def load_db(db_path):
db = {}
with fd.File.open(db_path, fd.FO_READEX) as fp:
state = ST_NAME
name = None
signature = None
for start, stop in fp.xlines():
if stop - start >= MAX_LINE:
log.error(ERR_LINETOOBIG, start=start, end=end)
continue
line = fp[start:stop].strip()
if not line or line[:1] == ';':
continue
if state == ST_NAME:
name = line.strip().strip('[]')
state = ST_SIGN
elif state == ST_SIGN:
signature = sign2bmask(line.partition('=')[2].strip())
state = ST_EPONLY
elif state == ST_EPONLY:
db[signature] = name
state = ST_NAME
else:
raise Exception
return db
def load_db(db_path):
db = {}
with fd.File.open(db_path, fd.FO_READEX) as fp:
state = ST_NAME
name = None
signature = None
for start, stop in fp.xlines():
if stop - start >= MAX_LINE:
log.error(ERR_LINETOOBIG, start=start, end=end)
continue
line = fp[start:stop].strip()
if not line or line[:1] == ';':
continue
if state == ST_NAME:
name = line.strip().strip('[]')
state = ST_SIGN
elif state == ST_SIGN:
signature = sign2bmask(line.partition('=')[2].strip())
state = ST_EPONLY
elif state == ST_EPONLY:
db[signature] = name
state = ST_NAME
else:
raise Exception
return db
def _pescan():
opts = docopt(__doc__)
emitter = opts['--log']
if emitter is None or emitter == 'human':
emitter = emit_human
elif emitter == 'pipe':
emitter = emit_pipe
elif emitter == 'classic':
emitter = log.emit_simple
else:
raise ValueError("Unknown log type")
#
pysec.init("PEscan", emitter=emitter)
#
db_path = os.path.abspath(opts['--db'])
paths = opts['<PATH>']
#
db = load_db(db_path)
for path in paths:
path = os.path.abspath(path)
for path in glob.iglob(path):
if not os.path.isfile(path):
continue
with log.ctx(ACT_SCANFILE, {'path': path}), \
fd.File.open(path, fd.FO_READEX) as fp:
with log.ctx(ACT_CALCOFFSET):
offset = get_offset(fp)
if offset is None:
log.error(ERR_WRONGFMT, size=len(fp))
continue
log.ok(offset=offset)
with log.ctx(ACT_SEARCHSIGNS):
n = -1
for n, (pos, pattern, name) in enumerate(
binary.byte_msearch(fp, db, offset)):
log.success(n=n, pos=pos, name=name)
if n == -1:
log.error(ERR_NOTFOUND)
def _pescan():
opts = docopt(__doc__)
emitter = opts['--log']
if emitter is None or emitter == 'human':
emitter = emit_human
elif emitter == 'pipe':
emitter = emit_pipe
elif emitter == 'classic':
emitter = log.emit_simple
else:
raise ValueError("Unknown log type")
#
pysec.init("PEscan", emitter=emitter)
#
db_path = os.path.abspath(opts['--db'])
paths = opts['<PATH>']
#
db = load_db(db_path)
for path in paths:
path = os.path.abspath(path)
for path in glob.iglob(path):
if not os.path.isfile(path):
continue
with log.ctx(ACT_SCANFILE, {'path': path}), \
fd.File.open(path, fd.FO_READEX) as fp:
with log.ctx(ACT_CALCOFFSET):
offset = get_offset(fp)
if offset is None:
log.error(ERR_WRONGFMT, size=len(fp))
continue
log.ok(offset=offset)
with log.ctx(ACT_SEARCHSIGNS):
n = -1
for n, (pos, pattern, name) in enumerate(binary.byte_msearch(fp, db, offset)):
log.success(n=n, pos=pos, name=name)
if n == -1:
log.error(ERR_NOTFOUND)
print "========"
print "LOG TEST"
print "========"
import pysec
from pysec import load
from pysec import log
log.register_actions('LOG_TEST', 'LOG_MAIN')
log.register_errors('IS_FALSE')
log.start_log(log.actions.LOG_TEST)
log.add_global_emit(log.emit_simple)
NUM = 0
with log.ctx(log.actions.LOG_MAIN):
if NUM == 0:
log.error(log.errors.IS_FALSE, num=NUM)
try:
load.importlib('test')
except ImportError:
print "library 'test' doesn't exist"
print "========"
print "LOG TEST"
print "========"
import pysec
from pysec import load
from pysec import log
log.register_actions(
'LOG_TEST',
'LOG_MAIN'
)
log.register_errors(
'IS_FALSE'
)
log.start_log(log.actions.LOG_TEST)
log.add_global_emit(log.emit_simple)
NUM = 0
with log.ctx(log.actions.LOG_MAIN):
if NUM == 0:
log.error(log.errors.IS_FALSE, num=NUM)
try:
load.importlib('test')
except ImportError:
print "library 'test' doesn't exist"
