Commit 93688d908d4a382c1a2ffd939830ba5cae614b02
1 parent
6d7514ce
mraptor: added keywords RUN and CALL for XLM macros (issue #562)
Showing
2 changed files
with
4 additions
and
3 deletions
oletools/mraptor.py
| @@ -60,8 +60,9 @@ http://www.decalage.info/python/oletools | @@ -60,8 +60,9 @@ http://www.decalage.info/python/oletools | ||
| 60 | # 2018-05-25 v0.53 PL: - added Word/PowerPoint 2007+ XML (aka Flat OPC) issue #283 | 60 | # 2018-05-25 v0.53 PL: - added Word/PowerPoint 2007+ XML (aka Flat OPC) issue #283 |
| 61 | # 2019-04-04 v0.54 PL: - added ExecuteExcel4Macro, ShellExecuteA, XLM keywords | 61 | # 2019-04-04 v0.54 PL: - added ExecuteExcel4Macro, ShellExecuteA, XLM keywords |
| 62 | # 2019-11-06 v0.55 PL: - added SetTimer | 62 | # 2019-11-06 v0.55 PL: - added SetTimer |
| 63 | +# 2020-04-20 v0.56 PL: - added keywords RUN and CALL for XLM macros (issue #562) | ||
| 63 | 64 | ||
| 64 | -__version__ = '0.55.2' | 65 | +__version__ = '0.56dev5' |
| 65 | 66 | ||
| 66 | #------------------------------------------------------------------------------ | 67 | #------------------------------------------------------------------------------ |
| 67 | # TODO: | 68 | # TODO: |
| @@ -134,7 +135,7 @@ re_write = re.compile(r'(?i)\b(?:FileCopy|CopyFile|Kill|CreateTextFile|' | @@ -134,7 +135,7 @@ re_write = re.compile(r'(?i)\b(?:FileCopy|CopyFile|Kill|CreateTextFile|' | ||
| 134 | # MS-VBAL 5.2.3.5 External Procedure Declaration | 135 | # MS-VBAL 5.2.3.5 External Procedure Declaration |
| 135 | RE_DECLARE_LIB = r'(?:\bDeclare\b[^\n]+\bLib\b)' | 136 | RE_DECLARE_LIB = r'(?:\bDeclare\b[^\n]+\bLib\b)' |
| 136 | 137 | ||
| 137 | -re_execute = re.compile(r'(?i)\b(?:Shell|CreateObject|GetObject|SendKeys|' | 138 | +re_execute = re.compile(r'(?i)\b(?:Shell|CreateObject|GetObject|SendKeys|RUN|CALL|' |
| 138 | + r'MacScript|FollowHyperlink|CreateThread|ShellExecuteA?|ExecuteExcel4Macro|EXEC|REGISTER|SetTimer)\b|' + RE_DECLARE_LIB) | 139 | + r'MacScript|FollowHyperlink|CreateThread|ShellExecuteA?|ExecuteExcel4Macro|EXEC|REGISTER|SetTimer)\b|' + RE_DECLARE_LIB) |
| 139 | 140 | ||
| 140 | 141 |
setup.py
| @@ -52,7 +52,7 @@ import os, fnmatch | @@ -52,7 +52,7 @@ import os, fnmatch | ||
| 52 | #--- METADATA ----------------------------------------------------------------- | 52 | #--- METADATA ----------------------------------------------------------------- |
| 53 | 53 | ||
| 54 | name = "oletools" | 54 | name = "oletools" |
| 55 | -version = '0.56dev4' | 55 | +version = '0.56dev5' |
| 56 | desc = "Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response #DFIR" | 56 | desc = "Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response #DFIR" |
| 57 | long_desc = open('oletools/README.rst').read() | 57 | long_desc = open('oletools/README.rst').read() |
| 58 | author = "Philippe Lagadec" | 58 | author = "Philippe Lagadec" |