def from_obj(process_obj, process_cls = None): if not process_obj: return None if process_cls == None: process_ = Process() else: process_ = process_cls ObjectProperties.from_obj(process_obj, process_) process_.is_hidden = process_obj.get_is_hidden() process_.pid = UnsignedInteger.from_obj(process_obj.get_PID()) process_.name = String.from_obj(process_obj.get_Name()) process_.creation_time = DateTime.from_obj(process_obj.get_Creation_Time()) process_.parent_pid = UnsignedInteger.from_obj(process_obj.get_Parent_PID()) process_.image_info = ImageInfo.from_obj(process_obj.get_Image_Info()) process_.environment_variable_list = EnvironmentVariableList.from_obj(process_obj.get_Environment_Variable_List()) process_.kernel_time = Duration.from_obj(process_obj.get_Kernel_Time()) process_.start_time = DateTime.from_obj(process_obj.get_Start_Time()) process_.username = String.from_obj(process_obj.get_Username()) process_.user_time = Duration.from_obj(process_obj.get_User_Time()) process_.extracted_features = None if process_obj.get_Argument_List() is not None : process_.argument_list = [String.from_obj(x) for x in process_obj.get_Argument_List().get_Argument()] if process_obj.get_Child_PID_List() is not None : process_.child_pid_list = [UnsignedInteger.from_obj(x) for x in process_obj.get_Child_PID_List().get_Child_PID()] if process_obj.get_Port_List() is not None : process_.port_list = [Port.from_obj(x) for x in process_obj.get_Port_List().get_Port()] if process_obj.get_Network_Connection_List() is not None : process_.network_connection_list = [NetworkConnection.from_obj(x) for x in process_obj.get_Network_Connection_List().get_Network_Connection()] return process_
def from_obj(validity_obj): if not validity_obj: return None validity_ = Validity() validity_.not_after = DateTime.from_obj(validity_obj.get_Not_After()) validity_.not_before = DateTime.from_obj(validity_obj.get_Not_Before()) return validity_
def from_obj(win_file_obj, file_class = None): if not win_file_obj: return None if not file_class: win_file_ = File.from_obj(win_file_obj, WinFile()) else: win_file_ = File.from_obj(win_file_obj, file_class) win_file_.filename_accessed_time = DateTime.from_obj(win_file_obj.get_Filename_Accessed_Time()) win_file_.filename_created_time = DateTime.from_obj(win_file_obj.get_Filename_Created_Time()) win_file_.filename_modified_time = DateTime.from_obj(win_file_obj.get_Filename_Modified_Time()) win_file_.drive = String.from_obj(win_file_obj.get_Drive()) win_file_.security_id = String.from_obj(win_file_obj.get_Security_ID()) win_file_.security_type = String.from_obj(win_file_obj.get_Security_Type()) win_file_.stream_list = StreamList.from_obj(win_file_obj.get_Stream_List()) return win_file_
def from_obj(file_obj, file_class=None): if not file_obj: return None if not file_class: file_ = File() else: file_ = file_class ObjectProperties.from_obj(file_obj, file_) file_.is_packed = file_obj.get_is_packed() file_.file_name = String.from_obj(file_obj.get_File_Name()) file_.file_path = FilePath.from_obj(file_obj.get_File_Path()) file_.device_path = String.from_obj(file_obj.get_Device_Path()) file_.full_path = String.from_obj(file_obj.get_Full_Path()) file_.file_extension = String.from_obj(file_obj.get_File_Extension()) file_.size_in_bytes = UnsignedLong.from_obj(file_obj.get_Size_In_Bytes()) file_.magic_number = HexBinary.from_obj(file_obj.get_Magic_Number()) file_.file_format = String.from_obj(file_obj.get_File_Format()) file_.hashes = HashList.from_obj(file_obj.get_Hashes()) file_.extracted_features = ExtractedFeatures.from_obj(file_obj.get_Extracted_Features()) #TODO: why are there two Strings and one DateTime here? file_.modified_time = String.from_obj(file_obj.get_Modified_Time()) file_.accessed_time = String.from_obj(file_obj.get_Accessed_Time()) file_.created_time = DateTime.from_obj(file_obj.get_Created_Time()) return file_
