def CiscoIOSImageFileScanner(filewildcard, options):
    if options.resume == None:
        filenames = GlobFilelist(filewildcard, options)
        countFilenames = len(filenames)
        counter = 1
        if options.log != None:
            f = open(options.log, 'w')
            f.close()
    else:
        fPickle = open(options.resume, 'rb')
        filenames, countFilenames, counter = pickle.load(fPickle)
        fPickle.close()
        print('Pickle file loaded')

    while len(filenames) > 0:
        filename = filenames[0]
        try:
            line = [str(counter), str(countFilenames), filename]
            image = naft_uf.File2Data(filename)
            if image == None:
                line.extend(['Error reading'])
            else:
                oIOSImage = naft_iipf.cIOSImage(image)
                if oIOSImage.oCWStrings != None and oIOSImage.oCWStrings.error == '':
                    line.extend([naft_uf.cn(vn(oIOSImage.oCWStrings.dCWStrings, 'CW_VERSION')), naft_uf.cn(vn(oIOSImage.oCWStrings.dCWStrings, 'CW_FAMILY'))])
                else:
                    line.extend([naft_uf.cn(None), naft_uf.cn(None)])
                line.extend([str(len(image)), '%.2f' % Entropy(image), str(oIOSImage.error), str(oIOSImage.oELF.error), str(oIOSImage.oELF.countSections), str(naft_uf.cn(oIOSImage.oELF.stringTableIndex)), naft_uf.cn(oIOSImage.checksumCompressed, '0x%08X'), str(oIOSImage.checksumCompressed != None and oIOSImage.checksumCompressed == oIOSImage.calculatedChecksumCompressed), naft_uf.cn(oIOSImage.checksumUncompressed, '0x%08X'), str(oIOSImage.checksumUncompressed != None and oIOSImage.checksumUncompressed == oIOSImage.calculatedChecksumUncompressed), naft_uf.cn(oIOSImage.imageUncompressedName), naft_uf.cn(oIOSImage.embeddedMD5)])
                if options.md5db:
                    md5hash = hashlib.md5(image).hexdigest()
                    filenameCSV, filenameDB = oMD5Database.Find(md5hash)
                    line.extend([md5hash, naft_uf.cn(filenameCSV), naft_uf.cn(filenameDB)])
            strLine = ';'.join(line)
            print(strLine)
            if options.log != None:
                f = open(options.log, 'a')
                f.write(strLine + '\n')
                f.close()
            counter += 1
            filenames = filenames[1:]
        except KeyboardInterrupt:
            print('KeyboardInterrupt')
            PickleData([filenames, countFilenames, counter])
            return
        except:
            traceback.print_exc()
            PickleData([filenames, countFilenames, counter])
            return
Exemple #2
0
 def Line(self):
     line = '%4d %s%-2s ' % (self.processID, self.Q_str, self.Ty_str)
     if self.PC == None:
         line += '???????? '
     else:
         line += '%08X ' % self.PC
     if self.Runtime == None:
         line += '       ? '
     else:
         line += '%8d ' % self.Runtime
     if self.Invoked == None:
         line += '       ? '
     else:
         line += '%8d ' % self.Invoked
     if self.Invoked == 0 or self.Invoked == None or self.Runtime == None:
         line += '      ?'
     else:
         line += '%7d' % (self.Runtime * 1000 / self.Invoked)
     if self.LowWaterMark == None:
         line += '    ?/'
     else:
         line += '%5d/' % self.LowWaterMark
     if self.Stack2 == None:
         line += '?     '
     else:
         line += '%-5d ' % self.Stack2
     if self.TTY == None:
         line += ' ? '
     else:
         line += '%2d ' % self.TTY
     line += naft_uf.cn(self.name)
     return line
 def Line(self):
     line = '%4d %s%-2s ' % (self.processID, self.Q_str, self.Ty_str)
     if self.PC == None:
         line += '???????? '
     else:
         line += '%08X ' % self.PC
     if self.Runtime == None:
         line += '       ? '
     else:
         line += '%8d ' % self.Runtime
     if self.Invoked == None:
         line += '       ? '
     else:
         line += '%8d ' % self.Invoked
     if self.Invoked == 0 or self.Invoked == None or self.Runtime == None:
         line += '      ?'
