Exemple #1
0
 def __action_argument_obj_from_dict(cls, action_argument_dict):
     action_argument_obj = core_binding.ActionArgumentType()
     for key, value in action_argument_dict.items():
         if key == 'defined_argument_name' and utils.test_value(value): action_argument_obj.set_defined_argument_name(value)
         elif key == 'undefined_argument_name' and utils.test_value(value): action_argument_obj.set_undefined_argument_name(value)
         elif key == 'argument_value' and utils.test_value(value): action_argument_obj.set_argument_value(value)
     return action_argument_obj
 def __implementation_object_from_dict(cls, implementation_dict):
     implementation_obj = bundle_binding.ActionImplementationType()
     for key, value in implementation_dict:
         if key == 'id' and utils.test_value(value) : implementation_obj.set_id(value)
         elif key == 'type' and utils.test_value(value): implementation_obj.set_type(value)
         elif key == 'compatible_platforms': pass #TODO 
         elif key == 'api_call': 
             implementation_obj.set_API_Call(cls.__api_call_object_from_dict(value))
         elif key == 'code' : pass
Exemple #3
0
 def object_from_dict(cls, port_dict):
     """Create the Port Object object representation from an input dictionary"""
     port_obj = port_binding.PortObjectType()
     port_obj.set_anyAttributes_({'xsi:type' : 'PortObj:PortObjectType'})
     for key, value in port_dict.items():
         if key == 'port_value' and utils.test_value(value):
             port_obj.set_Port_Value(Base_Object_Attribute.object_from_dict(common_types_binding.PositiveIntegerObjectAttributeType(datatype='PositiveInteger'),value))
         elif key == 'layer4_protocol' and utils.test_value(value):
             port_obj.set_Layer4_Protocol(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
     return port_obj
 def __registry_value_object_from_dict(cls, registry_value_dict):
     registry_value_obj = win_registry_key_binding.RegistryValueType()
     for key, value in registry_value_dict.items():
         if key == 'name' and utils.test_value(value):
             registry_value_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'data' and utils.test_value(value):
             registry_value_obj.set_Data(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'datatype' and utils.test_value(value):
             registry_value_obj.set_Datatype(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'byte_runs' : ByteRuns.object_from_dict(value)
     return registry_value_obj
    def object_from_dict(cls, win_event_dict):
        """Create the Win Event Object object representation from an input dictionary"""
        win_event_obj = win_event_binding.WindowsEventObjectType()
        win_event_obj.set_anyAttributes_({'xsi:type' : 'WinEventObj:WindowsEventObjectType'})
        
        for key, value in win_event_dict.items():
            if key == 'name' and utils.test_value(value): win_event_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
            elif key == 'handle' : win_event_obj.set_Handle(Win_Handle.object_from_dict(value))
            elif key == 'type' and utils.test_value(value) : win_event_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
 
        return win_event_obj    
Exemple #6
0
 def __action_relationship_obj_from_dict(cls, action_relationship_dict):
     action_relationship_obj = core_binding.ActionRelationshipType()
     for key, value in action_relationship_dict.items():
         if key == 'type' and utils.test_value(value) : action_relationship_obj.set_type(value)
         if key == 'action_references':
             for action_reference in action_references:
                 action_reference_obj = core_binding.ActionReferenceType()
                 for action_reference_key, action_reference_value in action_reference.items():
                     if action_reference_key == 'action_id' and utils.test_value(action_reference_value):
                         action_reference_obj.set_action_id(value)
                 action_relationship_obj.add_Action_Reference(action_reference_obj)
     return action_relationship_obj
Exemple #7
0
 def object_from_dict(cls, stream_dict):
     """Create the Stream Object object representation from an input dictionary"""
     stream_obj = win_file_binding.StreamObjectType()
     for key, value in stream_dict:
         if key == 'Hashes' : 
             for Hash_dict in value:
                 Hash_obj = Hash.object_from_dict(Hash_dict)
                 if Hash_obj.hasContent_() : stream_obj.add_Hash(Hash_obj)
         elif key == 'name' and utils.test_value(value):
             stream_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'size_in_bytes' and utils.test_value(value):
             stream_obj.set_Size_In_Bytes(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'),value))       
     return stream_obj
 def object_from_dict(cls, user_attributes):
     user_obj = win_user_binding.WindowsUserAccountObjectType()
     user_obj.set_anyAttributes_({'xsi:type' : 'WinUserAccountObj:WindowsUserAccountObjectType'})
     
