gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-04 19:12:01 -08:00
Code Issues Packages Projects Releases Wiki Activity

Add option to select the backend in Py3

Browse Source 
Now we have two working backends in Python3! Add an option to select
which one to use. With this code, vivisect is the default backend, but
this is really easy to change. We could do some analysis to see if smda
performances better than vivisect once the vivisect implementation.
This commit is contained in:
Ana Maria Martinez Gomez
2021-02-09 19:41:15 +01:00
parent adcb683458
commit a92d2af7f8
1 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
capa/main.py
View File

@@ -303,8 +303,8 @@ class UnsupportedRuntimeError(RuntimeError):
pass
def get_extractor_py3(path, format, disable_progress=False):
if False:
def get_extractor_py3(path, format, backend, disable_progress=False):
if backend == "smda":
from smda.SmdaConfig import SmdaConfig
from smda.Disassembler import Disassembler
@@ -333,13 +333,13 @@ def get_extractor_py3(path, format, disable_progress=False):
return capa.features.extractors.viv.VivisectFeatureExtractor(vw, path)
def get_extractor(path, format, disable_progress=False):
def get_extractor(path, format, backend="vivisect", disable_progress=False):
"""
raises:
UnsupportedFormatError:
"""
if sys.version_info >= (3, 0):
return get_extractor_py3(path, format, disable_progress=disable_progress)
return get_extractor_py3(path, format, backend, disable_progress=disable_progress)
else:
return get_extractor_py2(path, format, disable_progress=disable_progress)
@@ -515,6 +515,14 @@ def main(argv=None):
parser.add_argument(
"-f", "--format", choices=[f[0] for f in formats], default="auto", help="select sample format, %s" % format_help
)
parser.add_argument(
"-b",
"--backend",
type=str,
help="select the backend to use in Python 3 (this option is ignored in Python 2)",
choices=("vivisect", "smda"),
default="vivisect",
)
parser.add_argument("-t", "--tag", type=str, help="filter on rule meta field values")
parser.add_argument("-j", "--json", action="store_true", help="emit JSON instead of text")
parser.add_argument(
@@ -619,7 +627,7 @@ def main(argv=None):
else:
format = args.format
try:
extractor = get_extractor(args.sample, args.format, disable_progress=args.quiet)
extractor = get_extractor(args.sample, args.format, args.backend, disable_progress=args.quiet)
except UnsupportedFormatError:
logger.error("-" * 80)
logger.error(" Input file does not appear to be a PE file.")