def test_miss_meta(self):
"""
Test parser if no metadata is set
"""
event = Container()
event.extended_data = ListContainer([])
event.user_data = b''
self.assertRaises(TlMetaDataNotFound, build_tracelogging, event)
def _encode(self, obj, context, path):
l = []
for key in obj:
if key in self.lump:
l += obj[key]
else:
l.append(obj[key])
return ListContainer(l)
def as_bytes(self):
return _constructs.CertificateURL.build(
Container(type=self.type,
url_and_hash_list=ListContainer(
Container(
length=len(url_and_hash.url),
url=url_and_hash.url,
padding=url_and_hash.padding,
sha1_hash=url_and_hash.sha1_hash,
) for url_and_hash in self.url_and_hash_list)))
def _parse(self, stream, context, path):
obj = ListContainer()
try:
while True:
obj.append(self.subcon._parse(stream, context, path))
except (StopFieldError, StreamError):
pass
except Exception:
raise
return obj
def test_invalid_tag(self):
"""
Test parser if have metadata with wrong flag
"""
event = Container()
meta = Container()
meta.ext_type = 11 # wrong flag
meta.data_item = b'\x10\x00\x00Test\x00Engine\x00\x1f' #not existing tag
event.extended_data = ListContainer([meta])
event.user_data = b''
self.assertRaises(TlUnhandledTag, build_tracelogging, event)
def _decode(self, obj, context, path):
d = OrderedDict()
for l in self.lump:
d[l] = ListContainer([])
for item in obj:
if item[self.key] in self.lump:
d[item[self.key]].append(item)
else:
d[item[self.key]] = item
return Container(d)
def test_wrong_meta(self):
"""
Test parser if have metadata with wrong flag
"""
event = Container()
meta = Container()
meta.ext_type = 12 # wrong flag
meta.data_item = b''
event.extended_data = ListContainer([meta])
event.user_data = b''
self.assertRaises(TlMetaDataNotFound, build_tracelogging, event)
def _parse(self, stream, context, path):
discard = self.discard
obj = ListContainer()
try:
for i in itertools.count():
context._index = i
e = self.subcon._parsereport(stream, context, path)
if not discard:
obj.append(e)
except StreamError:
pass
return obj
def test_construct_free():
a = Container(a=Container(test="this", _io="beer2"), _io="beer")
r = construct_free(a)
assert isinstance(r, dict)
assert isinstance(r["a"], dict)
a = Container(a=ListContainer([Container(test="this", _io="beer2")]), _io="beer")
r = construct_free(a)
assert isinstance(r, dict)
assert isinstance(r["a"], list)
def test_array_uint16(self):
"""
Test the deserialization of an array UINT16 element
"""
event = Container()
meta = Container()
meta.ext_type = 11
meta.data_item = b'\x10\x00\x00Test\x00Engine\x00\x26'
event.extended_data = ListContainer([meta])
event.user_data = b'\x10\x00' + b'\x00' * 32
tl = build_tracelogging(event)
self.assertEqual(tl.get_name(), "Test", "Invalid Name")
self.assertEqual(tl["Engine"], [0] * 16)
def _parse(self, stream, context, path):
bins_ = context.BinaryTypeEnums
d = {
BinaryTypeEnumeration.PrimitiveArray: PrimitiveTypeEnumeration,
BinaryTypeEnumeration.Primitive: PrimitiveTypeEnumeration,
BinaryTypeEnumeration.Class: ClassTypeInfo,
BinaryTypeEnumeration.SystemClass: LengthPrefixedString
}
ret = []
for b in bins_:
p = d.get(b, None)
if p is None: continue
ret.append(p._parse(stream, context, path))
return ListContainer(ret)
def as_bytes(self):
return _constructs.CertificateRequest.build(
Container(
certificate_types=Container(
length=len(self.certificate_types),
certificate_types=[
cert_type.value for cert_type in self.certificate_types
]),
supported_signature_algorithms=ListContainer(
Container(hash=algorithm.hash,
signature=algorithm.signature)
for algorithm in self.supported_signature_algorithms),
certificate_authorities=Container(
length=len(self.certificate_authorities),
certificate_authorities=self.certificate_authorities)))
def save_to_packet(self):
lc = ListContainer()
for item in chain(*self.metalist):
if item is None:
lc.append(Container(primary=-1))
else:
lc.append(
Container(primary=item.primary,
secondary=item.secondary,
count=item.quantity))
packet = make_packet("inventory",
wid=self.wid,
length=len(lc),
items=lc)
return packet
def test_tracelogging_guid(self):
"""
Test a trace named Test and log GUI
"""
event = Container()
meta = Container()
meta.ext_type = 11
meta.data_item = b'\x10\x00\x00Test\x00Engine\x00\x0F'
event.extended_data = ListContainer([meta])
event.user_data = b'\x00' * 16
tl = build_tracelogging(event)
self.assertEqual(tl.get_name(), "Test", "Invalid Name")
parsed_guid = tl["Engine"]
self.assertEqual(
Guid(parsed_guid.data1, parsed_guid.data2, parsed_guid.data3,
parsed_guid.data4),
guid("00000000-0000-0000-0000-000000000000"), "Invalid GUID")
