CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated clap version 4.x #725

Browse Source
This commit is contained in:
DastInDark
2022-10-04 23:27:50 +09:00
parent 9be55a76c7
commit a9a1821dd7
4 changed files with 42 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
Cargo.lock generated
View File

@@ -199,20 +199,33 @@ checksum = "86447ad904c7fb335a790c9d7fe3d0d971dc523b8ccd1561a520de9a85302750"
dependencies = [ dependencies = [
"atty", "atty",
"bitflags", "bitflags",
"clap_derive", "clap_lex 0.2.4",
"clap_lex",
"indexmap", "indexmap",
"once_cell",
"strsim", "strsim",
"termcolor", "termcolor",
"textwrap", "textwrap",
] ]
[[package]] [[package]]
name = "clap_derive" name = "clap"
version = "3.2.18" version = "4.0.9"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ea0c8bce528c4be4da13ea6fead8965e95b6073585a2f05204bd8f4119f82a65" checksum = "30607dd93c420c6f1f80b544be522a0238a7db35e6a12968d28910983fee0df0"
dependencies = [
"atty",
"bitflags",
"clap_derive",
"clap_lex 0.3.0",
"once_cell",
"strsim",
"termcolor",
]
[[package]]
name = "clap_derive"
version = "4.0.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4a307492e1a34939f79d3b6b9650bd2b971513cd775436bf2b78defeb5af00b"
dependencies = [ dependencies = [
"heck", "heck",
"proc-macro-error", "proc-macro-error",
@@ -230,6 +243,15 @@ dependencies = [
"os_str_bytes", "os_str_bytes",
] ]
[[package]]
name = "clap_lex"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d4198f73e42b4936b35b5bb248d81d2b595ecb170da0bac7655c54eedfa8da8"
dependencies = [
"os_str_bytes",
]
[[package]] [[package]]
name = "comfy-table" name = "comfy-table"
version = "6.1.0" version = "6.1.0"
@@ -552,7 +574,7 @@ dependencies = [
"bitflags", "bitflags",
"byteorder", "byteorder",
"chrono", "chrono",
"clap", "clap 3.2.22",
"crc32fast", "crc32fast",
"dialoguer", "dialoguer",
"encoding", "encoding",
@@ -751,7 +773,7 @@ dependencies = [
"base64", "base64",
"bytesize", "bytesize",
"chrono", "chrono",
"clap", "clap 4.0.9",
"comfy-table", "comfy-table",
"crossbeam-utils", "crossbeam-utils",
"csv", "csv",
@@ -1045,7 +1067,7 @@ dependencies = [
"anyhow", "anyhow",
"atty", "atty",
"chrono", "chrono",
"clap", "clap 3.2.22",
"file-chunker", "file-chunker",
"memmap2", "memmap2",
"num_cpus", "num_cpus",

2
Cargo.toml
View File

@@ -7,7 +7,7 @@ edition = "2021"
[dependencies] [dependencies]
itertools = "*" itertools = "*"
dashmap = "*" dashmap = "*"
clap = { version = "3.*", features = ["derive", "cargo"]} clap = { version = "4.*", features = ["derive", "cargo"]}
evtx = { git = "https://github.com/Yamato-Security/hayabusa-evtx.git" , features = ["fast-alloc"] , rev = "95b1c6a" } evtx = { git = "https://github.com/Yamato-Security/hayabusa-evtx.git" , features = ["fast-alloc"] , rev = "95b1c6a" }
quick-xml = {version = "0.23.*", features = ["serialize"] } quick-xml = {version = "0.23.*", features = ["serialize"] }
serde = { version = "1.*", features = ["derive"] } serde = { version = "1.*", features = ["derive"] }

