コード例 #1
0
    def from_dict(process_dict, process_cls = None):
        if not process_dict:
            return None                
        if process_cls == None:
            process_ = Process()
        else:
            process_ = process_cls
        
        ObjectProperties.from_dict(process_dict, process_)
        process_.is_hidden = process_dict.get('is_hidden')
        process_.pid = UnsignedInteger.from_dict(process_dict.get('pid'))
        process_.name = String.from_dict(process_dict.get('name'))
        process_.creation_time = DateTime.from_dict(process_dict.get('creation_time'))
        process_.parent_pid = UnsignedInteger.from_dict(process_dict.get('parent_pid'))
        process_.child_pid_list = [UnsignedInteger.from_dict(x) for x in process_dict.get('child_pid_list', [])]
        process_.image_info = ImageInfo.from_dict(process_dict.get('image_info'))
        process_.argument_list = [String.from_dict(x) for x in process_dict.get('argument_list', [])]
        process_.environment_variable_list = EnvironmentVariableList.from_list(process_dict.get('environment_variable_list'))
        process_.kernel_time = Duration.from_dict(process_dict.get('kernel_time'))
        process_.port_list = [Port.from_dict(x) for x in process_dict.get('port_list', [])]
        process_.network_connection_list = [NetworkConnection.from_dict(x) for x in process_dict.get('network_connection_list', [])]
        process_.start_time = DateTime.from_dict(process_dict.get('start_time'))
        process_.username = String.from_dict(process_dict.get('username'))
        process_.user_time = Duration.from_dict(process_dict.get('user_time'))
        process_.extracted_features = None

        return process_
コード例 #2
0
 def from_dict(x509_certificate_signature_dict):
     if not x509_certificate_signature_dict:
         return None
     x509_certificate_signature_ = X509CertificateSignature()
     x509_certificate_signature_.signature_algorithm = String.from_dict(x509_certificate_signature_dict.get('signature_algorithm'))
     x509_certificate_signature_.signature = String.from_dict(x509_certificate_signature_dict.get('signature'))
     return x509_certificate_signature_
コード例 #3
0
    def from_dict(environment_variable_dict):
        if not environment_variable_dict:
            return None

        environment_variable_ = EnvironmentVariable()
        environment_variable_.name = String.from_dict(environment_variable_dict.get('name'))
        environment_variable_.value = String.from_dict(environment_variable_dict.get('value'))

        return environment_variable_
コード例 #4
0
 def from_dict(x509_non_standard_extensions_dict):
     if not x509_non_standard_extensions_dict:
         return None
     x509_non_standard_extensions_ = X509NonStandardExtensions()
     x509_non_standard_extensions_.netscape_comment = String.from_dict(x509_non_standard_extensions_dict.get('netscape_comment'))
     x509_non_standard_extensions_.netscape_certificate_type = String.from_dict(x509_non_standard_extensions_dict.get('netscape_certificate_type'))
     x509_non_standard_extensions_.old_authority_key_identifier = String.from_dict(x509_non_standard_extensions_dict.get('old_authority_key_identifier'))
     x509_non_standard_extensions_.old_primary_key_attributes = String.from_dict(x509_non_standard_extensions_dict.get('old_primary_key_attributes'))
     return x509_non_standard_extensions_
コード例 #5
0
 def from_dict(global_flag_dict):
     if not global_flag_dict:
         return None
     global_flag_ = GlobalFlag()
     global_flag_.abbreviation = String.from_dict(global_flag_dict.get('abbreviation'))
     global_flag_.destination = String.from_dict(global_flag_dict.get('destination'))
     global_flag_.hexadecimal_value = HexBinary.from_dict(global_flag_dict.get('hexadecimal_value'))
     global_flag_.symbolic_name = String.from_dict(global_flag_dict.get('symbolic_name'))
     return global_flag_
コード例 #6
0
 def from_dict(bios_info_dict):
     if not bios_info_dict:
         return None
     bios_info_ = BIOSInfo()
     bios_info_.bios_date = Date.from_dict(bios_info_dict.get('bios_date'))
     bios_info_.bios_version = String.from_dict(bios_info_dict.get('bios_version'))
     bios_info_.bios_manufacturer = String.from_dict(bios_info_dict.get('bios_manufacturer'))
     bios_info_.bios_release_date = Date.from_dict(bios_info_dict.get('bios_release_date'))
     bios_info_.bios_serial_number = String.from_dict(bios_info_dict.get('bios_serial_number'))
     return bios_info_
コード例 #7
0
    def from_dict(registry_value_dict):
        if not registry_value_dict:
            return None

