1# Copyright (c) 2017, The MITRE Corporation. All rights reserved. 2# See LICENSE.txt for complete terms. 3 4import sys 5 6from mixbox.binding_utils import * 7from . import cybox_common 8from . import system_object 9from . import win_handle_object 10 11 12class GlobalFlagListType(GeneratedsSuper): 13 """The GlobalFlagListType type is a listing of all Windows global 14 flags.""" 15 16 subclass = None 17 superclass = None 18 def __init__(self, Global_Flag=None): 19 if Global_Flag is None: 20 self.Global_Flag = [] 21 else: 22 self.Global_Flag = Global_Flag 23 def factory(*args_, **kwargs_): 24 if GlobalFlagListType.subclass: 25 return GlobalFlagListType.subclass(*args_, **kwargs_) 26 else: 27 return GlobalFlagListType(*args_, **kwargs_) 28 factory = staticmethod(factory) 29 def get_Global_Flag(self): return self.Global_Flag 30 def set_Global_Flag(self, Global_Flag): self.Global_Flag = Global_Flag 31 def add_Global_Flag(self, value): self.Global_Flag.append(value) 32 def insert_Global_Flag(self, index, value): self.Global_Flag[index] = value 33 def hasContent_(self): 34 if ( 35 self.Global_Flag 36 ): 37 return True 38 else: 39 return False 40 def export(self, lwrite, level, namespace_='WinSystemObj:', name_='GlobalFlagListType', namespacedef_='', pretty_print=True): 41 if pretty_print: 42 eol_ = '\n' 43 else: 44 eol_ = '' 45 showIndent(lwrite, level, pretty_print) 46 lwrite('<%s%s%s' % (namespace_, name_, namespacedef_ and ' ' + namespacedef_ or '', )) 47 already_processed = set() 48 self.exportAttributes(lwrite, level, already_processed, namespace_, name_='GlobalFlagListType') 49 if self.hasContent_(): 50 lwrite('>%s' % (eol_, )) 51 self.exportChildren(lwrite, level + 1, namespace_, name_, pretty_print=pretty_print) 52 showIndent(lwrite, level, pretty_print) 53 lwrite('</%s%s>%s' % (namespace_, name_, eol_)) 54 else: 55 lwrite('/>%s' % (eol_, )) 56 def exportAttributes(self, lwrite, level, already_processed, namespace_='WinSystemObj:', name_='GlobalFlagListType'): 57 pass 58 def exportChildren(self, lwrite, level, namespace_='WinSystemObj:', name_='GlobalFlagListType', fromsubclass_=False, pretty_print=True): 59 if pretty_print: 60 eol_ = '\n' 61 else: 62 eol_ = '' 63 for Global_Flag_ in self.Global_Flag: 64 Global_Flag_.export(lwrite, level, 'WinSystemObj:', name_='Global_Flag', pretty_print=pretty_print) 65 def build(self, node): 66 self.__sourcenode__ = node 67 already_processed = set() 68 self.buildAttributes(node, node.attrib, already_processed) 69 for child in node: 70 nodeName_ = Tag_pattern_.match(child.tag).groups()[-1] 71 self.buildChildren(child, node, nodeName_) 72 def buildAttributes(self, node, attrs, already_processed): 73 pass 74 def buildChildren(self, child_, node, nodeName_, fromsubclass_=False): 75 if nodeName_ == 'Global_Flag': 76 obj_ = GlobalFlagType.factory() 77 obj_.build(child_) 78 self.Global_Flag.append(obj_) 79# end class GlobalFlagListType 80 81class GlobalFlagType(GeneratedsSuper): 82 """The GlobalFlagType type is intended to characterize Windows global 83 flags.""" 