Upgrading 7zip to version 24.09

target · Dec 13, 2024 · 3d11de8 · 3d11de8
1 parent 4078d68
commit 3d11de8
Show file tree

Hide file tree

Showing 13 changed files with 29 additions and 40 deletions.
diff --git a/build/python/backend/Dockerfile b/build/python/backend/Dockerfile
@@ -21,10 +21,6 @@ ARG USER_GID=$USER_UID
 RUN groupadd --gid $USER_GID $USERNAME \
     && useradd --uid $USER_UID --gid $USER_GID --create-home --shell /bin/bash $USERNAME
 
-# Set up package pinning for release (mantic 23.10, 7zip 23.01+dfsg-2)
-COPY ./build/python/backend/pin.pref /etc/apt/preferences.d/pin.pref
-COPY ./build/python/backend/mantic.list /etc/apt/sources.list.d/mantic.list
-
 RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
 
 # Install build packages
@@ -61,7 +57,6 @@ ENV PATH=$PATH:/opt/zeek/bin
 # Install runtime packages
 RUN apt-get -q update && \
     apt-get install -q -y --no-install-recommends \
-    7zip \
     antiword \
     binwalk \
     libarchive-dev \
@@ -90,6 +85,11 @@ RUN apt-get -q update && \
     perl Makefile.PL && \
     make -s && \
     make -s install && \
+# Download and move binary for 7z 24.09
+    cd /tmp/ && \
+    curl -OL https://7-zip.org/a/7z2409-linux-x64.tar.xz &&\
+    tar -xf 7z2409-linux-x64.tar.xz &&\
+    cp 7zz /usr/local/bin && \
 # Install YARA
     cd /tmp/ && \
     curl -OL https://github.com/VirusTotal/yara/archive/v$YARA_VERSION.tar.gz && \

diff --git a/build/python/backend/mantic.list b/build/python/backend/mantic.list
diff --git a/build/python/backend/pin.pref b/build/python/backend/pin.pref
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -88,6 +88,7 @@ entropy = { git = "https://github.com/jshlbrd/python-entropy.git", rev = "a49f1a
 speakeasy-emulator = { git = "https://github.com/mandiant/speakeasy.git", rev = "1cb52a92ab4bae3659b0f8db4ed29f591d932c88" }
 zipp = "^3.20.1"
 certifi = "^2024.8.30"
+setuptools = "69.1"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

diff --git a/src/python/strelka/scanners/scan_dmg.py b/src/python/strelka/scanners/scan_dmg.py
@@ -128,7 +128,7 @@ def parse_7zip_stdout(self, output_7zip, file_limit):
         try:
             output_lines = output_7zip.splitlines()
 
-            # 7-Zip (z) 23.01 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
+            # 7-Zip (z) 24.09 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
             regex_7zip_version = re.compile(r"^7-Zip[^\d]+(\d+\.\d+)")
 
             # --/----

diff --git a/src/python/strelka/scanners/scan_seven_zip.py b/src/python/strelka/scanners/scan_seven_zip.py
@@ -204,7 +204,7 @@ def parse_7zip_stdout(self, output_7zip, file_limit):
 
         output_lines = output_7zip.splitlines()
 
-        # 7-Zip (z) 23.01 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
+        # 7-Zip (z) 24.09 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
         regex_7zip_version = re.compile(r"^7-Zip[^\d]+(\d+\.\d+)")
 
         # --/----

diff --git a/src/python/strelka/scanners/scan_udf.py b/src/python/strelka/scanners/scan_udf.py
@@ -125,7 +125,7 @@ def parse_7zip_stdout(self, output_7zip, file_limit):
         try:
             output_lines = output_7zip.splitlines()
 
-            # 7-Zip (z) 23.01 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
+            # 7-Zip (z) 24.09 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
             regex_7zip_version = re.compile(r"^7-Zip[^\d]+(\d+\.\d+)")
 
             # --/----

diff --git a/src/python/strelka/scanners/scan_vhd.py b/src/python/strelka/scanners/scan_vhd.py
@@ -125,7 +125,7 @@ def parse_7zip_stdout(self, output_7zip, file_limit):
         try:
             output_lines = output_7zip.splitlines()
 
-            # 7-Zip (z) 23.01 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
+            # 7-Zip (z) 24.09 (x64) : Copyright (c) 1999-2021 Igor Pavlov : 2021-12-26
             regex_7zip_version = re.compile(r"^7-Zip[^\d]+(\d+\.\d+)")
 
