2017-09-01 13:12:05 +00:00
|
|
|
#!/usr/bin/env python3.5
|
2017-08-23 16:22:58 +00:00
|
|
|
#
|
|
|
|
|
# Copyright (C) 2016,2017 The University of Sheffield, UK
|
|
|
|
|
#
|
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
# (at your option) any later version.
|
|
|
|
|
#
|
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
|
#
|
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
"""Python analys providing a decomposition analysis of JavaScript code in
|
|
|
|
|
general and Chrome extensions in particular."""
|
|
|
|
|
|
|
|
|
|
import os
|
2017-08-28 09:40:37 +00:00
|
|
|
import io
|
2017-08-23 16:22:58 +00:00
|
|
|
import re
|
|
|
|
|
import json
|
|
|
|
|
from enum import Enum
|
2017-08-28 09:40:37 +00:00
|
|
|
from ExtensionCrawler.js_mincer import mince_js
|
2017-09-17 12:18:49 +00:00
|
|
|
from ExtensionCrawler.file_identifiers import get_file_identifiers
|
2017-08-23 16:22:58 +00:00
|
|
|
|
2017-08-24 20:37:35 +00:00
|
|
|
class DetectionType(Enum):
|
|
|
|
|
"""Enumeration for detection types."""
|
2017-09-17 12:40:38 +00:00
|
|
|
# EMPTY_FILE
|
|
|
|
|
FILE_SIZE = "file_size"
|
|
|
|
|
# LIBRARY
|
2017-08-29 23:12:57 +00:00
|
|
|
SHA1 = "sha1"
|
2017-09-17 12:40:38 +00:00
|
|
|
MD5 = "md5"
|
|
|
|
|
SHA1_DECOMPRESSED = "sha1 (after decompression)"
|
|
|
|
|
MD5_DECOMPRESSED = "md5 (after decompression)"
|
|
|
|
|
SHA1_NORMALIZED = "sha1 (after normalization)"
|
|
|
|
|
MD5_NORMALIZED = "md5 (after normalization)"
|
|
|
|
|
SHA1_DECOMPRESSED_NORMALIZED = "sha1 (after decompression and normalization)"
|
|
|
|
|
MD5_DECOMPRESSED_NORMALIZED = "md5 (after decompression and normalization)"
|
|
|
|
|
# VERY_LIKELY_LIBRARY
|
|
|
|
|
FILENAME_COMMENTBLOCK = "filename and witness in comment block"
|
|
|
|
|
FILENAME_CODEBLOCK = "filename and witness in code block"
|
|
|
|
|
# LIKELY_LIBRARY
|
|
|
|
|
COMMENTBLOCK = "witness in comment block"
|
|
|
|
|
CODEBLOCK = "witness in code block"
|
|
|
|
|
FILENAME = "known file name"
|
|
|
|
|
URL = "known URL"
|
|
|
|
|
# LIKELY_APPLICATION
|
2017-08-29 23:24:19 +00:00
|
|
|
DEFAULT = "default"
|
2017-09-17 12:40:38 +00:00
|
|
|
|
2017-08-24 20:37:35 +00:00
|
|
|
class FileClassification(Enum):
|
|
|
|
|
""" Enumeration for file classification"""
|
2017-09-17 12:40:38 +00:00
|
|
|
EMPTY_FILE = "other (empty file)"
|
2017-09-18 08:09:00 +00:00
|
|
|
METADATA = "metadata"
|
2017-09-17 12:40:38 +00:00
|
|
|
LIBRARY = "known library"
|
|
|
|
|
VERY_LIKELY_LIBRARY = "very likely known library"
|
|
|
|
|
LIKELY_LIBRARY = "likely known library"
|
|
|
|
|
LIKELY_APPLICATION = "likely application"
|
2017-09-18 08:09:00 +00:00
|
|
|
ERROR = "error"
|
2017-08-24 20:37:35 +00:00
|
|
|
|
2017-08-28 18:20:50 +00:00
|
|
|
def load_lib_identifiers():
|
2017-08-23 22:37:15 +00:00
|
|
|
"""Initialize identifiers for known libraries from JSON file."""
