Commit f854f4dfe321784fb72c01a0131e236753dd6c5b
1 parent
e011de51
olevba: display exceptions with stack trace
Showing
1 changed file
with
10 additions
and
4 deletions
oletools/olevba.py
| ... | ... | @@ -118,6 +118,7 @@ https://github.com/unixfreak0037/officeparser |
| 118 | 118 | # Dridex strings |
| 119 | 119 | # - exception handling in detect_base64_strings |
| 120 | 120 | # 2015-02-07 v0.24 PL: - renamed option --hex to --decode, fixed display |
| 121 | +# - display exceptions with stack trace | |
| 121 | 122 | |
| 122 | 123 | __version__ = '0.24' |
| 123 | 124 | |
| ... | ... | @@ -162,6 +163,7 @@ import optparse |
| 162 | 163 | import os.path |
| 163 | 164 | import binascii |
| 164 | 165 | import base64 |
| 166 | +import traceback | |
| 165 | 167 | |
| 166 | 168 | import thirdparty.olefile as olefile |
| 167 | 169 | from thirdparty.prettytable import prettytable |
| ... | ... | @@ -296,7 +298,9 @@ RE_PATTERNS = ( |
| 296 | 298 | re_hex_string = re.compile(r'(?:[0-9A-Fa-f]{2}){4,}') |
| 297 | 299 | |
| 298 | 300 | # regex to detect strings encoded in base64 |
| 299 | -re_base64_string = re.compile(r'"(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?"') | |
| 301 | +#re_base64_string = re.compile(r'"(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?"') | |
| 302 | +# alternate version from balbuzard: | |
| 303 | +re_base64_string = re.compile(r'"(?:[A-Za-z0-9+/]{4}){2,}(?:[A-Za-z0-9+/]{2}[AEIMQUYcgkosw048]=|[A-Za-z0-9+/][AQgw]==)"') | |
| 300 | 304 | |
| 301 | 305 | #--- FUNCTIONS ---------------------------------------------------------------- |
| 302 | 306 | |
| ... | ... | @@ -1399,9 +1403,11 @@ def process_file (container, filename, data, show_decoded_strings=False): |
| 1399 | 1403 | else: |
| 1400 | 1404 | print 'No VBA macros found.' |
| 1401 | 1405 | except: #TypeError: |
| 1402 | - raise | |
| 1406 | + #raise | |
| 1403 | 1407 | #TODO: print more info if debug mode |
| 1404 | - print sys.exc_value | |
| 1408 | + #print sys.exc_value | |
| 1409 | + # display the exception with full stack trace for debugging, but do not stop: | |
| 1410 | + traceback.print_exc() | |
| 1405 | 1411 | print '' |
| 1406 | 1412 | |
| 1407 | 1413 | |
| ... | ... | @@ -1473,7 +1479,7 @@ def process_file_triage (container, filename, data): |
| 1473 | 1479 | #TODO: distinguish real errors from incorrect file types |
| 1474 | 1480 | flags = '!ERROR' |
| 1475 | 1481 | message = sys.exc_value |
| 1476 | - line = '%-6s %s' % (flags, filename) | |
| 1482 | + line = '%-11s %s' % (flags, filename) | |
| 1477 | 1483 | if message: |
| 1478 | 1484 | line += ' - %s' % message |
| 1479 | 1485 | print line | ... | ... |