        registry_value_ = RegistryValue()
        registry_value_.name = String.from_dict(registry_value_dict.get('name'))
        registry_value_.data = String.from_dict(registry_value_dict.get('data'))
        registry_value_.datatype = String.from_dict(registry_value_dict.get('datatype'))
        #registry_value_.byte_runs = ByteRuns.from_dict(registry_value_dict.get('byte_runs'))

        return registry_value_
コード例 #8
0
 def from_dict(os_dict):
     if not os_dict:
         return None
     os_ = OS()
     os_.bitness = String.from_dict(os_dict.get('bitness'))
     os_.build_number = String.from_dict(os_dict.get('build_number'))
     os_.environment_variable_list = EnvironmentVariableList.from_list(os_dict.get('environment_variable_list'))
     os_.install_date = Date.from_dict(os_dict.get('install_date'))
     os_.patch_level = String.from_dict(os_dict.get('patch_level'))
     os_.platform = None #TODO: add support for platform specification
     return os_
コード例 #9
0
    def from_dict(image_info_dict):
        if not image_info_dict:
            return None

        image_info_ = ImageInfo()
        image_info_.file_name = String.from_dict(image_info_dict.get('file_name'))
        image_info_.command_line = String.from_dict(image_info_dict.get('command_line'))
        image_info_.current_directory = String.from_dict(image_info_dict.get('current_directory'))
        image_info_.path = String.from_dict(image_info_dict.get('path'))

        return image_info_
コード例 #10
0
    def from_dict(environment_variable_dict):
        if not environment_variable_dict:
            return None

        environment_variable_ = EnvironmentVariable()
        environment_variable_.name = String.from_dict(
            environment_variable_dict.get('name'))
        environment_variable_.value = String.from_dict(
            environment_variable_dict.get('value'))

        return environment_variable_
コード例 #11
0
    def from_dict(digital_signature_dict):
        if not digital_signature_dict:
            return None

        digital_signature_ = DigitalSignature()
        digital_signature_.signature_exists = digital_signature_dict.get('signature_exists')
        digital_signature_.signature_verified = digital_signature_dict.get('signature_verified')
        digital_signature_.certificate_issuer = String.from_dict(digital_signature_dict.get('certificate_issuer'))
        digital_signature_.certificate_subject = String.from_dict(digital_signature_dict.get('certificate_subject'))
        digital_signature_.signature_description = String.from_dict(digital_signature_dict.get('signature_description'))

        return digital_signature_
コード例 #12
0
    def from_dict(win_handle_dict):
        if not win_handle_dict:
            return None
        win_handle_ = WinHandle()
        
        win_handle_.id = UnsignedInteger.from_dict(win_handle_dict.get('id'))        
        win_handle_.name = String.from_dict(win_handle_dict.get('name'))
        win_handle_.type = String.from_dict(win_handle_dict.get('type'))
        win_handle_.object_address = UnsignedLong.from_dict(win_handle_dict.get('id'))
        win_handle_.access_mask = UnsignedLong.from_dict(win_handle_dict.get('access_mask'))
        win_handle_.pointer_count = UnsignedLong.from_dict(win_handle_dict.get('id')) 

        return win_handle_
コード例 #13
0
    def from_dict(packer_dict):
        if not packer_dict:
            return None

        packer = Packer()