84 85 subclass = None 86 superclass = None 87 def __init__(self, Abbreviation=None, Destination=None, Hexadecimal_Value=None, Symbolic_Name=None): 88 self.Abbreviation = Abbreviation 89 self.Destination = Destination 90 self.Hexadecimal_Value = Hexadecimal_Value 91 self.Symbolic_Name = Symbolic_Name 92 def factory(*args_, **kwargs_): 93 if GlobalFlagType.subclass: 94 return GlobalFlagType.subclass(*args_, **kwargs_) 95 else: 96 return GlobalFlagType(*args_, **kwargs_) 97 factory = staticmethod(factory) 98 def get_Abbreviation(self): return self.Abbreviation 99 def set_Abbreviation(self, Abbreviation): self.Abbreviation = Abbreviation 100 def validate_StringObjectPropertyType(self, value): 101 # Validate type cybox_common.StringObjectPropertyType, a restriction on None. 102 pass 103 def get_Destination(self): return self.Destination 104 def set_Destination(self, Destination): self.Destination = Destination 105 def get_Hexadecimal_Value(self): return self.Hexadecimal_Value 106 def set_Hexadecimal_Value(self, Hexadecimal_Value): self.Hexadecimal_Value = Hexadecimal_Value 107 def validate_HexBinaryObjectPropertyType(self, value): 108 # Validate type cybox_common.HexBinaryObjectPropertyType, a restriction on None. 109 pass 110 def get_Symbolic_Name(self): return self.Symbolic_Name 111 def set_Symbolic_Name(self, Symbolic_Name): self.Symbolic_Name = Symbolic_Name 112 def hasContent_(self): 113 if ( 114 self.Abbreviation is not None or 115 self.Destination is not None or 116 self.Hexadecimal_Value is not None or 117 self.Symbolic_Name is not None 118 ): 119 return True 120 else: 121 return False 122 def export(self, lwrite, level, namespace_='WinSystemObj:', name_='GlobalFlagType', namespacedef_='', pretty_print=True): 123 if pretty_print: 124 eol_ = '\n' 125 else: 126 eol_ = '' 127 showIndent(lwrite, level, pretty_print) 128 lwrite('<%s%s%s' % (namespace_, name_, namespacedef_ and ' ' + namespacedef_ or '', )) 129 already_processed = set() 130 self.exportAttributes(lwrite, level, already_processed, namespace_, name_='GlobalFlagType') 131 if self.hasContent_(): 132 lwrite('>%s' % (eol_, )) 133 self.exportChildren(lwrite, level + 1, namespace_, name_, pretty_print=pretty_print) 134 showIndent(lwrite, level, pretty_print) 135 lwrite('</%s%s>%s' % (namespace_, name_, eol_)) 136 else: 137 lwrite('/>%s' % (eol_, )) 138 def exportAttributes(self, lwrite, level, already_processed, namespace_='WinSystemObj:', name_='GlobalFlagType'): 139 pass 140 def exportChildren(self, lwrite, level, namespace_='WinSystemObj:', name_='GlobalFlagType', fromsubclass_=False, pretty_print=True): 141 if pretty_print: 142 eol_ = '\n' 143 else: 144 eol_ = '' 145 if self.Abbreviation is not None: 146 self.Abbreviation.export(lwrite, level, 'WinSystemObj:', name_='Abbreviation', pretty_print=pretty_print) 147 if self.Destination is not None: 148 self.Destination.export(lwrite, level, 'WinSystemObj:', name_='Destination', pretty_print=pretty_print) 149 if self.Hexadecimal_Value is not None: 150 self.Hexadecimal_Value.export(lwrite, level, 'WinSystemObj:', name_='Hexadecimal_Value', pretty_print=pretty_print) 151 if self.Symbolic_Name is not None: 152 self.Symbolic_Name.export(lwrite, level, 'WinSystemObj:', name_='Symbolic_Name', pretty_print=pretty_print) 153 def build(self, node): 154 self.__sourcenode__ = node 155 already_processed = set() 156 self.buildAttributes(node, node.attrib, already_processed) 157 for child in node: 158 nodeName_ = Tag_pattern_.match(child.tag).groups()[-1] 159 self.buildChildren(child, node, nodeName_) 160 def buildAttributes(self, node, attrs, already_processed): 161 pass 162 def buildChildren(self, child_, node, nodeName_, fromsubclass_=False): 163 if nodeName_ == 'Abbreviation': 164 obj_ = cybox_common.StringObjectPropertyType.factory() 165 obj_.build(child_) 166 self.set_Abbreviation(obj_) 167 elif nodeName_ == 'Destination': 168 obj_ = cybox_common.StringObjectPropertyType.factory() 169 obj_.build(child_) 170 self.set_Destination(obj_) 171 elif nodeName_ == 'Hexadecimal_Value': 172 obj_ = cybox_common.HexBinaryObjectPropertyType.factory() 173 obj_.build(child_) 174 self.set_Hexadecimal_Value(obj_) 175 elif nodeName_ == 'Symbolic_Name': 176 obj_ = cybox_common.StringObjectPropertyType.factory() 177 obj_.build(child_) 178 self.set_Symbolic_Name(obj_) 179# end class GlobalFlagType 180 181class WindowsSystemObjectType(system_object.SystemObjectType): 182 """The WindowsSystemObjectType type is intended to characterize Windows 183 systems.""" 