Beispiel #1
0
    def load_secret_search(self, analysis_report, image_obj):
        """
        Load content search results from analysis if present
        :param content_search_json:
        :param image_obj:
        :return:
        """
        log.info('Loading content search results')
        content_search_json = analysis_report.get('secret_search')
        if not content_search_json:
            return []

        matches = content_search_json.get('regexp_matches.all',
                                          {}).get('base', {})
        records = []

        for filename, match_string in matches.items():
            match = AnalysisArtifact()
            match.image_user_id = image_obj.user_id
            match.image_id = image_obj.id
            match.analyzer_id = 'secret_search'
            match.analyzer_type = 'base'
            match.analyzer_artifact = 'regexp_matches.all'
            match.artifact_key = filename
            try:
                match.json_value = json.loads(match_string)
            except:
                log.exception(
                    'json decode failed for regex match record on {}. Saving as raw text'
                    .format(filename))
                match.str_value = match_string

            records.append(match)

        return records
Beispiel #2
0
    def load_retrieved_files(self, analysis_report, image_obj):
        """
        Loads the analyzer retrieved files from the image, saves them in the db

        :param retrieve_files_json:
        :param image_obj:
        :return:
        """
        log.info('Loading retrieved files')
        retrieve_files_json = analysis_report.get('retrieve_files')
        if not retrieve_files_json:
            return []

        matches = retrieve_files_json.get('file_content.all',
                                          {}).get('base', {})
        records = []

        for filename, match_string in matches.items():
            match = AnalysisArtifact()
            match.image_user_id = image_obj.user_id
            match.image_id = image_obj.id
            match.analyzer_id = 'retrieve_files'
            match.analyzer_type = 'base'
            match.analyzer_artifact = 'file_content.all'
            match.artifact_key = filename
            try:
                match.binary_value = bytearray(match_string.decode('base64'))
            except:
                log.exception(
                    'Could not b64 decode the file content for {}'.format(
                        filename))
                raise
            records.append(match)

        return records