1# Copyright (c) 2017, The MITRE Corporation. All rights reserved. 2# See LICENSE.txt for complete terms. 3 4import sys 5 6from mixbox.binding_utils import * 7from . import cybox_common 8from . import file_object 9 10 11class UnixFileType(cybox_common.BaseObjectPropertyType): 12 """UnixFileType specifies Unix file types, via a union of the 13 UnixFileTypeEnum type and the atomic xs:string type. Its base 14 type is the CybOX Core cybox_common.BaseObjectPropertyType, for permitting 15 complex (i.e. regular-expression based) specifications.This 16 attribute is optional and specifies the expected type for the 17 value of the specified property.""" 18 19 subclass = None 20 superclass = cybox_common.BaseObjectPropertyType 21 def __init__(self, obfuscation_algorithm_ref=None, refanging_transform_type=None, has_changed=None, delimiter='##comma##', pattern_type=None, datatype='string', refanging_transform=None, is_case_sensitive=True, bit_mask=None, appears_random=None, observed_encoding=None, defanging_algorithm_ref=None, is_obfuscated=None, regex_syntax=None, apply_condition='ANY', trend=None, idref=None, is_defanged=None, id=None, condition=None, valueOf_=None): 22 super(UnixFileType, self).__init__(obfuscation_algorithm_ref, refanging_transform_type, has_changed, delimiter, pattern_type, datatype, refanging_transform, is_case_sensitive, bit_mask, appears_random, observed_encoding, defanging_algorithm_ref, is_obfuscated, regex_syntax, apply_condition, trend, idref, is_defanged, id, condition, valueOf_) 23 self.datatype = _cast(None, datatype) 24 self.valueOf_ = valueOf_ 25 def factory(*args_, **kwargs_): 26 if UnixFileType.subclass: 27 return UnixFileType.subclass(*args_, **kwargs_) 28 else: 29 return UnixFileType(*args_, **kwargs_) 30 factory = staticmethod(factory) 31 def get_datatype(self): return self.datatype 32 def set_datatype(self, datatype): self.datatype = datatype 33 def get_valueOf_(self): return self.valueOf_ 34 def set_valueOf_(self, valueOf_): self.valueOf_ = valueOf_ 35 def hasContent_(self): 36 if ( 37 self.valueOf_ or 38 super(UnixFileType, self).hasContent_() 39 ): 40 return True 41 else: 42 return False 43 def export(self, lwrite, level, namespace_='UnixFileObj:', name_='UnixFileType', namespacedef_='', pretty_print=True): 44 if pretty_print: 45 eol_ = '\n' 46 else: 47 eol_ = '' 48 showIndent(lwrite, level, pretty_print) 49 lwrite('<%s%s%s' % (namespace_, name_, namespacedef_ and ' ' + namespacedef_ or '', )) 50 already_processed = set() 51 self.exportAttributes(lwrite, level, already_processed, namespace_, name_='UnixFileType') 52 if self.hasContent_(): 53 lwrite('>') 54 lwrite(quote_xml(self.valueOf_)) 55 self.exportChildren(lwrite, level + 1, namespace_, name_, pretty_print=pretty_print) 56 lwrite('</%s%s>%s' % (namespace_, name_, eol_)) 57 else: 58 lwrite('/>%s' % (eol_, )) 59 def exportAttributes(self, lwrite, level, already_processed, namespace_='UnixFileObj:', name_='UnixFileType'): 60 super(UnixFileType, self).exportAttributes(lwrite, level, already_processed, namespace_, name_='UnixFileType') 61 if self.datatype is not None: 62 63 lwrite(' datatype=%s' % (quote_attrib(self.datatype), )) 64 def exportChildren(self, lwrite, level, namespace_='UnixFileObj:', name_='UnixFileType', fromsubclass_=False, pretty_print=True): 65 super(UnixFileType, self).exportChildren(lwrite, level, 'UnixFileObj:', name_, True, pretty_print=pretty_print) 66 pass 67 def build(self, node): 68 self.