|
|
|
|
|
regex_file = os.path.join(
|
2017-08-23 16:22:58 +00:00
|
|
|
os.path.dirname(os.path.realpath(__file__)), '../resources/',
|
2017-08-23 22:37:15 +00:00
|
|
|
'js_identifier.json')
|
|
|
|
|
with open(regex_file, 'r') as json_file:
|
|
|
|
|
json_content = json_file.read()
|
|
|
|
|
return json.loads(json_content)
|
2017-08-23 19:04:52 +00:00
|
|
|
|
2017-08-23 23:44:34 +00:00
|
|
|
|
2017-08-23 22:37:15 +00:00
|
|
|
def unknown_filename_identifier():
|
|
|
|
|
"""Identifier for extracting version information from unknown/generic file names."""
|
2017-08-23 19:04:52 +00:00
|
|
|
return re.compile(
|
2017-08-23 19:09:02 +00:00
|
|
|
r'(.+)[\-\_]([0-9]{1,2}[\.|\-|\_][0-9a-z]{1,2}[\.|\-|\_][0-9a-z\-\_]*)',
|
|
|
|
|
re.IGNORECASE)
|
|
|
|
|
|
2017-08-23 22:37:15 +00:00
|
|
|
def unknown_lib_identifiers():
|
|
|
|
|
"""List of identifiers for generic library version headers."""
|
2017-08-23 19:09:02 +00:00
|
|
|
return ([
|
|
|
|
|
re.compile(
|
2017-08-28 09:40:37 +00:00
|
|
|
r'[\/|\/\/|\s]\*?\s?([a-zA-Z0-9\.]+)\sv?([0-9][\.|\-|\_][0-9.a-z_\\\\-]+)',
|
2017-08-23 19:09:02 +00:00
|
|
|
re.IGNORECASE
|
|
|
|
|
), #MatchType: name version, e.g. mylib v1.2.9b or mylib.anything 1.2.8
|
|
|
|
|
re.compile(
|
2017-08-28 09:40:37 +00:00
|
|
|
r'[\/|\/\/|\s]\*?\s?([a-zA-Z0-9\.]+)\s(?: version)\:?\s?v?([0-9][0-9.a-z_\\\\-]+)',
|
2017-08-23 19:09:02 +00:00
|
|
|
re.IGNORECASE
|
|
|
|
|
), #MatchType: name version: ver, e.g. mylib version: v1.2.9, or mylib.js version 1.2.8
|
|
|
|
|
re.compile(
|
2017-08-28 09:40:37 +00:00
|
|
|
r'\@*(version)\s?[\:|-]?\s?v?([0-9][\.|\-|\_][0-9.a-z_\\\\-]+)',
|
2017-08-23 19:09:02 +00:00
|
|
|
re.IGNORECASE
|
|
|
|
|
), #MatchType: version x.x.x, e.g. @version: 1.2.5 or version - 1.2.5 etc.
|
|
|
|
|
re.compile(
|
2017-08-28 09:40:37 +00:00
|
|
|
r'(version)[\:|\=]\s?.?([0-9]{1,2}[\.|\-|\_][0-9.a-z_\\\\-]+).?',
|
2017-08-23 19:09:02 +00:00
|
|
|
re.IGNORECASE),
|
2017-08-28 09:40:37 +00:00
|
|
|
re.compile(r'(.+) v([0-9]{1,2}[\.|\-|\_][0-9]{1,2}[0-9.a-z_\\\\-]*)',
|
2017-08-23 19:09:02 +00:00
|
|
|
re.IGNORECASE)
|
|
|
|
|
])
|
|
|
|
|
|
2017-09-18 08:09:00 +00:00
|
|
|
def init_file_info(path, data):
|
2017-08-24 18:43:48 +00:00
|
|
|
"""Initialize jsinfo record."""