     for key, value in user_attributes.items():
         if key == 'username' and utils.test_value(value)(value):
             user_obj.set_Username(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         if key == 'security_id' and utils.test_value(value)(value):
             user_obj.set_Security_ID(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         if key == 'security_type' and utils.test_value(value)(value):
             user_obj.set_Username(Base_Object_Attribute.object_from_dict(common_types_binding.SIDType(), value))
         
     return user_obj
Exemple #9
0
 def object_from_dict(cls, mutex_dict, mutex_obj = None):
     """Create the Mutex Object object representation from an input dictionary"""
     if mutex_obj == None:
         mutex_obj = mutex_binding.MutexObjectType()
         mutex_obj.set_anyAttributes_({'xsi:type' : 'MutexObj:MutexObjectType'})
     
     for key, value in mutex_dict.items():
         if key == 'name' and utils.test_value(value):
             mutex_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
             mutex_obj.set_named(True)
         elif key == 'named' and utils.test_value(value):
             mutex_obj.set_named(value)
     
     return mutex_obj
Exemple #10
0
    def object_from_dict(cls, pipe_dict, pipe_obj = None):
        """Create the Pipe Object object representation from an input dictionary"""
        if pipe_obj == None:
            pipe_obj = pipe_binding.PipeObjectType()
            pipe_obj.set_anyAttributes_({'xsi:type' : 'PipeObj:PipeObjectType'})
        
        for key, value in pipe_dict.items():
            if key == 'name' and utils.test_value(value):
                pipe_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
                pipe_obj.set_named(True)
            elif key == 'named' and utils.test_value(value):
                pipe_obj.set_named(value.get('value'))

        return pipe_obj
Exemple #11
0
 def object_from_dict(cls, digital_signature_dict):
     """Create the Digital Signature object representation from an input dictionary"""
     digital_signature_obj = common_types_binding.DigitalSignatureInfoType()
     for key, value in digital_signature_dict.items():
         if key == 'signature_exists' and utils.test_value(value):
             digital_signature_obj.set_signature_exists(value.get('value'))
         elif key == 'signature_verified' and utils.test_value(value):
             digital_signature_obj.set_signature_verified(value.get('value'))
         elif key == 'certificate_issuer' and utils.test_value(value):
             digital_signature_obj.set_Certificate_Issuer(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         elif key == 'certificate_subject' and utils.test_value(value):
             digital_signature_obj.set_Certificate_Subject(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         elif key == 'certificate_description' and utils.test_value(value):
             digital_signature_obj.set_Certificate_Description(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
     return digital_signature_obj
 def object_from_dict(cls, win_thread_dict):
     """Create the Windows Thread Object object representation from an input dictionary"""
     win_thread_obj = win_thread_binding.WindowsThreadObjectType()
     win_thread_obj.set_anyAttributes_({'xsi:type' : 'WinThreadObj:WindowsThreadObjectType'})
     
     for key, value in win_thread_dict.items():
         if key == 'thread_id' and utils.test_value(value):
             win_thread_obj.set_Thread_ID(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
         elif key == 'handle':
             win_thread_obj.set_Handle(Win_Handle.object_from_dict(value)) 
         elif key == 'running_status':
             win_thread_obj.set_Running_Status(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'context':
             win_thread_obj.set_Context(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'priority':
             win_thread_obj.set_Priority(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value))
         elif key == 'creation_flags':
             win_thread_obj.set_Creation_Flags(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value))
         elif key == 'creation_time':
             win_thread_obj.set_Creation_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value))
         elif key == 'start_address':
             win_thread_obj.set_Start_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value))
         elif key == 'parameter_address':
             win_thread_obj.set_Parameter_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value))
         elif key == 'security_attributes':
             win_thread_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'stack_size':
             win_thread_obj.set_Stack_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
     return win_thread_obj
 def object_from_dict(cls, share_attributes):
     share_obj = win_network_share_binding.WindowsNetworkShareObjectType()
     share_obj.set_anyAttributes_({'xsi:type' : 'WinNetworkShareObj:WindowsNetworkShareObjectType'})
     
