def from_obj(file_obj, file_class=None):
if not file_obj:
return None
if not file_class:
file_ = File()
else:
file_ = file_class
ObjectProperties.from_obj(file_obj, file_)
file_.is_packed = file_obj.get_is_packed()
file_.file_name = String.from_obj(file_obj.get_File_Name())
file_.file_path = FilePath.from_obj(file_obj.get_File_Path())
file_.device_path = String.from_obj(file_obj.get_Device_Path())
file_.full_path = String.from_obj(file_obj.get_Full_Path())
file_.file_extension = String.from_obj(file_obj.get_File_Extension())
file_.size_in_bytes = UnsignedLong.from_obj(file_obj.get_Size_In_Bytes())
file_.magic_number = HexBinary.from_obj(file_obj.get_Magic_Number())
file_.file_format = String.from_obj(file_obj.get_File_Format())
file_.hashes = HashList.from_obj(file_obj.get_Hashes())
file_.extracted_features = ExtractedFeatures.from_obj(file_obj.get_Extracted_Features())
#TODO: why are there two Strings and one DateTime here?
file_.modified_time = String.from_obj(file_obj.get_Modified_Time())
file_.accessed_time = String.from_obj(file_obj.get_Accessed_Time())
file_.created_time = DateTime.from_obj(file_obj.get_Created_Time())
return file_
def from_obj(process_obj, process_cls = None):
if not process_obj:
return None
if process_cls == None:
process_ = Process()
else:
process_ = process_cls
ObjectProperties.from_obj(process_obj, process_)
process_.is_hidden = process_obj.get_is_hidden()
process_.pid = UnsignedInteger.from_obj(process_obj.get_PID())
process_.name = String.from_obj(process_obj.get_Name())
process_.creation_time = DateTime.from_obj(process_obj.get_Creation_Time())
process_.parent_pid = UnsignedInteger.from_obj(process_obj.get_Parent_PID())
process_.image_info = ImageInfo.from_obj(process_obj.get_Image_Info())
process_.environment_variable_list = EnvironmentVariableList.from_obj(process_obj.get_Environment_Variable_List())
process_.kernel_time = Duration.from_obj(process_obj.get_Kernel_Time())
process_.start_time = DateTime.from_obj(process_obj.get_Start_Time())
process_.username = String.from_obj(process_obj.get_Username())
process_.user_time = Duration.from_obj(process_obj.get_User_Time())
process_.extracted_features = None
if process_obj.get_Argument_List() is not None : process_.argument_list = [String.from_obj(x) for x in process_obj.get_Argument_List().get_Argument()]
if process_obj.get_Child_PID_List() is not None : process_.child_pid_list = [UnsignedInteger.from_obj(x) for x in process_obj.get_Child_PID_List().get_Child_PID()]
if process_obj.get_Port_List() is not None : process_.port_list = [Port.from_obj(x) for x in process_obj.get_Port_List().get_Port()]
if process_obj.get_Network_Connection_List() is not None : process_.network_connection_list = [NetworkConnection.from_obj(x) for x in process_obj.get_Network_Connection_List().get_Network_Connection()]
return process_
def from_obj(port_obj):
if not port_obj:
return None
port = Port()
ObjectProperties.from_obj(port_obj, port)
port.port_value = PositiveInteger.from_obj(port_obj.get_Port_Value())
port.layer4_protocol = String.from_obj(port_obj.get_Layer4_Protocol())
return port
def from_obj(uri_obj):
if not uri_obj:
return None
uri = URI()
ObjectProperties.from_obj(uri_obj, uri)
uri.type_ = uri_obj.get_type()
uri.value = AnyURI.from_obj(uri_obj.get_Value())
return uri
def from_obj(addr_object):
if not addr_object:
return None
addr = Address()
ObjectProperties.from_obj(addr_object, addr)
addr.address_value = String.from_obj(addr_object.get_Address_Value())
addr.category = addr_object.get_category()
