def check_sig(self, data) -> bool:
'''
check if file is office or contains [Content_Types].xml
'''
if "application/vnd.openxmlformats-officedocument" in data["Details"]["Properties"]["mime"] or \
check_packed_files(data["Location"]["File"],["[Content_Types].xml"]):
unpack_file(data, data["Location"]["File"])
return True
def check_sig_apk(self, data) -> bool:
'''
check if mime is an apk type or if file contains Androidmanifest in packed files
'''
if data["Details"]["Properties"]["mime"] == "application/java-archive" or \
data["Details"]["Properties"]["mime"] == "application/zip":
if check_packed_files(data["Location"]["File"],
["Androidmanifest.xml"]):
unpack_file(data, data["Location"]["File"])
return True
def check_sig_ipa(self, data) -> bool:
'''
check mime is dmg or not
'''
if data["Details"]["Properties"]["mime"] == "application/zlib" and \
data["Location"]["Original"].endswith(".ipa"):
x = dmg_unpack(data["Location"]["File"])
if x:
if check_packed_files(x, ["info.plist"]):
unpack_file(data, x)
return True
def check_sig_dmg(self, data) -> bool:
'''
check mime is dmg or not
'''
if data["Details"]["Properties"]["mime"] == "application/zlib" and \
data["Location"]["Original"].endswith(".dmg"):
temp_x = dmg_unpack(data["Location"]["File"])
if temp_x:
if check_packed_files(temp_x, ["info.plist"]) or check_packed_files(temp_x, ["Install"]):
unpack_file(data, temp_x)
return True
return False
def check_sig(self, data):
'''
start unknown files logic, this file is not detected by otehr modules
if file is archive, then unpack and get words, wordsstripped otherwise
get words, wordsstripped from the file only
'''
if data["Details"]["Properties"]["mime"] == "application/java-archive" or \
data["Details"]["Properties"]["mime"] == "application/zip" or \
data["Details"]["Properties"]["mime"] == "application/zlib":
unpack_file(data, data["Location"]["File"])
get_words_multi_files(data, data["Packed"]["Files"])
else:
get_words(data, data["Location"]["File"])
