def zip_do_zip(azip, afile): """ azip:ZipFile, afile:source archive(s) name """ # test if encrypted try: azip.testzip() except RuntimeError as e: if 'encrypted' in str(e): log_encrypted(BF_ZIP, afile) return else: log_error(str(e), afile) # iterate directly over file names for member in azip.namelist(): # sort directories out if member.endswith('/'): continue # check file name filename = os.path.basename(member).lower() res = RGX_INFILENAME.search(filename) if res: log_secret(res.group(), afile+':'+member) # check file content, calling other modules data = azip.read(member) (ftype, supported) = type_data(data, member) if supported: if ftype in ENCRYPTED: log_encrypted(ftype, member) else: do_data(ftype, data, afile+':'+member)
def zip_do_zip(azip, afile): """ azip:ZipFile, afile:source archive(s) name """ # test if encrypted try: azip.testzip() except RuntimeError as e: if 'encrypted' in str(e): log_encrypted(BF_ZIP, afile) return else: log_error(str(e), afile) # iterate directly over file names for member in azip.namelist(): # sort directories out if member.endswith('/'): continue # check file name filename = os.path.basename(member).lower() res = RGX_INFILENAME.search(filename) if res: log_secret(res.group(), afile + ':' + member) # check file content, calling other modules data = azip.read(member) (ftype, supported) = type_data(data, member) if supported: if ftype in ENCRYPTED: log_encrypted(ftype, member) else: do_data(ftype, data, afile + ':' + member)
def scan(path, count): """selects files to process, checks file names""" log_comment('scanning %s:' % path) scanned = 0 bar_width = 32 if count < bar_width: bar_width = count if count == 0: bar_width = 1 sys.stdout.write('%s\n' % ("=" * bar_width)) bar_blocksize = count / bar_width bar_left = bar_width bar_count = 0 for root, dirs, files in os.walk(path): for skip in SKIP: if skip in dirs: dirs.remove(skip) for filename in files: abspath = os.path.abspath(os.path.join(root, filename)) res = RGX_INFILENAME.search(filename.lower()) if res: log_secret(res.group(), abspath) try: ftype, supported = type_file(abspath) except TypeError as e: log_error(str(e), abspath) continue if supported: if ftype in ENCRYPTED: # report but do not process log_encrypted(ftype, abspath) if ftype in EXE: # report but do not process if looks_uniform(filename=abspath): log_packed(ftype, abspath) else: log_exe(ftype, abspath) else: # process the file do_file(ftype, abspath) scanned += 1 # update progress bar bar_count += 1 if bar_count >= bar_blocksize and bar_left: sys.stdout.write("=") sys.stdout.flush() bar_count = 0 bar_left -= 1 sys.stdout.write("\n") log_comment('%d files supported were processed' % scanned) return scanned
def tar_do_tar(atar, afile): """ atar:TarFile, afile:source archive(s) name """ # iterate over TarInfo's for member in atar.getmembers(): # only process files if not member.isfile(): continue # check file name filename = os.path.basename(member.name).lower() res = RGX_INFILENAME.search(filename) if res: log_secret(res.group(), afile + ':' + member.name) # check file content, calling other modules data = atar.extractfile(member).read() (ftype, supported) = type_data(data, member.name) if supported: if ftype in ENCRYPTED: log_encrypted(ftype, member.name) else: do_data(ftype, data, afile + ':' + member.name)