def object_from_dict(cls, win_thread_dict): """Create the Windows Thread Object object representation from an input dictionary""" win_thread_obj = win_thread_binding.WindowsThreadObjectType() win_thread_obj.set_anyAttributes_({'xsi:type' : 'WinThreadObj:WindowsThreadObjectType'}) for key, value in win_thread_dict.items(): if key == 'thread_id' and utils.test_value(value): win_thread_obj.set_Thread_ID(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) elif key == 'handle': win_thread_obj.set_Handle(Win_Handle.object_from_dict(value)) elif key == 'running_status': win_thread_obj.set_Running_Status(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'context': win_thread_obj.set_Context(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'priority': win_thread_obj.set_Priority(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'creation_flags': win_thread_obj.set_Creation_Flags(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) elif key == 'creation_time': win_thread_obj.set_Creation_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value)) elif key == 'start_address': win_thread_obj.set_Start_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) elif key == 'parameter_address': win_thread_obj.set_Parameter_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) elif key == 'security_attributes': win_thread_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'stack_size': win_thread_obj.set_Stack_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) return win_thread_obj
def object_from_dict(cls, enviroment_variable_dict): """Create the Environment Variable object representation from an input dictionary""" environment_variable_obj = common_binding.EnvironmentVariableType() for key, value in enviroment_variable_dict.items(): if key == 'name' : environment_variable_obj.set_Name(Base_Object_Attribute.object_from_dict(common_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'value' : environment_variable_obj.set_Value(Base_Object_Attribute.object_from_dict(common_binding.StringObjectAttributeType(datatype='String'),value)) return environment_variable_obj
def object_from_dict(cls, port_dict): """Create the Port Object object representation from an input dictionary""" port_obj = port_binding.PortObjectType() port_obj.set_anyAttributes_({'xsi:type' : 'PortObj:PortObjectType'}) for key, value in port_dict.items(): if key == 'port_value' and utils.test_value(value): port_obj.set_Port_Value(Base_Object_Attribute.object_from_dict(common_types_binding.PositiveIntegerObjectAttributeType(datatype='PositiveInteger'),value)) elif key == 'layer4_protocol' and utils.test_value(value): port_obj.set_Layer4_Protocol(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) return port_obj
def __registry_value_object_from_dict(cls, registry_value_dict): registry_value_obj = win_registry_key_binding.RegistryValueType() for key, value in registry_value_dict.items(): if key == 'name' and utils.test_value(value): registry_value_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'data' and utils.test_value(value): registry_value_obj.set_Data(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'datatype' and utils.test_value(value): registry_value_obj.set_Datatype(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'byte_runs' : ByteRuns.object_from_dict(value) return registry_value_obj
def object_from_dict(cls, win_event_dict): """Create the Win Event Object object representation from an input dictionary""" win_event_obj = win_event_binding.WindowsEventObjectType() win_event_obj.set_anyAttributes_({'xsi:type' : 'WinEventObj:WindowsEventObjectType'}) for key, value in win_event_dict.items(): if key == 'name' and utils.test_value(value): win_event_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'handle' : win_event_obj.set_Handle(Win_Handle.object_from_dict(value)) elif key == 'type' and utils.test_value(value) : win_event_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) return win_event_obj
def __exports_obj_from_dict(cls, exports_dict): exports_obj = win_executable_file_binding.PEExportsType() for key, value in exports_dict.items(): if key == "exported_functions": exported_functions = win_executable_file_binding.PEExportedFunctionsType() for exported_function in value: xported_function = win_executable_file_binding.PEExportedFunctionType() for exported_function_key, exported_function_value in exported_function.items(): if exported_function_key == "function_name" and utils.test_value(exported_function_value): xported_function.set_Function_Name( Base_Object_Attribute.object_from_dict( common_types_binding.StringObjectAttributeType(datatype="String"), exported_function_value, ) ) elif exported_function_key == "entry_point" and utils.test_value(exported_function_value): xported_function.set_Entry_Point( cBase_Object_Attribute.object_from_dict( ommon_types_binding.HexBinaryObjectAttributeType(datatype="hexBinary"), exported_function_value, ) ) elif exported_function_key == "ordinal" and utils.test_value(exported_function_value): xported_function.set_Ordinal( Base_Object_Attribute.object_from_dict( common_types_binding.NonNegativeIntegerObjectAttributeType( datatype="NonNegativeInteger" ), exported_function_value, ) ) if xported_function.hasContent_(): exported_functions.add_Exported_Function(xported_function) if exported_functions.hasContent_(): exports.set_Exported_Functions(exported_functions) elif key == "exports_time_stamp" and utils.test_value(value): exports.set_Exports_Time_stamp( Base_Object_Attribute.object_from_dict( common_types_binding.DateTimeObjectAttributeType(datatype="DateTime"), exported_function_value ) ) elif key == "number_of_addresses" and utils.test_value(value): exports.set_Number_Of_Addresses( Base_Object_Attribute.object_from_dict( common_types_binding.LongObjectAttributeType(datatype="Long"), exported_function_value ) ) elif key == "number_of_names" and utils.test_value(value): exports.set_Number_Of_Names( Base_Object_Attribute.object_from_dict( common_types_binding.LongObjectAttributeType(datatype="Long"), exported_function_value ) ) return exports_obj
def object_from_dict(cls, stream_dict): """Create the Stream Object object representation from an input dictionary""" stream_obj = win_file_binding.StreamObjectType() for key, value in stream_dict: if key == 'Hashes' : for Hash_dict in value: Hash_obj = Hash.object_from_dict(Hash_dict) if Hash_obj.hasContent_() : stream_obj.add_Hash(Hash_obj) elif key == 'name' and utils.test_value(value): stream_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'size_in_bytes' and utils.test_value(value): stream_obj.set_Size_In_Bytes(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'),value)) return stream_obj
