From 1f5afc300046b5aeb542b94ec8c4e1756cd8f758 Mon Sep 17 00:00:00 2001 From: pdf Date: Fri, 19 May 2023 23:50:03 -0700 Subject: [PATCH] better temp dir cleanup --- README.md | 8 +++---- binhop.py | 63 +++++++++++++++++++++++++++---------------------------- 2 files changed, 35 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index 7927884..d632ad0 100644 --- a/README.md +++ b/README.md @@ -17,9 +17,9 @@ take action on the parts that didn't.
## Installation and Usage -To use this script, you need Python 3 and a functioning and "recent" version of `binwalk` installed on your system. +To use this script, you need Python 3 and a functioning and "recent" version of `binwalk` installed on your system. In practice, this means you're *probably* going to need to be on an x86/x86_64 Linux, but maybe you have better karma than I do. -You'll probably also want to install optional `binwalk` dependencies such as `sasquatch`, `jefferson`, and others. You can learn how to do that in [binwalk's INSTALL.md](https://github.com/ReFirmLabs/binwalk/blob/master/INSTALL.md). `binhop` only "requires" `binwalk`, but it'll fail on binaries for which `binwalk` is dependent on optional modules. +You'll probably also want to install optional `binwalk` dependencies such as `sasquatch`, `jefferson`, and others, depending on the binaries you want to submit. You can learn how to do that in [binwalk's INSTALL.md](https://github.com/ReFirmLabs/binwalk/blob/master/INSTALL.md). `binhop` only "requires" `binwalk`, but it'll fail on binaries for which `binwalk` is dependent on optional modules. When that's done, get `binhop` running with something like: @@ -30,7 +30,7 @@ pip install -r requirements.txt ./binhop.py ``` -Once running, browse to [http://localhost:8080](http://localhost:8080) to upload a blob. +Once running, browse to [http://localhost:8080](http://localhost:8080) and upload a blob. ## FAQ @@ -42,7 +42,7 @@ Once running, browse to [http://localhost:8080](http://localhost:8080) to upload This repository is part of my coursework for CSC 842 - Security Tool Development at Dakota State University. Consequently, I may choose not to maintain this tool beyond the length of the course, but have selected a license that enables open contributions in any case. -For aesthetics, the interface is browser-based. It'd be ideal to make it command-line only, but I ran out of time trying to summarize an arbitrarily large number of bytes and sections into a human-consumable CLI output. I'm open to ideas. +For aesthetics, the interface is browser-based. It'd be ideal to make it command-line accessible, but I ran out of time trying to summarize an arbitrarily large number of bytes and sections into a human-consumable CLI output. I'm open to ideas. **Why did you select GPLv3? MIT is so much better.** diff --git a/binhop.py b/binhop.py index 989b5f5..ec0b9e7 100644 --- a/binhop.py +++ b/binhop.py @@ -63,40 +63,39 @@ async def upload_file(request): sha1_hash.update(chunk) md5_hash.update(chunk) - try: - working_dir = tempfile.TemporaryDirectory(ignore_cleanup_errors=True) - scan = await scan_file(temp_file.name, working_dir.name) - sigs = scan[0] - extractor = sigs.extractor.output - finally: - os.unlink(temp_file.name) + with tempfile.TemporaryDirectory() as working_dir: + try: + scan = await scan_file(temp_file.name, working_dir) + sigs = scan[0] + extractor = sigs.extractor.output + finally: + os.unlink(temp_file.name) - carved, summary = [], [] - for sig in sigs.results: - tmp_path = sig.file.path - if tmp_path in extractor: - if sig.offset in extractor[tmp_path].carved: - end_offset = sig.offset + os.path.getsize(extractor[tmp_path].carved[sig.offset]) - summary.append( - "Carved data from offsets 0x%X-0x%X to %s" - % (sig.offset, end_offset, extractor[tmp_path].carved[sig.offset]) - ) - carved.append({"start": sig.offset, "end": end_offset, "d": sig.description}) - if sig.offset in extractor[tmp_path].extracted: - extracted_files = [x for x in extractor[tmp_path].extracted[sig.offset].files if os.path.isfile(x)] - extracted_dirs = [x for x in extractor[tmp_path].extracted[sig.offset].files if os.path.isdir(x)] - summary.append( - "Extracted %d files and %d directories from offset 0x%X to '%s' using '%s'" - % ( - len(extracted_files), - len(extracted_dirs), - sig.offset, - extractor[tmp_path].extracted[sig.offset].files[0], - sigs.extractor.output[tmp_path].extracted[sig.offset].command, + carved, summary = [], [] + for sig in sigs.results: + tmp_path = sig.file.path + summary.append("%s 0x%.8X %s" % (sig.file.path, sig.offset, sig.description)) + if tmp_path in extractor: + if sig.offset in extractor[tmp_path].carved: + end_offset = sig.offset + os.path.getsize(extractor[tmp_path].carved[sig.offset]) + summary.append( + "Carved data from offsets 0x%X-0x%X to %s" + % (sig.offset, end_offset, extractor[tmp_path].carved[sig.offset]) ) - ) - num_files, num_dirs, listing = await build_listing(working_dir.name) - working_dir.cleanup() + carved.append({"start": sig.offset, "end": end_offset, "d": sig.description}) + if sig.offset in extractor[tmp_path].extracted: + extracted_files = [x for x in extractor[tmp_path].extracted[sig.offset].files if os.path.isfile(x)] + extracted_dirs = [x for x in extractor[tmp_path].extracted[sig.offset].files if os.path.isdir(x)] + summary.append( + "Extracted %d files and %d directories from offset 0x%X to using '%s'" + % ( + len(extracted_files), + len(extracted_dirs), + sig.offset, + sigs.extractor.output[tmp_path].extracted[sig.offset].command, + ) + ) + num_files, num_dirs, listing = await build_listing(working_dir) response_data = { "meta": {