Exemplo n.º 1
0
 def check_sig(self, data) -> bool:
     '''
     check if file is office or contains [Content_Types].xml
     '''
     if "application/vnd.openxmlformats-officedocument" in data["Details"]["Properties"]["mime"] or \
         check_packed_files(data["Location"]["File"],["[Content_Types].xml"]):
         unpack_file(data, data["Location"]["File"])
         return True
Exemplo n.º 2
0
 def check_sig_apk(self, data) -> bool:
     '''
     check if mime is an apk type or if file contains Androidmanifest in packed files
     '''
     if  data["Details"]["Properties"]["mime"] == "application/java-archive" or \
         data["Details"]["Properties"]["mime"] == "application/zip":
         if check_packed_files(data["Location"]["File"],
                               ["Androidmanifest.xml"]):
             unpack_file(data, data["Location"]["File"])
             return True
Exemplo n.º 3
0
 def check_sig_ipa(self, data) -> bool:
     '''
     check mime is dmg or not
     '''
     if  data["Details"]["Properties"]["mime"] == "application/zlib" and \
         data["Location"]["Original"].endswith(".ipa"):
         x = dmg_unpack(data["Location"]["File"])
         if x:
             if check_packed_files(x, ["info.plist"]):
                 unpack_file(data, x)
                 return True
Exemplo n.º 4
0
 def check_sig_dmg(self, data) -> bool:
     '''
     check mime is dmg or not
     '''
     if  data["Details"]["Properties"]["mime"] == "application/zlib" and \
         data["Location"]["Original"].endswith(".dmg"):
         temp_x = dmg_unpack(data["Location"]["File"])
         if temp_x:
             if check_packed_files(temp_x, ["info.plist"]) or check_packed_files(temp_x, ["Install"]):
                 unpack_file(data, temp_x)
                 return True
     return False
Exemplo n.º 5
0
 def check_sig(self, data):
     '''
     start unknown files logic, this file is not detected by otehr modules
     if file is archive, then unpack and get words, wordsstripped otherwise
     get words, wordsstripped from the file only
     '''
     if  data["Details"]["Properties"]["mime"] == "application/java-archive" or \
         data["Details"]["Properties"]["mime"] == "application/zip" or \
         data["Details"]["Properties"]["mime"] == "application/zlib":
         unpack_file(data, data["Location"]["File"])
         get_words_multi_files(data, data["Packed"]["Files"])
     else:
         get_words(data, data["Location"]["File"])