def object_from_dict(cls, user_attributes): user_obj = win_user_binding.WindowsUserAccountObjectType() user_obj.set_anyAttributes_({'xsi:type' : 'WinUserAccountObj:WindowsUserAccountObjectType'}) for key, value in user_attributes.items(): if key == 'username' and utils.test_value(value)(value): user_obj.set_Username(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'security_id' and utils.test_value(value)(value): user_obj.set_Security_ID(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'security_type' and utils.test_value(value)(value): user_obj.set_Username(Base_Object_Attribute.object_from_dict(common_types_binding.SIDType(), value)) return user_obj
def object_from_dict(cls, library_attributes): """Create the Library Object object representation from an input dictionary""" libobject = library_binding.LibraryObjectType() libobject.set_anyAttributes_({'xsi:type' : 'LibraryObj:LibraryObjectType'}) for key, value in library_attributes.items(): if key == 'name' and utils.test_value(value): libobject.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'path' and utils.test_value(value): libobject.set_Path(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'size' and utils.test_value(value): libobject.set_Size(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'),value)) elif key == 'version' and utils.test_value(value): libobject.set_Version(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'type' and utils.test_value(value): libobject.set_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'base_address' and utils.test_value(value): libobject.set_Base_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) return libobject
def object_from_dict(cls, digital_signature_dict): """Create the Digital Signature object representation from an input dictionary""" digital_signature_obj = common_types_binding.DigitalSignatureInfoType() for key, value in digital_signature_dict.items(): if key == 'signature_exists' and utils.test_value(value): digital_signature_obj.set_signature_exists(value.get('value')) elif key == 'signature_verified' and utils.test_value(value): digital_signature_obj.set_signature_verified(value.get('value')) elif key == 'certificate_issuer' and utils.test_value(value): digital_signature_obj.set_Certificate_Issuer(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'certificate_subject' and utils.test_value(value): digital_signature_obj.set_Certificate_Subject(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'certificate_description' and utils.test_value(value): digital_signature_obj.set_Certificate_Description(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) return digital_signature_obj
def object_from_dict(cls, byterun_dict): """Create the ByteRun object representation from an input dictionary""" byterun_obj = common_types_binding.ByteRunType() for key, value in byterun_dict.items(): if key == 'offset' : byterun_obj.set_Offset(Base_Object_Attribute.object_from_dict(common_types_binding.IntegerObjectAttributeType(datatype='Integer'),value)) elif key == 'file_system_offset' : byterun_obj.set_File_System_Offset(Base_Object_Attribute.object_from_dict(common_types_binding.IntegerObjectAttributeType(datatype='Integer'),value)) elif key == 'image_offset' : byterun_obj.set_Image_Offset(Base_Object_Attribute.object_from_dict(common_types_binding.IntegerObjectAttributeType(datatype='Integer'),value)) elif key == 'length' : byterun_obj.set_Offset(Base_Object_Attribute.object_from_dict(common_types_binding.IntegerObjectAttributeType(datatype='Integer'),value)) elif key == 'hashes' : byterun_obj.set_Hashes(HashList.object_from_dict(value)) elif key == 'byte_run_data': byterun_obj.set_Byte_Run_Data(value) return byterun_obj
def object_from_dict(cls, win_mailslot_dict): """Create the Win Mailslot Object object representation from an input dictionary""" win_mailslot_obj = win_mailslot_binding.WindowsMailslotObjectType() win_mailslot_obj.set_anyAttributes_({'xsi:type' : 'WinMailslotObj:WindowsMailslotObjectType'}) for key, value in win_mailslot_dict.items(): if key == 'name' and utils.test_value(value): win_mailslot_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'max_message_size' and utils.test_value(value): win_mailslot_obj.set_Max_Message_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) elif key == 'read_timeout' and utils.test_value(value): win_mailslot_obj.set_Read_Timeout(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) elif key == 'security_attributes' and utils.test_value(value): win_mailslot_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'handle': win_mailslot_obj.set_Handle(Win_Handle_List.object_from_list(value)) return win_mailslot_obj
def object_from_dict(cls, memory_attributes): """Create the Memory Object object representation from an input dictionary""" mem_object = memory_binding.MemoryObjectType() mem_object.set_anyAttributes_({'xsi:type' : 'MemoryObj:MemoryObjectType'}) for key,value in memory_attributes.items(): if key == 'is_injected' and utils.test_value(value): mem_object.set_is_injected(value.get('value')) elif key == 'is_mapped' and utils.test_value(value): mem_object.set_is_mapped(value.get('value')) elif key == 'is_protected' and utils.test_value(value): mem_object.set_is_injected(value.get('value')) elif key == 'region_start_address' and utils.test_value(value): mem_object.set_Region_Start_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) elif key == 'region_size' and utils.test_value(value): mem_object.set_Region_Size(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'),value)) elif key == 'name' and utils.test_value(value): mem_object.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'hashes': mem_object.set_Hashes(HashList.object_from_dict(value)) return mem_object