__sourcenode__ = node 69 already_processed = set() 70 self.buildAttributes(node, node.attrib, already_processed) 71 self.valueOf_ = get_all_text_(node) 72 for child in node: 73 nodeName_ = Tag_pattern_.match(child.tag).groups()[-1] 74 self.buildChildren(child, node, nodeName_) 75 def buildAttributes(self, node, attrs, already_processed): 76 value = find_attr_value_('datatype', node) 77 if value is not None: 78 79 self.datatype = value 80 super(UnixFileType, self).buildAttributes(node, attrs, already_processed) 81 def buildChildren(self, child_, node, nodeName_, fromsubclass_=False): 82 pass 83# end class UnixFileType 84 85class UnixFilePermissionsType(file_object.FilePermissionsType): 86 """The UnixFilePermissionsType type specifies the specific permissions 87 used by the Unix family of operating systems.The suid field 88 specifies whether or not the file may be exectued with the 89 privileges of the file's owner.The sgid field specifies whether 90 or not the file may be executed with the privileges of the 91 file's group owner.The uread field specifies whether or not the 92 owner of the file can read its contents.The uwrite field 93 specifies whether or not the owner of the file can write to 94 it.The uexec field specifies whether or not the owner of the 95 file can execute it.The gread field specifies whether or not the 96 group owner of the file can read its contents.The gwrite field 97 specifies whether or not the group owner of the file can write 98 to it.The gexec field specifies whether or not the group owner 99 of the file can execute it.The oread field specifies whether or 100 not all other users can read the contents of the file.The owrite 101 field specifies whether or not all other users can write to the 102 file.The oexec field specifies whether or not all other users 103 can execute the file.""" 104 105 subclass = None 106 superclass = file_object.FilePermissionsType 107 def __init__(self, gwrite=None, suid=None, oexec=None, owrite=None, uwrite=None, gexec=None, gread=None, uexec=None, uread=None, sgid=None, oread=None): 108 super(UnixFilePermissionsType, self).__init__() 109 self.gwrite = _cast(bool, gwrite) 110 self.suid = _cast(bool, suid) 111 self.oexec = _cast(bool, oexec) 112 self.owrite = _cast(bool, owrite) 113 self.uwrite = _cast(bool, uwrite) 114 self.gexec = _cast(bool, gexec) 115 self.gread = _cast(bool, gread) 116 self.uexec = _cast(bool, uexec) 117 self.uread = _cast(bool, uread) 118 self.sgid = _cast(bool, sgid) 119 self.oread = _cast(bool, oread) 120 pass 121 def factory(*args_, **kwargs_): 122 if UnixFilePermissionsType.subclass: 123 return UnixFilePermissionsType.subclass(*args_, **kwargs_) 124 else: 125 return UnixFilePermissionsType(*args_, **kwargs_) 126 factory = staticmethod(factory) 127 def get_gwrite(self): return self.gwrite 128 def set_gwrite(self, gwrite): self.gwrite = gwrite 129 def get_suid(self): return self.suid 130 def set_suid(self, suid): self.suid = suid 131 def get_oexec(self): return self.oexec 132 def set_oexec(self, oexec): self.oexec = oexec 133 def get_owrite(self): return self.owrite 134 def set_owrite(self, owrite): self.owrite = owrite 135 def get_uwrite(self): return self.uwrite 136 def set_uwrite(self, uwrite): self.uwrite = uwrite 137 def get_gexec(self): return self.gexec 138 def set_gexec(self, gexec): self.gexec = gexec 139 def get_gread(self): return self.gread 140 def set_gread(self, gread): self.gread = gread 141 def get_uexec(self): return self.uexec 142 def