rebase

.travis.yml

@@ -19,7 +19,7 @@ python:
 
 before_install:
     - sudo apt-get update -qq
-    - sudo apt-get install gcc python-socksipy libssl-dev swig p7zip-full unrar ssdeep libfuzzy-dev -qq
+    - sudo apt-get install gcc python-socksipy libssl-dev swig p7zip-full unrar ssdeep libfuzzy-dev tor -qq
 install:
     - pip install -U -r requirements.txt
     - pip install -U tox-travis

LICENSE

@@ -1,34 +1,34 @@
+BSD 3-Clause License
+
 Copyright (c) 2013-2016, Claudio "nex" Guarnieri
 All rights reserved.
 
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
 
 * Redistributions of source code must retain the above copyright notice, this
   list of conditions and the following disclaimer.
 
-* Redistributions in binary form must reproduce the above copyright notice, this
-  list of conditions and the following disclaimer in the documentation and/or
-  other materials provided with the distribution.
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
 
-* Neither the name of the {organization} nor the names of its
+* Neither the name of the copyright holder nor the names of its
   contributors may be used to endorse or promote products derived from
   this software without specific prior written permission.
 
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
-ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
-ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 Individual Licenses for modules
 
 IDX Module Licensed under the Apache License, Version 2.0. Original Copyright @bbaskin
 pymacho Licensed under the GNU License Copyright 2013 Jérémie BOUTOILLE
-

MANIFEST.in

@@ -1,4 +1,6 @@
 include LICENSE
 include README.rst
 include CHANGELOG
+include requirements.txt
+include requirements-*.txt
 recursive-include data *.*

Makefile

@@ -18,5 +18,6 @@ dist:
 	python setup.py sdist
 
 clean:
-	find . -name '*.pyc' -delete
+	find . -type f -iname '*.pyc' -delete
+	find . -type d -iname "__pycache__" -delete
 	rm -rf dist build viper.egg-info

requirements-base.txt

@@ -2,7 +2,7 @@ bitstring==3.1.5
 pbkdf2==1.3
 python-dateutil==2.6.0
 python-magic==0.4.13
-requests==2.13.0
+requests[socks]==2.13.0
 requests-cache==0.4.13
 scandir==1.5
 six==1.10.0

requirements-dev.txt

@@ -24,7 +24,6 @@ pytest-cov
 python-dateutil
 python-magic
 r2pipe
-requests
 requests-cache
 scandir
 six
@@ -33,10 +32,10 @@ tox
 virustotal-api
 yara-python
 cryptography
+requests[socks]
 
 git+https://github.com/viper-framework/pefile.git#egg=pefile
 git+https://github.com/smarnach/pyexiftool.git#egg=pyexiftool
-git+https://github.com/crackinglandia/pype32.git#egg=pype32
 git+https://github.com/kbandla/pydeep.git#egg=pydeep
 
 # pe module (verify sigs)

setup.py

@@ -3,20 +3,46 @@
 # This file is part of Viper - https://github.com/viper-framework/viper
 # See the file 'LICENSE' for copying permission.
 
-from setuptools import setup, find_packages
 from viper.common.version import __version__
 
+# Always prefer setuptools over distutils
+from setuptools import setup, find_packages
+import pip
+
+links = []
+requires = []
+
+requirement_files = ['requirements-base.txt']
+
+for req_file in requirement_files:
+    requirements = pip.req.parse_requirements(req_file, session=pip.download.PipSession())
+
+    for item in requirements:
+        # we want to handle package names and also repo urls
+        if getattr(item, 'url', None):   # older pip has url
+            links.append(str(item.url))
+        if getattr(item, 'link', None):  # newer pip has link
+            links.append(str(item.link))
+        if item.req:
+            requires.append(str(item.req))
+
+description = "Binary Analysis & Management Framework"
+
 setup(
     name='viper',
     version=__version__,
     author='Claudio Guarnieri',
     author_email='[email protected]',
-    description="Binary Analysis & Management Framework",
+    description=description,
+    long_description=description,
     url='http://viper.li',
 
+    platforms='any',
     scripts=['viper-cli', 'viper-api', 'viper-web', 'viper-update'],
-    packages=find_packages(),
-    setup_requires=['pytest-runner'],
+    packages=find_packages(exclude=['tests', 'tests.*']),
+    install_requires=requires,
+    dependency_links=links,
+
     tests_require=['pytest'],
 
     # BSD 3-Clause License:

tests/core/ui/test_commands.py

@@ -55,6 +55,14 @@ def test_open(self, capsys):
         assert re.search("usage: open \[-h\] .*", out)
         assert re.search(".*Session opened on /tmp/.*", out)
 
+    def test_open_tor(self, capsys):
+        instance = commands.Commands()
+        instance.cmd_open('-h')
+        instance.cmd_open('-t', '-u', 'https://github.com/viper-framework/viper-test-files/raw/master/test_files/cmd.exe')
+        out, err = capsys.readouterr()
+        assert re.search("usage: open \[-h\] .*", out)
+        assert re.search(".*Session opened on /tmp/.*", out)
+
     def test_notes_existing(self, capsys):
         instance = commands.Commands()
         instance.cmd_open('-f', os.path.join(FIXTURE_DIR, "chromeinstall-8u31.exe"))

tox.ini

@@ -36,7 +36,7 @@ commands =
     bash -c 'echo "exit" | python viper-cli'
     pytest {posargs}
     codecov
-    rm -r {toxworkdir}/.viper
+    rm -rf {toxworkdir}/.viper
 