def object_from_dict(cls, socket_dict): """Create the Socket Object object representation from an input dictionary""" socket_obj = socket_binding.socket_objectType() socket_obj.set_anyAttributes_({'xsi:type' : 'socket_obj:socket_objectType'}) for key, value in socket_dict.items(): if key == 'is_blocking' and utils.test_value(value): socket_obj.set_is_blocking(value.get('value')) elif key == 'is_listening' and utils.test_value(value): socket_obj.set_is_listening(value.get('value')) elif key == 'address_family' and utils.test_value(value): socket_obj.set_Address_Family(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'domain' and utils.test_value(value): socket_obj.set_Domain(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'local_address': socket_address_obj = socket_binding.SocketAddressType() for local_address_key, local_address_value in value.items(): if local_address_key == 'ip_address' : ip_address_obj = Address.create_from_dict(local_address_value) if ip_address_obj.hasContent_() : socket_address_obj.set_IP_Address(ip_address_obj) elif local_address_key == 'port' : port_obj = Port.create_from_dict(local_address_value) if port_obj.hasContent_() : socket_address_obj.set_Port(port_obj) if socket_address_obj.hasContent_() : socket_obj.set_Local_Address(socket_address_obj) elif key == 'options': socket_options_obj = cls.__socket_options_object_from_dict(value) if socket_options_obj.hasContent_() : socket_obj.set_Options(socket_options_obj) elif key == 'protocol' and utils.test_value(value): socket_obj.set_Protocol(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'remote_address' and utils.test_value(value): socket_address_obj = socket_binding.SocketAddressType() for remote_address_key, remote_address_value in value.items(): if remote_address_key == 'ip_address' : ip_address_obj = Address.create_from_dict(remote_address_value) if ip_address_obj.hasContent_() : socket_address_obj.set_IP_Address(ip_address_obj) elif remote_address_key == 'port' : port_obj = Port.create_from_dict(remote_address_value) if port_obj.hasContent_() : socket_address_obj.set_Port(port_obj) if socket_address_obj.hasContent_() : socket_obj.set_Remote_Address(socket_address_obj) elif key == 'type' and utils.test_value(value): socket_obj.set_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) return socket_obj
def object_from_dict(cls, win_mutex_dict): """Create the Win Mutex Object object representation from an input dictionary""" win_mutex_obj = Mutex.object_from_dict(win_mutex_attributes,win_mutex_binding.WindowsMutexObjectType()) win_mutex_obj.set_anyAttributes_({'xsi:type' : 'WinMutexObj:WindowsMutexObjectType'}) for key, value in win_mutex_dict.items(): if key == 'handle' : win_mutex_obj.set_Handle(Win_Handle.object_from_dict(value)) elif key == 'security_attributes' and utils.test_value(value): win_mutex_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) return win_mutex_obj
def object_from_dict(cls, extracted_string_dict): """Create the Extracted String object representation from an input dictionary""" extracted_string_object = common_types_binding.ExtractedStringType() for key, value in extracted_string_dict.items(): if key == 'encoding' : extracted_string_object.set_encoding(value.get('value')) elif key == 'string_value' : extracted_string_object.set_String_Value(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'hashes' : extracted_string_object.set_Hashes(HashList.object_from_dict(value)) elif key == 'address' : extracted_string_object.set_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) elif key == 'length' : extracted_string_object.set_Length(Base_Object_Attribute.object_from_dict(common_types_binding.PositiveIntegerObjectAttributeType(datatype='PositiveInteger'),value)) elif key == 'language' : extracted_string_object.set_Language(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'english_translation' : extracted_string_object.set_English_Translation(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) return extracted_string_object
def __socket_options_object_from_dict(cls, socket_options_dict): socket_options_obj = socket_binding.SocketOptionsType() for key, value in socket_options_dict: if key == 'ip_multicast_if' and utils.test_value(value) : socket_options_obj.set_IP_MULTICAST_IF(value.get('value')) elif key == 'ip_multicast_if2' and utils.test_value(value) : socket_options_obj.set_IP_MULTICAST_IF2(value.get('value')) elif key == 'ip_multicast_loop' and utils.test_value(value) : socket_options_obj.set_IP_MULTICAST_LOOP(value.get('value')) elif key == 'ip_multicast_tos' and utils.test_value(value) : socket_options_obj.set_IP_MULTICAST_TOS(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'so_broadcast' and utils.test_value(value) : socket_options_obj.set_SO_BROADCAST(value.get('value')) elif key == 'so_conditional_accept' and utils.test_value(value) : socket_options_obj.set_SO_CONDITIONAL_ACCEPT(value.get('value')) elif key == 'so_keepalive' and utils.test_value(value) : socket_options_obj.set_SO_KEEPALIVE(value.get('value')) elif key == 'so_dontroute' and utils.test_value(value) : socket_options_obj.set_SO_DONTROUTE(value.get('value')) elif key == 'so_linger' and utils.test_value(value) : socket_options_obj.set_SO_LINGER(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'so_dontlinger' and utils.test_value(value) : socket_options_obj.set_SO_DONTLINGER(value.get('value')) elif key == 'so_oobinline' and utils.test_value(value) : socket_options_obj.set_SO_OOBINLINE(value.get('value')) elif key == 'so_rcvbuf' and utils.test_value(value) : socket_options_obj.set_SO_RCVBUF(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'so_group_priority' and utils.test_value(value) : socket_options_obj.set_SO_GROUP_PRIORITY(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'so_reuseaddr' and utils.test_value(value) : socket_options_obj.set_SO_REUSEADDR(value.get('value')) elif key == 'so_debug' and utils.test_value(value) : socket_options_obj.set_SO_DEBUG(value.get('value')) elif key == 'so_rcvtimeo' and utils.test_value(value) : socket_options_obj.set_SO_RCVTIMEO(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'so_sndbuf' and utils.test_value(value) : socket_options_obj.set_SO_SNDBUF(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'so_sndtimeo' and utils.test_value(value) : socket_options_obj.set_SO_SNDTIMEO(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'so_update_accept_context' and utils.test_value(value) : socket_options_obj.set_SO_UPDATE_ACCEPT_CONTEXT(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'so_timeout' and utils.test_value(value) : socket_options_obj.set_SO_TIMEOUT(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'),value)) elif key == 'tcp_nodelay' and utils.test_value(value) : socket_options_obj.set_TCP_NODELAY(value.get('value')) return socket_options_obj