set_uexec(self, uexec): self.uexec = uexec 143 def get_uread(self): return self.uread 144 def set_uread(self, uread): self.uread = uread 145 def get_sgid(self): return self.sgid 146 def set_sgid(self, sgid): self.sgid = sgid 147 def get_oread(self): return self.oread 148 def set_oread(self, oread): self.oread = oread 149 def hasContent_(self): 150 if ( 151 super(UnixFilePermissionsType, self).hasContent_() 152 ): 153 return True 154 else: 155 return False 156 def export(self, lwrite, level, namespace_='UnixFileObj:', name_='UnixFilePermissionsType', namespacedef_='', pretty_print=True): 157 if pretty_print: 158 eol_ = '\n' 159 else: 160 eol_ = '' 161 showIndent(lwrite, level, pretty_print) 162 lwrite('<%s%s%s' % (namespace_, name_, namespacedef_ and ' ' + namespacedef_ or '', )) 163 already_processed = set() 164 self.exportAttributes(lwrite, level, already_processed, namespace_, name_='UnixFilePermissionsType') 165 if self.hasContent_(): 166 lwrite('>%s' % (eol_, )) 167 self.exportChildren(lwrite, level + 1, namespace_, name_, pretty_print=pretty_print) 168 lwrite('</%s%s>%s' % (namespace_, name_, eol_)) 169 else: 170 lwrite('/>%s' % (eol_, )) 171 def exportAttributes(self, lwrite, level, already_processed, namespace_='UnixFileObj:', name_='UnixFilePermissionsType'): 172 super(UnixFilePermissionsType, self).exportAttributes(lwrite, level, already_processed, namespace_, name_='UnixFilePermissionsType') 173 if self.gwrite is not None: 174 175 lwrite(' gwrite="%s"' % self.gds_format_boolean(self.gwrite, input_name='gwrite')) 176 if self.suid is not None: 177 178 lwrite(' suid="%s"' % self.gds_format_boolean(self.suid, input_name='suid')) 179 if self.oexec is not None: 180 181 lwrite(' oexec="%s"' % self.gds_format_boolean(self.oexec, input_name='oexec')) 182 if self.owrite is not None: 183 184 lwrite(' owrite="%s"' % self.gds_format_boolean(self.owrite, input_name='owrite')) 185 if self.uwrite is not None: 186 187 lwrite(' uwrite="%s"' % self.gds_format_boolean(self.uwrite, input_name='uwrite')) 188 if self.gexec is not None: 189 190 lwrite(' gexec="%s"' % self.gds_format_boolean(self.gexec, input_name='gexec')) 191 if self.gread is not None: 192 193 lwrite(' gread="%s"' % self.gds_format_boolean(self.gread, input_name='gread')) 194 if self.uexec is not None: 195 196 lwrite(' uexec="%s"' % self.gds_format_boolean(self.uexec, input_name='uexec')) 197 if self.uread is not None: 198 199 lwrite(' uread="%s"' % self.gds_format_boolean(self.uread, input_name='uread')) 200 if self.sgid is not None: 201 202 lwrite(' sgid="%s"' % self.gds_format_boolean(self.sgid, input_name='sgid')) 203 if self.oread is not None: 204 205 lwrite(' oread="%s"' % self.gds_format_boolean(self.oread, input_name='oread')) 206 def exportChildren(self, lwrite, level, namespace_='UnixFileObj:', name_='UnixFilePermissionsType', fromsubclass_=False, pretty_print=True): 207 super(UnixFilePermissionsType, self).exportChildren(lwrite, level, 'UnixFileObj:', name_, True, pretty_print=pretty_print) 208 pass 209 def build(self, node): 210 self.