        packer.name = String.from_dict(packer_dict.get('name'))
        packer.version = String.from_dict(packer_dict.get('version'))
        packer.entry_point = HexBinary.from_dict(packer_dict.get('entry_point'))
        packer.signature = String.from_dict(packer_dict.get('signature'))
        packer.type_ = String.from_dict(packer_dict.get('type'))

        return packer
コード例 #14
0
 def from_dict(network_interface_dict):
     if not network_interface_dict:
         return None
     network_interface_ = NetworkInterface()
     network_interface_.adapter = String.from_dict(network_interface_dict.get('adapter'))
     network_interface_.description = String.from_dict(network_interface_dict.get('description'))
     network_interface_.dhcp_lease_expires = DateTime.from_dict(network_interface_dict.get('dhcp_lease_expires'))
     network_interface_.dhcp_lease_obtained = DateTime.from_dict(network_interface_dict.get('dhcp_lease_obtained'))
     network_interface_.dhcp_server_list = DHCPServerList.from_list(network_interface_dict.get('dhcp_server_list'))
     network_interface_.ip_gateway_list = IPGatewayList.from_list(network_interface_dict.get('ip_gateway_list'))
     network_interface_.ip_list = IPInfoList.from_list(network_interface_dict.get('ip_list'))
     network_interface_.mac = String.from_dict(network_interface_dict.get('mac'))
     return network_interface_
コード例 #15
0
 def from_dict(x509_cert_dict):
     if not x509_cert_dict:
         return None
     x509_cert_ = X509Cert()
     x509_cert_.version = String.from_dict(x509_cert_dict.get('version'))
     x509_cert_.serial_number = String.from_dict(x509_cert_dict.get('serial_number'))
     x509_cert_.signature_algorithm = String.from_dict(x509_cert_dict.get('signature_algorithm'))
     x509_cert_.issuer = String.from_dict(x509_cert_dict.get('issuer'))
     x509_cert_.validity = Validity.from_dict(x509_cert_dict.get('validity'))
     x509_cert_.subject = String.from_dict(x509_cert_dict.get('subject'))
     x509_cert_.subject_public_key = SubjectPublicKey.from_dict(x509_cert_dict.get('subject_public_key'))
     x509_cert_.standard_extensions = X509V3Extensions.from_dict(x509_cert_dict.get('standard_extensions'))
     x509_cert_.non_standard_extensions = X509NonStandardExtensions.from_dict(x509_cert_dict.get('non_standard_extensions'))
     return x509_cert_
コード例 #16
0
    def from_dict(win_kernel_hook_dict):
        if not win_kernel_hook_dict:
            return None

        win_kernel_hook_ = WinKernelHook()
        win_kernel_hook_.digital_signature_hooking = DigitalSignature.from_dict(win_kernel_hook_dict.get('digital_signature_hooking'))
        win_kernel_hook_.digital_signature_hooked = DigitalSignature.from_dict(win_kernel_hook_dict.get('digital_signature_hooked'))
        win_kernel_hook_.hooked_address = UnsignedLong.from_dict(win_kernel_hook_dict.get('hooked_address'))
        win_kernel_hook_.hook_description = String.from_dict(win_kernel_hook_dict.get('hook_description'))
        win_kernel_hook_.hooked_function = String.from_dict(win_kernel_hook_dict.get('hooked_function'))
        win_kernel_hook_.hooked_module = String.from_dict(win_kernel_hook_dict.get('hooked_module'))
        win_kernel_hook_.type = String.from_dict(win_kernel_hook_dict.get('type'))

        return win_kernel_hook_
コード例 #17
0
    def from_dict(message_dict):
        message = EmailMessage()

        for attachment in message_dict.get('attachments', []):
            message.attachments.append(File.from_dict(attachment))
        for link in message_dict.get('links', []):
            message.links.append(URI.from_dict(link))
        message.header = EmailHeader.from_dict(message_dict.get('header'))
        message.optional_header = OptionalHeader.from_dict(message_dict.get('optional_header'))
        message.email_server = String.from_dict(message_dict.get('email_server'))
        message.raw_body = String.from_dict(message_dict.get('raw_body'))
        message.raw_header = String.from_dict(message_dict.get('raw_header'))