def object_from_dict(cls, win_file_dict, win_file_obj = None): """Create the Win File Object object representation from an input dictionary""" if win_file_obj == None: win_file_obj = File.object_from_dict(win_file_doct, win_file_binding.WindowsFileObjectType()) win_file_obj.set_anyAttributes_({'xsi:type' : 'WinFileObj:WinFileObjectType'}) for key, value in win_file_dict.items(): if key == 'filename_accesssed_time' and utils.test_value(value): win_file_obj.set_Filename_Accessed_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value)) elif key == 'filename_created_time' and utils.test_value(value): win_file_obj.set_Filename_Created_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value)) elif key == 'filename_modified_time' and utils.test_value(value): win_file_obj.set_Filename_Modified_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value)) elif key == 'drive' and utils.test_value(value): win_file_obj.set_Drive(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'security_id' and utils.test_value(value): win_file_obj.set_Security_ID(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'security_type' and utils.test_value(value): win_file_obj.set_Security_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'stream_list': stream_list_obj = win_file_binding.StreamListType() for stream_dict in value: stream_obj = Stream.object_from_dict(stream_dict) if stream_obj.hasContent_() : stream_list_obj.add_Stream(stream_obj) if stream_list_obj.hasContent_() : win_file_obj.set_Stream_List(stream_list_obj) return win_file_obj
def object_from_dict(cls, network_connection_attributes): """Create the Network Connection Object object representation from an input dictionary""" network_connection_obj = network_connection_binding.NetworkConnectionType() for key, value in network_connection_attributes.items(): if key == "tls_used" and utils.test_value(value): network_connection_obj.set_tls_used(value.get("value")) elif key == "layer3_protocol" and utils.test_value(value): network_connection_obj.set_Layer3_Protocol( Base_Object_Attribute.object_from_dict( common_types_binding.StringObjectAttributeType(datatype="String"), value ) ) elif key == "layer4_protocol" and utils.test_value(value): network_connection_obj.set_Layer4_Protocol( Base_Object_Attribute.object_from_dict( common_types_binding.StringObjectAttributeType(datatype="String"), value ) ) elif key == "layer7_protocol" and utils.test_value(value): network_connection_obj.set_Layer7_Protocol( Base_Object_Attribute.object_from_dict( common_types_binding.StringObjectAttributeType(datatype="String"), value ) ) elif key == "local_ip_address": network_connection_obj.set_Local_IP_Address(Address.object_from_dict(value)) elif key == "local_port": network_connection_obj.set_Local_Port(Port.object_from_dict(value)) elif key == "remote_ip_address": network_connection_obj.set_Remote_IP_Address(Address.object_from_dict(value)) elif key == "remote_port": network_connection_obj.set_Local_Port(Port.object_from_dict(value)) elif key == "layer7_connections": layer7_conn_object = network_connection_binding.Layer7ConnectionsType() if value.get("http_session") is not None: layer7_conn_object.set_HTTP_Session(HTTP_Session.object_from_dict(value.get("http_session"))) if layer7_conn_object.hasContent_(): network_connection_obj.set_Layer7_Connections(layer7_conn_object) return network_connection_obj
def __pe_attributes_obj_from_dict(cls, pe_attributes_dict): pe_attributes_obj = win_executable_file_binding.PEAttributesType() for pe_attributes_key, pe_attributes_value in value.items(): if pe_attributes_key == "base_address" and utils.test_value(pe_attributes_value): pe_attributes.set_Base_Address( Base_Object_Attribute.object_from_dict( common_types_binding.HexBinaryObjectAttributeType(datatype="hexBinary"), pe_attributes_value ) ) elif pe_attributes_key == "exports": exports_obj = cls.__exports_obj_from_dict(value) if exports_obj.hasContent_(): pe_attributes.set_Exports(exports_obj) return pe_attributes_obj
def object_from_dict(cls, pipe_dict, pipe_obj = None): """Create the Pipe Object object representation from an input dictionary""" if pipe_obj == None: pipe_obj = pipe_binding.PipeObjectType() pipe_obj.set_anyAttributes_({'xsi:type' : 'PipeObj:PipeObjectType'}) for key, value in pipe_dict.items(): if key == 'name' and utils.test_value(value): pipe_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) pipe_obj.set_named(True) elif key == 'named' and utils.test_value(value): pipe_obj.set_named(value.get('value')) return pipe_obj
def object_from_dict(cls, mutex_dict, mutex_obj = None): """Create the Mutex Object object representation from an input dictionary""" if mutex_obj == None: mutex_obj = mutex_binding.MutexObjectType() mutex_obj.set_anyAttributes_({'xsi:type' : 'MutexObj:MutexObjectType'}) for key, value in mutex_dict.items(): if key == 'name' and utils.test_value(value): mutex_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) mutex_obj.set_named(True) elif key == 'named' and utils.test_value(value): mutex_obj.set_named(value) return mutex_obj
def object_from_dict(cls, win_executable_file_dict): """Create the Win Executable File Object object representation from an input dictionary""" win_executable_file_obj = Win_File.object_from_dict( win_executable_file_dict, win_executable_file_binding.WindowsExecutableFileObjectType() ) win_executable_file_obj.set_anyAttributes_({"xsi:type": "WinExecutableFileObj:WindowsExecutableFileObjectType"}) for key, value in win_executable_file_dict.items(): if key == "peak_code_entropy": entropy_obj = win_executable_file_binding.EntropyType() for entropy_key, entropy_value in value.items(): if entropy_key == "value" and utils.test_value(entropy_value): entropy_obj.set_Value( Base_Object_Attribute.object_from_dict( common_types_binding.FloatObjectAttributeType(datatype="Float"), entropy_value ) ) elif entropy_key == "min" and utils.test_value(entropy_value): entropy_obj.set_Min( Base_Object_Attribute.object_from_dict( common_types_binding.FloatObjectAttributeType(datatype="Float"), entropy_value ) ) elif entropy_key == "max" and utils.test_value(entropy_value): entropy_obj.set_Max( Base_Object_Attribute.object_from_dict( common_types_binding.FloatObjectAttributeType(datatype="Float"), entropy_value ) ) if entropy_obj.hasContent_(): win_executable_file_obj.set_Peak_Code_Entropy(entropy_obj) elif key == "pe_attributes": pe_attributes_obj = cls.__pe_attributes_obj_from_dict(value) if pe_attributes_obj.hasContent_(): win_executable_file_obj.set_PE_Attributes(pe_attributes_obj) return win_executable_file_obj