__sourcenode__ = node 211 already_processed = set() 212 self.buildAttributes(node, node.attrib, already_processed) 213 for child in node: 214 nodeName_ = Tag_pattern_.match(child.tag).groups()[-1] 215 self.buildChildren(child, node, nodeName_) 216 def buildAttributes(self, node, attrs, already_processed): 217 value = find_attr_value_('gwrite', node) 218 if value is not None: 219 220 if value in ('true', '1'): 221 self.gwrite = True 222 elif value in ('false', '0'): 223 self.gwrite = False 224 else: 225 raise_parse_error(node, 'Bad boolean attribute') 226 value = find_attr_value_('suid', node) 227 if value is not None: 228 229 if value in ('true', '1'): 230 self.suid = True 231 elif value in ('false', '0'): 232 self.suid = False 233 else: 234 raise_parse_error(node, 'Bad boolean attribute') 235 value = find_attr_value_('oexec', node) 236 if value is not None: 237 238 if value in ('true', '1'): 239 self.oexec = True 240 elif value in ('false', '0'): 241 self.oexec = False 242 else: 243 raise_parse_error(node, 'Bad boolean attribute') 244 value = find_attr_value_('owrite', node) 245 if value is not None: 246 247 if value in ('true', '1'): 248 self.owrite = True 249 elif value in ('false', '0'): 250 self.owrite = False 251 else: 252 raise_parse_error(node, 'Bad boolean attribute') 253 value = find_attr_value_('uwrite', node) 254 if value is not None: 255 256 if value in ('true', '1'): 257 self.uwrite = True 258 elif value in ('false', '0'): 259 self.uwrite = False 260 else: 261 raise_parse_error(node, 'Bad boolean attribute') 262 value = find_attr_value_('gexec', node) 263 if value is not None: 264 265 if value in ('true', '1'): 266 self.gexec = True 267 elif value in ('false', '0'): 268 self.gexec = False 269 else: 270 raise_parse_error(node, 'Bad boolean attribute') 271 value = find_attr_value_('gread', node) 272 if value is not None: 273 274 if value in ('true', '1'): 275 self.gread = True 276 elif value in ('false', '0'): 277 self.gread = False 278 else: 279 raise_parse_error(node, 'Bad boolean attribute') 280 value = find_attr_value_('uexec', node) 281 if value is not None: 282 283 if value in ('true', '1'): 284 self.uexec = True 285 elif value in ('false', '0'): 286 self.uexec = False 287 else: 288 raise_parse_error(node, 'Bad boolean attribute') 289 value = find_attr_value_('uread', node) 290 if value is not None: 291 292 if value in ('true', '1'): 293 self.uread = True 294 elif value in ('false', '0'): 295 self.uread = False 296 else: 297 raise_parse_error(node, 'Bad boolean attribute') 298 value = find_attr_value_('sgid', node) 299 if value is not None: 300 301 if value in ('true', '1'): 302 self.sgid = True 303 elif value in ('false', '0'): 304 self.sgid = False 305 else: 306 raise_parse_error(node, 'Bad boolean attribute') 307 value = find_attr_value_('oread', node) 308 if value is not None: 309 310 if value in ('true', '1'): 311 self.oread = True 312 elif value in ('false', '0'): 313 self.oread = False 314 else: 315 raise_parse_error(node, 'Bad boolean attribute') 316 super(UnixFilePermissionsType, self).buildAttributes(node, attrs, already_processed) 317 def buildChildren(self, child_, node, nodeName_, fromsubclass_=False): 318 super(UnixFilePermissionsType, self).buildChildren(child_, node, nodeName_, True) 319 pass 320# end class UnixFilePermissionsType 321 322class UnixFileObjectType(file_object.FileObjectType): 323 """The UnixFileObjectType type is intended to characterize Unix files.""" 324 325 subclass = None 326 superclass = file_object.FileObjectType 327 def __init__(self, object_reference=None, Custom_Properties=None, xsi_type=None, is_packed=None, File_Name=None, File_Path=None, Device_Path=None, Full_Path=None, File_Extension=None, Size_In_Bytes=None, Magic_Number=None, File_Format=None, Hashes=None, Digital_Signatures=None, Modified_Time=None, Accessed_Time=None, Created_Time=None, File_Attributes_List=None, Permissions=None, User_Owner=None, Packer_List=None, Peak_Entropy=None, Sym_Links=None, Byte_Runs=None, Extracted_Features=None, Group_Owner=None, INode=None, Type=None): 328 super(UnixFileObjectType, self).