diff options
author | Po-Chuan Hsieh <sunpoet@FreeBSD.org> | 2022-08-27 10:10:38 +0000 |
---|---|---|
committer | Po-Chuan Hsieh <sunpoet@FreeBSD.org> | 2022-08-27 10:10:38 +0000 |
commit | 1081661b6342d7d2cfea7858251d1d3fe06a398b (patch) | |
tree | 7a8866e2323ddb2b297a9c6e44d7632f44c468d7 | |
parent | e79182aa84d1daa9b27c4acb6790add737577654 (diff) | |
download | ports-1081661b6342d7d2cfea7858251d1d3fe06a398b.tar.gz ports-1081661b6342d7d2cfea7858251d1d3fe06a398b.zip |
textproc/py-xlmmacrodeobfuscator: Add py-xlmmacrodeobfuscator 0.2.6
XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as
Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros,
without fully performing the code.
It supports both xls, xlsm, and xlsb formats.
It uses xlrd2, pyxlsb2 and its own parser to extract cells and other information
from xls, xlsb and xlsm files, respectively.
WWW: https://github.com/DissectMalware/XLMMacroDeobfuscator
-rw-r--r-- | textproc/Makefile | 1 | ||||
-rw-r--r-- | textproc/py-xlmmacrodeobfuscator/Makefile | 26 | ||||
-rw-r--r-- | textproc/py-xlmmacrodeobfuscator/distinfo | 3 | ||||
-rw-r--r-- | textproc/py-xlmmacrodeobfuscator/files/patch-setup.py | 14 | ||||
-rw-r--r-- | textproc/py-xlmmacrodeobfuscator/pkg-descr | 10 |
5 files changed, 54 insertions, 0 deletions
diff --git a/textproc/Makefile b/textproc/Makefile index 25be53921f8d..e1929e216bf8 100644 --- a/textproc/Makefile +++ b/textproc/Makefile @@ -1565,6 +1565,7 @@ SUBDIR += py-wtf-peewee SUBDIR += py-wtforms SUBDIR += py-xhtml2pdf + SUBDIR += py-xlmmacrodeobfuscator SUBDIR += py-xlrd SUBDIR += py-xlsxwriter SUBDIR += py-xlutils diff --git a/textproc/py-xlmmacrodeobfuscator/Makefile b/textproc/py-xlmmacrodeobfuscator/Makefile new file mode 100644 index 000000000000..397ec6e632b2 --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/Makefile @@ -0,0 +1,26 @@ +PORTNAME= xlmmacrodeobfuscator +PORTVERSION= 0.2.6 +CATEGORIES= textproc python +MASTER_SITES= CHEESESHOP +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= XLMMacroDeobfuscator-${PORTVERSION} + +MAINTAINER= sunpoet@FreeBSD.org +COMMENT= XLM Emulation engine designed to analyze and deobfuscate malicious XLM macros + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lark>=0:devel/py-lark@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}msoffcrypto-tool>=0:security/py-msoffcrypto-tool@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyxlsb2>=0:textproc/py-pyxlsb2@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}roman>=0:math/py-roman@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}untangle>=1.1.1:textproc/py-untangle@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}xlrd2>=0:textproc/py-xlrd2@${PY_FLAVOR} + +USES= python:3.7+ +USE_PYTHON= autoplist concurrent distutils + +NO_ARCH= yes + +.include <bsd.port.mk> diff --git a/textproc/py-xlmmacrodeobfuscator/distinfo b/textproc/py-xlmmacrodeobfuscator/distinfo new file mode 100644 index 000000000000..9aeffef10fcf --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1660576698 +SHA256 (XLMMacroDeobfuscator-0.2.6.tar.gz) = 2200828ec15b83517b9f6e085808a682c0d3c4ba802b4c48d2f7b3b9c84c58b1 +SIZE (XLMMacroDeobfuscator-0.2.6.tar.gz) = 48247 diff --git a/textproc/py-xlmmacrodeobfuscator/files/patch-setup.py b/textproc/py-xlmmacrodeobfuscator/files/patch-setup.py new file mode 100644 index 000000000000..e8be65a38cfd --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/files/patch-setup.py @@ -0,0 +1,14 @@ +--- setup.py.orig 2022-02-03 00:53:18 UTC ++++ setup.py +@@ -35,9 +35,9 @@ setup(
+ python_requires='>=3.4',
+ install_requires=[
+ "pyxlsb2",
+- "lark-parser",
++ "lark",
+ "xlrd2",
+- "untangle==1.1.1",
++ "untangle>=1.1.1",
+ "msoffcrypto-tool",
+ "roman"
+ ],
diff --git a/textproc/py-xlmmacrodeobfuscator/pkg-descr b/textproc/py-xlmmacrodeobfuscator/pkg-descr new file mode 100644 index 000000000000..b52cd1686f40 --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/pkg-descr @@ -0,0 +1,10 @@ +XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as +Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, +without fully performing the code. + +It supports both xls, xlsm, and xlsb formats. + +It uses xlrd2, pyxlsb2 and its own parser to extract cells and other information +from xls, xlsb and xlsm files, respectively. + +WWW: https://github.com/DissectMalware/XLMMacroDeobfuscator |