first version of hash extraction

lucascarvalhoroncoroni · May 12, 2017 · 1fc24a8 · 1fc24a8
1 parent 70d1bbd
commit 1fc24a8
Show file tree

Hide file tree

Showing 5 changed files with 70 additions and 5 deletions.
diff --git a/7zFM.exe b/7zFM.exe
diff --git a/Tools/HexDump.py b/Tools/HexDump.py
@@ -0,0 +1,45 @@
+#Hex Dump Program
+import argparse
+
+def HexDump():
+    parser = argparse.ArgumentParser()
+    parser.add_argument("file", help="Specify File")
+    parser.add_argument("-o", "--output", help="Print output to terminal"\
+                        , action="store_true")
+    args = parser.parse_args()
+
+    if args.file:
+        offset = 0
+        with open(args.file, 'rb') as infile:
+            with open(args.file+".dump", 'w') as outfile:
+                chunk = infile.read(16)
+                while chunk != b'':
+                    if len(chunk) == 0:
+                        break
+
+                    text = ''
+                    for i in chunk:
+                        if i < 128 and i > 32:
+                            text = text + '' + chr(i)
+                        else:
+                            text = text + '.'
+
+                    output = "{:#08x}".format(offset) + ": "
+                    output += " ".join("{:02X}".format(ord('{}'.format(c)[0])) for c in chunk[:8])
+                    output += " | "
+                    output += " ".join("{:02X}".format(ord('{}'.format(c)[0])) for c in chunk[8:])
+                    if len(chunk) % 16 != 0:
+                        output += "   "*(16 - len(chunk)) + text
+                    else:
+                        output += " " + text
+                    if args.output:
+                        print(output)
+                    outfile.write(output + '\n')
+
+                    offset += 16
+                    chunk = infile.read(16)
+    else:
+        print(parser.usage)
+
+if __name__ == '__main__':
+    HexDump()
diff --git a/Tools/WinMD5.exe b/Tools/WinMD5.exe
diff --git a/mainProject/SFAnalytics/tools.py b/mainProject/SFAnalytics/tools.py
@@ -1,5 +1,6 @@
 import subprocess
 import re
+import hashlib
 
 class handleFile(object):
 
@@ -13,16 +14,35 @@ def saveFile(data, path):
 
 #improve this to get file locations and path
 class opcodeFile(object):
-    #only an exapmle to extract objcode with objdump
+    #only an example to extract objcode with objdump
     @staticmethod
     def opcode(path):
+        #subprocess.run executes a cmd command : ['.\objdump.exe', '-d','7zFM.exe']
         out = subprocess.run(['.\objdump.exe', '-d','7zFM.exe'], stdout=subprocess.PIPE, shell=True).stdout.decode().splitlines()
         r = []
         for o in out:
-            i = re.findall(r'\d*:\t.*\t(\w*)', o)
+            i = re.findall(r'\d*:\t.*\t(.*?)\s', o)
             if i:
                 r.append(i[0])
 
-    #print opcodes in r
-    #for x in xrange(len(r)):
-    #   print(r[x] + '\n')
+class hashTable(object):
+    """This class is responsible to extract the hash of a file"""
+    def __init__(self, path):
+        md5 = hashlib.md5()
+        sha256 = hashlib.sha256()
+        with open(path, 'rb') as afile:
+            buf = afile.read()
+            while len(buf) > 0:
+                md5.update(buf)
+                sha256.update(buf)
+                buf = afile.read()
+            afile.close()
+
+        self.md5 = md5.hexdigest()
+        self.sha256 = sha256.hexdigest()
+
+    def hashMd5(self):
+        return self.md5
+
+    def hash256(self):
+        return self.sha256
diff --git a/objdump.exe b/objdump.exe