 
 # Style/Lint

viper-update

@@ -23,7 +23,6 @@ from viper.common.out import print_success
 from viper.common.out import print_item
 from viper.common.network import download
 from viper.common.objects import File
-from viper.common.utils import path_split_all
 from viper.core.config import Config
 from viper.core.project import __project__
 
@@ -37,6 +36,24 @@ except NameError:
 url = 'https://github.com/viper-framework/viper/archive/master.zip'
 
 
+# Taken from the Python Cookbook.
+def path_split_all(path):
+    allparts = []
+    while 1:
+        parts = os.path.split(path)
+        if parts[0] == path:
+            allparts.insert(0, parts[0])
+            break
+        elif parts[1] == path:
+            allparts.insert(0, parts[1])
+            break
+        else:
+            path = parts[0]
+            allparts.insert(0, parts[1])
+
+    return allparts
+
+
 # TODO: this is a first draft, needs more work.
 # - Add a check for current working directory.
 # - Add error handling.

viper/common/network.py

@@ -2,56 +2,26 @@
 # This file is part of Viper - https://github.com/viper-framework/viper
 # See the file 'LICENSE' for copying permission.
 
-import socket
-
-try:
-    from urllib.request import Request, urlopen
-except:
-    from urllib2 import Request, urlopen
-
-try:
-    from urllib.error import HTTPError, URLError
-except:
-    from urllib2 import HTTPError, URLError
-
-try:
-    import socks
-    HAVE_SOCKS = True
-except ImportError:
-    HAVE_SOCKS = False
-
+import requests
+from requests import ConnectionError
 from viper.common.out import print_error
 
 
 def download(url, tor=False):
-    def create_connection(address, timeout=None, source_address=None):
-        sock = socks.socksocket()
-        sock.connect(address)
-        return sock
-
+    s = requests.Session()
+    s.headers.update({'User-agent': 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)'})
+    proxies = {}
     if tor:
-        if not HAVE_SOCKS:
-            print_error("Missing dependency, install socks (`pip install SocksiPy`)")
-            return None
-
-        socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, '127.0.0.1', 9050)
-        socket.socket = socks.socksocket
-        socket.create_connection = create_connection
-
+        proxies = {'http': 'socks5://{}:{}'.format('127.0.0.1', 9050),
+                   'https': 'socks5://{}:{}'.format('127.0.0.1', 9050)}
     try:
-        req = Request(url)
-        req.add_header('User-agent', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)')
-        res = urlopen(req)
-
-        data = res.read()
-    except HTTPError as e:
-        print_error(e)
-    except URLError as e:
-        if tor and e.reason.errno == 111:
+        res = s.get(url, proxies=proxies)
+        res.raise_for_status()
+    except ConnectionError as e:
+        if tor:
             print_error("Connection refused, maybe Tor is not running?")
-        else:
-            print_error(e)
+        print_error(e)
     except Exception as e:
         print_error("Failed download: {0}".format(e))
     else:
-        return data
+        return res.content

viper/common/utils.py

@@ -2,7 +2,6 @@
 # This file is part of Viper - https://github.com/viper-framework/viper
 # See the file 'LICENSE' for copying permission.
 
-import os
 import string
 import hashlib
 import binascii
@@ -14,24 +13,6 @@
     pass
 
 
-# Taken from the Python Cookbook.
-def path_split_all(path):
-    allparts = []
-    while 1:
-        parts = os.path.split(path)
-        if parts[0] == path:
-            allparts.insert(0, parts[0])
-            break
-        elif parts[1] == path:
-            allparts.insert(0, parts[1])
-            break
-        else:
-            path = parts[0]
-            allparts.insert(0, parts[1])
-
-    return allparts
-
-
 # The following couple of functions are redundant.
 # TODO: find a way to better integrate these generic methods
 # with the ones available in the File class.

viper/core/project.py

@@ -29,12 +29,17 @@ def __init__(self):
         if not os.path.exists(self.path):
             os.makedirs(self.path)
 
-        if hasattr(cfg, 'logging') and cfg.logging.log_file:
-            log_file = cfg.logging.log_file
-            debug_log = cfg.logging.debug
-        else:
-            log_file = os.path.join(self.base_path, "viper.log")
-            debug_log = False
+        # initalize default log settings
+        log_file = os.path.join(self.base_path, "viper.log")
+        debug_log = False
+
+        if hasattr(cfg, 'logging'):
+            if hasattr(cfg.logging, 'log_file') and cfg.logging.log_file:
+                log_file = cfg.logging.log_file
+
+            if hasattr(cfg.logging, 'debug'):
+                debug_log = cfg.logging.debug
+
         init_logger(log_file_path=log_file, debug=debug_log)
         log.debug("logger initiated")