예제 #1
0
파일: rar.py 프로젝트: sashka/blueflower
def rar_do_rar(arar, afile):
    """ arar:RarFile, afile:source archive(s) name """
    # test if encrypted
    if arar.needs_password():
        log_encrypted(BF_RAR, afile)
        return 

    infilename = re.compile('|'.join(INFILENAME))
    
    # iterate over infolist to detect directories
    # (unlike zipfile, doesnt append '/' to dir names
    for member in arar.infolist():
        # sort directories out
        if member.isdir():
            continue
        # check file name
        filename =  os.path.basename(member.filename).lower()
        res = infilename.search(filename)
        if res:
            log_secret(res.group(), afile+':'+member.filename)

        # check file content, calling other modules
        data = arar.read(member)
        (ftype, keep) = types_data(data, member)
        if keep:
            if ftype in ENCRYPTED:
                log_encrypted(ftype, member)
            else:
                do_data(ftype, data, afile+':'+member.filename)
예제 #2
0
파일: zip.py 프로젝트: rjmolesa/blueflower
def zip_do_zip(azip, afile):
    """ azip:ZipFile, afile:source archive(s) name """
    # test if encrypted
    try:
        azip.testzip()
    except RuntimeError as e:
        if 'encrypted' in str(e):
            log_encrypted(BF_ZIP, afile)
            return
        else:
            log_error(str(e), afile)

    # iterate directly over file names
    for member in azip.namelist():
        # sort directories out
        if member.endswith('/'):
            continue
        # check file name
        filename = os.path.basename(member).lower()
        res = RGX_INFILENAME.search(filename)
        if res:
            log_secret(res.group(), afile+':'+member)

        # check file content, calling other modules
        data = azip.read(member)
        (ftype, supported) = type_data(data, member)
        if supported:
            if ftype in ENCRYPTED:
                log_encrypted(ftype, member)
            else:
                do_data(ftype, data, afile+':'+member)
예제 #3
0
def zip_do_zip(azip, afile):
    """ azip:ZipFile, afile:source archive(s) name """
    # test if encrypted
    try:
        azip.testzip()
    except RuntimeError as e:
        if 'encrypted' in str(e):
            log_encrypted(BF_ZIP, afile)
            return
        else:
            log_error(str(e), afile)

    # iterate directly over file names
    for member in azip.namelist():
        # sort directories out
        if member.endswith('/'):
            continue
        # check file name
        filename = os.path.basename(member).lower()
        res = RGX_INFILENAME.search(filename)
        if res:
            log_secret(res.group(), afile + ':' + member)

        # check file content, calling other modules
        data = azip.read(member)
        (ftype, supported) = type_data(data, member)
        if supported:
            if ftype in ENCRYPTED:
                log_encrypted(ftype, member)
            else:
                do_data(ftype, data, afile + ':' + member)
예제 #4
0
파일: bzip2.py 프로젝트: nmnz/blueflower
def bzip2_do_bzip2(abzip2, afile):
    """abzip2:raw bytes, afile:source file name"""
    try:
        data = bz2.decompress(abzip2)
    except IOError:
        log_error('IOError', afile)
        return
    (ftype, keep) = types_data(data)
    if keep:
        # strip any .bz2 extension
        (root, ext) = os.path.splitext(afile)
        if ext.lower() == '.bz2':
            do_data(ftype, data, afile + ':' + root)
        else:
            do_data(ftype, data, afile)
예제 #5
0
def bzip2_do_bzip2(abzip2, afile):
    """abzip2: raw bytes, afile: source file name"""
    try:
        data = bz2.decompress(abzip2)
    except (IOError, ValueError) as e:
        log_error(str(e), afile)
        return
    (ftype, supported) = type_data(data)
    if supported:
        # strip any .bz2 extension
        (root, ext) = os.path.splitext(afile)
        if ext.lower() == '.bz2':
            do_data(ftype, data, afile+':'+root)
        else:
            do_data(ftype, data, afile)
예제 #6
0
def bzip2_do_bzip2(abzip2, afile):
    """abzip2: raw bytes, afile: source file name"""
    try:
        data = bz2.decompress(abzip2)
    except (IOError, ValueError) as e:
        log_error(str(e), afile)
        return
    (ftype, supported) = type_data(data)
    if supported:
        # strip any .bz2 extension
        (root, ext) = os.path.splitext(afile)
        if ext.lower() == '.bz2':
            do_data(ftype, data, afile + ':' + root)
        else:
            do_data(ftype, data, afile)
예제 #7
0
파일: gz.py 프로젝트: rjmolesa/blueflower
def gz_do_gz(agz, afile):
    """agz:GzipFile, afile:source file name"""
    try:
        data = agz.read()
    except IOError as e:
        log_error(str(e), afile)
        return
    (ftype, supported) = type_data(data)
    if supported:
        # strip any .gz extension
        (root, ext) = os.path.splitext(afile)
        if ext.lower() == '.gz':
            do_data(ftype, data, afile+':'+root)
        else:
            do_data(ftype, data, afile)
예제 #8
0
def gz_do_gz(agz, afile):
    """agz:GzipFile, afile:source file name"""
    try:
        data = agz.read()
    except IOError:
        log_error('IOError', afile)
        return
    (ftype, keep) = types_data(data)
    if keep:
        # strip any .gz extension
        (root, ext) = os.path.splitext(afile)
        if ext.lower() == '.gz':
            do_data(ftype, data, afile + ':' + root)
        else:
            do_data(ftype, data, afile)
예제 #9
0
파일: zip.py 프로젝트: nmnz/blueflower
def zip_do_zip(azip, afile):
    """ azip:ZipFile, afile:source archive(s) name """
    infilename = re.compile('|'.join(INFILENAME))

