Exemplos de File em Python

Exemplo n.º 1

    def find(self, path, device=None, mountpoint=None):
        """Yields a list of files matching the path on the given mountpoint.

        If no mountpoint is specified, all mountpoints are searched.
        This is akin to doing ls -ld, except that a list is returned because
        several mount points may hold files which are candidates for such path.
        """

        if not mountpoint:
            mount_plugin = self.session.plugins.mount(session=self.session)
            mountpoints = mount_plugin.get_mount_points()
        else:
            mountpoints = [mountpoint]

        for mountpoint in mountpoints:
            if device != None and mountpoint.device != device:
                continue

            if path and not path.startswith(str(mountpoint.name)):
                continue

            current_file = vfs.File(mountpoint=mountpoint,
                                    dentry=mountpoint.sb.s_root,
                                    is_root=True,
                                    session=self.session)

            if path == str(mountpoint.name):
                # Return a file for the mountpoint root
                yield current_file
            else:
                remaining_path = path[len(mountpoint.name):]
                traversal_list = remaining_path.split("/")

                i = 0
                found = True
                while i < len(traversal_list):
                    component_to_search = traversal_list[i]
                    if component_to_search == "." or not component_to_search:
                        i += 1
                        continue

                    found = False
                    for file_ in current_file.walk():
                        if file_.name == component_to_search:
                            found = True
                            current_file = file_

                    i += 1

                if found:
                    yield current_file

Exemplo n.º 2

Arquivo: hidden_shmem.py Projeto: gavz/BlackHat-USA-2020

    def dump_file_obj(self, renderer, file_obj, filename):
        # casting file struct object to Rekall's File class
        cfile_obj = vfs.File(mountpoint=file_obj.vfsmnt,
                             dentry=file_obj.dentry,
                             is_root=True,
                             session=self.session)

        page_size = self.session.kernel_address_space.PAGE_SIZE
        buffer_size = 1024 * 1024
        buffer = b""

        # Write buffered output as a sparse file.
        with renderer.open(filename=filename,
                           directory=self.dump_dir,
                           mode="wb") as fd:

            for range_start, range_end in cfile_obj.extents:
                fd.seek(range_start)
                for offset in range(range_start, range_end, page_size):
                    page_index = old_div(offset, page_size)
                    to_write = min(page_size, cfile_obj.size - offset)
                    data = cfile_obj.GetPage(page_index)
                    if data != None:
                        buffer += data[:to_write]
                    else:
                        buffer += b"\x00" * to_write

                    # Dump the buffer when it's full.
                    if len(buffer) >= buffer_size:
                        fd.write(buffer)
                        buffer = b""

                # Dump the remaining data in the buffer.
                if buffer != b"":
                    fd.write(buffer)
                    buffer = b""