     for key, value in share_attributes.items():
         if key == 'netname' and utils.test_value(value):
             share_obj.set_Netname(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         elif key == 'local_path' and utils.test_value(value):
             share_obj.set_Local_Path(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         elif key == 'type' and utils.test_value(value):
             share_obj.set_Type(win_network_share_binding.SharedResourceType(valueOf_=value))
         elif key == 'current_uses' and utils.test_value(value):
             share_obj.set_Current_Uses(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'), value))
         elif key == 'max_uses' and utils.test_value(value):
             share_obj.set_Max_Uses(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'), value))
         
     return share_obj
 def object_from_dict(cls, win_mailslot_dict):
     """Create the Win Mailslot Object object representation from an input dictionary"""
     win_mailslot_obj = win_mailslot_binding.WindowsMailslotObjectType()
     win_mailslot_obj.set_anyAttributes_({'xsi:type' : 'WinMailslotObj:WindowsMailslotObjectType'})
     
     for key, value in win_mailslot_dict.items():
         if key == 'name' and utils.test_value(value):
             win_mailslot_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'max_message_size' and utils.test_value(value):
             win_mailslot_obj.set_Max_Message_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
         elif key == 'read_timeout' and utils.test_value(value):
             win_mailslot_obj.set_Read_Timeout(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
         elif key == 'security_attributes' and utils.test_value(value):
             win_mailslot_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'handle':
             win_mailslot_obj.set_Handle(Win_Handle_List.object_from_list(value))
     
     return win_mailslot_obj
Exemple #15
0
 def object_from_dict(cls, win_mutex_dict):
     """Create the Win Mutex Object object representation from an input dictionary"""
     win_mutex_obj = Mutex.object_from_dict(win_mutex_attributes,win_mutex_binding.WindowsMutexObjectType())
     win_mutex_obj.set_anyAttributes_({'xsi:type' : 'WinMutexObj:WindowsMutexObjectType'})
     
     for key, value in win_mutex_dict.items():
         if key == 'handle' : win_mutex_obj.set_Handle(Win_Handle.object_from_dict(value))
         elif key == 'security_attributes' and utils.test_value(value):
             win_mutex_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
     
     return win_mutex_obj    
Exemple #16
0
 def object_from_dict(cls, measure_source_dict):
     """Create the MeasureSource object representation from an input dictionary"""
     measure_source_obj = common_types_binding.MeasureSourceType()
     for key, value in measure_source_dict.items():
         if key == 'class' and utils.test_value(value): measure_source_obj.set_class(value)
         elif key == 'source_type' and utils.test_value(value): measure_source_obj.set_source_type(value)
         elif key == 'tool_type' and utils.test_value(value): measure_source_obj.set_tool_type(value)
         elif key == 'information_source_type' and utils.test_value(value): measure_source_obj.set_information_source_type(value)
         elif key == 'name' and utils.test_value(value): measure_source_obj.set_name(value)
         elif key == 'description' : pass
         elif key == 'contributors' : 
             personnel_obj = Personnel.object_from_dict(value)
             if personnel_obj.hasContent_() : measure_source_obj.set_Contributors()
         elif key == 'time' : pass
         elif key == 'tools' : 
             tools_information_obj = Tool_Information_List.object_from_list(value)
             if tools_information_obj.hasContent_() : measure_source_obj.set_Tools(tools_information_obj)
         elif key == 'platform' : pass
         elif key == 'system' : pass
         elif key == 'instance' : pass
     return measure_source_obj
Exemple #17
0
    def object_from_dict(cls, win_file_dict, win_file_obj = None):
        """Create the Win File Object object representation from an input dictionary"""
        if win_file_obj == None:
            win_file_obj = File.object_from_dict(win_file_doct, win_file_binding.WindowsFileObjectType())
            win_file_obj.set_anyAttributes_({'xsi:type' : 'WinFileObj:WinFileObjectType'})
        