2
rules

Submodule rules updated: 28c1de3279...aaf910cdca

18
src/detections/configs.rs
View File

@@ -2,7 +2,7 @@ use crate::detections::message::AlertMessage;
use crate::detections::pivot::{PivotKeyword, PIVOT_KEYWORD}; use crate::detections::pivot::{PivotKeyword, PIVOT_KEYWORD};
use crate::detections::utils; use crate::detections::utils;
use chrono::{DateTime, Utc}; use chrono::{DateTime, Utc};
use clap::{App, CommandFactory, Parser}; use clap::{Command, CommandFactory, Parser};
use hashbrown::{HashMap, HashSet}; use hashbrown::{HashMap, HashSet};
use lazy_static::lazy_static; use lazy_static::lazy_static;
use regex::Regex; use regex::Regex;
@@ -12,7 +12,7 @@ use std::sync::RwLock;
use terminal_size::{terminal_size, Height, Width}; use terminal_size::{terminal_size, Height, Width};
lazy_static! { lazy_static! {
pub static ref CONFIG: RwLock<ConfigReader<'static>> = RwLock::new(ConfigReader::new()); pub static ref CONFIG: RwLock<ConfigReader> = RwLock::new(ConfigReader::new());
pub static ref LEVELMAP: HashMap<String, u128> = { pub static ref LEVELMAP: HashMap<String, u128> = {
let mut levelmap = HashMap::new(); let mut levelmap = HashMap::new();
levelmap.insert("INFORMATIONAL".to_owned(), 1); levelmap.insert("INFORMATIONAL".to_owned(), 1);
@@ -50,15 +50,15 @@ lazy_static! {
convert_option_vecs_to_hs(CONFIG.read().unwrap().args.exclude_status.as_ref()); convert_option_vecs_to_hs(CONFIG.read().unwrap().args.exclude_status.as_ref());
} }
pub struct ConfigReader<'a> { pub struct ConfigReader {
pub app: App<'a>, pub app: Command,
pub args: Config, pub args: Config,
pub headless_help: String, pub headless_help: String,
pub event_timeline_config: EventInfoConfig, pub event_timeline_config: EventInfoConfig,
pub target_eventids: TargetEventIds, pub target_eventids: TargetEventIds,
} }
impl Default for ConfigReader<'_> { impl Default for ConfigReader {
fn default() -> Self { fn default() -> Self {
Self::new() Self::new()
} }
@@ -67,12 +67,12 @@ impl Default for ConfigReader<'_> {
#[derive(Parser, Clone)] #[derive(Parser, Clone)]
#[clap( #[clap(
name = "Hayabusa", name = "Hayabusa",
usage = "hayabusa.exe <INPUT> [OTHER-ACTIONS] [OPTIONS]",
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa) @SecurityYamato)", author = "Yamato Security (https://github.com/Yamato-Security/hayabusa) @SecurityYamato)",
help_template = "\n{name} {version}\n{author}\n\n{usage-heading}\n {usage}\n\n{all-args}\n", help_template = "\n{name} {version}\n{author}\n\n{usage-heading}\n {usage}\n\n{all-args}\n",
version, version,
term_width = 400 term_width = 400
)] )]
#[command(override_usage = "hayabusa.exe <INPUT> [OTHER-ACTIONS] [OPTIONS]")]
pub struct Config { pub struct Config {
/// Directory of multiple .evtx files /// Directory of multiple .evtx files
#[clap(help_heading = Some("INPUT"), short = 'd', long, value_name = "DIRECTORY")] #[clap(help_heading = Some("INPUT"), short = 'd', long, value_name = "DIRECTORY")]
@@ -221,11 +221,11 @@ pub struct Config {
pub contributors: bool, pub contributors: bool,
/// Specify additional target file extensions (ex: evtx_data) (ex: evtx1 evtx2) /// Specify additional target file extensions (ex: evtx_data) (ex: evtx1 evtx2)
#[clap(help_heading = Some("ADVANCED"), long = "target-file-ext", multiple_values = true)] #[clap(help_heading = Some("ADVANCED"), long = "target-file-ext")]
pub evtx_file_ext: Option<Vec<String>>, pub evtx_file_ext: Option<Vec<String>>,
/// Ignore rules according to status (ex: experimental) (ex: stable test) /// Ignore rules according to status (ex: experimental) (ex: stable test)
#[clap(help_heading = Some("FILTERING"), long = "exclude-status", multiple_values = true, value_name = "STATUS")] #[clap(help_heading = Some("FILTERING"), long = "exclude-status", value_name = "STATUS")]
pub exclude_status: Option<Vec<String>>, pub exclude_status: Option<Vec<String>>,
/// Specify output profile (minimal, standard, verbose, verbose-all-field-info, verbose-details-and-all-field-info) /// Specify output profile (minimal, standard, verbose, verbose-all-field-info, verbose-details-and-all-field-info)
@@ -253,7 +253,7 @@ pub struct Config {
pub html_report: Option<PathBuf>, pub html_report: Option<PathBuf>,
} }
impl ConfigReader<'_> { impl ConfigReader {
pub fn new() -> Self { pub fn new() -> Self {
let parse = Config::parse(); let parse = Config::parse();
let help_term_width = if let Some((Width(w), _)) = *TERM_SIZE { let help_term_width = if let Some((Width(w), _)) = *TERM_SIZE {