From 7dce9ad5c017335e68f4aa2e2c3a0ffde94aba06 Mon Sep 17 00:00:00 2001 From: mr-tz Date: Thu, 9 Nov 2023 10:46:01 +0100 Subject: [PATCH] simplify language configuration --- floss/language/go/extract.py | 4 +++- floss/main.py | 30 ++++++++++++++++++++---------- 2 files changed, 23 insertions(+), 11 deletions(-) diff --git a/floss/language/go/extract.py b/floss/language/go/extract.py index 03a07a02d..9aa0ffd27 100644 --- a/floss/language/go/extract.py +++ b/floss/language/go/extract.py @@ -276,7 +276,9 @@ def get_string_blob_strings(pe: pefile.PE, min_length) -> Iterable[StaticString] try: string_blob_start, string_blob_end = find_string_blob_range(pe, struct_strings) except ValueError: - logger.warning("Failed to find string blob range: Go version may be unsupported.") + logger.warning( + "Failed to find string blob range: Is this a Go binary? If so, the Go version may be unsupported." + ) return with floss.utils.timing("collect string blob strings"): diff --git a/floss/main.py b/floss/main.py index 6ef29e9cc..acd288acf 100644 --- a/floss/main.py +++ b/floss/main.py @@ -546,28 +546,38 @@ def main(argv=None) -> int: static_runtime = get_runtime_diff(interim) - lang_id = identify_language(sample, static_strings) - # set language configurations - if (lang_id == Language.GO and args.language == "") or args.language == Language.GO.value: + lang_id: Language + if args.language == Language.GO.value: + lang_id = Language.GO + elif args.language == Language.RUST.value: + lang_id = Language.RUST + elif args.language == Language.DOTNET.value: + lang_id = Language.DOTNET + elif args.language == "none": + lang_id = Language.UNKNOWN + else: + lang_id = identify_language(sample, static_strings) + + if lang_id == Language.GO: if analysis.enable_tight_strings or analysis.enable_stack_strings or analysis.enable_decoded_strings: logger.warning( "FLOSS handles Go static strings, but string deobfuscation may be inaccurate and take a long time" ) results.metadata.language = Language.GO.value - elif (lang_id == Language.RUST and args.language == "") or args.language == Language.RUST.value: + elif lang_id == Language.RUST: if analysis.enable_tight_strings or analysis.enable_stack_strings or analysis.enable_decoded_strings: logger.warning( "FLOSS handles Rust static strings, but string deobfuscation may be inaccurate and take a long time" ) results.metadata.language = Language.RUST.value - elif (lang_id == Language.DOTNET and args.language == "") or args.language == Language.DOTNET.value: - logger.warning(".NET language-specific string extraction is not supported") - logger.warning(" will NOT deobfuscate any .NET strings") + elif lang_id == Language.DOTNET: + logger.warning(".NET language-specific string extraction is not supported yet") + logger.warning("Furthermore, FLOSS does NOT attempt to deobfuscate any strings from .NET binaries") - # let's enable .NET strings after we can deobfuscate them + # enable .NET strings once we can extract them # results.metadata.language = Language.DOTNET.value # TODO for pure .NET binaries our deobfuscation algorithms do nothing, but for mixed-mode assemblies they may @@ -604,7 +614,7 @@ def main(argv=None) -> int: if not lang_id: logger.info("extracting static strings") else: - if (lang_id == Language.GO and args.language == "") or args.language == Language.GO.value: + if lang_id == Language.GO: logger.info("extracting language-specific Go strings") interim = time() @@ -615,7 +625,7 @@ def main(argv=None) -> int: static_strings, results.strings.language_strings, args.min_length ) - elif (lang_id == Language.RUST and args.language == "") or args.language == Language.RUST.value: + elif lang_id == Language.RUST: logger.info("extracting language-specific Rust strings") interim = time()