        for key, value in win_file_dict.items():
            if key == 'filename_accesssed_time' and utils.test_value(value): 
                win_file_obj.set_Filename_Accessed_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value))
            elif key == 'filename_created_time' and utils.test_value(value): 
                win_file_obj.set_Filename_Created_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value))
            elif key == 'filename_modified_time' and utils.test_value(value): 
                win_file_obj.set_Filename_Modified_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value))
            elif key == 'drive' and utils.test_value(value): 
                win_file_obj.set_Drive(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
            elif key == 'security_id' and utils.test_value(value): 
                win_file_obj.set_Security_ID(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
            elif key == 'security_type' and utils.test_value(value): 
                win_file_obj.set_Security_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
            elif key == 'stream_list':
                stream_list_obj = win_file_binding.StreamListType()
                for stream_dict in value:
                    stream_obj = Stream.object_from_dict(stream_dict)
                    if stream_obj.hasContent_() : stream_list_obj.add_Stream(stream_obj)
                if stream_list_obj.hasContent_() : win_file_obj.set_Stream_List(stream_list_obj)

        return win_file_obj
 def object_from_dict(cls, network_connection_attributes):
     """Create the Network Connection Object object representation from an input dictionary"""
     network_connection_obj = network_connection_binding.NetworkConnectionType()
     for key, value in network_connection_attributes.items():
         if key == "tls_used" and utils.test_value(value):
             network_connection_obj.set_tls_used(value.get("value"))
         elif key == "layer3_protocol" and utils.test_value(value):
             network_connection_obj.set_Layer3_Protocol(
                 Base_Object_Attribute.object_from_dict(
                     common_types_binding.StringObjectAttributeType(datatype="String"), value
                 )
             )
         elif key == "layer4_protocol" and utils.test_value(value):
             network_connection_obj.set_Layer4_Protocol(
                 Base_Object_Attribute.object_from_dict(
                     common_types_binding.StringObjectAttributeType(datatype="String"), value
                 )
             )
         elif key == "layer7_protocol" and utils.test_value(value):
             network_connection_obj.set_Layer7_Protocol(
                 Base_Object_Attribute.object_from_dict(
                     common_types_binding.StringObjectAttributeType(datatype="String"), value
                 )
             )
         elif key == "local_ip_address":
             network_connection_obj.set_Local_IP_Address(Address.object_from_dict(value))
         elif key == "local_port":
             network_connection_obj.set_Local_Port(Port.object_from_dict(value))
         elif key == "remote_ip_address":
             network_connection_obj.set_Remote_IP_Address(Address.object_from_dict(value))
         elif key == "remote_port":
             network_connection_obj.set_Local_Port(Port.object_from_dict(value))
         elif key == "layer7_connections":
             layer7_conn_object = network_connection_binding.Layer7ConnectionsType()
             if value.get("http_session") is not None:
                 layer7_conn_object.set_HTTP_Session(HTTP_Session.object_from_dict(value.get("http_session")))
             if layer7_conn_object.hasContent_():
                 network_connection_obj.set_Layer7_Connections(layer7_conn_object)
     return network_connection_obj
 def __pe_attributes_obj_from_dict(cls, pe_attributes_dict):
     pe_attributes_obj = win_executable_file_binding.PEAttributesType()
     for pe_attributes_key, pe_attributes_value in value.items():
         if pe_attributes_key == "base_address" and utils.test_value(pe_attributes_value):
             pe_attributes.set_Base_Address(
                 Base_Object_Attribute.object_from_dict(
                     common_types_binding.HexBinaryObjectAttributeType(datatype="hexBinary"), pe_attributes_value
                 )
             )
         elif pe_attributes_key == "exports":
             exports_obj = cls.__exports_obj_from_dict(value)
             if exports_obj.hasContent_():
                 pe_attributes.set_Exports(exports_obj)
     return pe_attributes_obj
    def object_from_dict(cls, win_executable_file_dict):
        """Create the Win Executable File Object object representation from an input dictionary"""
        win_executable_file_obj = Win_File.object_from_dict(
            win_executable_file_dict, win_executable_file_binding.WindowsExecutableFileObjectType()
        )
        win_executable_file_obj.set_anyAttributes_({"xsi:type": "WinExecutableFileObj:WindowsExecutableFileObjectType"})