    # iterate directly over file names 
    for member in azip.namelist():
        # sort directories out
        if member.endswith('/'):
            continue
        # check file name
        filename =  os.path.basename(member).lower()
        res = infilename.search(filename)
        if res:
            log_secret(res.group(), afile+':'+member)

        # check file content, calling other modules
        data = azip.read(member)
        (ftype, keep) = types_data(data)
        if keep:
            do_data(ftype, data, afile+':'+member)
예제 #10
0
파일: tar.py 프로젝트: nmnz/blueflower
def tar_do_tar(atar, afile):
    """ atar:TarFile, afile:source archive(s) name """
    infilename = re.compile('|'.join(INFILENAME))

    # iterate over TarInfo's
    for member in atar.getmembers():
        # only process files
        if not member.isfile():
            continue
        # check file name
        filename = os.path.basename(member.name).lower()
        res = infilename.search(filename)
        if res:
            log_secret(res.group(), afile+':'+member.name)

        # check file content, calling other modules
        data = atar.extractfile(member).read()
        (ftype, keep) = types_data(data)
        if keep:
            do_data(ftype, data, afile+':'+member.name)
예제 #11
0
def zip_do_zip(azip, afile):
    """ azip:ZipFile, afile:source archive(s) name """
    infilename = re.compile('|'.join(INFILENAME))

    # iterate directly over file names
    for member in azip.namelist():
        # sort directories out
        if member.endswith('/'):
            continue
        # check file name
        filename = os.path.basename(member).lower()
        res = infilename.search(filename)
        if res:
            log_secret(res.group(), afile + ':' + member)

        # check file content, calling other modules
        data = azip.read(member)
        (ftype, keep) = types_data(data)
        if keep:
            do_data(ftype, data, afile + ':' + member)
예제 #12
0
def rar_do_rar(arar, afile):
    """ arar:RarFile, afile:source archive(s) name """
    infilename = re.compile('|'.join(INFILENAME))

    # iterate over infolist to detect directories
    # (unlike zipfile, doesnt append '/' to dir names
    for member in arar.infolist():
        # sort directories out
        if member.isdir():
            continue
        # check file name
        filename = os.path.basename(member.filename).lower()
        res = infilename.search(filename)
        if res:
            log_secret(res.group(), afile + ':' + member.filename)

        # check file content, calling other modules
        data = arar.read(member)
        (ftype, keep) = types_data(data)
        if keep:
            do_data(ftype, data, afile + ':' + member.filename)
예제 #13
0
def tar_do_tar(atar, afile):
    """ atar:TarFile, afile:source archive(s) name """
    # iterate over TarInfo's
    for member in atar.getmembers():
        # only process files
        if not member.isfile():
            continue
        # check file name
        filename = os.path.basename(member.name).lower()
        res = RGX_INFILENAME.search(filename)
        if res:
            log_secret(res.group(), afile + ':' + member.name)

        # check file content, calling other modules
        data = atar.extractfile(member).read()
        (ftype, supported) = type_data(data, member.name)
        if supported:
            if ftype in ENCRYPTED:
                log_encrypted(ftype, member.name)
            else:
                do_data(ftype, data, afile + ':' + member.name)