     else:
         line += '%7d' % (self.Runtime * 1000 / self.Invoked)
     if self.LowWaterMark == None:
         line += '    ?/'
     else:
         line += '%5d/' % self.LowWaterMark
     if self.Stack2 == None:
         line += '?     '
     else:
         line += '%-5d ' % self.Stack2
     if self.TTY == None:
         line += ' ? '
     else:
         line += '%2d ' % self.TTY
     line += naft_uf.cn(self.name)
     return line
Exemple #4
0
 def Line(self):
     line = "%4d %s%-2s " % (self.processID, self.Q_str, self.Ty_str)
     if self.PC == None:
         line += "???????? "
     else:
         line += "%08X " % self.PC
     if self.Runtime == None:
         line += "       ? "
     else:
         line += "%8d " % self.Runtime
     if self.Invoked == None:
         line += "       ? "
     else:
         line += "%8d " % self.Invoked
     if self.Invoked == 0 or self.Invoked == None or self.Runtime == None:
         line += "      ?"
     else:
         line += "%7d" % (self.Runtime * 1000 / self.Invoked)
     if self.LowWaterMark == None:
         line += "    ?/"
     else:
         line += "%5d/" % self.LowWaterMark
     if self.Stack2 == None:
         line += "?     "
     else:
         line += "%-5d " % self.Stack2
     if self.TTY == None:
         line += " ? "
     else:
         line += "%2d " % self.TTY
     line += naft_uf.cn(self.name)
     return line
    def Print(self):
        if self.oCWStrings != None and self.oCWStrings.error == '':
            for key in ['CW_VERSION', 'CW_FAMILY', 'CW_FEATURE', 'CW_IMAGE', 'CW_SYSDESCR']:
                if key in self.oCWStrings.dCWStrings:
                    print('%s:%s%s' % (key, ' ' * (22 - len(key)), self.oCWStrings.dCWStrings[key]))

        if self.oELF.error == 0:
            print('Entry point:           0x%08X' % self.oELF.addressEntry)
            print('Number of sections:    %d' % self.oELF.countSections)
            print('Embedded MD5:          %s' % naft_uf.cn(self.embeddedMD5))
#            print('Calculated MD5:        %s' % naft_uf.cn(self.calculatedMD5))
            print('Compressed size:       %s' % naft_uf.cn(self.sizeCompressed, '%d'))
            print('Checksum compressed:   %s' % naft_uf.cn(self.checksumCompressed, '0x%08X'))
            print('Calculated checksum:   %s (%s)' % (naft_uf.cn(self.calculatedChecksumCompressed, '0x%08X'), naft_uf.iif(self.checksumCompressed == self.calculatedChecksumCompressed, 'identical', 'DIFFERENT')))
            print('Uncompressed size:     %s' % naft_uf.cn(self.sizeUncompressed, '%d'))
            print('Image name:            %s' % naft_uf.cn(self.imageUncompressedName))
            print('Checksum uncompressed: %s' % naft_uf.cn(self.checksumUncompressed, '0x%08X'))
            print('Calculated checksum:   %s (%s)' % (naft_uf.cn(self.calculatedChecksumUncompressed, '0x%08X'), naft_uf.iif(self.checksumUncompressed == self.calculatedChecksumUncompressed, 'identical', 'DIFFERENT')))
Exemple #6
0
    def Print(self):
        if self.oCWStrings != None and self.oCWStrings.error == '':
            for key in [
                    'CW_VERSION', 'CW_FAMILY', 'CW_FEATURE', 'CW_IMAGE',
                    'CW_SYSDESCR'
            ]:
                if key in self.oCWStrings.dCWStrings:
                    print('%s:%s%s' %
                          (key, ' ' *
                           (22 - len(key)), self.oCWStrings.dCWStrings[key]))

        if self.oELF.error == 0:
            print('Entry point:           0x%08X' % self.oELF.addressEntry)
            print('Number of sections:    %d' % self.oELF.countSections)
            print('Embedded MD5:          %s' % naft_uf.cn(self.embeddedMD5))
            #            print('Calculated MD5:        %s' % naft_uf.cn(self.calculatedMD5))
            print('Compressed size:       %s' %
                  naft_uf.cn(self.sizeCompressed, '%d'))
            print('Checksum compressed:   %s' %
                  naft_uf.cn(self.checksumCompressed, '0x%08X'))
            print('Calculated checksum:   %s (%s)' %
