From 5034a62de51ad7dfbfa5d3f292029c4c7949022d Mon Sep 17 00:00:00 2001 From: Federico Fantini Date: Wed, 3 Jul 2024 09:44:28 +0200 Subject: [PATCH] changed decrypted_filepath name to decrypted_dir --- oletools/crypto.py | 16 ++++++++-------- oletools/msodde.py | 16 ++++++++-------- oletools/olevba.py | 12 ++++++------ 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/oletools/crypto.py b/oletools/crypto.py index df49d7e6..8914ac1f 100644 --- a/oletools/crypto.py +++ b/oletools/crypto.py @@ -33,7 +33,7 @@ def script_main_function(input_file, passwords, crypto_nesting=0, args): raise crypto.MaxCryptoNestingReached(crypto_nesting, filename) decrypted_file = None try: - decrypted_file, correct_password = crypto.decrypt(input_file, passwords, decrypted_filepath) + decrypted_file, correct_password = crypto.decrypt(input_file, passwords, decrypted_dir) if decrypted_file is None: raise crypto.WrongEncryptionPassword(input_file) # might still be encrypted, so call this again recursively @@ -315,7 +315,7 @@ def check_msoffcrypto(): return msoffcrypto is not None -def decrypt(filename, passwords=None, decrypted_filepath=None, **temp_file_args): +def decrypt(filename, passwords=None, decrypted_dir=None, **temp_file_args): """ Try to decrypt an encrypted file @@ -332,8 +332,8 @@ def decrypt(filename, passwords=None, decrypted_filepath=None, **temp_file_args) `dirname` or `prefix`. `suffix` will default to suffix of input `filename`, `prefix` defaults to `oletools-decrypt-`; `text` will be ignored - :param decrypted_filepath: filepath of the decrypted file in case you want to - preserve it + :param decrypted_dir: folder to store the decrypted file in case you want + to preserve it :returns: a tuple with the name of the decrypted temporary file (type str) or `None` and the correct password or 'None' :raises: :py:class:`ImportError` if :py:mod:`msoffcrypto-tools` not found @@ -409,10 +409,10 @@ def decrypt(filename, passwords=None, decrypted_filepath=None, **temp_file_args) if decrypt_file and correct_password: log.debug(f'Successfully decrypted the file with password: {correct_password}') - if decrypted_filepath: - if os.path.isdir(decrypted_filepath) and os.access(decrypted_filepath, os.W_OK): - log.info(f"Saving decrypted file in: {decrypted_filepath}") - shutil.copy(decrypt_file, decrypted_filepath) + if decrypted_dir: + if os.path.isdir(decrypted_dir) and os.access(decrypted_dir, os.W_OK): + log.info(f"Saving decrypted file in: {decrypted_dir}") + shutil.copy(decrypt_file, decrypted_dir) else: log.info('All passwords failed') diff --git a/oletools/msodde.py b/oletools/msodde.py index 2047fb98..51636fc8 100644 --- a/oletools/msodde.py +++ b/oletools/msodde.py @@ -271,9 +271,9 @@ def process_args(cmd_line_args=None): parser.add_argument("-p", "--password", type=str, action='append', help='if encrypted office files are encountered, try ' 'decryption with this password. May be repeated.') - parser.add_argument("--decrypted_filepath", dest='decrypted_filepath', type=str, + parser.add_argument("--decrypted_dir", dest='decrypted_dir', type=str, default=None, - help='save the decrypted file to this location.') + help='store the decrypted file to this folder.') filter_group = parser.add_argument_group( title='Filter which OpenXML field commands are returned', description='Only applies to OpenXML (e.g. docx) and rtf, not to OLE ' @@ -913,7 +913,7 @@ def process_file(filepath, field_filter_mode=None): # === MAIN ================================================================= -def process_maybe_encrypted(filepath, passwords=None, decrypted_filepath=None, crypto_nesting=0, +def process_maybe_encrypted(filepath, passwords=None, decrypted_dir=None, crypto_nesting=0, **kwargs): """ Process a file that might be encrypted. @@ -924,8 +924,8 @@ def process_maybe_encrypted(filepath, passwords=None, decrypted_filepath=None, c :param str filepath: path to file on disc. :param passwords: list of passwords (str) to try for decryption or None - :param decrypted_filepath: filepath of the decrypted file in case you want to - preserve it + :param decrypted_dir: folder to store the decrypted file in case you want + to preserve it :param int crypto_nesting: How many decryption layers were already used to get the given file. :param kwargs: same as :py:func:`process_file` @@ -954,14 +954,14 @@ def process_maybe_encrypted(filepath, passwords=None, decrypted_filepath=None, c passwords = list(passwords) + crypto.DEFAULT_PASSWORDS try: logger.debug('Trying to decrypt file') - decrypted_file, correct_password = crypto.decrypt(filepath, passwords, decrypted_filepath) + decrypted_file, correct_password = crypto.decrypt(filepath, passwords, decrypted_dir) if correct_password: logger.info(f"The correct password is: {correct_password}") if not decrypted_file: logger.error('Decrypt failed, run with debug output to get details') raise crypto.WrongEncryptionPassword(filepath) logger.info('Analyze decrypted file') - result = process_maybe_encrypted(decrypted_file, passwords, decrypted_filepath, + result = process_maybe_encrypted(decrypted_file, passwords, decrypted_dir, crypto_nesting+1, **kwargs) finally: # clean up try: # (maybe file was not yet created) @@ -997,7 +997,7 @@ def main(cmd_line_args=None): return_code = 1 try: text = process_maybe_encrypted( - args.filepath, args.password, args.decrypted_filepath, + args.filepath, args.password, args.decrypted_dir, field_filter_mode=args.field_filter_mode) return_code = 0 except Exception as exc: diff --git a/oletools/olevba.py b/oletools/olevba.py index 4f1d9bab..47378796 100644 --- a/oletools/olevba.py +++ b/oletools/olevba.py @@ -3473,14 +3473,14 @@ def detect_is_encrypted(self): self.is_encrypted = crypto.is_encrypted(self.ole_file) return self.is_encrypted - def decrypt_file(self, passwords_list=None, decrypted_filepath=None): + def decrypt_file(self, passwords_list=None, decrypted_dir=None): decrypted_file = None correct_password = None if self.detect_is_encrypted(): passwords = crypto.DEFAULT_PASSWORDS if passwords_list and isinstance(passwords_list, list): passwords.extend(passwords_list) - decrypted_file, correct_password = crypto.decrypt(self.filename, passwords, decrypted_filepath) + decrypted_file, correct_password = crypto.decrypt(self.filename, passwords, decrypted_dir) if correct_password: log.info(f"The correct password is: {correct_password}") @@ -4373,9 +4373,9 @@ def parse_args(cmd_line_args=None): default=None, help='if the file is a zip archive, open all files ' 'from it, using the provided password.') - parser.add_argument("--decrypted_filepath", dest='decrypted_filepath', type=str, + parser.add_argument("--decrypted_dir", dest='decrypted_dir', type=str, default=None, - help='save the decrypted file to this location.') + help='store the decrypted file to this folder.') parser.add_argument("-p", "--password", type=str, action='append', default=[], help='if encrypted office files are encountered, try ' @@ -4557,9 +4557,9 @@ def process_file(filename, data, container, options, crypto_nesting=0): try: log.debug('Checking encryption passwords {}'.format(options.password)) passwords = options.password + crypto.DEFAULT_PASSWORDS - log.debug('Checking decrypted filepath {}'.format(options.decrypted_filepath)) + log.debug('Checking decrypted filepath {}'.format(options.decrypted_dir)) - decrypted_file, correct_password = crypto.decrypt(filename, passwords, options.decrypted_filepath) + decrypted_file, correct_password = crypto.decrypt(filename, passwords, options.decrypted_dir) if not decrypted_file: log.error('Decrypt failed, run with debug output to get details') raise crypto.WrongEncryptionPassword(filename)