        return message
コード例 #18
0
 def from_dict(win_file_dict, file_class = None):
     if not win_file_dict:
         return None
     if not file_class:
         win_file_ = File.from_dict(win_file_dict, WinFile())
     else:
         win_file_ = File.from_dict(win_file_dict, file_class)
     win_file_.filename_accessed_time = DateTime.from_dict(win_file_dict.get('filename_accessed_time'))
     win_file_.filename_created_time = DateTime.from_dict(win_file_dict.get('filename_created_time'))
     win_file_.filename_modified_time = DateTime.from_dict(win_file_dict.get('filename_modified_time'))
     win_file_.drive = String.from_dict(win_file_dict.get('drive'))
     win_file_.security_id = String.from_dict(win_file_dict.get('security_id'))
     win_file_.security_type = String.from_dict(win_file_dict.get('security_type'))
     win_file_.stream_list = StreamList.from_list(win_file_dict.get('stream_list'))
     return win_file_
コード例 #19
0
    def from_dict(contact_dict, contact=None):
        if not contact_dict:
            return None

        if contact is None:
            contact = WhoisContact()

        contact.contact_type = contact_dict.get('contact_type')
        contact.contact_id = String.from_dict(contact_dict.get('contact_id'))
        contact.name = String.from_dict(contact_dict.get('name'))
        contact.email_address = Address.from_dict(contact_dict.get('email_address'), Address.CAT_EMAIL)
        contact.phone_number = String.from_dict(contact_dict.get('phone_number'))
        contact.address = String.from_dict(contact_dict.get('address'))

        return contact
コード例 #20
0
    def from_dict(extracted_string_dict):
        if not extracted_string_dict:
            return None

        extracted_string_ = ExtractedString()
        extracted_string_.encoding = VocabString.from_dict(extracted_string_dict.get('encoding'))
        extracted_string_.string_value = String.from_dict(extracted_string_dict.get('string_value'))
        extracted_string_.byte_string_value = HexBinary.from_dict(extracted_string_dict.get('byte_string_value'))
        extracted_string_.hashes = HashList.from_list(extracted_string_dict.get('hashes'))
        extracted_string_.address = HexBinary.from_dict(extracted_string_dict.get('address'))
        extracted_string_.length = PositiveInteger.from_dict(extracted_string_dict.get('length'))
        extracted_string_.language = String.from_dict(extracted_string_dict.get('language'))
        extracted_string_.english_translation = String.from_dict(extracted_string_dict.get('english_translation'))

        return extracted_string_
コード例 #21
0
    def from_dict(opt_header_dict):
        if not opt_header_dict:
            return None

        opt_header = OptionalHeader()

        opt_header.boundary = String.from_dict(opt_header_dict.get('boundary'))
        opt_header.content_type = String.from_dict(opt_header_dict.get('content_type'))
        opt_header.mime_version = String.from_dict(opt_header_dict.get('mime_version'))
        opt_header.precedence = String.from_dict(opt_header_dict.get('precedence'))
        opt_header.x_mailer = String.from_dict(opt_header_dict.get('x_mailer'))
        opt_header.x_originating_ip = Address.from_dict(opt_header_dict.get('x_originating_ip'), Address.CAT_IPV4)
        opt_header.x_priority = PositiveInteger.from_dict(opt_header_dict.get('x_priority'))

        return opt_header
コード例 #22
0
    def from_dict(network_connection_dict):
        if not network_connection_dict:
            return None
        network_connection_ = NetworkConnection()
        network_connection_.tls_used = network_connection_dict.get('tls_used')
        network_connection_.creation_time = DateTime.from_dict(network_connection_dict.get('creation_time'))
        network_connection_.layer3_protocol = String.from_dict(network_connection_dict.get('layer3_protocol'))
        network_connection_.layer4_protocol = String.from_dict(network_connection_dict.get('layer4_protocol'))
        network_connection_.layer7_protocol = String.from_dict(network_connection_dict.get('layer7_protocol'))
        network_connection_.source_socket_address = SocketAddress.from_dict(network_connection_dict.get('source_socket_address'))
        network_connection_.source_tcp_state = network_connection_dict.get('source_tcp_state')
        network_connection_.destination_socket_address = SocketAddress.from_dict(network_connection_dict.get('destination_socket_address'))
        network_connection_.destination_tcp_state = network_connection_dict.get('destination_tcp_state')
        network_connection_.layer7_connections = Layer7Connections.from_dict(network_connection_dict.get('layer7_connections'))

