Skip to content

Commit

Permalink
Showing 3 changed files with 11 additions and 8 deletions.
2 changes: 1 addition & 1 deletion analyzers/FileInfo/requirements.txt
Original file line number Diff line number Diff line change
@@ -6,5 +6,5 @@ pefile
git+https://github.com/AnyMaster/pehashng
git+https://github.com/Rafiot/pdfid.git
oletools>=0.52
git+https://github.com/mattgwwalker/msg-extractor[email protected]
msg-extractor
IMAPClient
4 changes: 2 additions & 2 deletions analyzers/FileInfo/submodules/submodule_metadata.py
Original file line number Diff line number Diff line change
@@ -66,8 +66,8 @@ def analyze_file(self, path):
self.add_result_subsection('Exif Info', self.exif(path))

# Get libmagic info
magicliteral = magic.Magic().from_file(path)
mimetype = magic.Magic(mime=True).from_file(path)
magicliteral = magic.Magic(mime_encoding=True).from_file(path)
mimetype = magic.Magic(mime=True,mime_encoding=True).from_file(path)
# filetype = pyexifinfo.fileType(path)


13 changes: 8 additions & 5 deletions analyzers/FileInfo/submodules/submodule_outlook.py
Original file line number Diff line number Diff line change
@@ -2,7 +2,8 @@
import magic
from .submodule_base import SubmoduleBaseclass

from ExtractMsg import Message, Attachment
# from ExtractMsg import Message, Attachment
from extract_msg import Message, Attachment
from imapclient.imapclient import decode_utf7


@@ -32,10 +33,12 @@ def xstr(s):
a = []
for attachment in attachments:
sha256 = hashlib.sha256()
sha256.update(attachment.data)
a.append({'name': attachment.longFilename,
if type(attachment.data) is not Message:
sha256.update(attachment.data)
minfo = magic.Magic(uncompress=True).from_buffer(attachment.data)
a.append({'name': attachment.longFilename,
'sha256': sha256.hexdigest(),
'mimeinfo': magic.Magic(uncompress=True).from_buffer(attachment.data)
'mimeinfo': minfo
})


@@ -49,4 +52,4 @@ def xstr(s):
'attachments': a
}
self.add_result_subsection('Email details', email)
return self.results
return self.results

0 comments on commit cf264bd

Please sign in to comment.