184 185 subclass = None 186 superclass = system_object.SystemObjectType 187 def __init__(self, object_reference=None, Custom_Properties=None, xsi_type=None, Available_Physical_Memory=None, BIOS_Info=None, Date=None, Hostname=None, Local_Time=None, Network_Interface_List=None, OS=None, Processor=None, Processor_Architecture=None, System_Time=None, Timezone_DST=None, Timezone_Standard=None, Total_Physical_Memory=None, Uptime=None, Username=None, Domain=None, Global_Flag_List=None, NetBIOS_Name=None, Open_Handle_List=None, Product_ID=None, Product_Name=None, Registered_Organization=None, Registered_Owner=None, Windows_Directory=None, Windows_System_Directory=None, Windows_Temp_Directory=None): 188 super(WindowsSystemObjectType, self).__init__(object_reference, Custom_Properties, xsi_type, Available_Physical_Memory, BIOS_Info, Date, Hostname, Local_Time, Network_Interface_List, OS, Processor, Processor_Architecture, System_Time, Timezone_DST, Timezone_Standard, Total_Physical_Memory, Uptime, Username, ) 189 if Domain is None: 190 self.Domain = [] 191 else: 192 self.Domain = Domain 193 self.Global_Flag_List = Global_Flag_List 194 self.NetBIOS_Name = NetBIOS_Name 195 self.Open_Handle_List = Open_Handle_List 196 self.Product_ID = Product_ID 197 self.Product_Name = Product_Name 198 self.Registered_Organization = Registered_Organization 199 self.Registered_Owner = Registered_Owner 200 self.Windows_Directory = Windows_Directory 201 self.Windows_System_Directory = Windows_System_Directory 202 self.Windows_Temp_Directory = Windows_Temp_Directory 203 def factory(*args_, **kwargs_): 204 if WindowsSystemObjectType.subclass: 205 return WindowsSystemObjectType.subclass(*args_, **kwargs_) 206 else: 207 return WindowsSystemObjectType(*args_, **kwargs_) 208 factory = staticmethod(factory) 209 def get_Domain(self): return self.Domain 210 def set_Domain(self, Domain): self.Domain = Domain 211 def add_Domain(self, value): self.Domain.append(value) 212 def insert_Domain(self, index, value): self.Domain[index] = value 213 def validate_StringObjectPropertyType(self, value): 214 # Validate type cybox_common.StringObjectPropertyType, a restriction on None. 215 pass 216 def get_Global_Flag_List(self): return self.Global_Flag_List 217 def set_Global_Flag_List(self, Global_Flag_List): self.Global_Flag_List = Global_Flag_List 218 def get_NetBIOS_Name(self): return self.NetBIOS_Name 219 def set_NetBIOS_Name(self, NetBIOS_Name): self.NetBIOS_Name = NetBIOS_Name 220 def get_Open_Handle_List(self): return self.Open_Handle_List 221 def set_Open_Handle_List(self, Open_Handle_List): self.Open_Handle_List = Open_Handle_List 222 def get_Product_ID(self): return self.Product_ID 223 def set_Product_ID(self, Product_ID): self.Product_ID = Product_ID 224 def get_Product_Name(self): return self.Product_Name 225 def set_Product_Name(self, Product_Name): self.Product_Name = Product_Name 226 def get_Registered_Organization(self): return self.Registered_Organization 227 def