__init__(object_reference, Custom_Properties, is_packed, File_Name, File_Path, Device_Path, Full_Path, File_Extension, Size_In_Bytes, Magic_Number, File_Format, Hashes, Digital_Signatures, Modified_Time, Accessed_Time, Created_Time, File_Attributes_List, Permissions, User_Owner, Packer_List, Peak_Entropy, Sym_Links, Byte_Runs, Extracted_Features, ) 329 self.Group_Owner = Group_Owner 330 self.INode = INode 331 self.Type = Type 332 def factory(*args_, **kwargs_): 333 if UnixFileObjectType.subclass: 334 return UnixFileObjectType.subclass(*args_, **kwargs_) 335 else: 336 return UnixFileObjectType(*args_, **kwargs_) 337 factory = staticmethod(factory) 338 def get_Group_Owner(self): return self.Group_Owner 339 def set_Group_Owner(self, Group_Owner): self.Group_Owner = Group_Owner 340 def validate_StringObjectPropertyType(self, value): 341 # Validate type cybox_common.StringObjectPropertyType, a restriction on None. 342 pass 343 def get_INode(self): return self.INode 344 def set_INode(self, INode): self.INode = INode 345 def validate_UnsignedLongObjectPropertyType(self, value): 346 # Validate type cybox_common.UnsignedLongObjectPropertyType, a restriction on None. 347 pass 348 def get_Type(self): return self.Type 349 def set_Type(self, Type): self.Type = Type 350 def validate_UnixFileType(self, value): 351 # Validate type UnixFileType, a restriction on None. 352 pass 353 def hasContent_(self): 354 if ( 355 self.Group_Owner is not None or 356 self.INode is not None or 357 self.Type is not None or 358 super(UnixFileObjectType, self).hasContent_() 359 ): 360 return True 361 else: 362 return False 363 def export(self, lwrite, level, namespace_='UnixFileObj:', name_='UnixFileObjectType', namespacedef_='', pretty_print=True): 364 if pretty_print: 365 eol_ = '\n' 366 else: 367 eol_ = '' 368 showIndent(lwrite, level, pretty_print) 369 lwrite('<%s%s%s' % (namespace_, name_, namespacedef_ and ' ' + namespacedef_ or '', )) 370 already_processed = set() 371 self.exportAttributes(lwrite, level, already_processed, namespace_, name_='UnixFileObjectType') 372 if self.hasContent_(): 373 lwrite('>%s' % (eol_, )) 374 self.exportChildren(lwrite, level + 1, namespace_, name_, pretty_print=pretty_print) 375 showIndent(lwrite, level, pretty_print) 376 lwrite('</%s%s>%s' % (namespace_, name_, eol_)) 377 else: 378 lwrite('/>%s' % (eol_, )) 379 def exportAttributes(self, lwrite, level, already_processed, namespace_='UnixFileObj:', name_='UnixFileObjectType'): 380 super(UnixFileObjectType, self).exportAttributes(lwrite, level, already_processed, namespace_, name_='UnixFileObjectType') 381 def exportChildren(self, lwrite, level, namespace_='UnixFileObj:', name_='UnixFileObjectType', fromsubclass_=False, pretty_print=True): 382 super(UnixFileObjectType, self).exportChildren(lwrite, level, 'UnixFileObj:', name_, True, pretty_print=pretty_print) 383 if pretty_print: 384 eol_ = '\n' 385 else: 386 eol_ = '' 387 if self.Group_Owner is not None: 388 self.Group_Owner.export(lwrite, level, 'UnixFileObj:', name_='Group_Owner', pretty_print=pretty_print) 389 if self.INode is not None: 390 self.INode.export(lwrite, level, 'UnixFileObj:', name_='INode', pretty_print=pretty_print) 391 if self.Type is not None: 392 self.Type.export(lwrite, level, 'UnixFileObj:', name_='Type', pretty_print=pretty_print) 393 def build(self, node): 394 self.