def collect_metadata(argv, sample_path, rules_path, format, extractor): md5 = hashlib.md5() sha1 = hashlib.sha1() sha256 = hashlib.sha256() with open(sample_path, "rb") as f: buf = f.read() md5.update(buf) sha1.update(buf) sha256.update(buf) if rules_path != RULES_PATH_DEFAULT_STRING: rules_path = os.path.abspath(os.path.normpath(rules_path)) return { "timestamp": datetime.datetime.now().isoformat(), "version": capa.version.__version__, "argv": argv, "sample": { "md5": md5.hexdigest(), "sha1": sha1.hexdigest(), "sha256": sha256.hexdigest(), "path": os.path.normpath(sample_path), }, "analysis": { "format": format, "extractor": extractor.__class__.__name__, "rules": rules_path, "base_address": extractor.get_base_address(), }, }
def collect_metadata(argv, sample_path, rules_path, extractor): md5 = hashlib.md5() sha1 = hashlib.sha1() sha256 = hashlib.sha256() with open(sample_path, "rb") as f: buf = f.read() md5.update(buf) sha1.update(buf) sha256.update(buf) if rules_path != RULES_PATH_DEFAULT_STRING: rules_path = os.path.abspath(os.path.normpath(rules_path)) format = get_format(sample_path) arch = get_arch(sample_path) os_ = get_os(sample_path) return { "timestamp": datetime.datetime.now().isoformat(), "version": capa.version.__version__, "argv": argv, "sample": { "md5": md5.hexdigest(), "sha1": sha1.hexdigest(), "sha256": sha256.hexdigest(), "path": os.path.normpath(sample_path), }, "analysis": { "format": format, "arch": arch, "os": os_, "extractor": extractor.__class__.__name__, "rules": rules_path, "base_address": extractor.get_base_address(), "layout": { # this is updated after capabilities have been collected. # will look like: # # "functions": { 0x401000: { "matched_basic_blocks": [ 0x401000, 0x401005, ... ] }, ... } }, }, }