[Dropper] + replace regex in text plugin and ad html objects mini-plu…

…gins for Dropper #182 #181 Signed-off-by: Gheorghita Mutu <gheorghitamutu@gmail.com>
gdt050579 · Apr 17, 2024 · 2940e40 · 2940e40
1 parent 8368171
commit 2940e40
Show file tree

Hide file tree

Showing 9 changed files with 419 additions and 20 deletions.
diff --git a/GenericPlugins/Dropper/include/Dropper.hpp b/GenericPlugins/Dropper/include/Dropper.hpp
@@ -10,11 +10,13 @@
 #include "SpecialStrings.hpp"
 #include "Executables.hpp"
 #include "Multimedia.hpp"
+#include "HtmlObjects.hpp"
 
 using namespace GView::Utils;
 using namespace GView::GenericPlugins::Droppper::SpecialStrings;
 using namespace GView::GenericPlugins::Droppper::Executables;
 using namespace GView::GenericPlugins::Droppper::Multimedia;
+using namespace GView::GenericPlugins::Droppper::HtmlObjects;
 
 namespace GView::GenericPlugins::Droppper
 {
@@ -41,6 +43,11 @@ class Instance
             context.droppers.emplace_back(std::make_unique<MZPE>());
             context.droppers.emplace_back(std::make_unique<PNG>());
 
+            // html objects
+            context.droppers.emplace_back(std::make_unique<IFrame>());
+            context.droppers.emplace_back(std::make_unique<Script>());
+            context.droppers.emplace_back(std::make_unique<XML>());
+
             bool isCaseSensitive = true;
             bool useUnicode      = true;
 
@@ -236,24 +243,36 @@ class Instance
 
         ProgressStatus::Init("Searching...", size);
         LocalString<512> ls;
-        const char* format          = "[%llu/%llu] bytes... Found [%llu] objects.";
+        const char* format          = "[%llu/%llu] bytes... Found [%u] objects.";
         constexpr uint64 CHUNK_SIZE = 10000;
         uint64 chunks               = offset / CHUNK_SIZE;
         uint64 toUpdate             = chunks * CHUNK_SIZE;
         while (offset < size) {
             if (offset >= toUpdate) {
-                CHECKBK(ProgressStatus::Update(offset, ls.Format(format, offset, size, occurences.size())) == false, "");
+                uint32 objectsCount = 0;
+                for (const auto& [_, v] : occurences) {
+                    objectsCount += v;
+                }
+
+                CHECKBK(ProgressStatus::Update(offset, ls.Format(format, offset, size, objectsCount)) == false, "");
                 chunks += 1;
                 toUpdate = chunks * CHUNK_SIZE;
 
                 cache.Get(offset, cache.GetCacheSize(), false); // optimization
             }
 
             auto buffer = GetPrecachedBuffer(offset, cache);
-            nextOffset  = offset + 1;
+            CHECKBK(buffer.GetLength() > 0, "");
+            nextOffset = offset + 1;
 
             for (uint32 i = 0; i < static_cast<uint32>(Priority::Count); i++) {
                 const auto priority = static_cast<Priority>(i);
+                if (priority == Priority::Text) {
+                    if (!IDrop::IsAsciiPrintable(buffer.GetData()[0])) {
+                        continue;
+                    }
+                }
+
                 for (auto& dropper : context.droppers) {
                     if (dropper->GetPriority() != priority) {
                         continue;
@@ -267,16 +286,29 @@ class Instance
                         const auto name = dropper->GetName();
                         occurences[name] += 1;
                         findings.push_back({ start, end, result, name });
-                        zones.Add(start, end, AppCUI::Graphics::DefaultColorPair, dropper->GetName());
                         nextOffset = end + 1;
+
+                        // adjust for zones
+                        if (result == Result::Unicode) {
+                            end -= 2;
+                        } else if (result == Result::Ascii) {
+                            end -= 1;
+                        }
+                        zones.Add(start, end, OBJECT_CATEGORY_COLOR_MAP.at(dropper->GetGroup()), dropper->GetName());
+
                         break;
                     }
                 }
             }
 
             offset = nextOffset;
         }
-        ProgressStatus::Update(size, ls.Format(format, size, size, occurences.size()));
+
+        uint32 objectsCount = 0;
+        for (const auto& [_, v] : occurences) {
+            objectsCount += v;
+        }
+        ProgressStatus::Update(size, ls.Format(format, size, size, objectsCount));
 