             # --/----

diff --git a/src/python/strelka/tests/test_scan_dmg.py b/src/python/strelka/tests/test_scan_dmg.py
@@ -43,7 +43,7 @@ def test_scan_dmg_compressed(mocker):
             },
         ],
         "meta": {
-            "7zip_version": "23.01",
+            "7zip_version": "24.09",
             "partitions": [
                 {
                     "path": mock.ANY,
@@ -102,7 +102,7 @@ def test_scan_dmg_readonly(mocker):
             },
         ],
         "meta": {
-            "7zip_version": "23.01",
+            "7zip_version": "24.09",
             "partitions": [
                 {"path": mock.ANY, "type": "Dmg"},
                 {"path": "4.apfs"},
@@ -183,7 +183,7 @@ def test_scan_dmg_readwrite(mocker):
             },
         ],
         "meta": {
-            "7zip_version": "23.01",
+            "7zip_version": "24.09",
             "partitions": [
                 {"path": mock.ANY, "type": "GPT"},
                 {"path": "0.disk image.apfs", "file_system": "APFS"},

diff --git a/src/python/strelka/tests/test_scan_seven_zip.py b/src/python/strelka/tests/test_scan_seven_zip.py
@@ -38,7 +38,7 @@ def test_scan_sevenzip(mocker):
             },
         ],
         "hidden_dirs": ["hidden"],
-        "meta": {"7zip_version": "23.01"},
+        "meta": {"7zip_version": "24.09"},
     }
 
     scanner_event = run_test_scan(
@@ -84,7 +84,7 @@ def test_scan_sevenzip_wordlist(mocker):
             },
         ],
         "hidden_dirs": ["hidden"],
-        "meta": {"7zip_version": "23.01"},
+        "meta": {"7zip_version": "24.09"},
         "cracked_password": b"password",
     }
 
@@ -137,7 +137,7 @@ def test_scan_sevenzip_wordlist_filenames(mocker):
             },
         ],
         "hidden_dirs": ["hidden"],
-        "meta": {"7zip_version": "23.01"},
+        "meta": {"7zip_version": "24.09"},
         "cracked_password": b"password",
     }
 
@@ -169,7 +169,7 @@ def test_scan_sevenzip_nocrack_filenames(mocker):
         "total": {"files": 0, "extracted": 0},
         "files": [],
         "hidden_dirs": [],
-        "meta": {"7zip_version": "23.01"},
+        "meta": {"7zip_version": "24.09"},
     }
 
     scanner_event = run_test_scan(
@@ -211,7 +211,7 @@ def test_scan_sevenzip_msi_filenames(mocker):
             },
         ],
         "hidden_dirs": [],
-        "meta": {"7zip_version": "23.01"},
+        "meta": {"7zip_version": "24.09"},
     }
 
     scanner_event = run_test_scan(
@@ -258,7 +258,7 @@ def test_scan_sevenzip_brute(mocker):
             },
         ],
         "hidden_dirs": ["hidden"],
-        "meta": {"7zip_version": "23.01"},
+        "meta": {"7zip_version": "24.09"},
         "cracked_password": b"aaa",
         "performance": {
             "keyspace": {"min_length": 1, "max_length": 3},

diff --git a/src/python/strelka/tests/test_scan_udf.py b/src/python/strelka/tests/test_scan_udf.py
@@ -24,7 +24,7 @@ def test_scan_udf(mocker):
         ],
         "hidden_dirs": [],
         "meta": {
-            "7zip_version": "23.01",
+            "7zip_version": "24.09",
             "partitions": [
                 {
                     "path": mock.ANY,

diff --git a/src/python/strelka/tests/test_scan_vhd.py b/src/python/strelka/tests/test_scan_vhd.py
@@ -38,7 +38,7 @@ def test_scan_vhd(mocker):
             "$RECYCLE.BIN/S-1-5-21-3712961497-200595429-3248382696-1000",
         ],
         "meta": {
-            "7zip_version": "23.01",
+            "7zip_version": "24.09",
             "partitions": [
                 {"path": mock.ANY, "type": "GPT"},
                 {"path": "0.Basic data partition.ntfs", "file_system": "Windows BDP"},
@@ -96,7 +96,7 @@ def test_scan_vhdx(mocker):
             "$RECYCLE.BIN/S-1-5-21-3712961497-200595429-3248382696-1000",
         ],
         "meta": {
-            "7zip_version": "23.01",
+            "7zip_version": "24.09",
             "partitions": [
                 {
                     "path": mock.ANY,