def run(self):
buf = self.buf = open(self.filepath, "rb").read()
if len(buf) < ctypes.sizeof(LnkHeader):
log.warning("Provided .lnk file is corrupted or incomplete.")
return
header = LnkHeader.from_buffer_copy(buf[:ctypes.sizeof(LnkHeader)])
if header.signature[:] != self.signature:
return
if header.guid[:] != self.guid:
return
ret = {
"flags": {},
"attrs": []
}
for x in xrange(7):
ret["flags"][self.flags[x]] = bool(header.flags & (1 << x))
for x in xrange(14):
if header.attrs & (1 << x):
ret["attrs"].append(self.attrs[x])
offset = 78 + self.read_uint16(76)
if len(buf) < offset + 28:
log.warning("Provided .lnk file is corrupted or incomplete.")
return
off = LnkEntry.from_buffer_copy(buf[offset:offset + 28])
# Local volume.
if off.volume_flags & 1:
ret["basepath"] = self.read_stringz(offset + off.base_path)
# Network volume.
else:
ret["net_share"] = self.read_stringz(offset + off.net_volume + 20)
network_drive = self.read_uint32(offset + off.net_volume + 12)
if network_drive:
ret["network_drive"] = self.read_stringz(
offset + network_drive
)
ret["remaining_path"] = self.read_stringz(offset + off.path_remainder)
extra = offset + off.length
if ret["flags"]["description"]:
extra, ret["description"] = self.read_string16(extra)
if ret["flags"]["relapath"]:
extra, ret["relapath"] = self.read_string16(extra)
if ret["flags"]["workingdir"]:
extra, ret["workingdir"] = self.read_string16(extra)
if ret["flags"]["cmdline"]:
extra, ret["cmdline"] = self.read_string16(extra)
if ret["flags"]["icon"]:
extra, ret["icon"] = self.read_string16(extra)
return ret
def run(self):
buf = self.buf = open(self.filepath, "rb").read()
if len(buf) < ctypes.sizeof(LnkHeader):
log.warning("Provided .lnk file is corrupted or incomplete.")
return
header = LnkHeader.from_buffer_copy(buf[:ctypes.sizeof(LnkHeader)])
if header.signature[:] != self.signature:
return
if header.guid[:] != self.guid:
return
ret = {
"flags": {},
"attrs": []
}
for x in xrange(7):
ret["flags"][self.flags[x]] = bool(header.flags & (1 << x))
for x in xrange(14):
if header.attrs & (1 << x):
ret["attrs"].append(self.attrs[x])
offset = 78 + self.read_uint16(76)
if len(buf) < offset + 28:
log.warning("Provided .lnk file is corrupted or incomplete.")
return
off = LnkEntry.from_buffer_copy(buf[offset:offset + 28])
# Local volume.
if off.volume_flags & 1:
ret["basepath"] = self.read_stringz(offset + off.base_path)
# Network volume.
else:
ret["net_share"] = self.read_stringz(offset + off.net_volume + 20)
network_drive = self.read_uint32(offset + off.net_volume + 12)
if network_drive:
ret["network_drive"] = self.read_stringz(
offset + network_drive
)
ret["remaining_path"] = self.read_stringz(offset + off.path_remainder)
extra = offset + off.length
if ret["flags"]["description"]:
extra, ret["description"] = self.read_string16(extra)
if ret["flags"]["relapath"]:
extra, ret["relapath"] = self.read_string16(extra)
if ret["flags"]["workingdir"]:
extra, ret["workingdir"] = self.read_string16(extra)
if ret["flags"]["cmdline"]:
extra, ret["cmdline"] = self.read_string16(extra)
if ret["flags"]["icon"]:
extra, ret["icon"] = self.read_string16(extra)
return ret
def test_lnkheader():
a = LnkHeader.from_buffer_copy("A"*72)
assert a.signature[:] == [0x41, 0x41, 0x41, 0x41]
assert a.guid[:] == [0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41]
assert a.flags == 0x41414141
assert a.attrs == 0x41414141
assert a.creation == 0x4141414141414141
assert a.access == 0x4141414141414141
assert a.modified == 0x4141414141414141
assert a.target_len == 0x41414141
assert a.icon_len == 0x41414141
assert a.show_window == 0x41414141
assert a.hotkey == 0x41414141