|
2017-09-18 08:09:00 +00:00
|
|
|
file_info = get_file_identifiers(path, data)
|
|
|
|
|
file_info['lib'] = None
|
|
|
|
|
file_info['version'] = None
|
|
|
|
|
file_info['detectionMethod'] = None
|
|
|
|
|
file_info['detectionMethodDetails'] = None
|
|
|
|
|
file_info['type'] = None
|
|
|
|
|
file_info['evidenceStartPos'] = None
|
|
|
|
|
file_info['evidenceEndPos'] = None
|
|
|
|
|
file_info['evidenceText'] = None
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_empty_file(file_info):
|
|
|
|
|
"""Check if file is empty."""
|
|
|
|
|
if file_info['size'] == 0:
|
|
|
|
|
file_info['detectionMethod'] = DetectionType.FILE_SIZE
|
|
|
|
|
file_info['type'] = FileClassification.EMPTY_FILE
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_metadata(file_info):
|
|
|
|
|
"""Check for metadata (based on filename/path)."""
|
|
|
|
|
if file_info['path'] == "manifest.json" or file_info['path'] == "_metadata/verified_contents.json":
|
|
|
|
|
file_info['detectionMethod'] = DetectionType.FILENAME
|
|
|
|
|
file_info['type'] = FileClassification.METADATA
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_sha1(file_info):
|
|
|
|
|
"""Check for known sha1 hash (file content)."""
|
|
|
|
|
# TODO
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_sha1_decompressed(file_info):
|
|
|
|
|
"""Check for known sha1 hash (decompressed file content)."""
|
|
|
|
|
# TODO
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_sha1_normalized(file_info):
|
|
|
|
|
"""Check for known sha1 hash (normalized file content)."""
|
|
|
|
|
# TODO
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_sha1_decompressed_normalized(file_info):
|
|
|
|
|
"""Check for known sha1 hash (decompressed normalized file content)."""
|
|
|
|
|
# TODO
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_filename(file_info):
|
2017-09-19 08:16:32 +00:00
|
|
|
"""Check for known filename and typical library filename patterns."""
|
2017-09-18 08:09:00 +00:00
|
|
|
# TODO
|
|
|
|
|
return file_info
|
|
|
|
|
|
|
|
|
|
def check_comment_blocks(file_info, data):
|
|
|
|
|
"""Check for known pattern in comment blocks."""
|
|
|
|
|
# TODO
|
2017-09-19 08:16:32 +00:00
|
|
|
return [file_info]
|
2017-09-18 08:09:00 +00:00
|
|
|
|
|
|
|
|
def check_code_blocks(file_info, data):
|
|
|
|
|
"""Check for known pattern in code blocks."""
|
|
|
|
|
# TODO
|
2017-09-19 08:16:32 +00:00
|
|
|
return [file_info]
|
2017-09-18 08:09:00 +00:00
|
|
|
|
2017-08-24 18:43:48 +00:00
|
|
|
|
2017-08-29 23:38:30 +00:00
|
|
|
def analyse_checksum(zipfile, js_file, js_info):
|
2017-08-28 19:09:34 +00:00
|
|
|
"""Check for known md5 hashes (file content)."""
