnsigned

		#check if signed and if so, by apple
		# note: sets class's signatureStatus and signingAuthorities iVars
