dmknght/pasre_hashes.nim

## pasre_hashes.nim
import json
import osproc
import os
import strutils
import sequtils

const
  whitelisted_hashes_db_name = "whitelisted_hashes"


proc get_file_hashes(file_name: string): string =

  const
    command = "rz-bin -j -S -K md5 "

  let exec_command = command & file_name & " 2>/dev/null"

  return execProcess(exec_command)


proc check_tool_exists(): int =
  const
    command = "rz-bin -h 1>/dev/null"

  return execCmd(command)


proc get_hashes_from_json(obj: string): seq[string] =
  let sections = obj.parseJson()
  if len(sections["sections"]) != 0:
    for section in sections["sections"]:
      if section.hasKey("md5"):
        result.add(section["md5"].getStr())


proc get_whitelisted_hashes(): seq[string] =
  for kind, path in walkDir("/usr/bin/"):
    result = concat(result, get_hashes_from_json(get_file_hashes(path)))
    # let sections = get_file_hashes(path).parseJson()
    # if len(sections["sections"]) != 0:
    #   for section in sections["sections"]:
    #     if section.hasKey("md5"):
    #       result.add(section["md5"].getStr())


proc save_whitelisted_hashes() =
  let whitelisted_hashes = deduplicate(get_whitelisted_hashes())
  writeFile(whitelisted_hashes_db_name, join(whitelisted_hashes, "\n"))


proc print_help() =
  echo "Section hashes parser using Rizin framework"
  echo "Usage: " & paramStr(0) & " file1 file2 ... fileN"


proc parse_args(): seq[string] =
  if paramCount() == 0:
    print_help()
    return
  elif paramCount() == 1:
    if paramStr(1) in ["-h", "--h", "-help", "--help", "help"]:
      print_help()
      return
    else:
      if fileExists(paramStr(1)):
        result.add(paramStr(1))
      else:
        echo "Invalid file " & paramStr(1)
        print_help()
        return
  else:
    for i in 1 .. paramCount():
      if fileExists(paramStr(i)):
        result.add(paramStr(i))
      else:
        echo "Invalid file " & paramStr(i)
        print_help()
        return


proc get_hashes_for_user(file_names: seq[string]): seq[string] =
  if len(file_names) == 1:
    echo "Only 1 file is provided."
    let section = get_file_hashes(file_names[0])
    result = get_hashes_from_json(section)
  else:
    let
      first_sections = get_file_hashes(file_names[0])
      # first_section_hashes = get_hashes_from_json(first_section)
    result = get_hashes_from_json(first_sections)

    # echo result

    for i in 1 .. len(file_names) - 1:
      let
        sections = get_file_hashes(file_names[i])
        section_hashes = get_hashes_from_json(sections)
      var tmp_hashes: seq[string]

      for section_hash in section_hashes:
        if section_hash in result:
          tmp_hashes.add(section_hash)
      if len(tmp_hashes) != 0:
        result = tmp_hashes
      else:
        echo "No same hashed"
        return @[]

    if len(result) != 0:
      echo "Found same hashes"
      for section in first_sections.parseJson()["sections"]:
        if section.hasKey("md5"):
          if section["md5"].getStr in result:
            echo "MD5: " & section["md5"].getStr & "  Name: " & section["name"].getStr


proc main() =
  # TODO handle file input here
  # TODO generate whitelist hashes here
  if check_tool_exists() != 1:
    echo "Error: \"rz-bin\" not found. Please install rizin or check your installation"
    return

  let user_files = parse_args()
  if len(user_files) == 0:
    return

  let hashes = get_hashes_for_user(user_files)
  if len(hashes) == 0:
    return

  if not fileExists(whitelisted_hashes_db_name):
    echo "Generating whitelisted hashes for sections"
    echo "All sections are from /usr/bin/"
    save_whitelisted_hashes()

  let whitelisted_hashes = readFile(whitelisted_hashes_db_name).split("\n")
  var safe_hashes: seq[string]

  for hash in hashes:
    if hash in whitelisted_hashes:
      discard
    else:
      safe_hashes.add(hash)