|
|
|
|
|
json_data = load_lib_identifiers()
|
|
|
|
|
for lib in json_data:
|
|
|
|
|
for info in json_data[lib]:
|
2017-08-29 23:38:30 +00:00
|
|
|
if info == 'sha1':
|
2017-09-01 15:27:44 +00:00
|
|
|
for lib_file in json_data[lib]['sha1']:
|
|
|
|
|
if lib_file['sha1'].lower() == js_info['sha1'].hex():
|
2017-08-29 23:38:30 +00:00
|
|
|
js_info['lib'] = lib
|
2017-09-01 15:27:44 +00:00
|
|
|
js_info['version'] = lib_file['version']
|
2017-08-29 23:38:30 +00:00
|
|
|
js_info['type'] = FileClassification.LIBRARY
|
2017-08-31 07:43:19 +00:00
|
|
|
js_info['detectionMethod'] = DetectionType.SHA1,
|
2017-09-01 15:27:44 +00:00
|
|
|
if 'comment' in lib_file:
|
|
|
|
|
js_info['detectionMethodDetails'] = lib_file['comment']
|
2017-08-29 23:38:30 +00:00
|
|
|
return [js_info]
|
2017-08-28 19:09:34 +00:00
|
|
|
if info == 'md5':
|
2017-09-01 15:27:44 +00:00
|
|
|
for lib_file in json_data[lib]['md5']:
|
|
|
|
|
if lib_file['md5'].lower() == js_info['md5'].hex():
|
2017-08-28 19:09:34 +00:00
|
|
|
js_info['lib'] = lib
|
2017-09-01 15:27:44 +00:00
|
|
|
js_info['version'] = lib_file['version']
|
2017-08-28 19:09:34 +00:00
|
|
|
js_info['type'] = FileClassification.LIBRARY
|
2017-08-30 07:28:39 +00:00
|
|
|
js_info['detectionMethod'] = DetectionType.MD5
|
2017-09-01 15:27:44 +00:00
|
|
|
if 'comment' in lib_file:
|
|
|
|
|
js_info['detectionMethodDetails'] = lib_file['comment']
|
2017-08-28 19:09:34 +00:00
|
|
|
return [js_info]
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
|
2017-08-24 18:43:48 +00:00
|
|
|
|
2017-08-28 20:05:15 +00:00
|
|
|
def analyse_known_filename(zipfile, js_file, js_info):
|
2017-08-24 18:43:48 +00:00
|
|
|
"""Check for known file name patterns."""
|
|
|
|
|
libs = list()
|
2017-08-28 18:20:50 +00:00
|
|
|
for lib, regex in load_lib_identifiers().items():
|
2017-08-24 18:43:48 +00:00
|
|
|
if 'filename' in regex:
|
2017-08-30 08:11:55 +00:00
|
|
|
if zipfile is not None:
|
|
|
|
|
filename = js_file.filename
|
|
|
|
|
else:
|
|
|
|
|
filename = js_file
|
2017-08-24 18:43:48 +00:00
|
|
|
filename_matched = re.search(regex['filename'],
|
2017-08-30 08:11:55 +00:00
|
|
|
filename, re.IGNORECASE)
|
2017-08-24 18:43:48 +00:00
|
|
|
if filename_matched:
|
|
|
|
|
js_info['lib'] = lib
|
2017-08-30 07:28:39 +00:00
|
|
|
js_info['version'] = filename_matched.group(2)
|
2017-08-24 20:37:35 +00:00
|
|
|
js_info['type'] = FileClassification.LIBRARY
|
2017-08-30 07:28:39 +00:00
|
|
|
js_info['detectionMethod'] = DetectionType.FILENAME
|
2017-08-31 22:44:51 +00:00
|
|
|
js_info['detectionMethodDetails'] = regex['filename']
|
2017-08-24 18:43:48 +00:00
|
|
|
libs.append(js_info)
|
|
|
|
|
return libs
|
|
|
|
|
|
2017-08-28 20:05:15 +00:00
|
|
|
def analyse_generic_filename(zipfile, js_file, js_info):
|
2017-08-24 18:43:48 +00:00
|
|
|
"""Check for generic file name patterns."""
