Supporting loading from extracted folder

2022-02-02 16:10:12 +01:00 · 2022-02-02 16:10:12 +01:00 · b94ba28873
parent 564efc3629
commit b94ba28873
2 changed files with 22 additions and 8 deletions
--- a/mvt/android/cli.py
+++ b/mvt/android/cli.py
@ -6,6 +6,7 @@
 import logging
 import os
 from zipfile import ZipFile
+from pathlib import Path

 import click
 from rich.logging import RichHandler
@ -189,10 +190,19 @@ def check_bugreport(ctx, iocs, output, list_modules, module, bugreport_path):
    indicators = Indicators(log=log)
    indicators.load_indicators_files(iocs)

-    zip_archive = ZipFile(bugreport_path)
-    zip_files = []
-    for file_name in zip_archive.namelist():
-        zip_files.append(file_name)
+    if os.path.isfile(bugreport_path):
+        bugreport_format = "zip"
+        zip_archive = ZipFile(bugreport_path)
+        zip_files = []
+        for file_name in zip_archive.namelist():
+            zip_files.append(file_name)
+    elif os.path.isdir(bugreport_path):
+        bugreport_format = "dir"
+        folder_files = []
+        parent_path = Path(bugreport_path).absolute().as_posix()
+        for root, subdirs, subfiles in os.walk(os.path.abspath(bugreport_path)):
+            for file_name in subfiles:
+                folder_files.append(os.path.relpath(os.path.join(root, file_name), parent_path))

    timeline = []
    timeline_detected = []
@ -203,7 +213,10 @@ def check_bugreport(ctx, iocs, output, list_modules, module, bugreport_path):
        m = bugreport_module(base_folder=bugreport_path, output_folder=output,
                             log=logging.getLogger(bugreport_module.__module__))

-        m.from_zip(zip_archive, zip_files)
+        if bugreport_format == "zip":
+            m.from_zip(zip_archive, zip_files)
+        else:
+            m.from_folder(bugreport_path, folder_files)

        if indicators.total_ioc_count:
            m.indicators = indicators
--- a/mvt/android/modules/bugreport/base.py
+++ b/mvt/android/modules/bugreport/base.py
@ -17,8 +17,9 @@ class BugReportModule(MVTModule):

    zip_archive = None

-    def from_folder(self, extract_path):
+    def from_folder(self, extract_path, extract_files):
        self.extract_path = extract_path
+        self.extract_files = extract_files

    def from_zip(self, zip_archive, zip_files):
        self.zip_archive = zip_archive
@ -30,7 +31,7 @@ class BugReportModule(MVTModule):
            for zip_file in self.zip_files:
                file_names.append(zip_file)
        else:
-            file_names = self.files
+            file_names = self.extract_files

        return fnmatch.filter(file_names, pattern)

@ -38,7 +39,7 @@ class BugReportModule(MVTModule):
        if self.zip_archive:
            handle = self.zip_archive.open(file_path)
        else:
-            handle = open(os.path.join(self.parent_path, file_path), "rb")
+            handle = open(os.path.join(self.extract_path, file_path), "rb")

        data = handle.read()
        handle.close()