  if len(safe_hashes) == 0:
    echo "No safe hashes"
  else:
    echo safe_hashes

main()
	import json
	import osproc
	import os
	import strutils
	import sequtils

	const
	whitelisted_hashes_db_name = "whitelisted_hashes"


	proc get_file_hashes(file_name: string): string =

	const
	command = "rz-bin -j -S -K md5 "

	let exec_command = command & file_name & " 2>/dev/null"

	return execProcess(exec_command)


	proc check_tool_exists(): int =
	const
	command = "rz-bin -h 1>/dev/null"

	return execCmd(command)


	proc get_hashes_from_json(obj: string): seq[string] =
	let sections = obj.parseJson()
	if len(sections["sections"]) != 0:
	for section in sections["sections"]:
	if section.hasKey("md5"):
	result.add(section["md5"].getStr())


	proc get_whitelisted_hashes(): seq[string] =
	for kind, path in walkDir("/usr/bin/"):
	result = concat(result, get_hashes_from_json(get_file_hashes(path)))
	# let sections = get_file_hashes(path).parseJson()
	# if len(sections["sections"]) != 0:
	# for section in sections["sections"]:
	# if section.hasKey("md5"):
	# result.add(section["md5"].getStr())


	proc save_whitelisted_hashes() =
	let whitelisted_hashes = deduplicate(get_whitelisted_hashes())
	writeFile(whitelisted_hashes_db_name, join(whitelisted_hashes, "\n"))


	proc print_help() =
	echo "Section hashes parser using Rizin framework"
	echo "Usage: " & paramStr(0) & " file1 file2 ... fileN"


	proc parse_args(): seq[string] =
	if paramCount() == 0:
	print_help()
	return
	elif paramCount() == 1:
	if paramStr(1) in ["-h", "--h", "-help", "--help", "help"]:
	print_help()
	return
	else:
	if fileExists(paramStr(1)):
	result.add(paramStr(1))
	else:
	echo "Invalid file " & paramStr(1)
	print_help()
	return
	else:
	for i in 1 .. paramCount():
	if fileExists(paramStr(i)):
	result.add(paramStr(i))
	else:
	echo "Invalid file " & paramStr(i)
	print_help()
	return


	proc get_hashes_for_user(file_names: seq[string]): seq[string] =
	if len(file_names) == 1:
	echo "Only 1 file is provided."
	let section = get_file_hashes(file_names[0])
	result = get_hashes_from_json(section)
	else:
	let
	first_sections = get_file_hashes(file_names[0])
	# first_section_hashes = get_hashes_from_json(first_section)
	result = get_hashes_from_json(first_sections)

	# echo result

	for i in 1 .. len(file_names) - 1:
	let
	sections = get_file_hashes(file_names[i])
	section_hashes = get_hashes_from_json(sections)
	var tmp_hashes: seq[string]

	for section_hash in section_hashes:
	if section_hash in result:
	tmp_hashes.add(section_hash)
	if len(tmp_hashes) != 0:
	result = tmp_hashes
	else:
	echo "No same hashed"
	return @[]

	if len(result) != 0:
	echo "Found same hashes"
	for section in first_sections.parseJson()["sections"]:
	if section.hasKey("md5"):
	if section["md5"].getStr in result:
	echo "MD5: " & section["md5"].getStr & " Name: " & section["name"].getStr


	proc main() =
	# TODO handle file input here
	# TODO generate whitelist hashes here
	if check_tool_exists() != 1:
	echo "Error: \"rz-bin\" not found. Please install rizin or check your installation"
	return

	let user_files = parse_args()
	if len(user_files) == 0:
	return

	let hashes = get_hashes_for_user(user_files)
	if len(hashes) == 0:
	return

	if not fileExists(whitelisted_hashes_db_name):
	echo "Generating whitelisted hashes for sections"
	echo "All sections are from /usr/bin/"
	save_whitelisted_hashes()

	let whitelisted_hashes = readFile(whitelisted_hashes_db_name).split("\n")
	var safe_hashes: seq[string]

	for hash in hashes:
	if hash in whitelisted_hashes:
	discard
	else:
	safe_hashes.add(hash)

	if len(safe_hashes) == 0:
	echo "No safe hashes"
	else:
	echo safe_hashes

	main()