set_Registered_Organization(self, Registered_Organization): self.Registered_Organization = Registered_Organization 228 def get_Registered_Owner(self): return self.Registered_Owner 229 def set_Registered_Owner(self, Registered_Owner): self.Registered_Owner = Registered_Owner 230 def get_Windows_Directory(self): return self.Windows_Directory 231 def set_Windows_Directory(self, Windows_Directory): self.Windows_Directory = Windows_Directory 232 def get_Windows_System_Directory(self): return self.Windows_System_Directory 233 def set_Windows_System_Directory(self, Windows_System_Directory): self.Windows_System_Directory = Windows_System_Directory 234 def get_Windows_Temp_Directory(self): return self.Windows_Temp_Directory 235 def set_Windows_Temp_Directory(self, Windows_Temp_Directory): self.Windows_Temp_Directory = Windows_Temp_Directory 236 def hasContent_(self): 237 if ( 238 self.Domain or 239 self.Global_Flag_List is not None or 240 self.NetBIOS_Name is not None or 241 self.Open_Handle_List is not None or 242 self.Product_ID is not None or 243 self.Product_Name is not None or 244 self.Registered_Organization is not None or 245 self.Registered_Owner is not None or 246 self.Windows_Directory is not None or 247 self.Windows_System_Directory is not None or 248 self.Windows_Temp_Directory is not None or 249 super(WindowsSystemObjectType, self).hasContent_() 250 ): 251 return True 252 else: 253 return False 254 def export(self, lwrite, level, namespace_='WinSystemObj:', name_='WindowsSystemObjectType', namespacedef_='', pretty_print=True): 255 if pretty_print: 256 eol_ = '\n' 257 else: 258 eol_ = '' 259 showIndent(lwrite, level, pretty_print) 260 lwrite('<%s%s%s' % (namespace_, name_, namespacedef_ and ' ' + namespacedef_ or '', )) 261 already_processed = set() 262 self.exportAttributes(lwrite, level, already_processed, namespace_, name_='WindowsSystemObjectType') 263 if self.hasContent_(): 264 lwrite('>%s' % (eol_, )) 265 self.exportChildren(lwrite, level + 1, namespace_, name_, pretty_print=pretty_print) 266 showIndent(lwrite, level, pretty_print) 267 lwrite('</%s%s>%s' % (namespace_, name_, eol_)) 268 else: 269 lwrite('/>%s' % (eol_, )) 270 def exportAttributes(self, lwrite, level, already_processed, namespace_='WinSystemObj:', name_='WindowsSystemObjectType'): 271 super(WindowsSystemObjectType, self).exportAttributes(lwrite, level, already_processed, namespace_, name_='WindowsSystemObjectType') 272 def exportChildren(self, lwrite, level, namespace_='WinSystemObj:', name_='WindowsSystemObjectType', fromsubclass_=False, pretty_print=True): 273 super(WindowsSystemObjectType, self).exportChildren(lwrite, level, 'WinSystemObj:', name_, True, pretty_print=pretty_print) 274 if pretty_print: 275 eol_ = '\n' 276 else: 277 eol_ = '' 278 for Domain_ in self.Domain: 279 Domain_.export(lwrite, level, 'WinSystemObj:', name_='Domain', pretty_print=pretty_print) 280 if self.Global_Flag_List is not None: 281 self.Global_Flag_List.export(lwrite, level, 'WinSystemObj:', name_='Global_Flag_List', pretty_print=pretty_print) 282 if self.NetBIOS_Name is not None: 283 self.NetBIOS_Name.export(lwrite, level, 'WinSystemObj:', name_='NetBIOS_Name', pretty_print=pretty_print) 284 if self.Open_Handle_List is not None: 285 self.Open_Handle_List.export(lwrite, level, 'WinSystemObj:', name_='Open_Handle_List', pretty_print=pretty_print) 286 if self.Product_ID is not None: 287 self.Product_ID.export(lwrite, level, 'WinSystemObj:', name_='Product_ID', pretty_print=pretty_print) 288 if self.Product_Name is not None: 