         WriteSummaryToLog(occurences);
         for (const auto& f : findings) {

diff --git a/GenericPlugins/Dropper/include/HtmlObjects.hpp b/GenericPlugins/Dropper/include/HtmlObjects.hpp
@@ -0,0 +1,46 @@
+#pragma once
+
+#include "IDrop.hpp"
+
+namespace GView::GenericPlugins::Droppper::HtmlObjects
+{
+class IFrame : public IDrop
+{
+  public:
+    IFrame() = default;
+
+    virtual const std::string_view GetName() const override;
+    virtual ObjectCategory GetGroup() const override;
+    virtual const std::string_view GetOutputExtension() const override;
+    virtual Priority GetPriority() const override;
+    virtual bool ShouldGroupInOneFile() const override;
+
+    virtual Result Check(uint64 offset, DataCache& file, BufferView precachedBuffer, uint64& start, uint64& end) override;
+};
+class Script : public IDrop
+{
+  public:
+    Script() = default;
+
+    virtual const std::string_view GetName() const override;
+    virtual ObjectCategory GetGroup() const override;
+    virtual const std::string_view GetOutputExtension() const override;
+    virtual Priority GetPriority() const override;
+    virtual bool ShouldGroupInOneFile() const override;
+
+    virtual Result Check(uint64 offset, DataCache& file, BufferView precachedBuffer, uint64& start, uint64& end) override;
+};
+class XML : public IDrop
+{
+  public:
+    XML() = default;
+
+    virtual const std::string_view GetName() const override;
+    virtual ObjectCategory GetGroup() const override;
+    virtual const std::string_view GetOutputExtension() const override;
+    virtual Priority GetPriority() const override;
+    virtual bool ShouldGroupInOneFile() const override;
+
+    virtual Result Check(uint64 offset, DataCache& file, BufferView precachedBuffer, uint64& start, uint64& end) override;
+};
+} // namespace GView::GenericPlugins::Droppper::HtmlObjects
diff --git a/GenericPlugins/Dropper/include/IDrop.hpp b/GenericPlugins/Dropper/include/IDrop.hpp
@@ -41,6 +41,17 @@ static const std::map<ObjectCategory, std::string_view> OBJECT_CATEGORY_MAP{
     { ObjectCategory::Multimedia, "Multimedia" },   { ObjectCategory::SpecialStrings, "Special Strings" },
 };
 
+static const std::map<ObjectCategory, ColorPair> OBJECT_CATEGORY_COLOR_MAP{
+    { ObjectCategory::Archive, ColorPair{ .Foreground = Color::White, .Background = Color::Black } },
+    { ObjectCategory::AVStrings, ColorPair{ .Foreground = Color::White, .Background = Color::DarkBlue } },
+    { ObjectCategory::Cryptographic, ColorPair{ .Foreground = Color::White, .Background = Color::DarkGreen } },
+    { ObjectCategory::Executables, ColorPair{ .Foreground = Color::White, .Background = Color::Teal } },
+    { ObjectCategory::HtmlObjects, ColorPair{ .Foreground = Color::White, .Background = Color::DarkRed } },
+    { ObjectCategory::Image, ColorPair{ .Foreground = Color::White, .Background = Color::Magenta } },
+    { ObjectCategory::Multimedia, ColorPair{ .Foreground = Color::White, .Background = Color::Olive } },
+    { ObjectCategory::SpecialStrings, ColorPair{ .Foreground = Color::Black, .Background = Color::Silver } },
+};
+
 class IDrop
 {
   public:

diff --git a/GenericPlugins/Dropper/include/SpecialStrings.hpp b/GenericPlugins/Dropper/include/SpecialStrings.hpp
@@ -82,12 +82,19 @@ class Registry : public SpecialStrings
 };
 class Text : public SpecialStrings
 {
+  private:
+    uint32 minLength{ 8 };
+    uint32 maxLength{ 128 };
+
   public:
     Text(bool caseSensitive, bool unicode);
 
     virtual const std::string_view GetName() const override;
     virtual const std::string_view GetOutputExtension() const override;
 