def from_obj(whois_obj): if not whois_obj: return None whois = WhoisEntry() ObjectProperties.from_obj(whois_obj, whois) whois.domain_name = URI.from_obj(whois_obj.get_Domain_Name()) whois.domain_id = String.from_obj(whois_obj.get_Domain_ID()) whois.server_name = URI.from_obj(whois_obj.get_Server_Name()) whois.ip_address = Address.from_obj(whois_obj.get_IP_Address()) whois.dnssec = whois_obj.get_DNSSEC() whois.nameservers = WhoisNameservers.from_obj(whois_obj.get_Nameservers()) whois.status = WhoisStatuses.from_obj(whois_obj.get_Status()) whois.updated_date = DateTime.from_obj(whois_obj.get_Updated_Date()) whois.creation_date = DateTime.from_obj(whois_obj.get_Creation_Date()) whois.expiration_date = DateTime.from_obj(whois_obj.get_Expiration_Date()) whois.regional_internet_registry = String.from_obj(whois_obj.get_Regional_Internet_Registry()) whois.sponsoring_registrar = String.from_obj(whois_obj.get_Sponsoring_Registrar()) whois.registrar_info = WhoisRegistrar.from_obj(whois_obj.get_Registrar_Info()) whois.registrants = WhoisRegistrants.from_obj(whois_obj.get_Registrants()) whois.contact_info = WhoisContact.from_obj(whois_obj.get_Contact_Info()) return whois
def from_obj(header_obj): header = EmailHeader() header.to = EmailRecipients.from_obj(header_obj.get_To()) header.cc = EmailRecipients.from_obj(header_obj.get_CC()) header.bcc = EmailRecipients.from_obj(header_obj.get_BCC()) header.from_ = Address.from_obj(header_obj.get_From()) header.subject = String.from_obj(header_obj.get_Subject()) header.in_reply_to = String.from_obj(header_obj.get_In_Reply_To()) header.date = DateTime.from_obj(header_obj.get_Date()) header.message_id = String.from_obj(header_obj.get_Message_ID()) header.sender = Address.from_obj(header_obj.get_Sender()) header.reply_to = Address.from_obj(header_obj.get_Reply_To()) header.errors_to = String.from_obj(header_obj.get_Errors_To()) return header
def from_obj(network_connection_obj): if not network_connection_obj: return None network_connection_ = NetworkConnection() network_connection_.tls_used = network_connection_obj.get_tls_used() network_connection_.creation_time = DateTime.from_obj(network_connection_obj.get_Creation_Time()) network_connection_.layer3_protocol = String.from_obj(network_connection_obj.get_Layer3_Protocol()) network_connection_.layer4_protocol = String.from_obj(network_connection_obj.get_Layer4_Protocol()) network_connection_.layer7_protocol = String.from_obj(network_connection_obj.get_Layer7_Protocol()) network_connection_.source_socket_address = SocketAddress.from_obj(network_connection_obj.get_Source_Socket_Address()) network_connection_.source_tcp_state = network_connection_obj.get_Source_TCP_State() network_connection_.destination_socket_address = SocketAddress.from_obj(network_connection_obj.get_Destination_Socket_Address()) network_connection_.destination_tcp_state = network_connection_obj.get_Destination_TCP_State() network_connection_.layer7_connections = Layer7Connections.from_obj(network_connection_obj.get_Layer7_Connections()) return network_connection_
def from_obj(registry_key_obj): if not registry_key_obj: return None win_registry_key_ = WinRegistryKey() win_registry_key_.key = String.from_obj(registry_key_obj.get_Key()) win_registry_key_.hive = String.from_obj(registry_key_obj.get_Hive()) win_registry_key_.number_values = UnsignedInteger.from_obj(registry_key_obj.get_Number_Values()) win_registry_key_.modified_time = DateTime.from_obj(registry_key_obj.get_Modified_Time()) win_registry_key_.creator_username = String.from_obj(registry_key_obj.get_Creator_Username()) win_registry_key_.handle_list = WinHandleList.from_obj(registry_key_obj.get_Handle_List()) win_registry_key_.number_subkeys = UnsignedInteger.from_obj(registry_key_obj.get_Number_Subkeys()) #win_registry_key_.byte_runs = ByteRuns.from_obj(registry_key_obj.get_Byte_Runs()) if registry_key_obj.get_Values() is not None: for registry_value_obj in registry_key_obj.get_Values().get_Value(): win_registry_key_.values.append(RegistryValue.from_obj(registry_value_obj)) if registry_key_obj.get_Subkeys() is not None: for registry_subkey_obj in registry_key_dict.get_Subkeys().get_Subkey(): win_registry_key_.subkeys.append(WinRegistryKey.from_obj(registry_subkey_obj)) return win_registry_key_