Timestamp format to/from epoch

docs/_docs/user-guide/eldritch.md

@@ -933,12 +933,41 @@ True
 
 ## Time
 
-### time.sleep
+### time.format_to_epoch
+
+`time.format_to_epoch(input: str, format: str) -> int`
+
+The <b>time.format_to_epoch</b> method returns the seconds since epoch for the given UTC timestamp of the provided format. Input must include date and time components.
+
+Some common formating methods are:
+
+- "%Y-%m-%d %H:%M:%S" (24 Hour Time)
+- "%Y-%m-%d %I:%M:%S %P" (AM/PM)
+
+For reference on all available format specifiers, see https://docs.rs/chrono/latest/chrono/format/strftime/index.html
+
+### time.format_to_readable
+
+`time.format_to_readable(input: int, format: str) -> str`
+
+The <b>time.format_to_readable</b> method returns the timestamp in the provided format of the provided UTC timestamp.
+
+Some common formating methods are:
+
+- "%Y-%m-%d %H:%M:%S" (24 Hour Time)
+- "%Y-%m-%d %I:%M:%S %P" (AM/PM)
+
+For reference on all available format specifiers, see https://docs.rs/chrono/latest/chrono/format/strftime/index.html
+
+### time.now
 
 `time.now() -> int`
 
 The <b>time.now</b> method returns the time since UNIX EPOCH (Jan 01 1970). This uses the local system time.
 
+### time.sleep
+
 `time.sleep(secs: float)`
 
 The <b>time.sleep</b> method sleeps the task for the given number of seconds.
+

implants/lib/eldritch/src/lib.rs

@@ -227,7 +227,7 @@ dir(sys) == ["dll_inject", "dll_reflect", "exec", "get_env", "get_ip", "get_os",
 dir(pivot) == ["arp_scan", "bind_proxy", "ncat", "port_forward", "port_scan", "smb_exec", "ssh_copy", "ssh_exec", "ssh_password_spray"]
 dir(assets) == ["copy","list","read","read_binary"]
 dir(crypto) == ["aes_decrypt_file", "aes_encrypt_file", "decode_b64", "encode_b64", "from_json", "hash_file", "to_json"]
-dir(time) == ["now", "sleep"]
+dir(time) == ["format_to_epoch", "format_to_readable", "now", "sleep"]
 "#,
         );
     }

implants/lib/eldritch/src/time.rs

@@ -1,5 +1,7 @@
 mod sleep_impl;
 mod now_impl;
+mod format_to_epoch_impl;
+mod format_to_readable_impl;
 
 use allocative::Allocative;
 use derive_more::Display;
@@ -58,4 +60,12 @@ fn methods(builder: &mut MethodsBuilder) {
         sleep_impl::sleep(secs);
         Ok(NoneType{})
     }
+    fn format_to_epoch<'v>(this: TimeLibrary, s: &str, fmt: &str) -> anyhow::Result<u64> {
+        if false { println!("Ignore unused this var. _this isn't allowed by starlark. {:?}", this); }
+        format_to_epoch_impl::format_to_epoch(s, fmt)
+    }
+    fn format_to_readable<'v>(this: TimeLibrary, t: i64, fmt: &str) -> anyhow::Result<String> {
+        if false { println!("Ignore unused this var. _this isn't allowed by starlark. {:?}", this); }
+        format_to_readable_impl::format_to_readable(t, fmt)
+    }
 }

implants/lib/eldritch/src/time/format_to_epoch_impl.rs

@@ -0,0 +1,26 @@
+use chrono::NaiveDateTime;
+use anyhow::Result;
+
+pub fn format_to_epoch(s: &str, fmt: &str) -> Result<u64> {
+    let naive = NaiveDateTime::parse_from_str(s, fmt)?;
+    Ok(naive.timestamp() as u64)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_valid() {
+        let input = "2023-12-26 03:52:00";
+        let format = "%Y-%m-%d %H:%M:%S";
+        assert_eq!(format_to_epoch(input, format).unwrap(), 1703562720);
+    }
+
+    #[test]
+    fn test_invalid() {
+        let input = "2023-12-26";
+        let format = "%Y-%m-%d";
+        assert!(format_to_epoch(input, format).is_err());
+    }
+}

implants/lib/eldritch/src/time/format_to_readable_impl.rs

@@ -0,0 +1,17 @@
+use chrono::NaiveDateTime;
+use anyhow::{anyhow, Result};
+
+pub fn format_to_readable(t: i64, fmt: &str) -> Result<String> {
+    let naive = NaiveDateTime::from_timestamp_opt(t, 0).ok_or(anyhow!("Failed to get timestamp from epoch value."))?;
+    Ok(naive.format(fmt).to_string())
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_valid() {
+        assert_eq!(format_to_readable(1703563343, "%Y-%m-%d %H:%M:%S").unwrap(), String::from("2023-12-26 04:02:23"));
+    }
+}