     virtual Result Check(uint64 offset, DataCache& file, BufferView precachedBuffer, uint64& start, uint64& end) override;
+
+    bool SetMinLength(uint32 minLength);
+    bool SetMaxLength(uint32 maxLength);
 };
 } // namespace GView::GenericPlugins::Droppper::SpecialStrings
diff --git a/GenericPlugins/Dropper/src/CMakeLists.txt b/GenericPlugins/Dropper/src/CMakeLists.txt
@@ -9,4 +9,7 @@ target_sources(Dropper PRIVATE
 	SpecialStrings/URL.cpp
 	SpecialStrings/Wallet.cpp
 	Executables/MZPE.cpp
+	HtmlObjects/IFrame.cpp
+	HtmlObjects/Script.cpp
+	HtmlObjects/XML.cpp
 	Multimedia/PNG.cpp)
diff --git a/GenericPlugins/Dropper/src/HtmlObjects/IFrame.cpp b/GenericPlugins/Dropper/src/HtmlObjects/IFrame.cpp
@@ -0,0 +1,65 @@
+#include "HtmlObjects.hpp"
+
+namespace GView::GenericPlugins::Droppper::HtmlObjects
+{
+constexpr std::string_view START{ "<iframe>" };
+constexpr std::string_view END{ "</iframe>" };
+
+const std::string_view IFrame::GetName() const
+{
+    return "IFrame";
+}
+
+ObjectCategory IFrame::GetGroup() const
+{
+    return ObjectCategory::HtmlObjects;
+}
+
+const std::string_view IFrame::GetOutputExtension() const
+{
+    return "iframe";
+}
+
+Priority IFrame::GetPriority() const
+{
+    return Priority::Text;
+}
+
+bool IFrame::ShouldGroupInOneFile() const
+{
+    return false;
+}
+
+Result IFrame::Check(uint64 offset, DataCache& file, BufferView precachedBuffer, uint64& start, uint64& end)
+{
+    CHECK(precachedBuffer.GetLength() >= START.size(), Result::NotFound, "");
+    CHECK(memcmp(precachedBuffer.GetData(), START.data(), START.size()) == 0, Result::NotFound, "");
+
+    auto buffer = file.Get(offset, file.GetCacheSize() / 12, false);
+    CHECK(buffer.GetLength() >= START.size() + END.size(), Result::NotFound, "");
+
+    start = offset;
+    end   = offset;
+
+    uint64 i = 0;
+    while (buffer.GetLength() >= END.size()) {
+        CHECK(IsAsciiPrintable(buffer.GetData()[i]), Result::NotFound, "");
+
+        if (memcmp(buffer.GetData() + i, END.data(), END.size()) == 0) {
+            end += END.size();
+            return Result::Ascii;
+        }
+
+        end += 1;
+        i++;
+
+        if (i + END.size() == buffer.GetLength()) {
+            offset += i + END.size();
+            buffer = file.Get(offset, file.GetCacheSize() / 12, false);
+            i      = 0;
+        }
+    }
+
+    return Result::NotFound;
+}
+} // namespace GView::GenericPlugins::Droppper::HtmlObjects
diff --git a/GenericPlugins/Dropper/src/HtmlObjects/Script.cpp b/GenericPlugins/Dropper/src/HtmlObjects/Script.cpp
@@ -0,0 +1,65 @@
+#include "HtmlObjects.hpp"
+
+namespace GView::GenericPlugins::Droppper::HtmlObjects
+{
+constexpr std::string_view START{ "<script>" };
+constexpr std::string_view END{ "</script>" };
+
+const std::string_view Script::GetName() const
+{
+    return "Script";
+}
+
+ObjectCategory Script::GetGroup() const
+{
+    return ObjectCategory::HtmlObjects;
+}
+
+const std::string_view Script::GetOutputExtension() const
+{
+    return "script";
+}
+
+Priority Script::GetPriority() const
+{
+    return Priority::Text;
+}
+
+bool Script::ShouldGroupInOneFile() const
+{
+    return false;
+}
+
+Result Script::Check(uint64 offset, DataCache& file, BufferView precachedBuffer, uint64& start, uint64& end)
+{
+    CHECK(precachedBuffer.GetLength() >= START.size(), Result::NotFound, "");
+    CHECK(memcmp(precachedBuffer.GetData(), START.data(), START.size()) == 0, Result::NotFound, "");
+
+    auto buffer = file.Get(offset, file.GetCacheSize() / 12, false);
+    CHECK(buffer.GetLength() >= START.size() + END.size(), Result::NotFound, "");
+
+    start = offset;
+    end   = offset;
+
+    uint64 i = 0;
+    while (buffer.GetLength() >= END.size()) {
+        CHECK(IsAsciiPrintable(buffer.GetData()[i]), Result::NotFound, "");
+
+        if (memcmp(buffer.GetData() + i, END.data(), END.size()) == 0) {
+            end += END.size();
+            return Result::Ascii;
+        }
+
+        end += 1;
+        i++;
+
+        if (i + END.size() == buffer.GetLength()) {
+            offset += i + END.size();
+            buffer = file.Get(offset, file.GetCacheSize() / 12, false);
+            i      = 0;
+        }
+    }
+
+    return Result::NotFound;
+}
+} // namespace GView::GenericPlugins::Droppper::HtmlObjects