def fileFormat_scanner(fileName): try: oleFile = OleFileIO(fileName) enum_streams = oleFile.listdir() for s in enum_streams: if s == ["\x05SummaryInformation"]: print("Summary Informations Available") properties = oleFile.getproperties(s) if 0x12 in properties: appName = properties[0x12] if 0x13 in properties: if properties[0x13] & 1: print("Document is Encrypted") if s == ['WordDocument']: s_word = oleFile.openstream(['WordDocument']) s_word.read(10) temp16 = unpack("H", s_word.read(2))[0] fEncrypted = (temp16 & 0x0100) >> 8 if fEncrypted: print("Word Document Encrypted") s_word.close() except: print("Error While Processing OLE Streams") return False return True
def fileFormat_scanner(fileName): try: oleFile = OleFileIO(fileName) enum_streams = oleFile.listdir() for s in enum_streams: if s == ["\x05SummaryInformation"]: print("Summary Informations Available") properties = oleFile.getproperties(s) if 0x12 in properties: appName = properties[0x12] if 0x13 in properties: if properties[0x13] & 1: print("Document is Encrypted") if s == ['WordDocument']: s_word = oleFile.openstream(['WordDocument']) s_word.read(10) temp16 = unpack("H", s_word.read(2))[0] fEncrypted = (temp16 & 0x0100) >> 8 if fEncrypted: print("Word Document Encrypted") s_word.close() except: print("Error While Processing OLE Streams") return False return True
def ole2Explore(pyew, doprint=True, args=None): """ Get the OLE2 directory """ if not pyew.physical: filename = tempfile.mkstemp("pyew")[1] f = file(filename, "wb") f.write(pyew.getBuffer()) f.close() else: filename = pyew.filename ole = OleFileIO(filename, raise_defects=DEFECT_INCORRECT) ole.dumpdirectory() i = 0 for streamname in ole.listdir(): if streamname[-1][0] == "\005": print streamname, ": properties" props = ole.getproperties(streamname) props = props.items() props.sort() for k, v in props: #[PL]: avoid to display too large or binary values: if isinstance(v, basestring): if len(v) > 50: v = v[:50] # quick and dirty binary check: for c in (1,2,3,4,5,6,7,11,12,14,15,16,17,18,19,20, 21,22,23,24,25,26,27,28,29,30,31): if chr(c) in v: v = '(binary data)' break print " ", k, v # Read all streams to check if there are errors: print '\nChecking streams...' for streamname in ole.listdir(): # print name using repr() to convert binary chars to \xNN: print '-', repr('/'.join(streamname)),'-', st_type = ole.get_type(streamname) if st_type == STGTY_STREAM: print 'size %d' % ole.get_size(streamname) # just try to read stream in memory: ole.openstream(streamname) else: print 'NOT a stream : type=%d' % st_type print '' #[PL] Test a few new methods: root = ole.get_rootentry_name() print 'Root entry name: "%s"' % root if ole.exists('worddocument'): print "This is a Word document." print "type of stream 'WordDocument':", ole.get_type('worddocument') print "size :", ole.get_size('worddocument') if ole.exists('macros/vba'): print "This document may contain VBA macros."
def ole2Explore(pyew): """ Get the OLE2 directory """ if not pyew.physical: filename = tempfile.mkstemp("pyew")[1] f = file(filename, "wb") f.write(pyew.getBuffer()) f.close() else: filename = pyew.filename ole = OleFileIO(filename, raise_defects=DEFECT_INCORRECT) ole.dumpdirectory() i = 0 for streamname in ole.listdir(): if streamname[-1][0] == "\005": print streamname, ": properties" props = ole.getproperties(streamname) props = props.items() props.sort() for k, v in props: #[PL]: avoid to display too large or binary values: if isinstance(v, basestring): if len(v) > 50: v = v[:50] # quick and dirty binary check: for c in (1, 2, 3, 4, 5, 6, 7, 11, 12, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31): if chr(c) in v: v = '(binary data)' break print " ", k, v # Read all streams to check if there are errors: print '\nChecking streams...' for streamname in ole.listdir(): # print name using repr() to convert binary chars to \xNN: print '-', repr('/'.join(streamname)), '-', st_type = ole.get_type(streamname) if st_type == STGTY_STREAM: print 'size %d' % ole.get_size(streamname) # just try to read stream in memory: ole.openstream(streamname) else: print 'NOT a stream : type=%d' % st_type print '' #[PL] Test a few new methods: root = ole.get_rootentry_name() print 'Root entry name: "%s"' % root if ole.exists('worddocument'): print "This is a Word document." print "type of stream 'WordDocument':", ole.get_type('worddocument') print "size :", ole.get_size('worddocument') if ole.exists('macros/vba'): print "This document may contain VBA macros."