289 self.Product_Name.export(lwrite, level, 'WinSystemObj:', name_='Product_Name', pretty_print=pretty_print) 290 if self.Registered_Organization is not None: 291 self.Registered_Organization.export(lwrite, level, 'WinSystemObj:', name_='Registered_Organization', pretty_print=pretty_print) 292 if self.Registered_Owner is not None: 293 self.Registered_Owner.export(lwrite, level, 'WinSystemObj:', name_='Registered_Owner', pretty_print=pretty_print) 294 if self.Windows_Directory is not None: 295 self.Windows_Directory.export(lwrite, level, 'WinSystemObj:', name_='Windows_Directory', pretty_print=pretty_print) 296 if self.Windows_System_Directory is not None: 297 self.Windows_System_Directory.export(lwrite, level, 'WinSystemObj:', name_='Windows_System_Directory', pretty_print=pretty_print) 298 if self.Windows_Temp_Directory is not None: 299 self.Windows_Temp_Directory.export(lwrite, level, 'WinSystemObj:', name_='Windows_Temp_Directory', pretty_print=pretty_print) 300 def build(self, node): 301 self.__sourcenode__ = node 302 already_processed = set() 303 self.buildAttributes(node, node.attrib, already_processed) 304 for child in node: 305 nodeName_ = Tag_pattern_.match(child.tag).groups()[-1] 306 self.buildChildren(child, node, nodeName_) 307 def buildAttributes(self, node, attrs, already_processed): 308 super(WindowsSystemObjectType, self).buildAttributes(node, attrs, already_processed) 309 def buildChildren(self, child_, node, nodeName_, fromsubclass_=False): 310 if nodeName_ == 'Domain': 311 obj_ = cybox_common.StringObjectPropertyType.factory() 312 obj_.build(child_) 313 self.Domain.append(obj_) 314 elif nodeName_ == 'Global_Flag_List': 315 obj_ = GlobalFlagListType.factory() 316 obj_.build(child_) 317 self.set_Global_Flag_List(obj_) 318 elif nodeName_ == 'NetBIOS_Name': 319 obj_ = cybox_common.StringObjectPropertyType.factory() 320 obj_.build(child_) 321 self.set_NetBIOS_Name(obj_) 322 elif nodeName_ == 'Open_Handle_List': 323 obj_ = win_handle_object.WindowsHandleListType.factory() 324 obj_.build(child_) 325 self.set_Open_Handle_List(obj_) 326 elif nodeName_ == 'Product_ID': 327 obj_ = cybox_common.StringObjectPropertyType.factory() 328 obj_.build(child_) 329 self.set_Product_ID(obj_) 330 elif nodeName_ == 'Product_Name': 331 obj_ = cybox_common.StringObjectPropertyType.factory() 332 obj_.build(child_) 333 self.set_Product_Name(obj_) 334 elif nodeName_ == 'Registered_Organization': 335 obj_ = cybox_common.StringObjectPropertyType.factory() 336 obj_.build(child_) 337 self.set_Registered_Organization(obj_) 338 elif nodeName_ == 'Registered_Owner': 339 obj_ = cybox_common.StringObjectPropertyType.factory() 340 obj_.build(child_) 341 self.set_Registered_Owner(obj_) 342 elif nodeName_ == 'Windows_Directory': 343 obj_ = cybox_common.StringObjectPropertyType.factory() 344 obj_.build(child_) 345 self.set_Windows_Directory(obj_) 346 elif nodeName_ == 'Windows_System_Directory': 347 obj_ = cybox_common.StringObjectPropertyType.factory() 348 obj_.build(child_) 349 self.set_Windows_System_Directory(obj_) 350 elif nodeName_ == 'Windows_Temp_Directory': 351 obj_ = cybox_common.StringObjectPropertyType.factory() 352 obj_.build(child_) 353 self.set_Windows_Temp_Directory(obj_) 354 super(WindowsSystemObjectType, self).buildChildren(child_, node, nodeName_, True) 355# end class WindowsSystemObjectType 356 357GDSClassesMapping = { 358 'Build_Utility': cybox_common.BuildUtilityType, 359 'Errors': cybox_common.ErrorsType, 360 'Open_Handle_List': win_handle_object.WindowsHandleListType, 