crt0mega/mvt
1
0
Fork 0
mirror of https://github.com/mvt-project/mvt.git synced 2024-06-26 14:28:54 +00:00
Code Issues Projects Releases Wiki Activity

Supporting loading from extracted folder

Browse Source
This commit is contained in:
Nex 2022-02-02 16:10:12 +01:00
parent 564efc3629
commit b94ba28873
2 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
mvt/android/cli.py
View File

@ -6,6 +6,7 @@
import logging import logging
import os import os
from zipfile import ZipFile from zipfile import ZipFile
from pathlib import Path
import click import click
from rich.logging import RichHandler from rich.logging import RichHandler
@ -189,10 +190,19 @@ def check_bugreport(ctx, iocs, output, list_modules, module, bugreport_path):
indicators = Indicators(log=log) indicators = Indicators(log=log)
indicators.load_indicators_files(iocs) indicators.load_indicators_files(iocs)
zip_archive = ZipFile(bugreport_path) if os.path.isfile(bugreport_path):
zip_files = [] bugreport_format = "zip"
for file_name in zip_archive.namelist(): zip_archive = ZipFile(bugreport_path)
zip_files.append(file_name) zip_files = []
for file_name in zip_archive.namelist():
zip_files.append(file_name)
elif os.path.isdir(bugreport_path):
bugreport_format = "dir"
folder_files = []
parent_path = Path(bugreport_path).absolute().as_posix()
for root, subdirs, subfiles in os.walk(os.path.abspath(bugreport_path)):
for file_name in subfiles:
folder_files.append(os.path.relpath(os.path.join(root, file_name), parent_path))
timeline = [] timeline = []
timeline_detected = [] timeline_detected = []
@ -203,7 +213,10 @@ def check_bugreport(ctx, iocs, output, list_modules, module, bugreport_path):
m = bugreport_module(base_folder=bugreport_path, output_folder=output, m = bugreport_module(base_folder=bugreport_path, output_folder=output,
log=logging.getLogger(bugreport_module.__module__)) log=logging.getLogger(bugreport_module.__module__))
m.from_zip(zip_archive, zip_files) if bugreport_format == "zip":
m.from_zip(zip_archive, zip_files)
else:
m.from_folder(bugreport_path, folder_files)
if indicators.total_ioc_count: if indicators.total_ioc_count:
m.indicators = indicators m.indicators = indicators

7
mvt/android/modules/bugreport/base.py
View File

@ -17,8 +17,9 @@ class BugReportModule(MVTModule):
zip_archive = None zip_archive = None
def from_folder(self, extract_path): def from_folder(self, extract_path, extract_files):
self.extract_path = extract_path self.extract_path = extract_path
self.extract_files = extract_files
def from_zip(self, zip_archive, zip_files): def from_zip(self, zip_archive, zip_files):
self.zip_archive = zip_archive self.zip_archive = zip_archive
@ -30,7 +31,7 @@ class BugReportModule(MVTModule):
for zip_file in self.zip_files: for zip_file in self.zip_files:
file_names.append(zip_file) file_names.append(zip_file)
else: else:
file_names = self.files file_names = self.extract_files
return fnmatch.filter(file_names, pattern) return fnmatch.filter(file_names, pattern)
@ -38,7 +39,7 @@ class BugReportModule(MVTModule):
if self.zip_archive: if self.zip_archive:
handle = self.zip_archive.open(file_path) handle = self.zip_archive.open(file_path)
else: else:
handle = open(os.path.join(self.parent_path, file_path), "rb") handle = open(os.path.join(self.extract_path, file_path), "rb")
data = handle.read() data = handle.read()
handle.close() handle.close()