From nobody Sat Aug 27 10:30:50 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MFCf263X6z4b4mw; Sat, 27 Aug 2022 10:30:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MFCf25Y6Wz3xF1; Sat, 27 Aug 2022 10:30:50 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1661596250; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=leAwMYUu9B4Scm++wUdcM2E+scyeTuJLBnkDrjaBjrA=; b=JSjLPci4W/otWkS+plmI7NcnGGONlsAQLPjkqNNUdn0+L2zLgzSbJjV5S6PWI/aD6rwMuO b2ng5PghP3GfoxGhugVC1T5HB+t/uPinDCJE4bvbBWQZTvHePnMPSUIuKDjGFuJLKRuYhv TWLI4ZQYRVB8kVYceTtvqlI7vooZd1huayiVXVrTgKrqXNxttu6XZmGH5fNhwIJkxZ5dVt Rq4B8kDAQ5r1AXfmFR8lZ8dVYrndbAi8Li5k+eRJK4fp5iKCUbRqVk+HLXJORd9aNrNtuR SYVFSXqfjk7s9XmYhvmcyr1/MOKriKWyUBbOHqtcC/4ZJAMa7tulG/hHDGJM0Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MFCf24TCTzjjp; Sat, 27 Aug 2022 10:30:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27RAUo1U047296; Sat, 27 Aug 2022 10:30:50 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27RAUovM047295; Sat, 27 Aug 2022 10:30:50 GMT (envelope-from git) Date: Sat, 27 Aug 2022 10:30:50 GMT Message-Id: <202208271030.27RAUovM047295@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Po-Chuan Hsieh Subject: git: 1081661b6342 - main - textproc/py-xlmmacrodeobfuscator: Add py-xlmmacrodeobfuscator 0.2.6 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: sunpoet X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1081661b6342d7d2cfea7858251d1d3fe06a398b Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1661596250; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=leAwMYUu9B4Scm++wUdcM2E+scyeTuJLBnkDrjaBjrA=; b=YFesq0XppG7lBQjubm91Ns1d7d6Unjp2l5qNbpkuUgKLF2dOQbSd8/vy9v/TJRRbk56U+n aCbuB6t+tlXYeK6x11D/bQbdM9peYNv5hSb2+uZmOU5QOwrowCvG60xjLS41l3oHAdtQvC YPFRftPsvYn8VL3/vcSf4QKyXTbtDLQHxATgClcL3wDUPPr/j477kZvnBo2CkB82A1tTZO O7dIpgNeJ3QCGebGxxa5aoZF4N64e+kl02Pae0bnxDwI32Inp9tcwbLzFqTvE6b+s39mwH z1OmcwtodIYOfoaNjNqkEbXJ2tF5CcPrHUVaNLCu1ArsGiOxrhw1X/x+pEI/uA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1661596250; a=rsa-sha256; cv=none; b=pKb6S3OKYFOOZiBc/EbdXb0UnZK7q4TNDge09B84Jlb4UTTlLUSzPMy97LDKjn+XTEy5Ki e4vYyvsSQ/21WTdQWh9WP1k4XkjHZJQnvfExRk2vrvDjYqPZjZH93gwIMlvaKr5LQ9bD8L m641J8XZm5OlKTMqbeMhZz+Q9DlCZ28G26fOvC+Kjnz5C+XaEYxHpKnoRDGZXX1dssAEMW Sephzgaz1fZ2q9OeDB5w3rnfaPtWZS7vgS/CfAQhwnJlsQl59bd85geZSnekhM99XCWaS5 bY0Nw48SgCfWyYr6w4nDphH2dfeMByQyBqLs017GV5K165FwDhbqcEJ4SIjSjg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by sunpoet: URL: https://cgit.FreeBSD.org/ports/commit/?id=1081661b6342d7d2cfea7858251d1d3fe06a398b commit 1081661b6342d7d2cfea7858251d1d3fe06a398b Author: Po-Chuan Hsieh AuthorDate: 2022-08-27 10:10:38 +0000 Commit: Po-Chuan Hsieh CommitDate: 2022-08-27 10:10:38 +0000 textproc/py-xlmmacrodeobfuscator: Add py-xlmmacrodeobfuscator 0.2.6 XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2 and its own parser to extract cells and other information from xls, xlsb and xlsm files, respectively. WWW: https://github.com/DissectMalware/XLMMacroDeobfuscator --- textproc/Makefile | 1 + textproc/py-xlmmacrodeobfuscator/Makefile | 26 ++++++++++++++++++++++ textproc/py-xlmmacrodeobfuscator/distinfo | 3 +++ .../py-xlmmacrodeobfuscator/files/patch-setup.py | 14 ++++++++++++ textproc/py-xlmmacrodeobfuscator/pkg-descr | 10 +++++++++ 5 files changed, 54 insertions(+) diff --git a/textproc/Makefile b/textproc/Makefile index 25be53921f8d..e1929e216bf8 100644 --- a/textproc/Makefile +++ b/textproc/Makefile @@ -1565,6 +1565,7 @@ SUBDIR += py-wtf-peewee SUBDIR += py-wtforms SUBDIR += py-xhtml2pdf + SUBDIR += py-xlmmacrodeobfuscator SUBDIR += py-xlrd SUBDIR += py-xlsxwriter SUBDIR += py-xlutils diff --git a/textproc/py-xlmmacrodeobfuscator/Makefile b/textproc/py-xlmmacrodeobfuscator/Makefile new file mode 100644 index 000000000000..397ec6e632b2 --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/Makefile @@ -0,0 +1,26 @@ +PORTNAME= xlmmacrodeobfuscator +PORTVERSION= 0.2.6 +CATEGORIES= textproc python +MASTER_SITES= CHEESESHOP +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= XLMMacroDeobfuscator-${PORTVERSION} + +MAINTAINER= sunpoet@FreeBSD.org +COMMENT= XLM Emulation engine designed to analyze and deobfuscate malicious XLM macros + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lark>=0:devel/py-lark@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}msoffcrypto-tool>=0:security/py-msoffcrypto-tool@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyxlsb2>=0:textproc/py-pyxlsb2@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}roman>=0:math/py-roman@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}untangle>=1.1.1:textproc/py-untangle@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}xlrd2>=0:textproc/py-xlrd2@${PY_FLAVOR} + +USES= python:3.7+ +USE_PYTHON= autoplist concurrent distutils + +NO_ARCH= yes + +.include diff --git a/textproc/py-xlmmacrodeobfuscator/distinfo b/textproc/py-xlmmacrodeobfuscator/distinfo new file mode 100644 index 000000000000..9aeffef10fcf --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1660576698 +SHA256 (XLMMacroDeobfuscator-0.2.6.tar.gz) = 2200828ec15b83517b9f6e085808a682c0d3c4ba802b4c48d2f7b3b9c84c58b1 +SIZE (XLMMacroDeobfuscator-0.2.6.tar.gz) = 48247 diff --git a/textproc/py-xlmmacrodeobfuscator/files/patch-setup.py b/textproc/py-xlmmacrodeobfuscator/files/patch-setup.py new file mode 100644 index 000000000000..e8be65a38cfd --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/files/patch-setup.py @@ -0,0 +1,14 @@ +--- setup.py.orig 2022-02-03 00:53:18 UTC ++++ setup.py +@@ -35,9 +35,9 @@ setup( + python_requires='>=3.4', + install_requires=[ + "pyxlsb2", +- "lark-parser", ++ "lark", + "xlrd2", +- "untangle==1.1.1", ++ "untangle>=1.1.1", + "msoffcrypto-tool", + "roman" + ], diff --git a/textproc/py-xlmmacrodeobfuscator/pkg-descr b/textproc/py-xlmmacrodeobfuscator/pkg-descr new file mode 100644 index 000000000000..b52cd1686f40 --- /dev/null +++ b/textproc/py-xlmmacrodeobfuscator/pkg-descr @@ -0,0 +1,10 @@ +XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as +Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, +without fully performing the code. + +It supports both xls, xlsm, and xlsb formats. + +It uses xlrd2, pyxlsb2 and its own parser to extract cells and other information +from xls, xlsb and xlsm files, respectively. + +WWW: https://github.com/DissectMalware/XLMMacroDeobfuscator