|
|
|
|
|
libs = list()
|
2017-08-30 08:11:55 +00:00
|
|
|
if zipfile is not None:
|
|
|
|
|
filename = js_file.filename
|
|
|
|
|
else:
|
|
|
|
|
filename = js_file
|
|
|
|
|
|
2017-08-24 18:43:48 +00:00
|
|
|
unknown_filename_match = unknown_filename_identifier().search(
|
2017-08-30 08:11:55 +00:00
|
|
|
filename)
|
2017-08-24 18:43:48 +00:00
|
|
|
if unknown_filename_match:
|
2017-09-01 23:05:07 +00:00
|
|
|
js_info['lib'] = os.path.basename(unknown_filename_match.group(1)).replace(
|
|
|
|
|
'.js', '').replace('.min', '')
|
2017-08-30 07:28:39 +00:00
|
|
|
js_info['version'] = unknown_filename_match.group(2)
|
2017-08-24 20:37:35 +00:00
|
|
|
js_info['type'] = FileClassification.LIKELY_LIBRARY
|
2017-08-30 07:28:39 +00:00
|
|
|
js_info['detectionMethod'] = DetectionType.FILENAME
|
2017-08-24 18:43:48 +00:00
|
|
|
libs.append(js_info)
|
|
|
|
|
return libs
|
|
|
|
|
|
2017-08-28 20:05:15 +00:00
|
|
|
def analyse_filename(zipfile, js_file, js_info):
|
2017-08-28 09:40:37 +00:00
|
|
|
"""Check for file name patterns of libraries (known and generic as fall back)`"""
|
2017-08-28 20:05:15 +00:00
|
|
|
res = analyse_known_filename(zipfile, js_file, js_info)
|
2017-08-28 09:40:37 +00:00
|
|
|
if not res:
|
2017-08-28 20:05:15 +00:00
|
|
|
res = analyse_generic_filename(zipfile, js_file, js_info)
|
2017-08-28 09:40:37 +00:00
|
|
|
return res
|
|
|
|
|
|
|
|
|
|
|
2017-08-28 20:05:15 +00:00
|
|
|
def analyse_comment_known_libs(zipfile, js_file, js_info, comment):
|
2017-08-28 09:40:37 +00:00
|
|
|
"""Search for library specific identifiers in comment block."""
|
2017-08-24 18:43:48 +00:00
|
|
|
libs = list()
|
2017-08-30 08:11:55 +00:00
|
|
|
if zipfile is not None:
|
2017-09-01 22:24:55 +00:00
|
|
|
filename = js_file.filename
|
2017-08-30 08:11:55 +00:00
|
|
|
else:
|
|
|
|
|
filename = js_file
|
2017-09-01 22:41:45 +00:00
|
|
|
for lib, regex in load_lib_identifiers().items():
|
|
|
|
|
if('filecontent' in regex):
|
|
|
|
|
for unkregex in regex['filecontent']:
|
|
|
|
|
unkown_lib_matched = unkregex.finditer(comment.content)
|
|
|
|
|
for match in unkown_lib_matched:
|
2017-09-01 23:05:07 +00:00
|
|
|
js_info['lib'] = lib
|
2017-09-01 22:41:45 +00:00
|
|
|
js_info['version'] = match.group(2)
|
|
|
|
|
js_info['detectionMethod'] = DetectionType.COMMENTBLOCK
|
|
|
|
|
js_info['detectionMethodDetails'] = unkregex
|
|
|
|
|
js_info['type'] = FileClassification.LIBRARY
|
|
|
|
|
libs.append(js_info)
|
2017-08-24 18:43:48 +00:00
|
|
|
return libs
|
|
|
|
|
|
2017-08-28 20:05:15 +00:00
|
|
|
def analyse_comment_generic_libs(zipfile, js_file, js_info, comment):
|
2017-08-28 09:40:37 +00:00
|
|
|
"""Search for generic identifiers in comment block."""
