예제 #1
0
def parse_video(vid, out_dir=None):
    print "parsing video %s" % vid
    out_file = "%s.j3m" % vid

    if out_dir is not None:
        out_file = os.path.join(out_dir, out_file.split("/")[-1])

    cmd = (BASH_CMD["DUMP_ATTACHMENT"] % (out_file, vid)).split(" ")

    p = Popen(cmd, stdout=PIPE, close_fds=True)
    p.wait()

    if not os.path.exists(out_file):
        return False

    with open(out_file, "rb") as J:
        j3m_data = J.read()

    if j3m_data.split("\n")[:2] == gpg_sentinel:
        print "Now decrypting..."

        j3m_asc = "%s.asc" % out_file
        with open(j3m_asc, "wb+") as OUT:
            OUT.write(j3m_data)

        decrypt_file(j3m_asc, out_file)

    return True, out_file
예제 #2
0
def parse_image(img, out_dir=None):
	print "parsing image %s" % img

	out_file = "%s.j3m" % img

	if out_dir is not None:
		out_file = os.path.join(out_dir, out_file.split("/")[-1])
	
	j3m_data = StringIO()
	obscura_marker_found = False

	cmd = [os.path.join(os.path.dirname(os.path.abspath(__file__)), "lib", "j3mparser.out"), img]

	p = Popen(cmd, stdout=PIPE, close_fds=True)
	data = p.stdout.readline()

	while data:
		if re.match(r'^file: .*', data):
			pass
		elif re.match(r'^Generic APPn .*', data):
			pass
		elif re.match(r'^Component.*', data):
			pass
		elif re.match(r'^Didn\'t find .*', data):
			pass
		elif re.match(r'^Got obscura marker.*', data):
			obscura_marker_found = True
		else:
			if obscura_marker_found:
				j3m_data.write(data)

		data = p.stdout.readline()

	p.stdout.close()


	try:
		j3m_data = j3m_data.getvalue()

		if j3m_data.split('\n')[:2] == gpg_sentinel:
			print "Now decrypting..."

			j3m_asc = "%s.asc" % out_file
			
			with open(j3m_asc, 'wb+') as OUT:
				OUT.write(j3m_data)

			decrypt_file(j3m_asc, out_file)

		else:
			with open(out_file, 'wb+') as OUT:
				OUT.write(j3m_data)

		return True, out_file
	except Exception as e:
		print "could not get j3m data from this image"
		print e, type(e)

	return False
예제 #3
0
def parse_j3mlog(log, out_dir=None):
	print "parsing j3m log %s" % log

	log_data = get_log_data(log)

	log_alias = log
	last_state = log

	out_file = "%s.unzipped" % log

	if out_dir is not None:
		out_file = os.path.join(out_dir, log.split("/")[-1])
	else:
		out_dir = os.path.dirname(log)

	if log_data.split('\n')[0] == b64encode('\n'.join(gpg_sentinel)):
		print "Now un-b64ing..."

		log_alias = "%s.unb64ed" % log_alias

		# if so, un-b64
		cmd = ["base64", "-D", "-i", last_state, "-o", os.path.join(out_dir, log_alias)]

		p = Popen(cmd, stdout=PIPE, close_fds=True)
		data = p.stdout.readline()

		while data:
			data = data.strip()
			data = p.stdout.readline()
		p.stdout.close()

		last_state = log_alias
		log_data = get_log_data(last_state)

	# is it pgp? (i.e. starts with BEGIN PGP MESSAGE)
	if log_data.split('\n')[:2] == gpg_sentinel:
		print "Now decrypting..."

		log_alias = "%s.decrypted" % log_alias

		# if so, prompt user to decrypt
		decrypt_file(last_state, os.path.join(out_dir, log_alias))

		last_state = log_alias
		log_data = get_log_data(last_state)

	# finally, unzip
	try:
		print "Now unzipping..."
		cmd = ["unzip", "-o", last_state, "-d", out_file]

		p = Popen(cmd, stdout=PIPE, close_fds=True)
		data = p.stdout.readline()

		while data:
			data = data.strip()
			data = p.stdout.readline()
		p.stdout.close()
	except Exception as e:
		print e, type(e)
		return False

	for r, _, files in os.walk(out_file):
		files = [os.path.join(r, f) for f in files]
		break

	return True, files