                  (naft_uf.cn(self.calculatedChecksumCompressed, '0x%08X'),
                   naft_uf.iif(
                       self.checksumCompressed
                       == self.calculatedChecksumCompressed, 'identical',
                       'DIFFERENT')))
            print('Uncompressed size:     %s' %
                  naft_uf.cn(self.sizeUncompressed, '%d'))
            print('Image name:            %s' %
                  naft_uf.cn(self.imageUncompressedName))
            print('Checksum uncompressed: %s' %
                  naft_uf.cn(self.checksumUncompressed, '0x%08X'))
            print('Calculated checksum:   %s (%s)' %
                  (naft_uf.cn(self.calculatedChecksumUncompressed, '0x%08X'),
                   naft_uf.iif(
                       self.checksumUncompressed
                       == self.calculatedChecksumUncompressed, 'identical',
                       'DIFFERENT')))
Exemple #7
0
def CiscoIOSImageFileScanner(filewildcard, options):
    if options.resume == None:
        filenames = GlobFilelist(filewildcard, options)
        countFilenames = len(filenames)
        counter = 1
        if options.log != None:
            f = open(options.log, 'w')
            f.close()
    else:
        fPickle = open(options.resume, 'rb')
        filenames, countFilenames, counter = pickle.load(fPickle)
        fPickle.close()
        print('Pickle file loaded')

    while len(filenames) > 0:
        filename = filenames[0]
        try:
            line = [str(counter), str(countFilenames), filename]
            image = naft_uf.File2Data(filename)
            if image == None:
                line.extend(['Error reading'])
            else:
                oIOSImage = naft_iipf.cIOSImage(image)
                if oIOSImage.oCWStrings != None and oIOSImage.oCWStrings.error == '':
                    line.extend([
                        naft_uf.cn(
                            vn(oIOSImage.oCWStrings.dCWStrings, 'CW_VERSION')),
                        naft_uf.cn(
                            vn(oIOSImage.oCWStrings.dCWStrings, 'CW_FAMILY'))
                    ])
                else:
                    line.extend([naft_uf.cn(None), naft_uf.cn(None)])
                line.extend([
                    str(len(image)),
                    '%.2f' % Entropy(image),
                    str(oIOSImage.error),
                    str(oIOSImage.oELF.error),
                    str(oIOSImage.oELF.countSections),
                    str(naft_uf.cn(oIOSImage.oELF.stringTableIndex)),
                    naft_uf.cn(oIOSImage.checksumCompressed, '0x%08X'),
                    str(oIOSImage.checksumCompressed != None
                        and oIOSImage.checksumCompressed
                        == oIOSImage.calculatedChecksumCompressed),
                    naft_uf.cn(oIOSImage.checksumUncompressed, '0x%08X'),
                    str(oIOSImage.checksumUncompressed != None
                        and oIOSImage.checksumUncompressed
                        == oIOSImage.calculatedChecksumUncompressed),
                    naft_uf.cn(oIOSImage.imageUncompressedName),
                    naft_uf.cn(oIOSImage.embeddedMD5)
                ])
                if options.md5db:
                    md5hash = hashlib.md5(image).hexdigest()
                    filenameCSV, filenameDB = oMD5Database.Find(md5hash)
                    line.extend([
                        md5hash,
                        naft_uf.cn(filenameCSV),
                        naft_uf.cn(filenameDB)
                    ])
            strLine = ';'.join(line)
            print(strLine)
            if options.log != None:
                f = open(options.log, 'a')
                f.write(strLine + '\n')
                f.close()
            counter += 1
            filenames = filenames[1:]
        except KeyboardInterrupt:
            print('KeyboardInterrupt')
            PickleData([filenames, countFilenames, counter])
            return
        except:
            traceback.print_exc()
            PickleData([filenames, countFilenames, counter])
            return