Exemplo n.º 1
0
def test_featureless_file_is_unpacked(scan_environment):
    fn = pathlib.Path("unpackers") / "ihex" / "example.txt"
    fn_abs = testdata_dir / fn
    # TODO: FileResult asks for relative path
    fileresult = FileResult(None, fn_abs, set())
    fileresult.set_filesize(fn_abs.stat().st_size)

    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpacker = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    scanjob.check_for_valid_extension(unpacker)
    assert fileresult.labels == set()
    scanjob.check_for_signatures(unpacker)
    assert fileresult.labels == set()
    assert fileresult.unpackedfiles == []
    scanjob.carve_file_data(unpacker)
    assert fileresult.unpackedfiles == []
    fileresult.labels.add('text')
    scanjob.check_entire_file(unpacker)
    assert len(fileresult.unpackedfiles) == 1
    j = scan_environment.scanfilequeue.get()
    expected_extracted_fn = pathlib.Path('.') / \
            ("%s-0x%08x-ihex-1" % (fn.name, 0)) / "unpacked-from-ihex"
    assert j.fileresult.filename == expected_extracted_fn
    assertUnpackedPathExists(scan_environment, j.fileresult.filename)
Exemplo n.º 2
0
def initialize_scanjob_and_unpacker(scan_environment, fileresult):
    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpacker = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    return scanjob, unpacker
Exemplo n.º 3
0
def test_file_is_unpacked_by_extension(scan_environment):
    fn = pathlib.Path("unpackers") / "gif" / "test.gif"
    fn_abs = testdata_dir / fn
    # TODO: FileResult asks for relative path
    fileresult = FileResult(None, fn_abs, set())
    fileresult.set_filesize(fn_abs.stat().st_size)

    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpacker = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    scanjob.check_for_valid_extension(unpacker)
    assert 'gif' in fileresult.labels
Exemplo n.º 4
0
 def test_carved_padding_file_has_correct_labels(self):
     self._create_padding_file_in_directory()
     fileresult = create_fileresult_for_path(self.unpackdir,
                                             self.padding_file)
     scanjob = ScanJob(fileresult)
     scanjob.set_scanenvironment(self.scan_environment)
     scanjob.initialize()
     unpacker = Unpacker(self.unpackdir)
     scanjob.prepare_for_unpacking()
     scanjob.check_unscannable_file()
     unpacker.append_unpacked_range(0, 5)  # bytes [0:5) are unpacked
     scanjob.carve_file_data(unpacker)
     j = self.scanfile_queue.get()
     self.assertSetEqual(j.fileresult.labels,
                         set(['padding', 'synthesized']))
Exemplo n.º 5
0
def test_file_unpack_signature_fail(scan_environment):
    fn = pathlib.Path("test.sig1")
    fileresult = create_tmp_fileresult(
        scan_environment.temporarydirectory / fn, b"A" * 70)
    scan_environment.set_unpackparsers([UnpackParserExtractSig1Fail])
    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpack_manager = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    scanjob.check_for_signatures(unpack_manager)

    assertUnpackedPathDoesNotExist(scan_environment,
                                   unpack_manager.get_data_unpack_directory())

    assert fileresult.unpackedfiles == []
Exemplo n.º 6
0
def test_carved_padding_file_has_correct_labels(scan_environment):
    padding_file = _create_padding_file_in_unpack_directory(scan_environment)
    fileresult = FileResult(None,
                            scan_environment.unpackdirectory / padding_file,
                            set())
    fileresult.set_filesize(
        (scan_environment.unpackdirectory / padding_file).stat().st_size)
    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpacker = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    scanjob.check_unscannable_file()
    unpacker.append_unpacked_range(0, 5)  # bytes [0:5) are unpacked
    scanjob.carve_file_data(unpacker)
    j = scan_environment.scanfilequeue.get()
    assert j.fileresult.labels == set(['padding', 'synthesized'])
Exemplo n.º 7
0
def test_file_unpack_signature_success(scan_environment):
    fn = pathlib.Path("test.sig1")
    fileresult = create_tmp_fileresult(
        scan_environment.temporarydirectory / fn, b"A" * 70)
    scan_environment.set_unpackparsers([UnpackParserExtractSig1])
    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpack_manager = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    scanjob.check_for_signatures(unpack_manager)

    unpack_report = fileresult.unpackedfiles[0]
    assert len(unpack_report['files']) == 2
    fn1 = unpack_manager.get_data_unpack_directory() / "sig1_first"
    fn2 = unpack_manager.get_data_unpack_directory() / "sig1_second"
    assert unpack_report['files'][0] == fn1
    assert unpack_report['files'][1] == fn2
    assertUnpackedPathExists(scan_environment, unpack_report['files'][0])
    assertUnpackedPathExists(scan_environment, unpack_report['files'][1])
Exemplo n.º 8
0
def test_carved_data_is_extracted_from_file(scan_environment):
    fn = pathlib.Path("unpackers") / "gif" / "test-prepend-random-data.gif"
    fn_abs = testdata_dir / fn
    # TODO: FileResult asks for relative path
    fileresult = FileResult(None, fn_abs, set())
    fileresult.set_filesize(fn_abs.stat().st_size)

    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpacker = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    scanjob.check_for_valid_extension(unpacker)
    scanjob.check_for_signatures(unpacker)
    j = scan_environment.scanfilequeue.get()
    scanjob.carve_file_data(unpacker)
    j = scan_environment.scanfilequeue.get()
    synthesized_name = pathlib.Path('.') / \
            ("%s-0x%08x-synthesized-1" % (fn.name,0)) / \
            ("unpacked-0x%x-0x%x" % (0,127))
    assert j.fileresult.filename == synthesized_name
    assertUnpackedPathExists(scan_environment, j.fileresult.filename)
Exemplo n.º 9
0
def test_file_unpack_extension_carve(scan_environment):
    fn = pathlib.Path("test.ex1")
    fileresult = create_tmp_fileresult(
        scan_environment.temporarydirectory / fn, b"A" * 70)
    scan_environment.set_unpackparsers([UnpackParserExtractEx1Carve])
    scanjob = ScanJob(fileresult)
    scanjob.set_scanenvironment(scan_environment)
    scanjob.initialize()
    unpack_manager = UnpackManager(scan_environment.unpackdirectory)
    scanjob.prepare_for_unpacking()
    scanjob.check_for_valid_extension(unpack_manager)

    unpack_report = fileresult.unpackedfiles[0]
    assert len(unpack_report['files']) == 3
    fn1 = unpack_manager.get_data_unpack_directory() / "ex1_first"
    fn2 = unpack_manager.get_data_unpack_directory() / "ex1_second"
    fn3 = unpack_manager.get_data_unpack_directory(
    ) / "unpacked.ex1_extract_carve"
    assert unpack_report['files'][0] == fn1
    assert unpack_report['files'][1] == fn2
    assert unpack_report['files'][2] == fn3
    assertUnpackedPathExists(scan_environment, unpack_report['files'][0])
    assertUnpackedPathExists(scan_environment, unpack_report['files'][1])
    assertUnpackedPathExists(scan_environment, unpack_report['files'][2])