Commit 2e161003c23dc45c1cd86fc489e03ad080413072
1 parent
25c59f43
Parse other files in the .docx that are capable of containing field codes. This …
…should help pickup DDE links embedded into headers/footers/endnotes/etc. If other locations are identified, these can be added to the 'LOCATIONS' constant
Showing
1 changed file
with
19 additions
and
9 deletions
oletools/msodde.py
| @@ -90,6 +90,7 @@ TAG_W_R = "{%s}r" % NS_WORD | @@ -90,6 +90,7 @@ TAG_W_R = "{%s}r" % NS_WORD | ||
| 90 | ATTR_W_INSTR = '{%s}instr' % NS_WORD | 90 | ATTR_W_INSTR = '{%s}instr' % NS_WORD |
| 91 | ATTR_W_FLDCHARTYPE = '{%s}fldCharType' % NS_WORD | 91 | ATTR_W_FLDCHARTYPE = '{%s}fldCharType' % NS_WORD |
| 92 | 92 | ||
| 93 | +LOCATIONS = ['word/document.xml','word/endnotes.xml','word/footnotes.xml','word/header1.xml','word/footer1.xml','word/header2.xml','word/footer2.xml','word/comments.xml'] | ||
| 93 | # === FUNCTIONS ============================================================== | 94 | # === FUNCTIONS ============================================================== |
| 94 | 95 | ||
| 95 | def process_args(): | 96 | def process_args(): |
| @@ -106,10 +107,8 @@ def process_args(): | @@ -106,10 +107,8 @@ def process_args(): | ||
| 106 | 107 | ||
| 107 | 108 | ||
| 108 | 109 | ||
| 109 | -def process_file(filepath): | ||
| 110 | - z = zipfile.ZipFile(filepath) | ||
| 111 | - data = z.read('word/document.xml') | ||
| 112 | - z.close() | 110 | +def process_file(data): |
| 111 | + | ||
| 113 | # parse the XML data: | 112 | # parse the XML data: |
| 114 | root = ET.fromstring(data) | 113 | root = ET.fromstring(data) |
| 115 | fields = [] | 114 | fields = [] |
| @@ -167,7 +166,11 @@ def unquote(field): | @@ -167,7 +166,11 @@ def unquote(field): | ||
| 167 | parts = field.strip().split(" ") | 166 | parts = field.strip().split(" ") |
| 168 | ddestr = "" | 167 | ddestr = "" |
| 169 | for p in parts[1:]: | 168 | for p in parts[1:]: |
| 170 | - ddestr += chr(int(p)) | 169 | + try: |
| 170 | + ch = chr(int(p)) | ||
| 171 | + except ValueError: | ||
| 172 | + ch = p | ||
| 173 | + ddestr += ch | ||
| 171 | return ddestr | 174 | return ddestr |
| 172 | 175 | ||
| 173 | #=== MAIN ================================================================= | 176 | #=== MAIN ================================================================= |
| @@ -184,10 +187,17 @@ def main(): | @@ -184,10 +187,17 @@ def main(): | ||
| 184 | if args.nounquote : | 187 | if args.nounquote : |
| 185 | global NO_QUOTES | 188 | global NO_QUOTES |
| 186 | NO_QUOTES = True | 189 | NO_QUOTES = True |
| 187 | - fields = process_file(args.filepath) | ||
| 188 | - print ('DDE Links:') | ||
| 189 | - for f in fields: | ||
| 190 | - print(f) | 190 | + z = zipfile.ZipFile(args.filepath) |
| 191 | + for filepath in z.namelist(): | ||
| 192 | + if filepath in LOCATIONS: | ||
| 193 | + data = z.read(filepath) | ||
| 194 | + fields = process_file(data) | ||
| 195 | + if len(fields) > 0: | ||
| 196 | + print ('DDE Links in %s:'%filepath) | ||
| 197 | + for f in fields: | ||
| 198 | + print(f) | ||
| 199 | + z.close() | ||
| 200 | + | ||
| 191 | 201 | ||
| 192 | 202 | ||
| 193 | if __name__ == '__main__': | 203 | if __name__ == '__main__': |