def object_from_dict(cls, win_handle_dict): """Create the Win Handle Object object representation from an input dictionary""" win_handle_obj = win_handle_binding.WindowsHandleObjectType() win_handle_obj.set_anyAttributes_({'xsi:type' : 'WinHandleObj:WindowsHandleObjectType'}) for key, value in win_handle_dict.items(): if key == 'id' and utils.test_value(value): win_handle_obj.set_ID(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInt'), value)) if key == 'name' and utils.test_value(value): win_handle_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'type' and utils.test_value(value): win_handle_obj.set_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'object_address' and utils.test_value(value): win_handle_obj.set_Object_Address(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) if key == 'access_mask' and utils.test_value(value): win_handle_obj.set_Access_Mask(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) if key == 'pointer_count' and utils.test_value(value): win_handle_obj.set_Pointer_Count(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) return win_handle_obj
def object_from_dict(cls, win_pipe_dict): """Create the Win Pipe Object object representation from an input dictionary""" win_pipe_obj = Pipe.object_from_dict(win_pipe_attributes, win_pipe_binding.WindowsPipeObjectType()) win_pipe_obj.set_anyAttributes_({'xsi:type' : 'WinPipeObj:WindowsPipeObjectType'}) for key, value in win_pipe_dict.items(): if key == 'default_time_out' and utils.test_value(value): win_pipe_obj.set_Default_Time_Out(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) elif key == 'handle': win_pipe_obj.set_Handle(Win_Handle.object_from_dict(value)) elif key == 'in_buffer_size' and utils.test_value(value): win_pipe_obj.set_In_Buffer_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) elif key == 'max_instances' and utils.test_value(value): win_pipe_obj.set_Max_Instances(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) elif key == 'open_mode' and utils.test_value(value): win_pipe_obj.set_Open_Mode(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) elif key == 'out_buffer_size' and utils.test_value(value): win_pipe_obj.set_Out_Buffer_Size(Base_Object_Attribute.object_from_dict(common_types_binding.NonNegativeIntegerObjectAttributeType(datatype='NonNegativeInteger'),value)) elif key == 'pipe_mode' and utils.test_value(value): win_pipe_obj.set_Pipe_Mode(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'),value)) elif key == 'security_attributes' and utils.test_value(value): win_pipe_obj.set_Security_Attributes(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) return win_pipe_obj
def object_from_dict(cls, registry_key_dict): """Create the Win Registry Key Object object representation from an input dictionary""" registry_key_obj = win_registry_key_binding.WindowsRegistryKeyObjectType() registry_key_obj.set_anyAttributes_({'xsi:type' : 'WinRegistryKeyObj:WindowsRegistryKeyObjectType'}) registry_value = win_registry_key_binding.RegistryValueType() for key, value in registry_key_dict.items(): if key == 'hive' and utils.test_value(value): registry_key_obj.set_Hive(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'key' and utils.test_value(value): registry_key_obj.set_Key(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'number_values' and utils.test_value(value): registry_key_obj.set_Number_Values(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'), value)) elif key == 'values' : registry_values_obj = win_registry_key_binding.RegistryValuesType() for registry_value_dict in value: registry_value_obj = cls.__registry_value_object_from_dict(registry_value_dict) if registry_value_obj.hasContent_() : registry_values_obj.add_Value(registry_value_obj) if registry_values_obj.hasContent_() : registry_key_obj.set_Values(registry_values_obj) elif key == 'modified_time' and utils.test_value(value): registry_key_obj.set_Modified_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'), value)) elif key == 'creator_username' and utils.test_value(value): registry_key_obj.set_Creator_Username(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'handle_list': registry_key_obj.set_Handle_List(Win_Handle_List.object_from_dict(value)) elif key == 'number_subkeys' and utils.test_value(value): registry_key_obj.set_Number_Subkeys(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInteger'), value)) elif key == 'subkeys' : subkeys_obj = win_registry_key_binding.RegistrySubkeysType() for sub_registry_key_dict in value: sub_registry_key_obj = cls.object_from_dict(sub_registry_key_dict) if sub_registry_key_obj.hasContent_() : subkeys_obj.add_Subkey(sub_registry_key_obj) if subkeys_obj.hasContent_() : registry_key_obj.set_Subkeys(subkeys_obj) elif key == 'byte_runs' : registry_key_obj.set_Byte_Runs(ByteRuns.object_from_dict(value)) return registry_key_obj
def object_from_dict(cls, process_dict, process_obj = None): if process_obj == None: process_obj = process_binding.ProcessObjectType() process_obj.set_anyAttributes_({'xsi:type' : 'ProcessObj:ProcessObjectType'}) for key, value in process_dict.items(): if key == 'is_hidden' and utils.test_value(value): process_obj.set_is_hidden(value.get('value')) elif key == 'name' and utils.test_value(value): process_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'image_info': image_info = process_binding.ImageInfoType() for image_info_key, image_info_value in value.items(): if image_info_key == 'file_name' and utils.test_value(image_info_value): image_info.set_File_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),image_info_value)) elif image_info_key == 'command_line' and utils.test_value(image_info_value): image_info.set_Command_Line(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),image_info_value)) elif image_info_key == 'current_directory' and utils.test_value(image_info_value): image_info.set_Current_Directory(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),image_info_value)) elif image_info_key == 'path' and utils.test_value(image_info_value): image_info.set_Command_Line(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),image_info_value)) if image_info.hasContent_() : process_obj.set_Image_Info(image_info) elif key == 'pid' and utils.test_value(value): process_obj.set_PID(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInt'),value)) elif key == 'parent_pid' and utils.test_value(value): process_obj.set_Parent_PID(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInt'),value)) elif key == 'child_pid_list': child_list = process_binding.ChildPIDListType() for id in value: child_list.add_Child_PID(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedIntegerObjectAttributeType(datatype='UnsignedInt'), id)) if child_list.hasContent_() : process_obj.set_Child_PID_List(child_list) elif key == 'argument_list': arg_list = [] for arg in value: arg_list.append(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),arg)) argument_list = process_binding.ArgumentListType() argument_list.set_Argument(arg_list) process_obj.set_Argument_List(argument_list) elif key == 'environment_variable_list': env_variable_list = Environment_Variable_List.object_from_dict(value) if env_variable_list.hasContent_(): process_obj.set_Environment_Variable_List(env_list) elif key == 'port_list': port_list = process_binding.PortListType() for port_dict in value: port_obj = port.object_from_dict(port_dict) port_list.add_Port(port_obj) process_obj.set_Post_List(port_list) elif key == 'network_connection_list': conn_list = process_binding.NetworkConnectionListType() for conn_dict in value: connobj = process_binding.NetworkConnectionType() for conn_key, conn_value in conn_dict.items(): if conn_key == 'creation_time' and utils.test_value(conn_value): connobj.set_Creation_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),conn_value)) elif conn_key == 'destination_ip_Address' and utils.test_value(conn_value): connobj.set_Destination_Address(Address.object_from_dict(conn_value)) elif conn_key == 'destination_port' and utils.test_value(conn_value): connobj.set_Source_Port(port.object_from_dict(conn_value)) elif conn_key == 'source_ip_Address' and utils.test_value(conn_value): connobj.set_Source_Address(Address.object_from_dict(conn_value)) elif conn_key == 'source_port' and utils.test_value(conn_value): connobj.set_Source_Port(port.object_from_dict(conn_value)) elif conn_key == 'tcp_state' and utils.test_value(conn_value): connobj.set_TCP_State(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if connobj.hasContent_() : conn_list.add_Network_Connection(connobj) elif key == 'string_list': string_list = Extracted_String_List.object_from_list(value) if string_list.hasContent_() : process_obj.set_String_List(string_list) elif key == 'username' and utils.test_value(value): process_obj.set_Username(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'),value)) elif key == 'creation_time' and utils.test_value(value): process_obj.set_Creation_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value)) elif key == 'start_time' and utils.test_value(value): process_obj.set_Start_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'),value)) elif key == 'kernel_time' and utils.test_value(value): process_obj.set_Kernel_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DurationObjectAttributeType(datatype='Duration'),value)) elif key == 'user_time' and utils.test_value(value): process_obj.set_User_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DurationObjectAttributeType(datatype='Duration'),value)) return process_obj
def object_from_dict(cls, task_attributes): task_obj = win_task_binding.WindowsTaskObjectType() task_obj.set_anyAttributes_({'xsi:type' : 'WinTaskObj:WindowsTaskObjectType'}) for key, value in task_attributes.items(): if key == 'name' and utils.test_value(value): task_obj.set_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'status' and utils.test_value(value): task_obj.set_Status(Base_Object_Attribute.object_from_dict(win_task_binding.TaskStatusType(), value)) if key == 'priority' and utils.test_value(value): task_obj.set_Priority(Base_Object_Attribute.object_from_dict(win_task_binding.TaskPriorityType(), value)) if key == 'flags' and utils.test_value(value): task_obj.set_Flags(Base_Object_Attribute.object_from_dict(win_task_binding.TaskFlagType(), value)) if key == 'application_type' and utils.test_value(value): task_obj.set_Application_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'paramters' and utils.test_value(value): task_obj.set_Parameters(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'account_name' and utils.test_value(value): tdfasd;fask_obj.set_Account_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'account_run_level' and utils.test_value(value): task_obj.set_Account_Run_Level(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'account_Logon_Type' and utils.test_value(value): task_obj.set_Account_Logon_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'account_name' and utils.test_value(value): task_obj.set_Account_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'creator' and utils.test_value(value): task_obj.set_Creator(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'comment' and utils.test_value(value): task_obj.set_Comment(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'working_directory' and utils.test_value(value): task_obj.set_Working_Directory(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) if key == 'creation_date' and utils.test_value(value): task_obj.set_Creation_Date(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'), value)) if key == 'most_recent_run_time' and utils.test_value(value): task_obj.set_Most_Recent_Run_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'), value)) if key == 'next_run_time' and utils.test_value(value): task_obj.set_Next_Run_Time(Base_Object_Attribute.object_from_dict(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'), value)) if key == 'exit_code' and utils.test_value(value): task_obj.set_Exit_Code(Base_Object_Attribute.object_from_dict(common_types_binding.LongObjectAttributeType(datatype='Long'), value)) if key == 'max_run_time' and utils.test_value(value): task_obj.set_Max_Run_Time(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) if key == 'work_item_data' and utils.test_value(value): task_obj.set_Work_Item_Data(Base_Object_Attribute.object_from_dict(common_types_binding.Base64BinaryObjectAttributeType(datatype='Base64Binary'), value)) if key == 'action_list' and utils.test_value(value): action_list = win_task_binding.TaskActionListType() for action in value: action_obj = win_task_binding.TaskActionType() for action_key, action_value in action.items(): if action_key == 'action_type' and utils.test_value(action_value): action_obj.set_Action_Type(Base_Object_Attribute.object_from_dict(win_task_binding.TaskActionTypeType(), action_value)) if action_key == 'action_id' and utils.test_value(action_value): action_obj.set_Action_ID(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), action_value)) if