def collect(self):
for root, dirs, files in os.walk(self.plugin_args.root):
for d in dirs + files:
full_path = os.path.join(root, d)
result = common.FileFactory(full_path, session=self.session)
if result:
yield (result.st_mode, result.st_size, result)
def collect(self):
for full_path in self.plugin_args.paths:
result = common.FileFactory(full_path, session=self.session)
if result:
yield dict(Perms=result.st_mode,
Size=result.st_size,
Path=result)
def collect(self):
for path in self.plugin_args.paths:
file_info = common.FileFactory(path)
if not file_info.st_mode.is_dir():
yield dict(Hashes=self.calculate_hashes(
self.plugin_args.hash, file_info),
Path=file_info)
def filter(self, path):
# For case insensitive filesystems we can just try to open the
# component.
if self.case_insensitive_filesystem():
result_pathspec = path.add(self.component)
stat = self.stat(result_pathspec)
if stat:
return [stat.filename]
else:
return []
# Since we must match a case insensitve filename we need to
# list all the files and find the best match.
stat = common.FileFactory(path)
if not stat:
return []
children = {}
for x in stat.list_names():
children.setdefault(x.lower(), []).append(x)
return [
stat.filename.add(x)
for x in children.get(self.component.lower(), [])
]
def stat(self, path):
key = unicode(path)
try:
return self.component_cache[key]
except KeyError:
stat = common.FileFactory(path)
self.component_cache.Put(key, stat)
return stat
def collect_globs(self, globs):
expanded_globs = []
for glob in globs:
expanded_globs.extend(self._interpolate_grouping(glob))
component_tree = {}
for glob in expanded_globs:
node = component_tree
for component in self.convert_glob_into_path_components(glob):
node = node.setdefault(component, {})
for path in self._filter(component_tree, self.plugin_args.root):
yield common.FileFactory(path, session=self.session)
def collect_globs(self, globs):
root_spec = common.FileSpec(
self.plugin_args.root,
filesystem=self.plugin_args.filesystem,
path_sep=self.plugin_args.path_sep)
expanded_globs = []
for glob in globs:
expanded_globs.extend(self._interpolate_grouping(glob))
component_tree = {}
for glob in expanded_globs:
node = component_tree
for component in self.convert_glob_into_path_components(glob):
node = node.setdefault(component, {})
root_file = common.FileFactory(root_spec, session=self.session)
for item in self._filter(component_tree, root_file):
yield item
def filter(self, file_info):
# For case insensitive filesystems we can just try to open the
# component.
if self.case_insensitive_filesystem():
result = common.FileFactory(
file_info.filename.add(self.component),
session=self.session)
if result:
return [result]
return []
key = self.component.lower()
try:
cache = self.component_cache.Get(file_info.filename.name)
except KeyError:
cache = self._build_cache(file_info)
return cache.get(key, [])
def collect(self):
count = 0
for path in self.plugin_args.paths:
file_info = common.FileFactory(path, session=self.session)
run = addrspace.Run(start=0,
end=file_info.st_size,
file_offset=0,
address_space=standard.FDAddressSpace(
session=self.session,
fhandle=file_info.open()))
for rule, address, _, _ in self.generate_hits(run):
count += 1
if count >= self.plugin_args.hits:
break
yield (file_info, rule, address,
utils.HexDumpedString(
run.address_space.read(
address - self.plugin_args.pre_context,
self.plugin_args.context +
self.plugin_args.pre_context)), None)
def collect_globs(self, globs):
component_tree = self.make_component_tree(globs)
root = common.FileSpec(self.plugin_args.root,
path_sep=self.plugin_args.path_sep)
for path in self._filter(component_tree, root):
yield common.FileFactory(path, session=self.session)
