-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathSEcontexts_parser.py
226 lines (198 loc) · 9.43 KB
/
SEcontexts_parser.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
#! /usr/bin/env python
# -*- coding: utf-8 -*-
import re
import os
import requests
value = None
def help():
print (' ----------------------------')
print ('\n Eng:\n Put near this script your file_contexts.txt/property_contexts.txt/service_contexts.txt to work with 1-5 items, your sepolicy and file_contexts binary to work with 6-7 items, your log.txt or a dmesg file which can be renamed to it (its doesnt matter) to work with 8 item, copy a link of your logcat from Web to work with 9 item. \n')
print (' \n Made by andrwgldmn \n')
print (' ----------------------------')
def sepologparser_inet():
with open('allows.te', 'w') as output_file:
url = raw_input(' Enter the URL: ')
r = requests.get(url)
data = r.text
pat = r"""avc:\s*denied\s*({\s*[^}]*\s*})\s+.*?scontext=u:r:([^:]*):s\d+.*?tcontext=.*?:(\w{2,}):s0.*?\s+tclass=([^\s:]*)\s+"""
for what, scnt, tcnt, tc in re.findall(pat, data):
output_file.write("allow {} {}:{} {} ".format(scnt, tcnt, tc, what))
output_file.write(";\n")
os.system('sort allows.te | uniq > temp.te')
os.system('rm allows.te && mv temp.te allows.te')
os.system('cls' if os.name == 'nt' else 'clear')
def sepologparser_local():
with open('log.txt') as input_file, open('allows.te', 'w') as output_file:
text = input_file.read()
pat = r"""avc:\s*denied\s*({\s*[^}]*\s*})\s+.*?scontext=u:r:([^:]*):s\d+.*?tcontext=.*?:(\w{2,}):s0.*?\s+tclass=([^\s:]*)\s+"""
for what, scnt, tcnt, tc in re.findall(pat, text):
output_file.write("allow {} {}:{} {} ".format(scnt, tcnt, tc, what))
output_file.write(";\n")
os.system('sort allows.te | uniq > temp.te')
os.system('rm allows.te && mv temp.te allows.te')
os.system('cls' if os.name == 'nt' else 'clear')
def parse_fcf():
types = (
('_data_file', 'data_file_type, file_type'),
('_file', 'file_type'),
('_socket', 'socket_type'),
("_sysfs", "fs_type, sysfs_type"),
("sysfs_", "fs_type, sysfs_type"),
("_dir", "file_type"),
("_debugfs", "fs_type, debugfs_type"),
("debugfs_", "fs_type, debugfs_type"),
("_daemon", "fs_type, sysfs_type")
)
with open('file_contexts.txt') as input_file:
with open('file.te', 'w') as output_file:
for line in input_file:
if len(line) > 2 and line[0] != '#':
try:
prop = line.split(':')[-2]
except IndexError:
continue
for t in types:
if t[0] in prop:
newline = 'type {}, {};\n'.format(prop, t[1])
output_file.write(newline)
break
lines = []
with open('file.te') as fh:
lines = fh.readlines()
with open('file.te', 'w') as fh:
fh.writelines(i for i in lines if '_exec' not in i)
File = open('file.te', 'r')
str_list = set()
for i in File.readlines():
if i not in str_list:
str_list.add(i)
File.close()
File = open('file.te', 'w')
for j in str_list:
File.write(j)
os.system('cls' if os.name == 'nt' else 'clear')
def parse_fcd():
types = (('_device', 'dev_type'), ("_block_device", "dev_type"))
with open('file_contexts.txt') as input_file, open('device.te', 'w') as output_file:
for line in input_file:
if len(line) > 2 and line[0] != '#':
try:
prop = line.split(':')[-2]
except IndexError:
continue
for t in types:
if t[0] in prop:
newline = 'type {}, {};\n'.format(prop, t[1])
output_file.write(newline)
break
os.system('cls' if os.name == 'nt' else 'clear')
def parse_fce():
with open('file_contexts.txt') as source, open('output.txt', 'w') as destination:
for line in source:
if line.strip().endswith('_exec:s0'):
destination.write(line)
with open('output.txt') as input_file, open('exec.te', 'w') as output_file:
for line in input_file:
if len(line) > 2 and line[0] != '#':
try:
prop = line.split(':')[-2]
except IndexError:
continue
newline = 'type {}, exec_type;\n'.format(prop)
output_file.write(newline)
cmd = "rm -rf output.txt"
os.system(cmd)
os.system('cls' if os.name == 'nt' else 'clear')
def parse_fce_domains():
parse_fce()
with open('exec.te') as input_file, open('domains.te', 'w') as output_file:
for line in input_file:
if len(line) > 2 and line[0] != '#':
try:
prop = line.split(' ')[-2]
except IndexError:
continue
remove_exec = prop.replace('_exec,','')
domain = 'type {}, domain;\n'.format(remove_exec)
domain_type = 'type {}_exec, exec_type, file_type;\n'.format(remove_exec)
init_daemon = 'init_daemon_domain({})\n\n'.format(remove_exec)
output_file.write(domain)
output_file.write(domain_type)
output_file.write(init_daemon)
cmd = "rm -rf exec.te"
os.system(cmd)
os.system('cls' if os.name == 'nt' else 'clear')
def only_domains():
parse_fce()
parse_fce_domains()
os.system('cls' if os.name == 'nt' else 'clear')
def property_contexts():
with open('property_contexts.txt') as input_file, open('property.te', 'w') as output_file:
for line in input_file:
if len(line) > 2 and line[0] != '#':
try:
prop = line.split(':')[-2]
except IndexError:
continue
newline = 'type {}, property_type;\n'.format(prop)
output_file.write(newline)
os.system('cls' if os.name == 'nt' else 'clear')
def service_contexts():
with open('service_contexts.txt') as input_file, open('service.te', 'w') as output_file:
for line in input_file:
if len(line) > 2 and line[0] != '#':
try:
prop = line.split(':')[-2]
except IndexError:
continue
newline = 'type {}, service_manager_type;\n'.format(prop)
output_file.write(newline)
os.system('cls' if os.name == 'nt' else 'clear')
def stock_fc():
cmd = "./sefcontext -o file_contexts file_contexts.bin"
os.system(cmd)
os.system('cls' if os.name == 'nt' else 'clear')
def stock_sepo():
cmd = "./sesearch --all sepolicy > sepolicy.txt"
os.system(cmd)
os.system('cls' if os.name == 'nt' else 'clear')
def cleanup():
cmd = "rm -rf file.te sepolicy.txt sepolicy log.txt allows.te file_contexts device.te file exec.te domains.te file service.te file_contexts.bin service_contexts property.te property_contexts"
os.system(cmd)
os.system('cls' if os.name == 'nt' else 'clear')
while value != 0:
help()
print (' ----------------------------')
value = int(input(" 1) English \n ---------------------------- \n "))
if (value != 1 and value != 2 and value != 3 ):
print ("\n Program has been terminated. \n" )
if (value == 1):
while value != 0:
print (' ----------------------------')
value = int(input(" Choose category: \n \n 0) Exit \n 00) Cleanup \n 1) Parsing property_contexts \n 2) Parsing service_contexts \n 3) Parsing file_contexts \n 4) Parsing file_contexts with creating domains \n 5) Generating domains only \n 6) Parsing stock file_contexts binary (taken from boot.img) for getting stock policies \n 7) Parsing stock sepolicy binary (taken from boot.img) for getting stock rules \n 8) Parsing local log.txt for getting SEPolicy rules \n 9) Parsing log.txt for getting SEPolicy rules via Internet (log.txt will be given from your entered URL) \n ---------------------------- \n "))
if (value == 0):
print('-' * 28 + '\n Thanks!\n' + '-' * 28)
elif (value == 1):
property_contexts()
elif (value == 3):
parse_fcf()
parse_fcd()
parse_fce()
elif (value == 2):
service_contexts()
elif (value == 4):
parse_fcf()
parse_fcd()
parse_fce_domains()
elif (value ==5):
only_domains()
elif (value == 6):
stock_fc()
elif (value == 7):
stock_sepo()
elif (value == 8):
sepologparser_local()
elif (value == 9):
sepologparser_inet()
elif (value == 00):
cleanup()