addr.is_destination = addr_object.get_is_destination()
addr.is_source = addr_object.get_is_source()
addr.vlan_name = String.from_obj(addr_object.get_VLAN_Name())
addr.vlan_num = Integer.from_obj(addr_object.get_VLAN_Num())
return addr
def from_obj(object_obj, obj_class=None):
if not object_obj:
return None
if obj_class == None:
obj = Object()
else:
obj = obj_class
obj.id_ = object_obj.get_id()
obj.idref = object_obj.get_idref()
obj.properties = ObjectProperties.from_obj(object_obj.get_Properties())
obj.domain_specific_object_properties = DomainSpecificObjectProperties.from_obj(
object_obj.get_Domain_Specific_Object_Properties())
rel_objs = object_obj.get_Related_Objects()
if rel_objs:
obj.related_objects = [
RelatedObject.from_obj(x)
for x in rel_objs.get_Related_Object()
]
if obj.id_:
cybox.utils.cache_put(obj)
return obj
def from_obj(measure_source_obj):
if not measure_source_obj:
return None
measure_source_ = MeasureSource()
measure_source_.class_ = measure_source_obj.get_class()
measure_source_.source_type = measure_source_obj.get_source_type()
measure_source_.name = measure_source_obj.get_name()
measure_source_.information_source_type = VocabString.from_obj(measure_source_obj.get_Information_Source_Type())
measure_source_.tool_type = VocabString.from_obj(measure_source_obj.get_Tool_Type())
measure_source_.description = StructuredText.from_obj(measure_source_obj.get_Description())
measure_source_.contributors = Personnel.from_obj(measure_source_obj.get_Contributors())
measure_source_.time = Time.from_obj(measure_source_obj.get_Time())
measure_source_.tools = ToolInformationList.from_obj(measure_source_obj.get_Tools())
measure_source_.platform = None #TODO: add support
measure_source_.system = ObjectProperties.from_obj(measure_source_obj.get_System())
measure_source_.instance = ObjectProperties.from_obj(measure_source_obj.get_Instance())
return measure_source_
def from_obj(artifact_obj):
if not artifact_obj:
return None
artifact = Artifact()
ObjectProperties.from_obj(artifact_obj, artifact)
packaging = artifact_obj.get_Packaging()
if packaging:
for c in packaging.get_Compression():
artifact.packaging.append(Compression.from_obj(c))
for e in packaging.get_Encryption():
artifact.packaging.append(Encryption.from_obj(e))
for e in packaging.get_Encoding():
artifact.packaging.append(Encoding.from_obj(e))
raw_artifact = artifact_obj.get_Raw_Artifact()
if raw_artifact:
artifact.packed_data = RawArtifact.from_obj(raw_artifact).value
return artifact
def from_obj(artifact_obj):
if not artifact_obj:
return None
artifact = Artifact()
ObjectProperties.from_obj(artifact_obj, artifact)
packaging = artifact_obj.get_Packaging()
if packaging:
for c in packaging.get_Compression():
artifact.packaging.append(Compression.from_obj(c))
for e in packaging.get_Encryption():
artifact.packaging.append(Encryption.from_obj(e))
for e in packaging.get_Encoding():
artifact.packaging.append(Encoding.from_obj(e))
raw_artifact = artifact_obj.get_Raw_Artifact()
if raw_artifact:
artifact.packed_data = RawArtifact.from_obj(raw_artifact).value
return artifact
def from_obj(artifact_obj):
if not artifact_obj:
return None
artifact = Artifact()
ObjectProperties.from_obj(artifact_obj, artifact)
packaging = artifact_obj.Packaging
if packaging:
for c in packaging.Compression:
artifact.packaging.append(Compression.from_obj(c))
for e in packaging.Encryption:
artifact.packaging.append(Encryption.from_obj(e))
for e in packaging.Encoding:
artifact.packaging.append(Encoding.from_obj(e))
raw_artifact = artifact_obj.Raw_Artifact
if raw_artifact:
artifact.packed_data = RawArtifact.from_obj(raw_artifact).value
artifact.type_ = artifact_obj.type_
return artifact
def from_obj(artifact_obj):
if not artifact_obj:
return None
artifact = Artifact()
ObjectProperties.from_obj(artifact_obj, artifact)
packaging = artifact_obj.Packaging
if packaging:
for c in packaging.Compression:
artifact.packaging.append(Compression.from_obj(c))
for e in packaging.Encryption:
artifact.packaging.append(Encryption.from_obj(e))
for e in packaging.Encoding:
artifact.packaging.append(Encoding.from_obj(e))
raw_artifact = artifact_obj.Raw_Artifact
if raw_artifact:
artifact.packed_data = RawArtifact.from_obj(raw_artifact).value
artifact.type_ = artifact_obj.type_
return artifact
def from_obj(whois_obj):
if not whois_obj:
return None
whois = WhoisEntry()
ObjectProperties.from_obj(whois_obj, whois)
whois.domain_name = URI.from_obj(whois_obj.get_Domain_Name())
whois.domain_id = String.from_obj(whois_obj.get_Domain_ID())
whois.server_name = URI.from_obj(whois_obj.get_Server_Name())
whois.ip_address = Address.from_obj(whois_obj.get_IP_Address())
whois.dnssec = whois_obj.get_DNSSEC()
whois.nameservers = WhoisNameservers.from_obj(whois_obj.get_Nameservers())
whois.status = WhoisStatuses.from_obj(whois_obj.get_Status())
whois.updated_date = DateTime.from_obj(whois_obj.get_Updated_Date())
whois.creation_date = DateTime.from_obj(whois_obj.get_Creation_Date())
whois.expiration_date = DateTime.from_obj(whois_obj.get_Expiration_Date())
whois.regional_internet_registry = String.from_obj(whois_obj.get_Regional_Internet_Registry())
whois.sponsoring_registrar = String.from_obj(whois_obj.get_Sponsoring_Registrar())
whois.registrar_info = WhoisRegistrar.from_obj(whois_obj.get_Registrar_Info())
whois.registrants = WhoisRegistrants.from_obj(whois_obj.get_Registrants())
whois.contact_info = WhoisContact.from_obj(whois_obj.get_Contact_Info())
return whois
def from_obj(object_obj, obj=None):
if not object_obj:
return None
if not obj:
obj = Object()
obj.id_ = object_obj.id
obj.idref = object_obj.idref
obj.properties = ObjectProperties.from_obj(object_obj.Properties)
obj.domain_specific_object_properties = DomainSpecificObjectProperties.from_obj(object_obj.Domain_Specific_Object_Properties)
rel_objs = object_obj.Related_Objects
if rel_objs:
obj.related_objects = [RelatedObject.from_obj(x) for x in
rel_objs.Related_Object]
if obj.id_:
cybox.utils.cache_put(obj)
return obj
def from_obj(object_obj, obj=None):
if not object_obj:
return None
if not obj:
obj = Object()
obj.id_ = object_obj.id
obj.idref = object_obj.idref
obj.properties = ObjectProperties.from_obj(object_obj.Properties)
obj.domain_specific_object_properties = DomainSpecificObjectProperties.from_obj(object_obj.Domain_Specific_Object_Properties)
rel_objs = object_obj.Related_Objects
if rel_objs:
obj.related_objects = [RelatedObject.from_obj(x) for x in
rel_objs.Related_Object]
if obj.id_:
cybox.utils.cache_put(obj)
return obj
def from_obj(object_obj, obj_class=None):
if not object_obj:
return None
if obj_class == None:
obj = Object()
else:
obj = obj_class
obj.id_ = object_obj.get_id()
obj.idref = object_obj.get_idref()
obj.properties = ObjectProperties.from_obj(object_obj.get_Properties())
obj.domain_specific_object_properties = DomainSpecificObjectProperties.from_obj(object_obj.get_Domain_Specific_Object_Properties())
rel_objs = object_obj.get_Related_Objects()
if rel_objs:
obj.related_objects = [RelatedObject.from_obj(x) for x in
rel_objs.get_Related_Object()]
if obj.id_:
cybox.utils.cache_put(obj)
return obj