action_key == 'iemailaction' and utils.test_value(action_value): action_obj.set_IEmailAction(EmailMessage.object_from_dict(action_value)) if action_key == 'icomhandleraction' and utils.test_value(action_value): icom_obj = win_task_binding.IComHandlerActionType() for icom_key, icom_value in action_value.items(): if icom_key == 'com_data' and utils.test_value(icom_value): icom_obj.set_COM_Data(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), icom_value)) if icom_key == 'com_class_id' and utils.test_value(icom_value): icom_obj.set_COM_Class_ID(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), icom_value)) action_obj.set_IComHandlerAction(icom_obj) if action_key == 'iexecaction' and utils.test_value(action_value): iexec_obj = win_task_binding.IExecActionType() for iexec_key, iexec_value in action_value.items(): if iexec_key == 'exec_arguments' and utils.test_value(iexec_value): iexec_obj.set_Exec_Arguments(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), iexec_value)) if iexec_key == 'exec_program_path' and utils.test_value(iexec_value): iexec_obj.set_Exec_Program_Path(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), iexec_value)) if iexec_key == 'exec_working_directorys' and utils.test_value(iexec_value): iexec_obj.set_Exec_Working_Directory(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), iexec_value)) if iexec_key == 'exec_program_hashes' and utils.test_value(iexec_value): iexec_obj.set_Exec_Arguments(HashList.object_from_dict(iexec_value)) action_obj.set_IExecAction(iexec_obj) if action_key == 'ishowmessageaction' and utils.test_value(action_value): ishow_obj = win_task_binding.IShowMessageActionType() for ishow_key, ishow_value in action_value.items(): if ishow_key == 'show_message_body' and utils.test_value(ishow_value): ishow_obj.set_Show_Message_Body(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), ishow_value)) if ishow_key == 'show_message_title' and utils.test_value(ishow_value): ishow_obj.set_Show_Message_Title(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), ishow_value)) action_obj.set_IShowMessageAction(ishow_obj) action_list.add_Action(action_obj) task_obj.set_Action_List(action_list) if key == 'trigger_list' and utils.test_value(value): trigger_list = win_task_binding.TriggerListType() for trigger in value: trigger_obj = win_task_binding.TriggerType() for trigger_key, trigger_value in trigger.items(): if trigger_key == 'trigger_begin' and utils.test_value(trigger_value): trigger_obj.set_Trigger_Begin(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'), trigger_value) if trigger_key == 'trigger_end' and utils.test_value(trigger_value): trigger_obj.set_Trigger_End(common_types_binding.DateTimeObjectAttributeType(datatype='DateTime'), trigger_value) if trigger_key == 'trigger_delay' and utils.test_value(trigger_value): trigger_obj.set_Trigger_Begin(common_types_binding.DurationObjectAttributeType(datatype='Duration'), trigger_value) if trigger_key == 'trigger_max_run_time' and utils.test_value(trigger_value): trigger_obj.set_Max_Run_Time(common_types_binding.DurationObjectAttributeType(datatype='Duration'), trigger_value) if trigger_key == 'trigger_session_change_type' and utils.test_value(trigger_value): trigger_obj.set_Trigger_Session_Change_Type(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), trigger_value)) if trigger_key == 'trigger_type' and utils.test_value(trigger_value): trigger_obj.set_Trigger_Type(Base_Object_Attribute.object_from_dict(win_task_binding.TaskTriggerType(), trigger_value)) if trigger_key == 'enabled' and utils.test_value(trigger_value): trigger_obj.set_enabled(trigger_value) if trigger_key == 'trigger_frequency' and utils.test_value(trigger_value): trigger_obj.set_Trigger_Frequency(Base_Object_Attribute.object_from_dict(win_task_binding.TaskTriggerFrequencyType(), trigger_value)) trigger_list.add_Trigger(trigger_obj) task_obj.set_Trigger_List(trigger_list) return task_obj
def build_object(cls, system_attributes): sys_obj = win_system_binding.WindowsSystemObjectType() sys_obj.set_anyAttributes_({'xsi:type' : 'WinSystemObj:WindowsSystemObjectType'}) for key, value in system_attributes.items(): if key == 'local_time' and utils.test_value(value): sys_obj.set_Local_Time(Base_Object_Attribute.object_from_dict(common_types_binding.TimeObjectAttributeType(datatype='Time'), value)) elif key == 'system_time' and utils.test_value(value): sys_obj.set_System_Time(Base_Object_Attribute.object_from_dict(common_types_binding.TimeObjectAttributeType(datatype='Time'), value)) elif key == 'domain' and utils.test_value(value): sys_obj.set_Domain(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'netbios_name' and utils.test_value(value): sys_obj.set_NetBIOS_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'product_id' and utils.test_value(value): sys_obj.set_Product_ID(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'product_name' and utils.test_value(value): sys_obj.set_Product_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'registered_organization' and utils.test_value(value): sys_obj.set_Registered_Organization(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'registered_owner' and utils.test_value(value): sys_obj.set_Registered_Owner(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'windows_directory' and utils.test_value(value): sys_obj.set_Windows_Directory(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'windows_system_directory' and utils.test_value(value): sys_obj.set_Windows_System_Directory(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'windows_temp_directory' and utils.test_value(value): sys_obj.set_Windows_Temp_Directory(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'open_handle_list' and utils.test_value(value): sys_obj.set_Open_Handle_List(win_handle.Win_Handle_List.object_from_list(value)) elif key == 'global_flags' and utils.test_value(value): global_flag_list = win_system_binding.GlobalFlagListType() for flag in value: global_flag = win_system_binding.GlobalFlagType() global_flag.set_Symbolic_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='string'), flag)) global_flag_list.add_Global_Flag(global_flag) if global_flag_list.hasContent_(): sys_obj.set_Global_Flag_List(global_flag_list) return sys_obj
