Class: Dorothy::Loadmalw

Inherits:

Object

Object
Dorothy::Loadmalw

show all

Defined in:: lib/dorothy2/do-utils.rb

Instance Attribute Summary collapse

#binpath ⇒ Object readonly

Returns the value of attribute binpath.
#ctime ⇒ Object readonly

Returns the value of attribute ctime.
#dbtype ⇒ Object readonly

Returns the value of attribute dbtype.
#dir_bin ⇒ Object

Returns the value of attribute dir_bin.
#dir_downloads ⇒ Object

Returns the value of attribute dir_downloads.
#dir_pcap ⇒ Object

attr_accessor :dir_home.
#dir_screens ⇒ Object

Returns the value of attribute dir_screens.
#extension ⇒ Object readonly

Returns the value of attribute extension.
#filename ⇒ Object readonly

Returns the value of attribute filename.
#md5 ⇒ Object readonly

Returns the value of attribute md5.
#pcaprid ⇒ Object readonly

Returns the value of attribute pcaprid.
#pcapsize ⇒ Object readonly

Returns the value of attribute pcapsize.
#sha ⇒ Object

Returns the value of attribute sha.
#size ⇒ Object readonly

Returns the value of attribute size.
#sourceinfo ⇒ Object

used for storing info about where the binary come from (if needed).
#type ⇒ Object readonly

Returns the value of attribute type.

Class Method Summary collapse

.calc_pcaprid(file, size) ⇒ Object

Instance Method Summary collapse

#initialize(file) ⇒ Loadmalw constructor

A new instance of Loadmalw.

Constructor Details

#initialize(file) ⇒ `Loadmalw`

Returns a new instance of Loadmalw.

# File 'lib/dorothy2/do-utils.rb', line 245

def initialize(file)

  fm = FileMagic.new
  sha = Digest::SHA2.new
  md5 = Digest::MD5.new
  @binpath = file
  @filename = File.basename(file)
  @extension = File.extname(file)[1..-1]

  File.open(file, 'rb') do |fh1|
    while buffer1 = fh1.read(1024)
      @sha = sha << buffer1
      @md5 = md5 << buffer1
    end
  end

  @sha = @sha.to_s
  @md5 = @md5.to_s.rstrip
  @sourceinfo = nil

  timetmp = File.ctime(file)
  @ctime= timetmp.strftime("%m/%d/%y %H:%M:%S")
  @type = fm.file(file)

  if @extension.nil?    #no extension, trying to put the right one..
    case @type
      when /^PE32/ then
        @extension = (@type =~ /DLL/ ? "dll" : "exe")
      when /^MS-DOS/ then
        @extension = "bat"
      when /^HTML/ then
        @extension = "html"
      else
        @extension = nil
    end
  end


  @size = File.size(file)
end

Instance Attribute Details

#binpath ⇒ `Object` (readonly)

Returns the value of attribute binpath.



231
232
233

# File 'lib/dorothy2/do-utils.rb', line 231

def binpath
  @binpath
end

#ctime ⇒ `Object` (readonly)

Returns the value of attribute ctime.



233
234
235

# File 'lib/dorothy2/do-utils.rb', line 233

def ctime
  @ctime
end

#dbtype ⇒ `Object` (readonly)

Returns the value of attribute dbtype.



228
229
230

# File 'lib/dorothy2/do-utils.rb', line 228

def dbtype
  @dbtype
end

#dir_bin ⇒ `Object`

Returns the value of attribute dir_bin.



241
242
243

# File 'lib/dorothy2/do-utils.rb', line 241

def dir_bin
  @dir_bin
end

#dir_downloads ⇒ `Object`

Returns the value of attribute dir_downloads.



243
244
245

# File 'lib/dorothy2/do-utils.rb', line 243

def dir_downloads
  @dir_downloads
end

#dir_pcap ⇒ `Object`

attr_accessor :dir_home



240
241
242

# File 'lib/dorothy2/do-utils.rb', line 240

def dir_pcap
  @dir_pcap
end

#dir_screens ⇒ `Object`

Returns the value of attribute dir_screens.



242
243
244

# File 'lib/dorothy2/do-utils.rb', line 242

def dir_screens
  @dir_screens
end

#extension ⇒ `Object` (readonly)

Returns the value of attribute extension.



236
237
238

# File 'lib/dorothy2/do-utils.rb', line 236

def extension
  @extension
end

#filename ⇒ `Object` (readonly)

Returns the value of attribute filename.



232
233
234

# File 'lib/dorothy2/do-utils.rb', line 232

def filename
  @filename
end

#md5 ⇒ `Object` (readonly)

Returns the value of attribute md5.



230
231
232

# File 'lib/dorothy2/do-utils.rb', line 230

def md5
  @md5
end

#pcaprid ⇒ `Object` (readonly)

Returns the value of attribute pcaprid.



226
227
228

# File 'lib/dorothy2/do-utils.rb', line 226

def pcaprid
  @pcaprid
end

#pcapsize ⇒ `Object` (readonly)

Returns the value of attribute pcapsize.



235
236
237

# File 'lib/dorothy2/do-utils.rb', line 235

def pcapsize
  @pcapsize
end

#sha ⇒ `Object`

Returns the value of attribute sha.



229
230
231

# File 'lib/dorothy2/do-utils.rb', line 229

def sha
  @sha
end

#size ⇒ `Object` (readonly)

Returns the value of attribute size.



234
235
236

# File 'lib/dorothy2/do-utils.rb', line 234

def size
  @size
end

#sourceinfo ⇒ `Object`

used for storing info about where the binary come from (if needed)



237
238
239

# File 'lib/dorothy2/do-utils.rb', line 237

def sourceinfo
  @sourceinfo
end

#type ⇒ `Object` (readonly)

Returns the value of attribute type.



227
228
229

# File 'lib/dorothy2/do-utils.rb', line 227

def type
  @type
end

Class Method Details

.calc_pcaprid(file, size) ⇒ `Object`

# File 'lib/dorothy2/do-utils.rb', line 288

def self.calc_pcaprid(file, size)
  #t = file.split('/')
  #dumpname = t[t.length - 1]
  @pcaprid = Digest::MD5.new
  @pcaprid << "#{file}:#{size}"
  @pcaprid = @pcaprid.dup.to_s.rstrip
end

Class: Dorothy::Loadmalw

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(file) ⇒ Loadmalw

Instance Attribute Details

#binpath ⇒ Object (readonly)

#ctime ⇒ Object (readonly)

#dbtype ⇒ Object (readonly)

#dir_bin ⇒ Object

#dir_downloads ⇒ Object

#dir_pcap ⇒ Object

#dir_screens ⇒ Object

#extension ⇒ Object (readonly)

#filename ⇒ Object (readonly)

#md5 ⇒ Object (readonly)

#pcaprid ⇒ Object (readonly)

#pcapsize ⇒ Object (readonly)

#sha ⇒ Object

#size ⇒ Object (readonly)

#sourceinfo ⇒ Object

#type ⇒ Object (readonly)