        for key, value in win_executable_file_dict.items():
            if key == "peak_code_entropy":
                entropy_obj = win_executable_file_binding.EntropyType()
                for entropy_key, entropy_value in value.items():
                    if entropy_key == "value" and utils.test_value(entropy_value):
                        entropy_obj.set_Value(
                            Base_Object_Attribute.object_from_dict(
                                common_types_binding.FloatObjectAttributeType(datatype="Float"), entropy_value
                            )
                        )
                    elif entropy_key == "min" and utils.test_value(entropy_value):
                        entropy_obj.set_Min(
                            Base_Object_Attribute.object_from_dict(
                                common_types_binding.FloatObjectAttributeType(datatype="Float"), entropy_value
                            )
                        )
                    elif entropy_key == "max" and utils.test_value(entropy_value):
                        entropy_obj.set_Max(
                            Base_Object_Attribute.object_from_dict(
                                common_types_binding.FloatObjectAttributeType(datatype="Float"), entropy_value
                            )
                        )
                if entropy_obj.hasContent_():
                    win_executable_file_obj.set_Peak_Code_Entropy(entropy_obj)
            elif key == "pe_attributes":
                pe_attributes_obj = cls.__pe_attributes_obj_from_dict(value)
                if pe_attributes_obj.hasContent_():
                    win_executable_file_obj.set_PE_Attributes(pe_attributes_obj)

        return win_executable_file_obj
 def __exports_obj_from_dict(cls, exports_dict):
     exports_obj = win_executable_file_binding.PEExportsType()
     for key, value in exports_dict.items():
         if key == "exported_functions":
             exported_functions = win_executable_file_binding.PEExportedFunctionsType()
             for exported_function in value:
                 xported_function = win_executable_file_binding.PEExportedFunctionType()
                 for exported_function_key, exported_function_value in exported_function.items():
                     if exported_function_key == "function_name" and utils.test_value(exported_function_value):
                         xported_function.set_Function_Name(
                             Base_Object_Attribute.object_from_dict(
                                 common_types_binding.StringObjectAttributeType(datatype="String"),
                                 exported_function_value,
                             )
                         )
                     elif exported_function_key == "entry_point" and utils.test_value(exported_function_value):
                         xported_function.set_Entry_Point(
                             cBase_Object_Attribute.object_from_dict(
                                 ommon_types_binding.HexBinaryObjectAttributeType(datatype="hexBinary"),
                                 exported_function_value,
                             )
                         )
                     elif exported_function_key == "ordinal" and utils.test_value(exported_function_value):
                         xported_function.set_Ordinal(
                             Base_Object_Attribute.object_from_dict(
                                 common_types_binding.NonNegativeIntegerObjectAttributeType(
                                     datatype="NonNegativeInteger"
                                 ),
                                 exported_function_value,
                             )
                         )
                 if xported_function.hasContent_():
                     exported_functions.add_Exported_Function(xported_function)
             if exported_functions.hasContent_():
                 exports.set_Exported_Functions(exported_functions)
         elif key == "exports_time_stamp" and utils.test_value(value):
             exports.set_Exports_Time_stamp(
                 Base_Object_Attribute.object_from_dict(
                     common_types_binding.DateTimeObjectAttributeType(datatype="DateTime"), exported_function_value
                 )
             )
         elif key == "number_of_addresses" and utils.test_value(value):
             exports.set_Number_Of_Addresses(
                 Base_Object_Attribute.object_from_dict(
                     common_types_binding.LongObjectAttributeType(datatype="Long"), exported_function_value
                 )
             )
         elif key == "number_of_names" and utils.test_value(value):
             exports.set_Number_Of_Names(
                 Base_Object_Attribute.object_from_dict(
                     common_types_binding.LongObjectAttributeType(datatype="Long"), exported_function_value
                 )
             )
     return exports_obj
Exemple #22
0
 def object_from_dict(cls, library_attributes):
     """Create the Library Object object representation from an input dictionary"""
     libobject = library_binding.LibraryObjectType()
     libobject.set_anyAttributes_({'xsi:type' : 'LibraryObj:LibraryObjectType'})
     