def object_from_dict(self, driver_attributes): driver_obj = win_driver_binding.WindowsDriverObjectType() driver_obj.set_anyAttributes_({'xsi:type' : 'WinDriverObj:WindowsDriverObjectType'}) for key, value in driver_attributes.items(): if key == 'driver_name' and utils.test_value(value): driver_obj.set_Driver_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), value)) elif key == 'driver_init' and utils.test_value(value): driver_obj.set_Driver_Init(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'driver_object_address' and utils.test_value(value): driver_obj.set_Driver_Object_Address(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'), value)) elif key == 'driver_start_io' and utils.test_value(value): driver_obj.set_Driver_Start_IO(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'), value)) elif key == 'driver_unload' and utils.test_value(value): driver_obj.set_Driver_Unload(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'), value)) elif key == 'image_base' and utils.test_value(value): driver_obj.set_Image_Base(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'), value)) elif key == 'image_size' and utils.test_value(value): driver_obj.set_Image_Size(Base_Object_Attribute.object_from_dict(common_types_binding.HexBinaryObjectAttributeType(datatype='hexBinary'), value)) elif key == 'irp_mj_cleanup' and utils.test_value(value): driver_obj.set_IRP_MJ_CLEANUP(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_close' and utils.test_value(value): driver_obj.set_IRP_MJ_CLOSE(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_create' and utils.test_value(value): driver_obj.set_IRP_MJ_CREATE(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_create_mailslot' and utils.test_value(value): driver_obj.set_IRP_MJ_CREATE_MAILSLOT(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_create_named_pipe' and utils.test_value(value): driver_obj.set_IRP_MJ_CREATE_NAMED_PIPE(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_device_change' and utils.test_value(value): driver_obj.set_IRP_MJ_DEVICE_CHANGE(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_device_control' and utils.test_value(value): driver_obj.set_IRP_MJ_DEVICE_CONTROL(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_directory_control' and utils.test_value(value): driver_obj.set_IRP_MJ_DIRECTORY_CONTROL(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_file_system' and utils.test_value(value): driver_obj.set_IRP_MJ_FILE_SYSTEM_CONTROL(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_flush_buffers' and utils.test_value(value): driver_obj.set_IRP_MJ_FLUSH_BUFFERS(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_internal_device_control' and utils.test_value(value): driver_obj.set_IRP_MJ_INTERNAL_DEVICE_CONTROL(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_lock_control' and utils.test_value(value): driver_obj.set_IRP_MJ_LOCK_CONTROL(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_pnp' and utils.test_value(value): driver_obj.set_IRP_MJ_PNP(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_power' and utils.test_value(value): driver_obj.set_IRP_MJ_POWER(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_query_ea' and utils.test_value(value): driver_obj.set_IRP_MJ_QUERY_EA(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_query_information' and utils.test_value(value): driver_obj.set_IRP_MJ_QUERY_INFORMATION(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_query_quota' and utils.test_value(value): driver_obj.set_IRP_MJ_QUERY_QUOTA(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_query_security' and utils.test_value(value): driver_obj.set_IRP_MJ_QUERY_SECURITY(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_query_volume_information' and utils.test_value(value): driver_obj.set_IRP_MJ_QUERY_VOLUME_INFORMATION(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_read' and utils.test_value(value): driver_obj.set_IRP_MJ_READ(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_set_ea' and utils.test_value(value): driver_obj.set_IRP_MJ_SET_EA(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_set_information' and utils.test_value(value): driver_obj.set_IRP_MJ_SET_INFORMATION(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_set_quota' and utils.test_value(value): driver_obj.set_IRP_MJ_SET_QUOTA(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_set_security' and utils.test_value(value): driver_obj.set_IRP_MJ_SET_SECURITY(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_volume_information' and utils.test_value(value): driver_obj.set_IRP_MJ_SET_VOLUME_INFORMATION(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_shutdown' and utils.test_value(value): driver_obj.set_IRP_MJ_SHUTDOWN(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_system_control' and utils.test_value(value): driver_obj.set_IRP_MJ_SYSTEM_CONTROL(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_writep' and utils.test_value(value): driver_obj.set_IRP_MJ_WRITE(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'irp_mj_cleanup' and utils.test_value(value): driver_obj.set_IRP_MJ_CLEANUP(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), value)) elif key == 'device_object_list': device_list = win_driver_binding.DeviceObjectListType() for device_list_item in value: for dev_key, dev_value in device_list_item.items(): device = win_driver_binding.DeviceObjectStructType() if dev_key == 'attached_device_name': device.set_Attached_Device_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), dev_value)) elif dev_key == 'attached_device_object': device.set_Attached_Device_Object(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), dev_value)) elif dev_key == 'attached_to_device_name': device.set_Attached_To_Device_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), dev_value)) elif dev_key == 'attached_to_device_object': device.set_Attached_To_Device_Object(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), dev_value)) elif dev_key == 'attached_to_driver_name': device.set_Attached_To_Driver_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), dev_value)) elif dev_key == 'attached_to_driver_object': device.set_Attached_To_Driver_Object(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), dev_value)) if dev_key == 'device_name': device.set_Device_Name(Base_Object_Attribute.object_from_dict(common_types_binding.StringObjectAttributeType(datatype='String'), dev_value)) elif dev_key == 'device_object': device.set_Device_Object(Base_Object_Attribute.object_from_dict(common_types_binding.UnsignedLongObjectAttributeType(datatype='UnsignedLong'), dev_value)) driver_obj.set_Device_Object_List(device_list) return driver_obj