How to use the oletools.thirdparty.xglob.xglob.iter_files function in oletools
To help you get started, we’ve selected a few oletools examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
decalage2 / ViperMonkey / vipermonkey / vmonkey.py View on Github 
print_version()
sys.exit(0)
# Print help if no arguments are passed
if len(args) == 0:
safe_print(__doc__)
parser.print_help()
sys.exit(0)
# setup logging to the console
# logging.basicConfig(level=LOG_LEVELS[options.loglevel], format='%(levelname)-8s %(message)s')
colorlog.basicConfig(level=LOG_LEVELS[options.loglevel], format='%(log_color)s%(levelname)-8s %(message)s')
json_results = []
for container, filename, data in xglob.iter_files(args,
recursive=options.recursive,
zip_password=options.zip_password,
zip_fname=options.zip_fname):
# ignore directory names stored in zip files:
if container and filename.endswith('/'):
continue
if options.scan_expressions:
process_file_scanexpr(container, filename, data)
else:
entry_points = None
if (options.entry_points is not None):
entry_points = options.entry_points.split(",")
process_file(container,
filename,
data,# Print help if no arguments are passed
if len(args) == 0:
print (__doc__)
parser.print_help()
sys.exit()
# Setup logging to the console:
# here we use stdout instead of stderr by default, so that the output
# can be redirected properly.
logging.basicConfig(level=LOG_LEVELS[options.loglevel], stream=sys.stdout,
format='%(levelname)-8s %(message)s')
# enable logging in the modules:
log.setLevel(logging.NOTSET)
oleobj.enable_logging()
for container, filename, data in xglob.iter_files(args, recursive=options.recursive,
zip_password=options.zip_password, zip_fname=options.zip_fname):
# ignore directory names stored in zip files:
if container and filename.endswith('/'):
continue
process_file(container, filename, data, output_dir=options.output_dir,
save_object=options.save_object)print(__doc__)
parser.print_help()
sys.exit()
# if no display option is provided, set defaults:
default_options = False
if not (options.header or options.fat or options.minifat):
options.header = True
# options.fat = True
# options.minifat = True
default_options = True
# print banner with version
print(BANNER)
for container, filename, data in xglob.iter_files(args, recursive=options.recursive,
zip_password=options.zip_password, zip_fname=options.zip_fname):
# TODO: handle xglob errors
# ignore directory names stored in zip files:
if container and filename.endswith('/'):
continue
full_name = '%s in %s' % (filename, container) if container else filename
print("-" * 79)
print('FILE: %s\n' % full_name)
if data is not None:
# data extracted from zip file
ole = olefile.OleFileIO(data)
else:
# normal filename
ole = olefile.OleFileIO(filename)
if options.header:(options, args) = parser.parse_args()
# Print help if no arguments are passed
if len(args) == 0:
print(BANNER)
print(__doc__)
parser.print_help()
sys.exit()
# print banner with version
print(BANNER)
if os.name == 'nt':
colorclass.Windows.enable(auto_colors=True, reset_atexit=True)
for container, filename, data in xglob.iter_files(args, recursive=options.recursive,
zip_password=options.zip_password, zip_fname=options.zip_fname):
# ignore directory names stored in zip files:
if container and filename.endswith('/'):
continue
full_name = '%s in %s' % (filename, container) if container else filename
print('OLE directory entries in file %s:' % full_name)
if data is not None:
# data extracted from zip file
ole = olefile.OleFileIO(data)
else:
# normal filename
ole = olefile.OleFileIO(filename)
# ole.dumpdirectory()
# t = prettytable.PrettyTable(('id', 'Status', 'Type', 'Name', 'Left', 'Right', 'Child', '1st Sect', 'Size'))
# t.align = 'l'# print banner with version
print('MacroRaptor %s - http://decalage.info/python/oletools' % __version__)
print('This is work in progress, please report issues at %s' % URL_ISSUES)
logging.basicConfig(level=LOG_LEVELS[options.loglevel], format='%(levelname)-8s %(message)s')
# enable logging in the modules:
log.setLevel(logging.NOTSET)
t = tablestream.TableStream(style=tablestream.TableStyleSlim,
header_row=['Result', 'Flags', 'Type', 'File'],
column_width=[10, 5, 4, 56])
exitcode = -1
global_result = None
# TODO: handle errors in xglob, to continue processing the next files
for container, filename, data in xglob.iter_files(args, recursive=options.recursive,
zip_password=options.zip_password, zip_fname=options.zip_fname):
# ignore directory names stored in zip files:
if container and filename.endswith('/'):
continue
full_name = '%s in %s' % (filename, container) if container else filename
# try:
# # Open the file
# if data is None:
# data = open(filename, 'rb').read()
# except:
# log.exception('Error when opening file %r' % full_name)
# continue
if isinstance(data, Exception):
result = Result_Error
t.write_row([result.name, '', '', full_name],
colors=[result.color, None, None, None])oletools
Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response #DFIR
Package Health Score
77 / 100Popular oletools functions
- oletools.common.log_helper.log_helper
- oletools.common.log_helper.log_helper.enable_logging
- oletools.common.log_helper.log_helper.get_or_create_silent_logger
- oletools.msodde
- oletools.msodde.process_maybe_encrypted
- oletools.oleid.Indicator
- oletools.oleobj
- oletools.oleobj.OleNativeStream
- oletools.olevba
- oletools.olevba.VBA_Parser
- oletools.olevba3.VBA_Parser
- oletools.ooxml
- oletools.ooxml.BadOOXML
- oletools.ooxml.XmlParser
- oletools.ppt_parser.PptUnexpectedData
- oletools.record_base
- oletools.rtfobj.RtfObjParser
- oletools.thirdparty.tablestream.tablestream
- oletools.thirdparty.tablestream.tablestream.TableStream
- oletools.thirdparty.xglob.xglob.iter_files