Peter M. Groen / oletools

Commit 961773ece5aed4ace5c40e282a6eadbf127fb281

Authored by Philippe Lagadec
1 parent 0eba3885

new tools: added oletimes and olemeta

Inline Side-by-side
Showing 2 changed files with 126 additions and 0 deletions
oletools/olemeta.py 0 → 100644
  View file @961773e
  1 +#!/usr/bin/env python
  2 +"""
  3 +olemeta.py - Philippe Lagadec 2013-07-24
  4 +
  5 +olemeta is a script to parse OLE files such as MS Office documents (e.g. Word,
  6 +Excel), to extract all standard properties present in the OLE file.
  7 +
  8 +Usage: olemeta.py <file>
  9 +
  10 +olemeta project website: http://www.decalage.info/python/olemeta
  11 +
  12 +olemeta is part of the python-oletools package:
  13 +http://www.decalage.info/python/oletools
  14 +
  15 +olemeta is copyright (c) 2013, Philippe Lagadec (http://www.decalage.info)
  16 +All rights reserved.
  17 +
  18 +Redistribution and use in source and binary forms, with or without modification,
  19 +are permitted provided that the following conditions are met:
  20 +
  21 + * Redistributions of source code must retain the above copyright notice, this
  22 + list of conditions and the following disclaimer.
  23 + * Redistributions in binary form must reproduce the above copyright notice,
  24 + this list of conditions and the following disclaimer in the documentation
  25 + and/or other materials provided with the distribution.
  26 +
  27 +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
  28 +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  29 +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  30 +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
  31 +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  32 +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  33 +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
  34 +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  35 +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  36 +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  37 +"""
  38 +
  39 +__version__ = '0.01'
  40 +
  41 +#------------------------------------------------------------------------------
  42 +# CHANGELOG:
  43 +# 2013-07-24 v0.01 PL
  44 +
  45 +#------------------------------------------------------------------------------
  46 +# TODO:
  47 +# + optparse
  48 +# + nicer output
  49 +# - CSV output
  50 +# - option to only show available properties (by default)
  51 +
  52 +import sys
  53 +from thirdparty.OleFileIO_PL import OleFileIO_PL
  54 +
  55 +
  56 +ole = OleFileIO_PL.OleFileIO(sys.argv[1])
  57 +
  58 +# parse and display metadata:
  59 +meta = ole.get_metadata()
  60 +meta.dump()
  61 +
  62 +ole.close()
oletools/oletimes.py 0 → 100644
  View file @961773e
  1 +#!/usr/bin/env python
  2 +"""
  3 +oletimes.py - Philippe Lagadec 2013-07-24
  4 +
  5 +oletimes is a script to parse OLE files such as MS Office documents (e.g. Word,
  6 +Excel), to extract creation and modification times of all streams and storages
  7 +in the OLE file.
  8 +
  9 +Usage: oletimes.py <file>
  10 +
  11 +oletimes project website: http://www.decalage.info/python/oletimes
  12 +
  13 +oletimes is part of the python-oletools package:
  14 +http://www.decalage.info/python/oletools
  15 +
  16 +oletimes is copyright (c) 2013, Philippe Lagadec (http://www.decalage.info)
  17 +All rights reserved.
  18 +
  19 +Redistribution and use in source and binary forms, with or without modification,
  20 +are permitted provided that the following conditions are met:
  21 +
  22 + * Redistributions of source code must retain the above copyright notice, this
  23 + list of conditions and the following disclaimer.
  24 + * Redistributions in binary form must reproduce the above copyright notice,
  25 + this list of conditions and the following disclaimer in the documentation
  26 + and/or other materials provided with the distribution.
  27 +
  28 +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
  29 +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  30 +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  31 +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
  32 +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  33 +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  34 +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
  35 +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  36 +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  37 +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  38 +"""
  39 +
  40 +__version__ = '0.01'
  41 +
  42 +#------------------------------------------------------------------------------
  43 +# CHANGELOG:
  44 +# 2013-07-24 v0.01 PL
  45 +
  46 +#------------------------------------------------------------------------------
  47 +# TODO:
  48 +# + optparse
  49 +# + nicer output
  50 +# - CSV output
  51 +# - option to only show available timestamps (by default?)
  52 +
  53 +import sys
  54 +from thirdparty.OleFileIO_PL import OleFileIO_PL
  55 +
  56 +
  57 +ole = OleFileIO_PL.OleFileIO(sys.argv[1])
  58 +
  59 +print'- Root mtime=%s ctime=%s' % (ole.root.getmtime(), ole.root.getctime())
  60 +
  61 +for obj in ole.listdir(streams=True, storages=True):
  62 + print '- %s: mtime=%s ctime=%s' % (repr('/'.join(obj)), ole.getmtime(obj), ole.getctime(obj))
  63 +
  64 +ole.close()