__sourcenode__ = node 395 already_processed = set() 396 self.buildAttributes(node, node.attrib, already_processed) 397 for child in node: 398 nodeName_ = Tag_pattern_.match(child.tag).groups()[-1] 399 self.buildChildren(child, node, nodeName_) 400 def buildAttributes(self, node, attrs, already_processed): 401 super(UnixFileObjectType, self).buildAttributes(node, attrs, already_processed) 402 def buildChildren(self, child_, node, nodeName_, fromsubclass_=False): 403 if nodeName_ == 'Group_Owner': 404 obj_ = cybox_common.StringObjectPropertyType.factory() 405 obj_.build(child_) 406 self.set_Group_Owner(obj_) 407 elif nodeName_ == 'INode': 408 obj_ = cybox_common.UnsignedLongObjectPropertyType.factory() 409 obj_.build(child_) 410 self.set_INode(obj_) 411 elif nodeName_ == 'Type': 412 obj_ = UnixFileType.factory() 413 obj_.build(child_) 414 self.set_Type(obj_) 415 super(UnixFileObjectType, self).buildChildren(child_, node, nodeName_, True) 416# end class UnixFileObjectType 417 418GDSClassesMapping = { 419 'Build_Utility': cybox_common.BuildUtilityType, 420 'Errors': cybox_common.ErrorsType, 421 'File_Extension': cybox_common.StringObjectPropertyType, 422 'Time': cybox_common.TimeType, 423 'Opcodes': cybox_common.StringObjectPropertyType, 424 'Certificate_Issuer': cybox_common.StringObjectPropertyType, 425 'Tool': cybox_common.ToolInformationType, 426 'Metadata': cybox_common.MetadataType, 427 'Hash': cybox_common.HashType, 428 'Size_In_Bytes': cybox_common.UnsignedLongObjectPropertyType, 429 'Information_Source_Type': cybox_common.ControlledVocabularyStringType, 430 'Block_Hash_Value': cybox_common.HashValueType, 431 'Fuzzy_Hash_Structure': cybox_common.FuzzyHashStructureType, 432 'Byte_Runs': cybox_common.ByteRunsType, 433 'SubDatum': cybox_common.MetadataType, 434 'Segment_Hash': cybox_common.HashValueType, 435 'Digital_Signature': cybox_common.DigitalSignatureInfoType, 436 'Code_Snippets': cybox_common.CodeSnippetsType, 437 'Value': cybox_common.StringObjectPropertyType, 438 'Length': cybox_common.IntegerObjectPropertyType, 439 'Device_Path': cybox_common.StringObjectPropertyType, 440 'Encoding': cybox_common.ControlledVocabularyStringType, 441 'Internationalization_Settings': cybox_common.InternationalizationSettingsType, 442 'Tool_Configuration': cybox_common.ToolConfigurationType, 443 'English_Translation': cybox_common.StringObjectPropertyType, 444 'Functions': cybox_common.FunctionsType, 445 'String_Value': cybox_common.StringObjectPropertyType, 446 'Build_Utility_Platform_Specification': cybox_common.PlatformSpecificationType, 447 'Compiler_Informal_Description': cybox_common.CompilerInformalDescriptionType, 448 'System': cybox_common.ObjectPropertiesType, 449 'Platform': cybox_common.PlatformSpecificationType, 450 'Version': cybox_common.StringObjectPropertyType, 451 'Usage_Context_Assumptions': cybox_common.UsageContextAssumptionsType, 452 'Created_Time': cybox_common.DateTimeObjectPropertyType, 453 'Type': file_object.PackerClassType, 454 'Compilers': cybox_common.CompilersType, 455 'Digital_Signatures': cybox_common.DigitalSignaturesType, 456 'Tool_Type': cybox_common.ControlledVocabularyStringType, 457 'String': cybox_common.ExtractedStringType, 458 'File_Format': cybox_common.StringObjectPropertyType, 459 'Custom_Properties': cybox_common.CustomPropertiesType, 460 'Build_Information': cybox_common.BuildInformationType, 