361 'DHCP_Lease_Expires': cybox_common.DateTimeObjectPropertyType, 362 'Destination': cybox_common.StringObjectPropertyType, 363 'Processor_Architecture': system_object.ProcessorArchType, 364 'Certificate_Issuer': cybox_common.StringObjectPropertyType, 365 'Hexadecimal_Value': cybox_common.HexBinaryObjectPropertyType, 366 'Metadata': cybox_common.MetadataType, 367 'Hash': cybox_common.HashType, 368 'Information_Source_Type': cybox_common.ControlledVocabularyStringType, 369 'BIOS_Date': cybox_common.DateObjectPropertyType, 370 'Internal_Strings': cybox_common.InternalStringsType, 371 'Fuzzy_Hash_Structure': cybox_common.FuzzyHashStructureType, 372 'SubDatum': cybox_common.MetadataType, 373 'Segment_Hash': cybox_common.HashValueType, 374 'Digital_Signature': cybox_common.DigitalSignatureInfoType, 375 'Code_Snippets': cybox_common.CodeSnippetsType, 376 'Network_Interface_List': system_object.NetworkInterfaceListType, 377 'NetBIOS_Name': cybox_common.StringObjectPropertyType, 378 'Length': cybox_common.IntegerObjectPropertyType, 379 'IP_Gateway_List': system_object.IPGatewayListType, 380 'Windows_System_Directory': cybox_common.StringObjectPropertyType, 381 'Registered_Owner': cybox_common.StringObjectPropertyType, 382 'Encoding': cybox_common.ControlledVocabularyStringType, 383 'Internationalization_Settings': cybox_common.InternationalizationSettingsType, 384 'Image_Offset': cybox_common.IntegerObjectPropertyType, 385 'Abbreviation': cybox_common.StringObjectPropertyType, 386 'MAC': cybox_common.StringObjectPropertyType, 387 'Object_Address': cybox_common.UnsignedLongObjectPropertyType, 388 'Compiler': cybox_common.CompilerType, 389 'OS': system_object.OSType, 390 'Functions': cybox_common.FunctionsType, 391 'String_Value': cybox_common.StringObjectPropertyType, 392 'Pointer_Count': cybox_common.UnsignedLongObjectPropertyType, 393 'Build_Utility_Platform_Specification': cybox_common.PlatformSpecificationType, 394 'Compiler_Informal_Description': cybox_common.CompilerInformalDescriptionType, 395 'System': system_object.SystemObjectType, 396 'Platform': cybox_common.PlatformSpecificationType, 397 'Usage_Context_Assumptions': cybox_common.UsageContextAssumptionsType, 398 'Type': cybox_common.ControlledVocabularyStringType, 399 'Compilers': cybox_common.CompilersType, 400 'Username': cybox_common.StringObjectPropertyType, 401 'Tool_Type': cybox_common.ControlledVocabularyStringType, 402 'String': cybox_common.ExtractedStringType, 403 'Custom_Properties': cybox_common.CustomPropertiesType, 404 'Build_Information': cybox_common.BuildInformationType, 405 'Tool_Hashes': cybox_common.HashListType, 406 'Product_Name': cybox_common.StringObjectPropertyType, 407 'Error_Instances': cybox_common.ErrorInstancesType, 408 'BIOS_Info': system_object.BIOSInfoType, 409 'Data_Segment': cybox_common.StringObjectPropertyType, 410 'Registered_Organization': cybox_common.StringObjectPropertyType, 411 'Certificate_Subject': cybox_common.StringObjectPropertyType, 412 'Property': cybox_common.PropertyType, 413 'Strings': cybox_common.ExtractedStringsType, 414 'Domain': cybox_common.StringObjectPropertyType, 415 'Contributors': cybox_common.PersonnelType, 416 'Simple_Hash_Value': cybox_common.SimpleHashValueType, 417 'BIOS_Manufacturer': cybox_common.StringObjectPropertyType, 418 'Reference_Description': cybox_common.StructuredTextType, 419 'User_Account_Info': cybox_common.ObjectPropertiesType, 420 'Available_Physical_Memory': cybox_common.UnsignedLongObjectPropertyType, 