|
|
|
|
|
libs = list()
|
2017-08-30 08:11:55 +00:00
|
|
|
if zipfile is not None:
|
2017-09-01 22:24:55 +00:00
|
|
|
filename = js_file.filename
|
2017-08-30 08:11:55 +00:00
|
|
|
else:
|
|
|
|
|
filename = js_file
|
2017-08-30 10:42:12 +00:00
|
|
|
|
2017-08-28 09:40:37 +00:00
|
|
|
for unkregex in unknown_lib_identifiers():
|
|
|
|
|
unkown_lib_matched = unkregex.finditer(comment.content)
|
|
|
|
|
for match in unkown_lib_matched:
|
2017-09-01 22:41:45 +00:00
|
|
|
js_info['lib'] = ((os.path.basename(filename)).replace(
|
2017-08-28 09:40:37 +00:00
|
|
|
'.js', '')).replace('.min', '')
|
2017-08-30 07:28:39 +00:00
|
|
|
js_info['version'] = match.group(2)
|
|
|
|
|
js_info['detectionMethod'] = DetectionType.COMMENTBLOCK
|
2017-08-31 22:44:51 +00:00
|
|
|
js_info['detectionMethodDetails'] = unkregex
|
2017-08-28 09:40:37 +00:00
|
|
|
js_info['type'] = FileClassification.LIKELY_LIBRARY
|
|
|
|
|
libs.append(js_info)
|
|
|
|
|
return libs
|
|
|
|
|
|
2017-08-28 20:05:15 +00:00
|
|
|
def analyse_comment_blocks(zipfile, js_file, js_info):
|
2017-08-28 09:40:37 +00:00
|
|
|
"""Search for library identifiers in comment."""
|
2017-08-30 08:11:55 +00:00
|
|
|
def mince_js_fileobj(js_text_file_obj):
|
|
|
|
|
"""Mince JavaScript file using a file object."""
|
|
|
|
|
libs = list()
|
|
|
|
|
for block in mince_js(js_text_file_obj, single_line_comments_block=True):
|
|
|
|
|
block_libs = list()
|
|
|
|
|
if block.is_comment():
|
|
|
|
|
block_libs = analyse_comment_known_libs(zipfile, js_file, js_info, block)
|
|
|
|
|
if block_libs is None:
|
|
|
|
|
block_libs = analyse_comment_generic_libs(zipfile, js_file, js_info, block)
|
2017-09-01 22:23:11 +00:00
|
|
|
if block_libs is not None:
|
|
|
|
|
libs += block_libs
|
|
|
|
|
return libs
|
|
|
|
|
libs = []
|
2017-08-28 19:53:55 +00:00
|
|
|
try:
|
2017-08-30 08:11:55 +00:00
|
|
|
if zipfile is not None:
|
|
|
|
|
with zipfile.open(js_file) as js_file_obj:
|
|
|
|
|
with io.TextIOWrapper(js_file_obj, js_info['encoding']) as js_text_file_obj:
|
2017-09-01 22:24:55 +00:00
|
|
|
libs = mince_js_fileobj(js_text_file_obj)
|
2017-08-30 08:11:55 +00:00
|
|
|
else:
|
|
|
|
|
with open(js_file) as js_text_file_obj:
|
2017-09-01 22:24:55 +00:00
|
|
|
libs = mince_js_fileobj(js_text_file_obj)
|
2017-08-28 20:05:15 +00:00
|
|
|
except:
|
|
|
|
|
libs = list()
|
2017-08-28 09:40:37 +00:00
|
|
|
return libs
|
2017-08-24 18:43:48 +00:00
|
|
|
|
2017-09-18 08:09:00 +00:00
|
|
|
def decompose_js(path_or_zipfileobj):
|
2017-08-24 18:43:48 +00:00
|
|
|
"""JavaScript decomposition analysis for extensions."""