     for key, value in library_attributes.items():
         if key == 'name' and utils.test_value(value): libobject.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'path' and utils.test_value(value): libobject.set_Path(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'size' and utils.test_value(value): libobject.set_Size(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'),value))
         elif key == 'version' and utils.test_value(value): libobject.set_Version(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'type' and utils.test_value(value): libobject.set_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))
         elif key == 'base_address' and utils.test_value(value): libobject.set_Base_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value))
     return libobject
 def __api_call_object_from_dict(cls, api_call_dict):
     api_call_obj = bundle_binding.APICallType()
     for key, value in api_call_dict:
         if key == 'function_name' and utils.test_value(value): api_call_obj.set_function_name(value)
         elif key == 'normalized_function_name' and utils.test_value(value): api_call_obj.set_normalized_function_name(value)
         elif key == 'address' and utils.test_value(value): api_call_obj.set_Address(value)
         elif key == 'return_value' and utils.test_value(value) : api_call_obj.set_Return_Value(value)
         elif key == 'parameters' :
             parameters_list = bundle_binding.ParametersListType()
             for paramater in value:
                 paramater_obj = bundle_binding.ParamaterType()
                 for paramater_key, parameter_value in parameter.items():
                     if parameter_key == 'ordinal_position' and utils.test_value(parameter_value) : parameter_obj.set_ordinal_position(parameter_value)
                     elif parameter_key == 'name' and utils.test_value(parameter_value) : parameter_obj.set_name(parameter_value)
                     elif parameter_key == 'value' and utils.test_value(parameter_value) : parameter_obj.set_value(parameter_value)
                 if parameter_obj.hasContent_() : parameters_list.add_Parameter(paramater_obj)
     return api_call_obj
Exemple #24
0
    def object_from_dict(cls, socket_dict):
        """Create the Socket Object object representation from an input dictionary"""
        socket_obj = socket_binding.socket_objectType()
        socket_obj.set_anyAttributes_({'xsi:type' : 'socket_obj:socket_objectType'})
        
        for key, value in socket_dict.items():
            if key == 'is_blocking' and utils.test_value(value):
                socket_obj.set_is_blocking(value.get('value'))
            elif key == 'is_listening' and utils.test_value(value):
                socket_obj.set_is_listening(value.get('value'))
            elif key == 'address_family' and utils.test_value(value):
                socket_obj.set_Address_Family(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
            elif key == 'domain' and utils.test_value(value):
                socket_obj.set_Domain(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
            elif key == 'local_address':
                socket_address_obj = socket_binding.SocketAddressType()
                for local_address_key, local_address_value in value.items():
                    if local_address_key == 'ip_address' :
                        ip_address_obj = Address.create_from_dict(local_address_value)
                        if ip_address_obj.hasContent_() : socket_address_obj.set_IP_Address(ip_address_obj)
                    elif local_address_key == 'port' :
                        port_obj = Port.create_from_dict(local_address_value)
                        if port_obj.hasContent_() : socket_address_obj.set_Port(port_obj)
                if socket_address_obj.hasContent_() : socket_obj.set_Local_Address(socket_address_obj)
            elif key == 'options':
                socket_options_obj = cls.__socket_options_object_from_dict(value)
                if socket_options_obj.hasContent_() : socket_obj.set_Options(socket_options_obj)
            elif key == 'protocol' and utils.test_value(value):
                socket_obj.set_Protocol(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
            elif key == 'remote_address' and utils.test_value(value):
                socket_address_obj = socket_binding.SocketAddressType()
                for remote_address_key, remote_address_value in value.items():
                    if remote_address_key == 'ip_address' :
                        ip_address_obj = Address.create_from_dict(remote_address_value)
                        if ip_address_obj.hasContent_() : socket_address_obj.set_IP_Address(ip_address_obj)
                    elif remote_address_key == 'port' :
                        port_obj = Port.create_from_dict(remote_address_value)
                        if port_obj.hasContent_() : socket_address_obj.set_Port(port_obj)
                if socket_address_obj.hasContent_() : socket_obj.set_Remote_Address(socket_address_obj)
            elif key == 'type' and utils.test_value(value):
                socket_obj.set_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))