421 'Configuration_Settings': cybox_common.ConfigurationSettingsType, 422 'Compiler_Platform_Specification': cybox_common.PlatformSpecificationType, 423 'Byte_String_Value': cybox_common.HexBinaryObjectPropertyType, 424 'Uptime': cybox_common.DurationObjectPropertyType, 425 'IP_List': system_object.IPInfoListType, 426 'Timezone_DST': cybox_common.StringObjectPropertyType, 427 'Hostname': cybox_common.StringObjectPropertyType, 428 'Instance': cybox_common.ObjectPropertiesType, 429 'Bitness': system_object.BitnessType, 430 'BIOS_Version': cybox_common.StringObjectPropertyType, 431 'Import': cybox_common.StringObjectPropertyType, 432 'Access_Mask': cybox_common.UnsignedLongObjectPropertyType, 433 'IP_Info': system_object.IPInfoType, 434 'System_Time': cybox_common.TimeObjectPropertyType, 435 'Identifier': cybox_common.PlatformIdentifierType, 436 'Build_Number': cybox_common.StringObjectPropertyType, 437 'Adapter': cybox_common.StringObjectPropertyType, 438 'Tool_Specific_Data': cybox_common.ToolSpecificDataType, 439 'Execution_Environment': cybox_common.ExecutionEnvironmentType, 440 'Patch_Level': cybox_common.StringObjectPropertyType, 441 'Search_Distance': cybox_common.IntegerObjectPropertyType, 442 'Dependencies': cybox_common.DependenciesType, 443 'Segment_Count': cybox_common.IntegerObjectPropertyType, 444 'Offset': cybox_common.IntegerObjectPropertyType, 445 'Date': cybox_common.DateObjectPropertyType, 446 'Hashes': cybox_common.HashListType, 447 'Segments': cybox_common.HashSegmentsType, 448 'Windows_Directory': cybox_common.StringObjectPropertyType, 449 'DHCP_Server_List': system_object.DHCPServerListType, 450 'Language': cybox_common.StringObjectPropertyType, 451 'Usage_Context_Assumption': cybox_common.StructuredTextType, 452 'Block_Hash': cybox_common.FuzzyHashBlockType, 453 'Dependency': cybox_common.DependencyType, 454 'Error': cybox_common.ErrorType, 455 'Trigger_Point': cybox_common.HexBinaryObjectPropertyType, 456 'Environment_Variable': cybox_common.EnvironmentVariableType, 457 'Byte_Run': cybox_common.ByteRunType, 458 'File_System_Offset': cybox_common.IntegerObjectPropertyType, 459 'Tool_Configuration': cybox_common.ToolConfigurationType, 460 'Imports': cybox_common.ImportsType, 461 'Install_Date': cybox_common.DateObjectPropertyType, 462 'Total_Physical_Memory': cybox_common.UnsignedLongObjectPropertyType, 463 'Library': cybox_common.LibraryType, 464 'DHCP_Lease_Obtained': cybox_common.DateTimeObjectPropertyType, 465 'References': cybox_common.ToolReferencesType, 466 'Network_Interface': system_object.NetworkInterfaceType, 467 'Windows_Handle': win_handle_object.WindowsHandleObjectType, 468 'Block_Hash_Value': cybox_common.HashValueType, 469 'Time': cybox_common.TimeType, 470 'Configuration_Setting': cybox_common.ConfigurationSettingType, 471 'Data_Size': cybox_common.DataSizeType, 472 'Libraries': cybox_common.LibrariesType, 473 'Function': cybox_common.StringObjectPropertyType, 474 'Timezone_Standard': cybox_common.StringObjectPropertyType, 475 'Handle': win_handle_object.WindowsHandleObjectType, 476 'Description': cybox_common.StringObjectPropertyType, 477 'BIOS_Serial_Number': cybox_common.StringObjectPropertyType, 478 'Code_Snippet': cybox_common.ObjectPropertiesType, 479 'Build_Configuration': cybox_common.BuildConfigurationType, 480 'Symbolic_Name': cybox_common.StringObjectPropertyType, 481 'VLAN_Name': cybox_common.StringObjectPropertyType, 482 'Local_Time': cybox_common.TimeObjectPropertyType, 483 'Search_Within': cybox_common.IntegerObjectPropertyType, 