74
74
{ "ELF", NULL, 0x1, 1 },
76
{ "MACHO", NULL, 0x1, 1 },
76
78
{ "ARCHIVE", "RAR", ARCH_CONF_RAR, 1 },
77
79
{ "ARCHIVE", "ZIP", ARCH_CONF_ZIP, 1 },
78
80
{ "ARCHIVE", "GZIP", ARCH_CONF_GZ, 1 },
83
85
{ "ARCHIVE", "CHM", ARCH_CONF_CHM, 1 },
84
86
{ "ARCHIVE", "OLE2", ARCH_CONF_OLE2, 1 },
85
87
{ "ARCHIVE", "TAR", ARCH_CONF_TAR, 1 },
88
{ "ARCHIVE", "CPIO", ARCH_CONF_CPIO, 1 },
86
89
{ "ARCHIVE", "BINHEX", ARCH_CONF_BINHEX, 1 },
87
90
{ "ARCHIVE", "SIS", ARCH_CONF_SIS, 1 },
88
91
{ "ARCHIVE", "NSIS", ARCH_CONF_NSIS, 1 },
89
92
{ "ARCHIVE", "AUTOIT", ARCH_CONF_AUTOIT, 1 },
93
{ "ARCHIVE", "ISHIELD", ARCH_CONF_ISHIELD, 1 },
94
{ "ARCHIVE", "7zip", ARCH_CONF_7Z, 1 },
91
96
{ "DOCUMENT", "HTML", DOC_CONF_HTML, 1 },
92
97
{ "DOCUMENT", "RTF", DOC_CONF_RTF, 1 },
105
110
{ "OTHER", "CRYPTFF", OTHER_CONF_CRYPTFF, 1 },
106
111
{ "OTHER", "DLP", OTHER_CONF_DLP, 1 },
107
112
{ "OTHER", "MYDOOMLOG", OTHER_CONF_MYDOOMLOG, 1 },
113
{ "OTHER", "PREFILTERING", OTHER_CONF_PREFILTERING,1 },
109
115
{ "PHISHING", "ENGINE", PHISHING_CONF_ENGINE, 1 },
110
116
{ "PHISHING", "ENTCONV", PHISHING_CONF_ENTCONV, 1 },
118
{ "BYTECODE", "INTERPRETER", BYTECODE_INTERPRETER, 1 },
119
{ "BYTECODE", "JIT X86", BYTECODE_JIT_X86, 1 },
120
{ "BYTECODE", "JIT PPC", BYTECODE_JIT_PPC, 1 },
121
{ "BYTECODE", "JIT ARM", BYTECODE_JIT_ARM, 0 },
112
123
{ NULL, NULL, 0, 0 }
134
145
if(modules[i].state)
135
146
dconf->elf |= modules[i].bflag;
148
} else if(!strcmp(modules[i].mname, "MACHO")) {
150
dconf->macho |= modules[i].bflag;
137
152
} else if(!strcmp(modules[i].mname, "ARCHIVE")) {
138
153
if(modules[i].state)
139
154
dconf->archive |= modules[i].bflag;
152
167
} else if(!strcmp(modules[i].mname, "PHISHING")) {
153
168
if(modules[i].state)
154
169
dconf->phishing |= modules[i].bflag;
170
} else if(!strcmp(modules[i].mname, "BYTECODE")) {
171
if (modules[i].state)
172
dconf->bytecode |= modules[i].bflag;
161
179
void cli_dconf_print(struct cli_dconf *dconf)
163
uint8_t pe = 0, elf = 0, arch = 0, doc = 0, mail = 0, other = 0, phishing=0;
181
unsigned int pe = 0, elf = 0, macho = 0, arch = 0, doc = 0, mail = 0;
182
unsigned int other = 0, phishing = 0, i, bytecode=0;
167
185
cli_dbgmsg("Dynamic engine configuration settings:\n");
205
} else if(!strcmp(modules[i].mname, "MACHO")) {
207
cli_dbgmsg("Module MACHO: %s\n", dconf->elf ? "On" : "Off");
187
211
} else if(!strcmp(modules[i].mname, "ARCHIVE")) {
189
213
cli_dbgmsg("Module ARCHIVE: %s\n", dconf->archive ? "On" : "Off");
232
256
cli_dbgmsg(" * Submodule %10s:\t%s\n", modules[i].sname, (dconf->phishing & modules[i].bflag) ? "On" : "** Off **");
259
} else if(!strcmp(modules[i].mname, "BYTECODE")) {
261
cli_dbgmsg("Module BYTECODE %s\n", dconf->phishing ? "On" : "Off");
265
cli_dbgmsg(" * Submodule %10s:\t%s\n", modules[i].sname, (dconf->bytecode & modules[i].bflag) ? "On" : "** Off **");
338
if(!strncmp(buffer, "MACHO:", 4) && chkflevel(buffer, 2)) {
339
if(sscanf(buffer + 4, "0x%x", &val) == 1) {
340
engine->dconf->macho = val;
305
347
if(!strncmp(buffer, "ARCHIVE:", 8) && chkflevel(buffer, 2)) {
306
348
if(sscanf(buffer + 8, "0x%x", &val) == 1) {
307
349
engine->dconf->archive = val;
392
if(!strncmp(buffer, "BYTECODE:", 9) && chkflevel(buffer, 2)) {
393
if(sscanf(buffer + 9, "0x%x", &val) == 1) {
394
engine->dconf->bytecode = val;