basic snaffler parser

snaffler_parser/src/main.rs

@@ -0,0 +1,166 @@
+use std::fs;
+use std::env::args;
+use std::io::Write;
+
+fn parse(snaf: String, looking: String, severity: String, outfile: String){
+    println!("Srarting Parser function...");
+    let mut search = String::new();
+    let mut sev: String = String::new();
+    let mut sever_vector:Vec<&str> = Vec::new();
+    let mut sev_vec = true;
+    if severity.contains("black"){
+        sev_vec = false;
+    }
+    let mut outlines = Vec::new();
+    match looking.as_str(){
+        "file" => search = "[File]".to_owned(),
+        "info" => search = "[Info]".to_owned(),
+        "share" => search = "[Share]".to_owned(),
+        _ => println!("unknonw type, using raw string search")
+    }
+
+    match severity.as_str(){
+        "all" => sev = "{Green}|{Yellow}|{Red}|{Black}".to_owned(),
+        "green" => sev = "{Green}|{Yellow}|{Red}|{Black}".to_owned(),
+        "yellow" => sev = "{Yellow}|{Red}|{Black}".to_owned(),
+        "red" => sev = "{Red}|{Black}".to_owned(),
+        "black" => sev = "{Black}".to_owned(),
+        "share" => sev = "{Green}|{Yellow}|{Red}|{Black}".to_owned(),
+        _ => println!("Unknown severity, defaulting to all")
+    }
+
+    println!("Searching for {} with severity {}", search, sev);
+    
+    if search.len()<=1{
+        search = looking.to_owned()
+    }
+
+    if sev.len()<1{
+        sev = "{Green}|{Yellow}|{Red}|{Black}".to_owned()
+    }
+
+    if sev_vec{
+        println!("separating severity into vector...");
+        sever_vector = sev.split("|").collect();
+        println!("looking for the following severities...");
+        for i in &sever_vector{
+            println!("{}", i);
+        }
+    }
+
+    for line in snaf.split("\n").collect::<Vec<&str>>(){
+        if sev_vec{
+            if line.contains(search.as_str()){
+                for sever in &sever_vector{
+                    if line.contains(sever){
+                        outlines.push(line.to_owned());
+                    }
+                }
+            }
+        }
+        else{
+            if line.contains(search.as_str()){
+                if line.contains(&sev){
+                    outlines.push(line.to_owned());
+                }
+            }
+        }
+    }
+        let mut output = fs::File::create(outfile).expect("error creating output file");
+        for line in outlines{
+            println!("{}", line);
+            let outline = format!("{}\n", line);
+            output.write_all(outline.as_bytes()).expect("error writing outputline");
+        }
+    }
+
+
+fn admin(snaf: String, outfile: String){
+   let mut outlines = Vec::new();
+    for line in snaf.split("\n").collect::<Vec<&str>>(){
+        if line.contains("[Share]"){
+            if line.contains("ADMIN$") || line.contains("C$"){
+                outlines.push(line);
+            }
+        }
+    }
+    let mut output = fs::File::create(outfile).expect("error creating output file");
+    for line in outlines{
+        println!("{}", line);
+        let outline = format!("{}\n", line);
+        output.write_all(outline.as_bytes()).expect("error writing outputline");
+    }
+}
+
+fn default_run(snaf: String, outfile: String){
+    fs::create_dir_all(&outfile).expect("error creating output directory");
+    let file_output = format!("{}/snaf_files.txt", &outfile);
+    let share_output = format!("{}/snaf_shares.txt", &outfile);
+    let admin_output = format!("{}/admin_shares.txt", &outfile);
+    let red_output = format!("{}/snaf_red+.txt", &outfile);
+    parse(snaf.clone(), "share".to_owned(), "all".to_owned(), share_output);
+    parse(snaf.clone(), "file".to_owned(), "all".to_owned(), file_output);
+    parse(snaf.clone(), "file".to_owned(), "red".to_owned(), red_output);
+    admin(snaf.clone(), admin_output);
+}
+
+
+fn main() {
+    let args: Vec<String> = args().collect();
+    print!("
+    _______  _        _______  _______    _______  _______  _______  _______  _______  _______ 
+    (  ____ \\( (    /|(  ___  )(  ____ \\  (  ____ )(  ___  )(  ____ )(  ____ \\(  ____ \\(  ____ )
+    | (    \\/|  \\  ( || (   ) || (    \\/  | (    )|| (   ) || (    )|| (    \\/| (    \\/| (    )|
+    | (_____ |   \\ | || (___) || (__      | (____)|| (___) || (____)|| (_____ | (__    | (____)|
+    (_____  )| (\\ \\) ||  ___  ||  __)     |  _____)|  ___  ||     __)(_____  )|  __)   |     __)
+          ) || | \\   || (   ) || (        | (      | (   ) || (\\ (         ) || (      | (\\ (   
+    /\\____) || )  \\  || )   ( || )        | )      | )   ( || ) \\ \\__/\\____) || (____/\\| ) \\ \\__
+    \\_______)|/    )_)|/     \\||/         |/       |/     \\||/   \\__/\\_______)(_______/|/   \\__/
+    ");
+    let usage = "
+snafparse /path/to/snaffler/output type severity /path/to/save/file
+
+TYPES:
+    file
+    info
+    share
+
+SEVERITIES:
+    all
+    green
+    yellow
+    red
+    black
+
+SPECIAL COMMANDS: 
+    FIND ADMIN SHARES
+        snafparse ./snafler.log admin shares ./parsed_snaf.txt
+    RUN ALL FINDERS AND SAVE TO DEFAULT FILE LOCATIONS (specified directory with files named for searches)
+        snafparse ./snafler.log default run ./snaf_parse_output
+EXAMPLES:
+FIND ALL FILES 
+    snafparse ./snafler.log file all ./parsed_snaf.txt
+
+
+FIND ALL SHARES
+    snafpar ./snafler.log share all ./parsed_snaf.txt
+
+
+FIND ALL FILES RED SEVERITY OR HIGHER
+    snafparse ./snafler.log file red ./parsed_snaf.txt
+
+";
+    if args.len() != 5{
+        print!("{}",usage);
+    }
+    else{
+        let snaf_string = fs::read_to_string(&args[1]).expect("error opening snaffler output file");
+        match &args[2].as_str(){
+            &"admin" => admin(snaf_string, args[4].to_owned()),
+            &"default" => default_run(snaf_string, args[4].to_owned()),
+            _ => parse(snaf_string, args[2].to_owned(), args[3].to_owned(), args[4].to_owned())
+        }
+        println!("\n\n\n\n\n");
+        println!("done file or files have been saved at {}", &args[4]);
+    }
+}