actions

package
v1.99.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 19, 2025 License: GPL-3.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Counts = &cobra.Command{
	Use:   "counts",
	Short: "display line and byte counts",
	Long:  "display line and byte counts",
	Args:  cobra.ArbitraryArgs,
	PreRun: func(cmd *cobra.Command, args []string) {
		flg := flags.Get()

		flg.Opt.NoConvert = true
		flg.Opt.NoPlugins = true
	},
	Run: func(cmd *cobra.Command, args []string) {
		if len(args) == 0 {
			fmt.Print(CountsUsage)
			os.Exit(0)
		} else if !flags.Get().Print {
			ui.Start(args, types.Counts)
		} else {
			hs := heapset.New(args)
			defer hs.ThrowAway()

			hs.Each(func(h *heap.Heap) {
				fmt.Printf("%8dL %8dB  %s\n", h.Count(), h.Len(), h.String())
			})
		}
	},
}
View Source 
var CountsUsage = app.Ascii + `
Display line and byte counts.

Usage:
  fox counts [FLAG ...] PATH ...

Positional arguments:
  Path(s) to open

Global:
  -p, --print              print directly to console

Example:
  $ fox counts ./**/*.txt

Type "fox help" for more help...
`
View Source 
var Deflate = &cobra.Command{
	Use:   "deflate",
	Short: "deflate compressed files",
	Long:  "deflate compressed files",
	Args:  cobra.ArbitraryArgs,
	PreRun: func(cmd *cobra.Command, args []string) {
		flg := flags.Get()

		flg.Opt.NoConvert = true
		flg.Opt.NoPlugins = true
	},
	Run: func(cmd *cobra.Command, args []string) {
		if len(args) == 0 {
			fmt.Print(DeflateUsage)
			os.Exit(0)
		}

		flg := flags.Get()

		hs := heapset.New(args)
		defer hs.ThrowAway()

		hs.Each(func(h *heap.Heap) {
			root := flg.Deflate.Path

			if root == "." {
				name := filepath.Base(h.Base)
				root = name[0 : len(name)-len(filepath.Ext(name))]
			}

			path := h.Title

			if h.Type == types.Deflate {
				path = path[len(h.Base)+1:]
			} else {
				path = filepath.Base(path)
			}

			if sub := filepath.Dir(path); len(sub) > 0 {
				sub = filepath.Join(root, sub)

				err := os.MkdirAll(sub, 0700)

				if err != nil {
					sys.Exit(err)
				}
			}

			path = filepath.Join(root, path)

			if !flg.NoFile {
				fmt.Printf("Deflate %s\n", path)
			}

			err := os.WriteFile(path, *h.MMap(), 0600)

			if err != nil {
				sys.Exit(err)
			}
		})

		fmt.Printf("%d file(s) written\n", hs.Len())
	},
}
View Source 
var DeflateUsage = app.Ascii + `
Deflate compressed files.

Usage:
  fox deflate [FLAG ...] PATH...

Positional arguments:
  Path(s) to open

Global:
      --no-file            don't print filenames

Deflate:
  -d, --dir[=PATH]         deflate into directory (default: .)
      --pass=PASSWORD      decrypt with password (RAR and ZIP only)

Example:
  $ fox deflate --pass=infected ioc.rar

Type "fox help" for more help...
`
View Source 
var Entropy = &cobra.Command{
	Use:   "entropy",
	Short: "display file entropy",
	Long:  "display file entropy",
	Args:  cobra.ArbitraryArgs,
	PreRun: func(cmd *cobra.Command, args []string) {
		flg := flags.Get()

		flg.Opt.NoConvert = true
		flg.Opt.NoPlugins = true

		if flg.Entropy.Min < 0 {
			sys.Exit("min must be 0 or greater")
		}

		if flg.Entropy.Max > 1 {
			sys.Exit("max must be 1 or lesser")
		}

		if flg.Entropy.Min > flg.Entropy.Max {
			sys.Exit("max must be greater than min")
		}
	},
	Run: func(cmd *cobra.Command, args []string) {
		if len(args) == 0 {
			fmt.Print(EntropyUsage)
			os.Exit(0)
		} else if !flags.Get().Print {
			ui.Start(args, types.Entropy)
		} else {
			flg := flags.Get()

			hs := heapset.New(args)
			defer hs.ThrowAway()

			hs.Each(func(h *heap.Heap) {
				if v := h.Entropy(
					flg.Entropy.Min,
					flg.Entropy.Max,
				); v != -1 {
					fmt.Printf("%.10f  %s\n", v, h.String())
				}
			})
		}
	},
}
View Source 
var EntropyUsage = app.Ascii + `
Display file entropy.

