mirror of
https://github.com/mvt-project/mvt.git
synced 2024-06-26 14:28:54 +00:00
Supporting loading from extracted folder
This commit is contained in:
parent
564efc3629
commit
b94ba28873
|
@ -6,6 +6,7 @@
|
||||||
import logging
|
import logging
|
||||||
import os
|
import os
|
||||||
from zipfile import ZipFile
|
from zipfile import ZipFile
|
||||||
|
from pathlib import Path
|
||||||
|
|
||||||
import click
|
import click
|
||||||
from rich.logging import RichHandler
|
from rich.logging import RichHandler
|
||||||
|
@ -189,10 +190,19 @@ def check_bugreport(ctx, iocs, output, list_modules, module, bugreport_path):
|
||||||
indicators = Indicators(log=log)
|
indicators = Indicators(log=log)
|
||||||
indicators.load_indicators_files(iocs)
|
indicators.load_indicators_files(iocs)
|
||||||
|
|
||||||
|
if os.path.isfile(bugreport_path):
|
||||||
|
bugreport_format = "zip"
|
||||||
zip_archive = ZipFile(bugreport_path)
|
zip_archive = ZipFile(bugreport_path)
|
||||||
zip_files = []
|
zip_files = []
|
||||||
for file_name in zip_archive.namelist():
|
for file_name in zip_archive.namelist():
|
||||||
zip_files.append(file_name)
|
zip_files.append(file_name)
|
||||||
|
elif os.path.isdir(bugreport_path):
|
||||||
|
bugreport_format = "dir"
|
||||||
|
folder_files = []
|
||||||
|
parent_path = Path(bugreport_path).absolute().as_posix()
|
||||||
|
for root, subdirs, subfiles in os.walk(os.path.abspath(bugreport_path)):
|
||||||
|
for file_name in subfiles:
|
||||||
|
folder_files.append(os.path.relpath(os.path.join(root, file_name), parent_path))
|
||||||
|
|
||||||
timeline = []
|
timeline = []
|
||||||
timeline_detected = []
|
timeline_detected = []
|
||||||
|
@ -203,7 +213,10 @@ def check_bugreport(ctx, iocs, output, list_modules, module, bugreport_path):
|
||||||
m = bugreport_module(base_folder=bugreport_path, output_folder=output,
|
m = bugreport_module(base_folder=bugreport_path, output_folder=output,
|
||||||
log=logging.getLogger(bugreport_module.__module__))
|
log=logging.getLogger(bugreport_module.__module__))
|
||||||
|
|
||||||
|
if bugreport_format == "zip":
|
||||||
m.from_zip(zip_archive, zip_files)
|
m.from_zip(zip_archive, zip_files)
|
||||||
|
else:
|
||||||
|
m.from_folder(bugreport_path, folder_files)
|
||||||
|
|
||||||
if indicators.total_ioc_count:
|
if indicators.total_ioc_count:
|
||||||
m.indicators = indicators
|
m.indicators = indicators
|
||||||
|
|
|
@ -17,8 +17,9 @@ class BugReportModule(MVTModule):
|
||||||
|
|
||||||
zip_archive = None
|
zip_archive = None
|
||||||
|
|
||||||
def from_folder(self, extract_path):
|
def from_folder(self, extract_path, extract_files):
|
||||||
self.extract_path = extract_path
|
self.extract_path = extract_path
|
||||||
|
self.extract_files = extract_files
|
||||||
|
|
||||||
def from_zip(self, zip_archive, zip_files):
|
def from_zip(self, zip_archive, zip_files):
|
||||||
self.zip_archive = zip_archive
|
self.zip_archive = zip_archive
|
||||||
|
@ -30,7 +31,7 @@ class BugReportModule(MVTModule):
|
||||||
for zip_file in self.zip_files:
|
for zip_file in self.zip_files:
|
||||||
file_names.append(zip_file)
|
file_names.append(zip_file)
|
||||||
else:
|
else:
|
||||||
file_names = self.files
|
file_names = self.extract_files
|
||||||
|
|
||||||
return fnmatch.filter(file_names, pattern)
|
return fnmatch.filter(file_names, pattern)
|
||||||
|
|
||||||
|
@ -38,7 +39,7 @@ class BugReportModule(MVTModule):
|
||||||
if self.zip_archive:
|
if self.zip_archive:
|
||||||
handle = self.zip_archive.open(file_path)
|
handle = self.zip_archive.open(file_path)
|
||||||
else:
|
else:
|
||||||
handle = open(os.path.join(self.parent_path, file_path), "rb")
|
handle = open(os.path.join(self.extract_path, file_path), "rb")
|
||||||
|
|
||||||
data = handle.read()
|
data = handle.read()
|
||||||
handle.close()
|
handle.close()
|
||||||
|
|
Loading…
Reference in New Issue
Block a user