484 'Segment': cybox_common.HashSegmentType, 485 'English_Translation': cybox_common.StringObjectPropertyType, 486 'Name': cybox_common.StringObjectPropertyType, 487 'Processor': cybox_common.StringObjectPropertyType, 488 'Address_Value': cybox_common.StringObjectPropertyType, 489 'Environment_Variable_List': cybox_common.EnvironmentVariableListType, 490 'VLAN_Num': cybox_common.IntegerObjectPropertyType, 491 'Value': cybox_common.StringObjectPropertyType, 492 'Signature_Description': cybox_common.StringObjectPropertyType, 493 'Block_Size': cybox_common.IntegerObjectPropertyType, 494 'ID': cybox_common.UnsignedIntegerObjectPropertyType, 495 'Windows_Temp_Directory': cybox_common.StringObjectPropertyType, 496 'Fuzzy_Hash_Value': cybox_common.FuzzyHashValueType, 497 'Dependency_Description': cybox_common.StructuredTextType, 498 'BIOS_Release_Date': cybox_common.DateObjectPropertyType, 499 'Contributor': cybox_common.ContributorType, 500 'Product_ID': cybox_common.StringObjectPropertyType, 501 'Tools': cybox_common.ToolsInformationType, 502 'Tool': cybox_common.ToolInformationType, 503} 504 505USAGE_TEXT = """ 506Usage: python <Parser>.py [ -s ] <in_xml_file> 507""" 508 509def usage(): 510 print(USAGE_TEXT) 511 sys.exit(1) 512 513def get_root_tag(node): 514 tag = Tag_pattern_.match(node.tag).groups()[-1] 515 rootClass = GDSClassesMapping.get(tag) 516 if rootClass is None: 517 rootClass = globals().get(tag) 518 return tag, rootClass 519 520def parse(inFileName): 521 doc = parsexml_(inFileName) 522 rootNode = doc.getroot() 523 rootTag, rootClass = get_root_tag(rootNode) 524 if rootClass is None: 525 rootTag = 'Windows_System' 526 rootClass = WindowsSystemObjectType 527 rootObj = rootClass.factory() 528 rootObj.build(rootNode) 529 # Enable Python to collect the space used by the DOM. 530 doc = None 531# sys.stdout.write('<?xml version="1.0" ?>\n') 532# rootObj.export(sys.stdout.write, 0, name_=rootTag, 533# namespacedef_='', 534# pretty_print=True) 535 return rootObj 536 537def parseEtree(inFileName): 538 doc = parsexml_(inFileName) 539 rootNode = doc.getroot() 540 rootTag, rootClass = get_root_tag(rootNode) 541 if rootClass is None: 542 rootTag = 'Windows_System' 543 rootClass = WindowsSystemObjectType 544 rootObj = rootClass.factory() 545 rootObj.build(rootNode) 546 # Enable Python to collect the space used by the DOM. 547 doc = None 548 rootElement = rootObj.to_etree(None, name_=rootTag) 549 content = etree_.tostring(rootElement, pretty_print=True, 550 xml_declaration=True, encoding="utf-8") 551 sys.stdout.write(content) 552 sys.stdout.write('\n') 553 return rootObj, rootElement 554 555def parseString(inString): 556 from mixbox.vendor.six import StringIO 557 doc = parsexml_(StringIO(inString)) 558 rootNode = doc.getroot() 559 rootTag, rootClass = get_root_tag(rootNode) 560 if rootClass is None: 561 rootTag = 'Windows_System' 562 rootClass = WindowsSystemObjectType 563 rootObj = rootClass.factory() 564 rootObj.build(rootNode) 565 # Enable Python to collect the space used by the DOM. 566 doc = None 567# sys.stdout.write('<?xml version="1.0" ?>\n') 568# rootObj.export(sys.stdout.write, 0, name_="Windows_System", 569# namespacedef_='') 570 return rootObj 571 572def main(): 573 args = sys.argv[1:] 574 if len(args) == 1: 575 parse(args[0]) 576 else: 577 usage() 578 579if __name__ == '__main__': 580 #import pdb; pdb.set_trace() 581 main() 582 583__all__ = [ 584 "WindowsSystemObjectType", 585 "GlobalFlagListType", 586 "GlobalFlagType" 587 ] 588