Usage:
  fox entropy [FLAG ...] PATH ...

Positional arguments:
  Path(s) to open

Global:
  -p, --print              print directly to console

Entropy:
  -n, --min[=DECIMAL]      minimum score (default: 0.8)
  -m, --max[=DECIMAL]      maximum score (default: 0.8)

Example:
  $ fox entropy -n ./**/*

Type "fox help" for more help...
`
View Source 
var Hash = &cobra.Command{
	Use:   "hash",
	Short: "display file hash sums",
	Long:  "display file hash sums",
	Args:  cobra.ArbitraryArgs,
	PreRun: func(cmd *cobra.Command, args []string) {
		flg := flags.Get()

		flg.Opt.NoConvert = true
		flg.Opt.NoPlugins = true

		if flg.Print {
			flg.Opt.NoConvert = true
			flg.Opt.NoPlugins = true
		}

		if len(flg.Hash.Algo) == 0 {
			flg.Hash.Algo = types.SHA256
		}
	},
	Run: func(cmd *cobra.Command, args []string) {
		if len(args) == 0 {
			fmt.Print(HashUsage)
			os.Exit(0)
		} else if !flags.Get().Print {
			ui.Start(args, types.Hash)
		} else {
			algo := flags.Get().Hash.Algo.String()

			hs := heapset.New(args)
			defer hs.ThrowAway()

			hs.Each(func(h *heap.Heap) {
				sum, err := h.HashSum(algo)

				if err != nil {
					sys.Exit(err)
				}

				switch algo {
				case types.SDHASH:
					fmt.Printf("%s  %s\n", sum, h.String())
				default:
					fmt.Printf("%x  %s\n", sum, h.String())
				}
			})
		}
	},
}
View Source 
var HashUsage = app.Ascii + `
Display file hash sums.

Usage:
  fox hash [FLAG ...] PATH ...

Positional arguments:
  Path(s) to open

Global:
  -p, --print              print directly to console

Hash:
  -t, --type=ALGORITHM     hash algorithm (default: SHA256)

    Cryptographic hash algorithms:
      MD5, SHA1, SHA256, SHA3, SHA3-224, SHA3-256, SHA3-384, SHA3-512

    Fuzzy hash algorithms:
      SDHASH, SSDEEP, TLSH

Example:
  $ fox hash -t=SHA3 artifacts.zip

Type "fox help" for more help...
`
View Source 
var Strings = &cobra.Command{
	Use:   "strings",
	Short: "display ASCII and Unicode strings",
	Long:  "display ASCII and Unicode strings",
	Args:  cobra.ArbitraryArgs,
	PreRun: func(cmd *cobra.Command, args []string) {
		flg := flags.Get()

		flg.Opt.NoConvert = true
		flg.Opt.NoPlugins = true

		if flg.Strings.Min <= 0 {
			sys.Exit("min must be greater than 0")
		}

		if flg.Strings.Max <= 0 {
			sys.Exit("min must be greater than 0")
		}

		if flg.Strings.Min > flg.Strings.Max {
			sys.Exit("max must be greater than min")
		}
	},
	Run: func(cmd *cobra.Command, args []string) {
		if len(args) == 0 {
			fmt.Print(StringsUsage)
			os.Exit(0)
		} else if !flags.Get().Print {
			ui.Start(args, types.Strings)
		} else {
			flg := flags.Get()

			hs := heapset.New(args)
			defer hs.ThrowAway()

			hs.Each(func(h *heap.Heap) {
				if h.Type != types.Stdin {
					if !flg.NoFile {
						fmt.Println(text.Title(h.String(), buffer.TermW))
					}

					for s := range h.Strings(
						flg.Strings.Min,
						flg.Strings.Max,
					) {
						if !flg.NoLine {
							fmt.Printf("%08x  %s\n", s.Off, strings.TrimSpace(s.Str))
						} else {
							fmt.Println(strings.TrimSpace(s.Str))
						}
					}
				}
			})
		}
	},
}
View Source 
var StringsUsage = app.Ascii + `
Display ASCII and Unicode strings.

Usage:
  fox strings [FLAG ...] PATH ...

Positional arguments:
  Path(s) to open

Global:
  -p, --print              print directly to console
      --no-file            don't print filenames
      --no-line            don't print line numbers

Strings:
  -a, --ascii              only ASCII strings
  -n, --min=NUMBER         minimum length (default: 3)
  -m, --max=NUMBER         maximum length (default: Unlimited)

Example:
  $ fox strings -n=8 malware.exe

Type "fox help" for more help...
`

Functions

This section is empty.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.