        return socket_obj
 def object_from_dict(cls, win_kernel_hook_attributes):
     hookobject = win_kernel_hook_binding.WindowsKernelHookObjectType()
     hookobject.set_anyAttributes_({'xsi:type' : 'WinKernelHookObj:WindowsKernelHookObjectType'})
     
     for key, value in win_kernel_hook_attributes.items():
         if key == 'hooked_function' and utils.test_value(value):
             hookobject.set_Hooked_Function(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         if key == 'hooked_module_name' and utils.test_value(value):
             hookobject.set_Hooked_Module(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         if key == 'hooking_module_name' and utils.test_value(value):
             hookobject.set_Hooking_Module(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         elif key == 'description' and utils.test_value(value):
             hookobject.set_Hook_Description(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         elif key == 'address' and utils.test_value(value):
             hookobject.set_Hooking_Address(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value))
         elif key == 'type' and utils.test_value(value):
             hookobject.set_Type(win_kernel_hook_binding.KernelHookType(valueOf_=value))
         elif key == 'digital_signature_hooking' and utils.test_value(value):
             hookobject.set_Digital_Signature_Hooking(Digital_Signature.object_from_dict(value))
         elif key == 'digital_signature_hooked' and utils.test_value(value):
             hookobject.set_Digital_Signature_Hooked(Digital_Signature.object_from_dict(value))
     
     return hookobject
Exemple #26
0
    def object_from_dict(cls, memory_attributes):
        """Create the Memory Object object representation from an input dictionary"""
        mem_object = memory_binding.MemoryObjectType()
        mem_object.set_anyAttributes_({'xsi:type' : 'MemoryObj:MemoryObjectType'})
        for key,value in memory_attributes.items():
            if key == 'is_injected' and utils.test_value(value): mem_object.set_is_injected(value.get('value'))
            elif key == 'is_mapped' and utils.test_value(value): mem_object.set_is_mapped(value.get('value'))
            elif key == 'is_protected' and utils.test_value(value): mem_object.set_is_injected(value.get('value'))
            elif key == 'region_start_address' and utils.test_value(value):
                mem_object.set_Region_Start_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value))
            elif key == 'region_size' and utils.test_value(value):
                mem_object.set_Region_Size(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'),value))            
            elif key == 'name' and utils.test_value(value):
                mem_object.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))          
            elif key == 'hashes':
                mem_object.set_Hashes(HashList.object_from_dict(value))

        return mem_object
 def object_from_dict(cls, win_handle_dict):
     """Create the Win Handle Object object representation from an input dictionary"""
     win_handle_obj = win_handle_binding.WindowsHandleObjectType()
     win_handle_obj.set_anyAttributes_({'xsi:type' : 'WinHandleObj:WindowsHandleObjectType'})
     
     for key, value in win_handle_dict.items():
         if key == 'id' and utils.test_value(value):
             win_handle_obj.set_ID(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInt'), value))
         if key == 'name' and utils.test_value(value):
             win_handle_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         if key == 'type' and utils.test_value(value):
             win_handle_obj.set_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
         if key == 'object_address' and utils.test_value(value):
             win_handle_obj.set_Object_Address(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value))
         if key == 'access_mask' and utils.test_value(value):
             win_handle_obj.set_Access_Mask(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value))
         if key == 'pointer_count' and utils.test_value(value):
             win_handle_obj.set_Pointer_Count(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value))
             
