Added ability to combine all signature scans together into one scan.

b406691b · devttys0 · 9a47ed82 · b406691b · b406691b · b406691b
Commit b406691b authored Jan 07, 2014 by devttys0
7 changed files
--- a/API
+++ b/API
--- a/INSTALL
+++ b/INSTALL
 BEFORE YOU START
----------------------------------
+-----------------------------------------
 Binwalk supports Python 2.7 - 3.x. Although binwalk is slightly faster in Python 3, the Python OpenGL bindings
 are still experimental for Python 3, so Python 2.7 is recommended.
@@ -12,7 +12,7 @@ You will also need to have a C compiler installed to build the supporting C libr
 INSTALLATION
----------------------------------
+-----------------------------------------
 Installation follows the typical configure/make process:
@@ -21,17 +21,13 @@ Installation follows the typical configure/make process:
    $ make
    $ sudo make install
-You can also install optional dependencies and extraction utilities (works on most Debian/RedHat based systems):
+Note that 'make deps' should work on most Debian and RedHat based systems. If this does not work for your system, 
-	$ make deps
-Note that 'make deps' should work on most Debian/RedHat based systems. If this does not work for your system, 
 see below for manaully installing dependencies / extraction utilities.
-INSTALLING DEPENDENCIES
+MANUALLY INSTALLING DEPENDENCIES
----------------------------------
+-----------------------------------------
 Most binwalk features will work out of the box without any additional dependencies. However, to take full advantage
 of binwalk's capabilities, you need to install:
@@ -75,8 +71,8 @@ Most distros don't have pyqtgraph in their default repositories, so it's best to
-INSTALLING EXTRACTION UTILITIES
+MANUALLY INSTALLING EXTRACTION UTILITIES
----------------------------------
+-------------------------------------------
 Binwalk can automatically invoke external extraction utilities to extract various types of files that it
 may find during a scan. These utilities are optional, but recommended if you plan on using binwalk's
@@ -98,7 +94,7 @@ and placed in the /opt/firmware-mod-kit directory:
 UNINSTALL
----------------------------------
+-----------------------------------------
 The following command will remove binwalk from your system (note that this does *not* include dependencies installed via 'make deps'):

--- a/src/binwalk/core/C.py
+++ b/src/binwalk/core/C.py
--- a/src/binwalk/core/magic.py
+++ b/src/binwalk/core/magic.py
@@ -8,6 +8,7 @@ class Magic(object):
    LIBMAGIC_FUNCTIONS = [
            binwalk.core.C.Function(name="magic_open", type=int),
+            binwalk.core.C.Function(name="magic_close", type=None),
            binwalk.core.C.Function(name="magic_load", type=int),
            binwalk.core.C.Function(name="magic_buffer", type=str),
    ]
@@ -31,6 +32,12 @@ class Magic(object):
        self.magic_cookie = self.libmagic.magic_open(self.MAGIC_FLAGS | flags)
        self.libmagic.magic_load(self.magic_cookie, self.magic_file)
+    def close(self):
+        if self.magic_cookie:
+            self.libmagic.magic_close(self.magic_cookie)
+            self.magic_cookie = None
    def buffer(self, data):
+        if self.magic_cookie:
            return self.libmagic.magic_buffer(self.magic_cookie, str2bytes(data), len(data))
--- a/src/binwalk/modules/entropy.py
+++ b/src/binwalk/modules/entropy.py
@@ -84,8 +84,6 @@ class Entropy(Module):
                self.block_size = self.DEFAULT_BLOCK_SIZE
    def run(self):
-        from pyqtgraph.Qt import QtGui
        for fp in iter(self.next_file, None):
            if self.display_results:
@@ -97,6 +95,7 @@ class Entropy(Module):
                self.footer()
        if self.do_plot and not self.save_plot:    
+            from pyqtgraph.Qt import QtGui
            QtGui.QApplication.instance().exec_()
    def calculate_file_entropy(self, fp):

--- a/src/binwalk/modules/hexdiff.py
+++ b/src/binwalk/modules/hexdiff.py
@@ -9,12 +9,6 @@ from binwalk.core.module import Module, Option, Kwarg
 class HexDiff(Module):
-    ALL_SAME = 0
-    ALL_DIFF = 1
-    SOME_DIFF = 2
-    DEFAULT_DIFF_SIZE = 0x100
-    DEFAULT_BLOCK_SIZE = 16
    COLORS = {
        'red'   : '31',
@@ -23,6 +17,7 @@ class HexDiff(Module):
    }
    SEPERATORS = ['\\', '/']
+    DEFAULT_BLOCK_SIZE = 16
    TITLE = "Binary Diffing"

--- a/src/binwalk/modules/signature.py
+++ b/src/binwalk/modules/signature.py
@@ -11,8 +11,8 @@ class Signature(Module):
    CLI = [
            Option(short='B',
                   long='signature',
-                   kwargs={'enabled' : True},
+                   kwargs={'enabled' : True, 'force_default_scan' : True},
-                   description='Scan target file(s) for file signatures'),
+                   description='Scan target file(s) for common file signatures'),
            Option(short='R',
                   long='raw-bytes',
                   kwargs={'raw_bytes' : None},
@@ -44,6 +44,7 @@ class Signature(Module):
            Kwarg(name='search_for_opcodes', default=False),
            Kwarg(name='cast_data_types', default=False),
            Kwarg(name='dumb_scan', default=False),
+			Kwarg(name='force_default_scan', default=False),
            Kwarg(name='magic_files', default=[]),
    ]
@@ -56,23 +57,24 @@ class Signature(Module):
        # If a raw byte sequence was specified, build a magic file from that instead of using the default magic files
        if self.raw_bytes is not None:
-            self.magic_files = [self.parser.file_from_string(self.raw_bytes)]
+            self.magic_files.append(self.parser.file_from_string(self.raw_bytes))
-        # Use the system default magic file if no other was specified
        # Append the user's magic file first so that those signatures take precedence
-        if not self.magic_files:
        if self.search_for_opcodes:
-                self.magic_files = [
+            self.magic_files += [
                    self.config.settings.paths['user'][self.config.settings.BINARCH_MAGIC_FILE],
                    self.config.settings.paths['system'][self.config.settings.BINARCH_MAGIC_FILE],
            ]
-            elif self.cast_data_types:
-                self.magic_files = [
+        if self.cast_data_types:
+            self.magic_files += [
                    self.config.settings.paths['user'][self.config.settings.BINCAST_MAGIC_FILE],
                    self.config.settings.paths['system'][self.config.settings.BINCAST_MAGIC_FILE],
            ]
-            else:
-                self.magic_files = [
+        # Use the system default magic file if no other was specified, or if -B was explicitly specified
+        if not self.magic_files or self.force_default_scan:
+            self.magic_files += [
                    self.config.settings.paths['user'][self.config.settings.BINWALK_MAGIC_FILE],
                    self.config.settings.paths['system'][self.config.settings.BINWALK_MAGIC_FILE],
            ]