        return network_connection_
コード例 #23
0
 def from_dict(subject_public_key_dict):
     if not subject_public_key_dict:
         return None
     subject_public_key_ = SubjectPublicKey()
     subject_public_key_.public_key_algorithm = String.from_dict(subject_public_key_dict.get('public_key_algorithm'))
     subject_public_key_.rsa_public_key = RSAPublicKey.from_dict(subject_public_key_dict.get('rsa_public_key'))
     return subject_public_key_
コード例 #24
0
 def from_dict(capability_property_dict):
     if not capability_property_obj:
         return None
     capability_property_ = CapabilityProperty()
     capability_property_.name = VocabString.from_dict(capability_property_dict["name"])
     capability_property_.value = String.from_dict(capability_property_dict["value"])
     return capability_property_
コード例 #25
0
    def from_dict(header_dict):
        header = EmailHeader()

        header.to = EmailRecipients.from_dict(header_dict.get('to'))
        header.cc = EmailRecipients.from_dict(header_dict.get('cc'))
        header.bcc = EmailRecipients.from_dict(header_dict.get('bcc'))
        header.from_ = Address.from_dict(header_dict.get('from'), Address.CAT_EMAIL)
        header.subject = String.from_dict(header_dict.get('subject'))
        header.in_reply_to = String.from_dict(header_dict.get('in_reply_to'))
        header.date = DateTime.from_dict(header_dict.get('date'))
        header.message_id = String.from_dict(header_dict.get('message_id'))
        header.sender = Address.from_dict(header_dict.get('sender'), Address.CAT_EMAIL)
        header.reply_to = Address.from_dict(header_dict.get('reply_to'), Address.CAT_EMAIL)
        header.errors_to = String.from_dict(header_dict.get('errors_to'))

        return header
コード例 #26
0
 def from_dict(rsa_public_key_dict):
     if not rsa_public_key_dict:
         return None
     rsa_public_key_ = RSAPublicKey()
     rsa_public_key_.modulus = String.from_dict(rsa_public_key_dict.get('modulus'))
     rsa_public_key_.exponent = Integer.from_dict(rsa_public_key_dict.get('exponent'))
     return rsa_public_key_
コード例 #27
0
ファイル: capability.py プロジェクト: geliefan/python-maec 
 def from_dict(capability_property_dict):
     if not capability_property_dict:
         return None
     capability_property_ = CapabilityProperty()
     capability_property_.name = VocabString.from_dict(capability_property_dict['name'])
     capability_property_.value = String.from_dict(capability_property_dict['value'])
     return capability_property_
コード例 #28
0
    def from_dict(registrar_dict):
        if not registrar_dict:
            return None

        registrar = WhoisRegistrar()

        registrar.registrar_id = String.from_dict(registrar_dict.get('registrar_id'))
        registrar.registrar_guid = String.from_dict(registrar_dict.get('registrar_guid'))
        registrar.name = String.from_dict(registrar_dict.get('name'))
        registrar.address = String.from_dict(registrar_dict.get('address'))
        registrar.email_address = Address.from_dict(registrar_dict.get('email_address'), Address.CAT_EMAIL)
        registrar.phone_number = String.from_dict(registrar_dict.get('phone_number'))
        registrar.whois_server = URI.from_dict(registrar_dict.get('whois_server'))
        registrar.referral_url = URI.from_dict(registrar_dict.get('referral_url'))
        registrar.contacts = WhoisContacts.from_list(registrar_dict.get('contacts'))