461 'Detected_Entrypoint_Signatures': file_object.EntryPointSignatureListType, 462 'Tool_Hashes': cybox_common.HashListType, 463 'Compiler_Platform_Specification': cybox_common.PlatformSpecificationType, 464 'File_Path': file_object.FilePathType, 465 'Entry_Point_Signature': file_object.EntryPointSignatureType, 466 'Error_Instances': cybox_common.ErrorInstancesType, 467 'Data_Segment': cybox_common.StringObjectPropertyType, 468 'Certificate_Subject': cybox_common.StringObjectPropertyType, 469 'Language': cybox_common.StringObjectPropertyType, 470 'Signature': cybox_common.StringObjectPropertyType, 471 'Identifier': cybox_common.PlatformIdentifierType, 472 'Strings': cybox_common.ExtractedStringsType, 473 'User_Owner': cybox_common.StringObjectPropertyType, 474 'Contributors': cybox_common.PersonnelType, 475 'Packer': file_object.PackerType, 476 'Reference_Description': cybox_common.StructuredTextType, 477 'Code_Snippet': cybox_common.ObjectPropertiesType, 478 'File_Attributes_List': file_object.FileAttributeType, 479 'Configuration_Settings': cybox_common.ConfigurationSettingsType, 480 'Simple_Hash_Value': cybox_common.SimpleHashValueType, 481 'Byte_String_Value': cybox_common.HexBinaryObjectPropertyType, 482 'Sym_Links': file_object.SymLinksListType, 483 'Instance': cybox_common.ObjectPropertiesType, 484 'Packer_List': file_object.PackerListType, 485 'Import': cybox_common.StringObjectPropertyType, 486 'Accessed_Time': cybox_common.StringObjectPropertyType, 487 'Sym_Link': cybox_common.StringObjectPropertyType, 488 'Property': cybox_common.PropertyType, 489 'Tool_Specific_Data': cybox_common.ToolSpecificDataType, 490 'Execution_Environment': cybox_common.ExecutionEnvironmentType, 491 'Dependencies': cybox_common.DependenciesType, 492 'Offset': cybox_common.IntegerObjectPropertyType, 493 'Date': cybox_common.DateRangeType, 494 'Hashes': cybox_common.HashListType, 495 'Segments': cybox_common.HashSegmentsType, 496 'Permissions': file_object.FilePermissionsType, 497 'Segment_Count': cybox_common.IntegerObjectPropertyType, 498 'Usage_Context_Assumption': cybox_common.StructuredTextType, 499 'Block_Hash': cybox_common.FuzzyHashBlockType, 500 'Dependency': cybox_common.DependencyType, 501 'Error': cybox_common.ErrorType, 502 'INode': cybox_common.UnsignedLongObjectPropertyType, 503 'Trigger_Point': cybox_common.HexBinaryObjectPropertyType, 504 'Environment_Variable': cybox_common.EnvironmentVariableType, 505 'Byte_Run': cybox_common.ByteRunType, 506 'File_System_Offset': cybox_common.IntegerObjectPropertyType, 507 'Image_Offset': cybox_common.IntegerObjectPropertyType, 508 'Imports': cybox_common.ImportsType, 509 'Group_Owner': cybox_common.StringObjectPropertyType, 510 'Library': cybox_common.LibraryType, 511 'References': cybox_common.ToolReferencesType, 512 'Internal_Strings': cybox_common.InternalStringsType, 513 'EP_Jump_Codes': file_object.EPJumpCodeType, 514 'File_Name': cybox_common.StringObjectPropertyType, 515 'Configuration_Setting': cybox_common.ConfigurationSettingType, 516 'Modified_Time': cybox_common.StringObjectPropertyType, 517 'Libraries': cybox_common.LibrariesType, 518 'Function': cybox_common.StringObjectPropertyType, 519 'Description': cybox_common.StructuredTextType, 520 'User_Account_Info': cybox_common.ObjectPropertiesType, 521 'Build_Configuration': cybox_common.BuildConfigurationType, 522 'Extracted_Features': cybox_common.ExtractedFeaturesType, 523 'Magic_Number': cybox_common.HexBinaryObjectPropertyType, 