|
2017-08-30 08:11:55 +00:00
|
|
|
zipfile = None
|
2017-09-18 08:09:00 +00:00
|
|
|
inventory = []
|
|
|
|
|
if isinstance(path_or_zipfileobj, str):
|
|
|
|
|
path_list = [path_or_zipfileobj]
|
2017-08-30 08:11:55 +00:00
|
|
|
else:
|
2017-09-18 08:09:00 +00:00
|
|
|
zipfile = path_or_zipfileobj
|
|
|
|
|
path_list = list(filter(lambda x: os.path.basename(x.filename) != "", zipfile.infolist()))
|
2017-08-30 08:11:55 +00:00
|
|
|
|
2017-09-18 08:09:00 +00:00
|
|
|
for path_or_zipentry in path_list:
|
2017-08-28 20:05:15 +00:00
|
|
|
|
2017-09-18 08:09:00 +00:00
|
|
|
if zipfile is not None:
|
|
|
|
|
with zipfile.open(path_or_zipentry) as js_file_obj:
|
|
|
|
|
data = js_file_obj.read()
|
|
|
|
|
path = path_or_zipentry.filename
|
2017-08-24 18:43:48 +00:00
|
|
|
else:
|
2017-09-18 08:09:00 +00:00
|
|
|
with open(path_or_zipentry, mode='rb') as js_file_obj:
|
|
|
|
|
data = js_file_obj.read()
|
|
|
|
|
path = path_or_zipentry
|
|
|
|
|
|
|
|
|
|
file_info = init_file_info(path, data)
|
|
|
|
|
|
|
|
|
|
file_info = check_empty_file(file_info)
|
|
|
|
|
if not file_info['detectionMethod'] is None:
|
|
|
|
|
inventory.append(file_info)
|
|
|
|
|
continue
|
|
|
|
|
file_info = check_metadata(file_info)
|
|
|
|
|
if not file_info['detectionMethod'] is None:
|
|
|
|
|
inventory.append(file_info)
|
|
|
|
|
continue
|
|
|
|
|
file_info = check_sha1(file_info)
|
|
|
|
|
if not file_info['detectionMethod'] is None:
|
|
|
|
|
inventory.append(file_info)
|
|
|
|
|
continue
|
|
|
|
|
file_info = check_sha1_decompressed(file_info)
|
|
|
|
|
if not file_info['detectionMethod'] is None:
|
|
|
|
|
inventory.append(file_info)
|
|
|
|
|
continue
|
|
|
|
|
file_info = check_sha1_normalized(file_info)
|
|
|
|
|
if not file_info['detectionMethod'] is None:
|
|
|
|
|
inventory.append(file_info)
|
|
|
|
|
continue
|
|
|
|
|
file_info = check_sha1_decompressed_normalized(file_info)
|
|
|
|
|
if not file_info['detectionMethod'] is None:
|
|
|
|
|
inventory.append(file_info)
|
|
|
|
|
continue
|
|
|
|
|
file_info = check_filename(file_info)
|
|
|
|
|
if not file_info['detectionMethod'] is None:
|
|
|
|
|
# TODO
|
2017-09-19 08:16:32 +00:00
|
|
|
js_info_comments = check_comment_blocks(file_info, data)
|
|
|
|
|
js_info_codes = check_code_blocks(file_info, data)
|
2017-09-18 08:09:00 +00:00
|
|
|
# js_info_file = analyse_checksum(zipfile, js_file, js_info)
|
|
|
|
|
# if not js_info_file:
|
|
|
|
|
# js_info_file = analyse_filename(zipfile, js_file, js_info)
|
|
|
|
|
# js_info_file += analyse_comment_blocks(zipfile, js_file, js_info)
|
|
|
|
|
inventory.append(file_info)
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
# if no library could be detected, we report the JavaScript file as 'application'.
|
|
|
|
|
file_info['lib'] = None
|
|
|
|
|
file_info['version'] = None
|
|
|
|
|
file_info['detectionMethod'] = DetectionType.DEFAULT
|
|
|
|
|
file_info['type'] = FileClassification.LIKELY_APPLICATION
|
|
|
|
|
inventory.append(file_info)
|
2017-08-23 23:29:44 +00:00
|
|
|
|
2017-09-19 08:16:32 +00:00
|
|
|
return inventory
|