def save_to_packet(self):
lc = ListContainer()
for item in chain(self.crafted, self.crafting, self.armor,
self.storage, self.holdables):
if item is None:
lc.append(Container(primary=-1))
else:
lc.append(
Container(primary=item.primary,
secondary=item.secondary,
count=item.quantity))
packet = make_packet("inventory",
name=self.identifier,
length=len(lc),
items=lc)
return packet
def _encode(self, obj, context, path):
if not isinstance(obj, dict):
raise TypeError("dict should be passed for decoding")
n_obj = ListContainer()
count = self.subcon.count # Array count
for k in range(self._first_index, self._first_index + count):
o = {"_index": k}
v = obj.get(k)
if v is not None:
if self._pick_key:
v = {self._pick_key: v}
o.update(v)
n_obj.append(o)
return n_obj
def test_tracelogging_wstring(self):
"""
Test the normal build of a trace logging
The name of the event is AmsiScript
This bin have three meta field to parse :
* Engine : name of the script engine
* Script : raw script for encoded in wide string
* Raw Script : raw script not encode (Array of UINT16)
"""
event = Container()
meta = Container()
meta.ext_type = 11
meta.data_item = b'\x10\x00\x00Test\x00Engine\x00\x01'
event.extended_data = ListContainer([meta])
event.user_data = b'P\x00o\x00w\x00e\x00r\x00S\x00h\x00e\x00l\x00l\x00\x00\x00'
tl = build_tracelogging(event)
self.assertEqual(tl.get_name(), "Test", "Invalid Name")
self.assertEqual(tl["Engine"], "PowerShell", "Invalid Name")
def _parse(self, stream, context, path):
allClses = self._allClses
if not self._relativeToId:
types_ = context.MemberTypeInfo.BinaryTypeEnums
infos = context.MemberTypeInfo.Infos
allClses[context.ClassInfo.ObjectId] = (types_,infos)
else:
types_, infos = allClses[context.MetadataId]
hasExtraInfos = (
BinaryTypeEnumeration.PrimitiveArray,
BinaryTypeEnumeration.Primitive,
BinaryTypeEnumeration.Class,
BinaryTypeEnumeration.SystemClass)
ret = []
idxInfos = 0
for ty in types_:
info = None
if ty in hasExtraInfos:
info = infos[idxInfos]
idxInfos += 1
ret.append(self.parse_value(ty, info, stream, context, path))
return ListContainer(ret)
def _parse(self, stream, context, path):
count = context.ClassInfo.MemberCount
print("count")
for i in range(count):
ret.append(Record._parse(stream, contextn, path))
return ListContainer(ret)
def _encode(self, obj, context, path):
return ListContainer(obj.values())
def test_parsing_bsc_open(lockdown):
"""
Test parsing BSC_open.
:param pymobiledevice3.lockdown.LockdownClient lockdown: Lockdown client.
"""
events = [
Container({
'timestamp':
458577723780,
'args':
Container(data=(
b'\x88\x95\xd7m\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
b'\x00\x00\x00\x00P\x88\xd7m\x01\x00\x00\x00'),
value=ListContainer([6137812360, 0, 0, 6137808976]),
offset1=245320,
offset2=245352,
length=32),
'tid':
53906,
'debugid':
67895317,
'eventid':
0x40c0014,
'class':
4,
'subclass':
12,
'code':
5,
'func_qualifier':
1,
'cpuid':
1,
'unused':
0
}),
Container({
'timestamp':
458577724301,
'args':
Container(data=b'\xd5\xcbv\x1d7\xeb\xebL/System/Library/CoreServ',
value=ListContainer([
5542782388359580629, 3417499243072017199,
3420891154821048652, 8534995652679200579
]),
offset1=245384,
offset2=245416,
length=32),
'tid':
53906,
'debugid':
50397329,
'eventid':
0x3010090,
'class':
3,
'subclass':
1,
'code':
36,
'func_qualifier':
1,
'cpuid':
1,
'unused':
0
}),
Container({
'timestamp':
458577724316,
'args':
Container(data=b'ices/SpringBoard.app/SpringBoard',
value=ListContainer([
8246182380979970921, 7237954681621147241,
8246182380930359598, 7237954681621147241
]),
offset1=245448,
offset2=245480,
length=32),
'tid':
53906,
'debugid':
50397330,
'eventid':
0x3010090,
'class':
3,
'subclass':
1,
'code':
36,
'func_qualifier':
2,
'cpuid':
1,
'unused':
0
}),
Container({
'timestamp':
458577726009,
'args':
Container(data=(
b'\x00\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
b'\x00\x00+\x00\x00\x00\x00\x00\x00\x00'),
value=ListContainer([0, 8, 0, 43]),
offset1=245512,
offset2=245544,
length=32),
'tid':
53906,
'debugid':
67895318,
'eventid':
0x40c0014,
'class':
4,
'subclass':
12,
'code':
5,
'func_qualifier':
2,
'cpuid':
1,
'unused':
0
})
]
with DvtSecureSocketProxyService(lockdown=lockdown) as dvt:
trace_codes_map = DeviceInfo(dvt).trace_codes()
parser = KdebugEventsParser(trace_codes_map)
for event in events:
parser.feed(event)
bsc_open = parser.fetch()
assert bsc_open.path == '/System/Library/CoreServices/SpringBoard.app/SpringBoard'
assert bsc_open.ktraces == events
assert bsc_open.flags == [BscOpenFlags.O_RDONLY]
assert bsc_open.result == 'fd: 8'
