def _get_blacklist_and_whitelist_from_config( self, analysis_plugin: str) -> Tuple[List, List]: blacklist = read_list_from_config(self.config, analysis_plugin, 'mime_blacklist') whitelist = read_list_from_config(self.config, analysis_plugin, 'mime_whitelist') return blacklist, whitelist
def test_read_list_from_config__key_not_in_config(monkeypatch): monkeypatch.setattr('helperFunctions.config.get_config_dir', lambda: '{}/helperFunctions'.format(get_test_data_dir())) test_config = load_config('test.cfg') result = read_list_from_config(test_config, 'foo', 'bar') assert result == [] result = read_list_from_config(test_config, 'test', 'bar') assert result == []
def _set_whitelist(self): self.blacklist = read_list_from_config(self.config, 'unpack', 'blacklist') logging.debug('Ignore (Blacklist): {}'.format(', '.join( self.blacklist))) for item in self.blacklist: self.register_plugin(item, self.unpacker_plugins['generic/nop'])
def test_read_list_from_config(monkeypatch, input_data, expected): monkeypatch.setattr('helperFunctions.config.get_config_dir', lambda: '{}/helperFunctions'.format(get_test_data_dir())) test_config = load_config('test.cfg') test_config.add_section('test_section') test_config.set('test_section', 'test_option', input_data) result = read_list_from_config(test_config, 'test_section', 'test_option') assert result == expected
def _add_hash_query_to_query(self, query, value): hash_types = read_list_from_config(self._config, 'file_hashes', 'hashes') hash_query = [{ f'processed_analysis.file_hashes.{hash_type}': value } for hash_type in hash_types] query.update({'$or': hash_query})
def _set_whitelist(self): self.whitelist = read_list_from_config(self.config, 'unpack', 'whitelist') logging.debug('[worker {}] Ignore (Whitelist): {}'.format( self.worker_id, ', '.join(self.whitelist))) for item in self.whitelist: self.register_plugin(item, self.unpacker_plugins['generic/nop'])
def _get_hash_list_from_config(self): try: return read_list_from_config(self.config, self.NAME, 'hashes', default=['sha256']) except Exception: logging.warning("'file_hashes' -> 'hashes' not set in config") return ['sha256']
def get_default_plugins_from_config(self): try: result = {} for plugin_set in self.config['default_plugins']: result[plugin_set] = read_list_from_config(self.config, 'default_plugins', plugin_set) return result except (TypeError, KeyError, AttributeError): logging.warning('default plug-ins not set in config') return []
def _get_default_plugins_from_config(self): try: return { plugin_set: read_list_from_config( self.config, 'default_plugins', plugin_set ) for plugin_set in self.config['default_plugins'] } except (TypeError, KeyError, AttributeError): logging.warning('default plug-ins not set in config') return {}
def get_unpack_status(file_path: str, binary: bytes, extracted_files: List[Path], meta_data: Dict, config: ConfigParser): meta_data['summary'] = [] meta_data['entropy'] = avg_entropy(binary) if not extracted_files: if get_file_type_from_path(file_path)['mime'] in read_list_from_config(config, 'ExpertSettings', 'compressed_file_types')\ or not is_compressed(binary, compress_entropy_threshold=config.getfloat('ExpertSettings', 'unpack_threshold'), classifier=avg_entropy): meta_data['summary'] = ['unpacked'] else: meta_data['summary'] = ['packed'] else: _detect_unpack_loss(binary, extracted_files, meta_data, config.getint('ExpertSettings', 'header_overhead'))
def test_read_list_from_config__no_config(monkeypatch): result = read_list_from_config(None, 'foo', 'bar') assert result == []
def __init__(self, config=None): self.config = config self.exclude = read_list_from_config(config, 'unpack', 'exclude') self._setup_plugins()
def _get_hash_list_from_config(self): hash_list = read_list_from_config(self.config, self.NAME, 'hashes', default=['sha256']) return hash_list if hash_list else ['sha256']
def __init__(self, config=None, extract_everything: bool = False): self.config = config self.exclude = read_list_from_config(config, 'unpack', 'exclude') self._setup_plugins() self.extract_everything = extract_everything