524 'Address': cybox_common.HexBinaryObjectPropertyType, 525 'Search_Within': cybox_common.IntegerObjectPropertyType, 526 'Segment': cybox_common.HashSegmentType, 527 'Full_Path': cybox_common.StringObjectPropertyType, 528 'Compiler': cybox_common.CompilerType, 529 'Name': cybox_common.StringObjectPropertyType, 530 'Depth': cybox_common.IntegerObjectPropertyType, 531 'Entry_Point': cybox_common.HexBinaryObjectPropertyType, 532 'Signature_Description': cybox_common.StringObjectPropertyType, 533 'Block_Size': cybox_common.IntegerObjectPropertyType, 534 'Search_Distance': cybox_common.IntegerObjectPropertyType, 535 'Fuzzy_Hash_Value': cybox_common.FuzzyHashValueType, 536 'Data_Size': cybox_common.DataSizeType, 537 'Dependency_Description': cybox_common.StructuredTextType, 538 'File': file_object.FileObjectType, 539 'Contributor': cybox_common.ContributorType, 540 'Peak_Entropy': cybox_common.DoubleObjectPropertyType, 541 'Tools': cybox_common.ToolsInformationType, 542} 543 544USAGE_TEXT = """ 545Usage: python <Parser>.py [ -s ] <in_xml_file> 546""" 547 548def usage(): 549 print(USAGE_TEXT) 550 sys.exit(1) 551 552def get_root_tag(node): 553 tag = Tag_pattern_.match(node.tag).groups()[-1] 554 rootClass = GDSClassesMapping.get(tag) 555 if rootClass is None: 556 rootClass = globals().get(tag) 557 return tag, rootClass 558 559def parse(inFileName): 560 doc = parsexml_(inFileName) 561 rootNode = doc.getroot() 562 rootTag, rootClass = get_root_tag(rootNode) 563 if rootClass is None: 564 rootTag = 'Unix_File' 565 rootClass = UnixFileObjectType 566 rootObj = rootClass.factory() 567 rootObj.build(rootNode) 568 # Enable Python to collect the space used by the DOM. 569 doc = None 570# sys.stdout.write('<?xml version="1.0" ?>\n') 571# rootObj.export(sys.stdout.write, 0, name_=rootTag, 572# namespacedef_='', 573# pretty_print=True) 574 return rootObj 575 576def parseEtree(inFileName): 577 doc = parsexml_(inFileName) 578 rootNode = doc.getroot() 579 rootTag, rootClass = get_root_tag(rootNode) 580 if rootClass is None: 581 rootTag = 'Unix_File' 582 rootClass = UnixFileObjectType 583 rootObj = rootClass.factory() 584 rootObj.build(rootNode) 585 # Enable Python to collect the space used by the DOM. 586 doc = None 587 rootElement = rootObj.to_etree(None, name_=rootTag) 588 content = etree_.tostring(rootElement, pretty_print=True, 589 xml_declaration=True, encoding="utf-8") 590 sys.stdout.write(content) 591 sys.stdout.write('\n') 592 return rootObj, rootElement 593 594def parseString(inString): 595 from mixbox.vendor.six import StringIO 596 doc = parsexml_(StringIO(inString)) 597 rootNode = doc.getroot() 598 rootTag, rootClass = get_root_tag(rootNode) 599 if rootClass is None: 600 rootTag = 'Unix_File' 601 rootClass = UnixFileObjectType 602 rootObj = rootClass.factory() 603 rootObj.build(rootNode) 604 # Enable Python to collect the space used by the DOM. 605 doc = None 606# sys.stdout.write('<?xml version="1.0" ?>\n') 607# rootObj.export(sys.stdout.write, 0, name_="Unix_File", 608# namespacedef_='') 609 return rootObj 610 611def main(): 612 args = sys.argv[1:] 613 if len(args) == 1: 614 parse(args[0]) 615 else: 616 usage() 617 618# Register abstract types 619setattr(file_object, "UnixFilePermissionsType", UnixFilePermissionsType) 620 621if __name__ == '__main__': 622 #import pdb; pdb.set_trace() 623 main() 624 625__all__ = [ 626 "UnixFileObjectType", 627 "UnixFilePermissionsType", 628 "UnixFileType" 629 ] 630