def test_temporary_file(self): a = Archive("tests/files/pdf0.zip") f = a.get_file("files/pdf0.pdf") filepath = f.file_path assert f.get_size() == 680 assert os.path.exists(filepath) del f assert not os.path.exists(filepath)
def run(self): """Run analysis. @return: results dict. """ self.key = "static" static = {} if self.task["category"] == "file": if not os.path.exists(self.file_path): return f = File(self.file_path) filename = os.path.basename(self.task["target"]) elif self.task["category"] == "archive": if not os.path.exists(self.file_path): return f = Archive(self.file_path).get_file( self.task["options"]["filename"] ) filename = os.path.basename(self.task["options"]["filename"]) else: return if filename: ext = filename.split(os.path.extsep)[-1].lower() else: ext = None package = self.task.get("package") if package == "generic" and (ext == "elf" or "ELF" in f.get_type()): static["elf"] = ELF(f.file_path).run() static["keys"] = f.get_keys() if package == "exe" or ext == "exe" or "PE32" in f.get_type(): static.update(PortableExecutable(f.file_path).run()) static["keys"] = f.get_keys() if package == "wsf" or ext == "wsf": static["wsf"] = WindowsScriptFile(f.file_path).run() if package in ("doc", "ppt", "xls") or ext in self.office_ext: static["office"] = OfficeDocument(f.file_path, self.task["id"]).run() if package == "pdf" or ext == "pdf": if f.get_content_type() == "application/pdf": static["pdf"] = dispatch( _pdf_worker, (f.file_path,), timeout=self.options.pdf_timeout ) or [] else: static["pdf"] = [] if package == "generic" or ext == "lnk": static["lnk"] = LnkShortcut(f.file_path).run() return static
def run(self): """Run file information gathering. @return: information dict. """ self.key = "target" ret = { "category": self.task["category"], } # We have to deal with file, archive, and URL targets. if self.task["category"] == "file": ret["file"] = {} # Let's try to get as much information as possible, i.e., the # filename if the file is not available anymore. if os.path.exists(self.file_path): ret["file"] = File(self.file_path).get_all() else: ret["file"]["path"] = None ret["file"]["yara"] = [] ret["file"]["name"] = File(self.task["target"]).get_name() elif self.task["category"] == "archive": ret["filename"] = self.task["options"]["filename"] if os.path.exists(self.file_path): ret["archive"] = File(self.file_path).get_all() a = Archive(self.file_path) ret["file"] = a.get_file(ret["filename"]).get_all() else: ret["archive"] = {} ret["file"] = {} ret["archive"]["name"] = File(self.task["target"]).get_name() ret["human"] = "%s @ %s" % ( ret["filename"], ret["archive"]["name"] ) ret["file"]["name"] = os.path.basename(ret["filename"]) elif self.task["category"] == "url": ret["url"] = self.task["target"] return ret
def run(self): """Run file information gathering. @return: information dict. """ self.key = "target" ret = { "category": self.task["category"], } # We have to deal with file, archive, and URL targets. if self.task["category"] == "file": ret["file"] = {} # Let's try to get as much information as possible, i.e., the # filename if the file is not available anymore. if os.path.exists(self.file_path): ret["file"] = File(self.file_path).get_all() else: ret["file"]["path"] = None ret["file"]["yara"] = [] ret["file"]["name"] = File(self.task["target"]).get_name() elif self.task["category"] == "archive": ret["filename"] = self.task["options"]["filename"] if os.path.exists(self.file_path): ret["archive"] = File(self.file_path).get_all() a = Archive(self.file_path) ret["file"] = a.get_file(ret["filename"]).get_all() else: ret["archive"] = {} ret["file"] = {} ret["archive"]["name"] = File(self.task["target"]).get_name() ret["human"] = "%s @ %s" % (ret["filename"], ret["archive"]["name"]) ret["file"]["name"] = os.path.basename(ret["filename"]) elif self.task["category"] == "url": ret["url"] = self.task["target"] return ret
def test_get_file(self): a = Archive("tests/files/pdf0.zip") assert a.get_file("files/pdf0.pdf").get_size() == 680