        return registrar
コード例 #29
0
    def from_dict(file_dict, file_class=None):
        if not file_dict:
            return None
        if not file_class:
            file_ = File()
        else:
            file_ = file_class
        ObjectProperties.from_dict(file_dict, file_)

        file_.is_packed = file_dict.get('is_packed')
        file_.file_name = String.from_dict(file_dict.get('file_name'))
        file_.file_path = FilePath.from_dict(file_dict.get('file_path'))
        file_.device_path = String.from_dict(file_dict.get('device_path'))
        file_.full_path = String.from_dict(file_dict.get('full_path'))
        file_.file_extension = String.from_dict(file_dict.get('file_extension'))
        file_.size_in_bytes = UnsignedLong.from_dict(file_dict.get('size_in_bytes'))
        file_.magic_number = HexBinary.from_dict(file_dict.get('magic_number'))
        file_.file_format = String.from_dict(file_dict.get('file_format'))
        file_.hashes = HashList.from_list(file_dict.get('hashes'))
        file_.extracted_features = ExtractedFeatures.from_dict(file_dict.get('extracted_features'))
        file_.modified_time = String.from_dict(file_dict.get('modified_time'))
        file_.accessed_time = String.from_dict(file_dict.get('accessed_time'))
        file_.created_time = DateTime.from_dict(file_dict.get('created_time'))

        return file_
コード例 #30
0
    def from_dict(dns_record_dict):
        if not dns_record_dict:
            return None

        dns_record_ = DNSRecord()
        dns_record_.description = StructuredText.from_dict(dns_record_dict.get('description'))
        dns_record_.domain_name = URI.from_dict(dns_record_dict.get('domain_name'))
        dns_record_.ip_address = Address.from_dict(dns_record_dict.get('ip_address'))
        dns_record_.address_class = String.from_dict(dns_record_dict.get('address_class'))
        dns_record_.entry_type = String.from_dict(dns_record_dict.get('entry_type'))
        dns_record_.record_name = String.from_dict(dns_record_dict.get('record_name'))
        dns_record_.record_type = String.from_dict(dns_record_dict.get('record_type'))
        dns_record_.ttl = Integer.from_dict(dns_record_dict.get('record_type'))
        dns_record_.flags = HexBinary.from_dict(dns_record_dict.get('flags'))
        dns_record_.data_length = Integer.from_dict(dns_record_dict.get('data_length'))
        dns_record_.record_data = dns_record_dict.get('record_data')

        return dns_record_
コード例 #31
0
 def from_dict(driver_dict):
     if not driver_dict:
         return None
     driver_ = WinDriver()
     driver_.driver_init = UnsignedLong.from_dict(driver_dict.get('driver_init'))
     driver_.driver_name = String.from_dict(driver_dict.get('driver_name'))
     driver_.driver_object_address = HexBinary.from_dict(driver_dict.get('driver_object_address'))
     driver_.driver_start_io = HexBinary.from_dict(driver_dict.get('driver_start_io'))
     return driver_
コード例 #32
0
    def from_dict(extracted_string_dict):
        if not extracted_string_dict:
            return None

        extracted_string_ = ExtractedString()
        extracted_string_.encoding = VocabString.from_dict(
            extracted_string_dict.get('encoding'))
        extracted_string_.string_value = String.from_dict(
            extracted_string_dict.get('string_value'))
        extracted_string_.byte_string_value = HexBinary.from_dict(
            extracted_string_dict.get('byte_string_value'))
        extracted_string_.hashes = HashList.from_list(
            extracted_string_dict.get('hashes'))
        extracted_string_.address = HexBinary.from_dict(
            extracted_string_dict.get('address'))
        extracted_string_.length = PositiveInteger.from_dict(
            extracted_string_dict.get('length'))
        extracted_string_.language = String.from_dict(
            extracted_string_dict.get('language'))
        extracted_string_.english_translation = String.from_dict(
            extracted_string_dict.get('english_translation'))

        return extracted_string_