     return win_handle_obj
Exemple #28
0
 def object_from_dict(cls, tool_information_dict):
     """Create the ToolInformation object representation from an input dictionary"""
     tool_information_obj = common_types_binding.ToolInformationType()
     for key, value in tool_information_dict.items():
         if key == 'id' and utils.test_value(value) : tool_information_obj.set_id(value)
         elif key == 'idref' and utils.test_value(value) : tool_information_obj.set_idref(value)
         elif key == 'description': pass
         elif key == 'vendor' and utils.test_value(value): tool_information_obj.set_Vendor(value)
         elif key == 'name' and utils.test_value(value): tool_information_obj.set_Name(value)  
         elif key == 'version' and utils.test_value(value): tool_information_obj.set_Version(value)
         elif key == 'service_pack' and utils.test_value(value): tool_information_obj.set_Service_Pack(value)
         elif key == 'tool-specific_data' : pass
         elif key == 'tool_hashes':
             hashes_obj = HashList.object_from_dict(value)
             if hashes_obj.hasContent_() : tool_information_obj.set_Tool_Hashes(hashes_obj)
         elif key == 'tool_configuration' : pass
         elif key == 'execution_environment' : pass
         elif key == 'errors' : pass
         elif key == 'metadata' : pass
     return tool_information_obj
Exemple #29
0
    def object_from_dict(cls, win_pipe_dict):
        """Create the Win Pipe Object object representation from an input dictionary"""
        win_pipe_obj = Pipe.object_from_dict(win_pipe_attributes, win_pipe_binding.WindowsPipeObjectType())
        win_pipe_obj.set_anyAttributes_({'xsi:type' : 'WinPipeObj:WindowsPipeObjectType'})
        
        for key, value in win_pipe_dict.items():
            if key == 'default_time_out' and utils.test_value(value):
                win_pipe_obj.set_Default_Time_Out(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
            elif key == 'handle':
                win_pipe_obj.set_Handle(Win_Handle.object_from_dict(value))
            elif key == 'in_buffer_size' and utils.test_value(value):
                win_pipe_obj.set_In_Buffer_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
            elif key == 'max_instances' and utils.test_value(value):
                win_pipe_obj.set_Max_Instances(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
            elif key == 'open_mode' and utils.test_value(value):
                win_pipe_obj.set_Open_Mode(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value))
            elif key == 'out_buffer_size' and utils.test_value(value):
                win_pipe_obj.set_Out_Buffer_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value))
            elif key == 'pipe_mode' and utils.test_value(value):
                win_pipe_obj.set_Pipe_Mode(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value))
            elif key == 'security_attributes' and utils.test_value(value):
                win_pipe_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value))

        return win_pipe_obj
    def object_from_dict(cls, registry_key_dict):
        """Create the Win Registry Key Object object representation from an input dictionary"""
        registry_key_obj = win_registry_key_binding.WindowsRegistryKeyObjectType()
        registry_key_obj.set_anyAttributes_({'xsi:type' : 'WinRegistryKeyObj:WindowsRegistryKeyObjectType'})
        registry_value = win_registry_key_binding.RegistryValueType()

        for key, value in registry_key_dict.items():
            if key == 'hive' and utils.test_value(value):
                registry_key_obj.set_Hive(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
            elif key == 'key' and utils.test_value(value):
                registry_key_obj.set_Key(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))
            elif key == 'number_values' and utils.test_value(value):
                registry_key_obj.set_Number_Values(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'), value))
            elif key == 'values' :
                registry_values_obj = win_registry_key_binding.RegistryValuesType()
                for registry_value_dict in value:
                    registry_value_obj = cls.__registry_value_object_from_dict(registry_value_dict)
                    if registry_value_obj.hasContent_() : registry_values_obj.add_Value(registry_value_obj)
                if registry_values_obj.hasContent_() : registry_key_obj.set_Values(registry_values_obj)
            elif key == 'modified_time' and utils.test_value(value):
                registry_key_obj.set_Modified_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'), value))
            elif key == 'creator_username' and utils.test_value(value):
                registry_key_obj.set_Creator_Username(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value))                
            elif key == 'handle_list':
                registry_key_obj.set_Handle_List(Win_Handle_List.object_from_dict(value))
            elif key == 'number_subkeys' and utils.test_value(value):
                registry_key_obj.set_Number_Subkeys(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'), value))                
            elif key == 'subkeys' :
                subkeys_obj = win_registry_key_binding.RegistrySubkeysType()
                for sub_registry_key_dict in value:
                    sub_registry_key_obj = cls.object_from_dict(sub_registry_key_dict)
                    if sub_registry_key_obj.hasContent_() : subkeys_obj.add_Subkey(sub_registry_key_obj)
                if subkeys_obj.hasContent_() : registry_key_obj.set_Subkeys(subkeys_obj)
            elif key == 'byte_runs' : 
                  registry_key_obj.set_Byte_Runs(ByteRuns.object_from_dict(value))
        return registry_key_obj