def check():
'''
Check for update
'''
print('==== ExtAnalysis Update Check ====')
core.updatelog('Current Version: ' + core.version)
current_version = int(core.version.replace('.', ''))
core.updatelog('Getting new version from github')
v = scan.source_code(core.version_url)
if v[0]:
# Successfully acquired source code
try:
# validate version
latest_version = int(v[1].replace('.', '').replace('\n', ''))
core.updatelog('Latest version: ' + v[1])
if latest_version > current_version:
# Update available
update_prompt = input(
'New Version available! Update Now? (y/n): ').lower()
if update_prompt == 'y':
# update it
update()
else:
core.updatelog(
'Update cancled! Make sure update the app later')
core.handle_exit()
elif latest_version == current_version:
print("you're already on the latest version!")
core.handle_exit()
else:
print('The script was tampered with and i don\'t like it!')
core.handle_exit()
except Exception as e:
core.updatelog('Invalid response from github')
logging.error(traceback.format_exc())
core.handle_exit()
else:
core.updatelog(
'Something went wrong while getting version from github')
core.handle_exit()
def init_settings():
# Check if reports file exist if not create an empty one
if not os.path.isfile(core.report_index):
rif = open(core.report_index, 'w+')
empty_reports = {"reports": []}
rif.write(json.dumps(empty_reports, indent=4))
rif.close()
core.updatelog('Created empty reports file')
# Check if settings file exist if not get the contents from github and create one
if not os.path.isfile(core.settings_file):
core.updatelog(
'Could not find settings.json file. Downloading it from github...')
try:
import urllib.request
raw_settings = 'https://raw.githubusercontent.com/Tuhinshubhra/ExtAnalysis/master/settings.json'
urllib.request.urlretrieve(raw_settings, core.settings_file)
core.updatelog('New settings file successfully generated!')
except Exception as e:
core.updatelog(
'Error {0} encountered while getting settings file from github... Please download a clean version of ExtAnalysis from github.'
.format(str(e)))
logging.error(traceback.format_exc())
core.handle_exit()
if os.path.isfile(core.settings_file):
try:
with open(core.settings_file, 'r') as sc:
settings = json.loads(sc.read())
'''
INIT VIRUSTOTAL API
'''
if settings['virustotal_api'] != '':
core.virustotal_api = settings['virustotal_api']
else:
core.updatelog(
'Virustotal api was not specified... Files won\'t be scanned'
)
'''
INIT REPORT DIRECTORY...
'''
new_results_dir = settings['results_directory_path']
old_results_dir = settings['old_result_directory']
if new_results_dir == '':
new_results_dir = core.reports_path
if old_results_dir == '':
old_results_dir = core.reports_path
### Check if the results directory have changed... if yes we have to change paths
if new_results_dir != old_results_dir:
core.updatelog(
'Reports path change detected! fixing old paths and updating report index...'
)
path_changed(old_results_dir, new_results_dir)
# set it
if core.reports_path != new_results_dir:
if os.path.isdir(new_results_dir):
core.reports_path = new_results_dir
else:
core.updatelog(
'Invalid results_directory_path specified in settings.json! using default path: {0}'
.format(core.reports_path))
'''
INIT LAB DIRECTORY
'''
lab_dir = settings['lab_directory_path']
if lab_dir != '' and lab_dir != core.lab_path:
if os.path.isdir(lab_dir):
core.lab_path = lab_dir
else:
core.updatelog(
'Invalid lab_directory_path specified in settings.json! using default lab path: {0}'
.format(core.lab_path))
elif lab_dir == '' and not os.path.isdir(core.lab_path):
core.updatelog('Creating lab directory: ' + core.lab_path)
try:
os.mkdir(core.lab_path)
except:
core.updatelog(
'Something went wrong while creating lab directory!')
logging.error(traceback.format_exc())
core.handle_exit()
'''
CHECK IGNORE CSS VAR
'''
if not settings['ignore_css']:
core.ignore_css = False
core.updatelog('CSS files will not be ignored!')
'''
ALL THE INTEL EXTRACTION SETTINGS GO HERE
'''
if not settings['extract_comments']:
# comment extraction set to false
core.extract_comments = False
core.updatelog('Skipping comments extraction')
if not settings['extract_btc_addresses']:
# BTC Address extraction set to false
core.extract_btc_addresses = False
core.updatelog('Skipping Bitcoin address extraction')
if not settings['extract_base64_strings']:
# Base64 encoded strings extraction set to false
core.extract_base64_strings = False
core.updatelog('Skipping Base64 strings extraction')
if not settings['extract_email_addresses']:
# Comments extraction set to false
core.extract_email_addresses = False
core.updatelog('Skipping email address extraction')
if not settings['extract_ipv4_addresses']:
# IPv4 address extraction set to false
core.extract_ipv4_addresses = False
core.updatelog('Skipping IPv4 address extraction')
if not settings['extract_ipv6_addresses']:
# IPv6 address extraction set to false
core.extract_ipv6_addresses = False
core.updatelog('Skipping IPv6 address extraction')
return [True, 'All settings loaded']
except Exception as e:
core.updatelog(
'Something went wrong while reading settings file. Error: ' +
str(e))
logging.error(traceback.format_exc())
return [False, 'error reading settings file']
else:
core.updatelog(
'Settings file not found... Some features might not work as intended'
)
return [False, 'settings.json not found']
def init_settings():
if os.path.isfile(core.settings_file):
try:
with open(core.settings_file, 'r') as sc:
settings = json.loads(sc.read())
'''
INIT VIRUSTOTAL API
'''
if settings['virustotal_api'] != '':
core.virustotal_api = settings['virustotal_api']
else:
core.updatelog('Virustotal api was not specified... Files won\'t be scanned')
'''
INIT REPORT DIRECTORY...
'''
new_results_dir = settings['results_directory_path']
old_results_dir = settings['old_result_directory']
if new_results_dir == '':
new_results_dir = core.reports_path
if old_results_dir == '':
old_results_dir = core.reports_path
### Check if the results directory have changed... if yes we have to change paths
if new_results_dir != old_results_dir:
core.updatelog('Reports path change detected! fixing old paths and updating report index...')
path_changed(old_results_dir, new_results_dir)
# set it
if core.reports_path != new_results_dir:
if os.path.isdir(new_results_dir):
core.reports_path = new_results_dir
else:
core.updatelog('Invalid results_directory_path specified in settings.json! using default path: {0}'.format(core.reports_path))
'''
INIT LAB DIRECTORY
'''
lab_dir = settings['lab_directory_path']
if lab_dir != '' and lab_dir != core.lab_path:
if os.path.isdir(lab_dir):
core.lab_path = lab_dir
else:
core.updatelog('Invalid lab_directory_path specified in settings.json! using default lab path: {0}'.format(core.lab_path))
elif lab_dir == '' and not os.path.isdir(core.lab_path):
core.updatelog('Creating lab directory: ' + core.lab_path)
try:
os.mkdir(core.lab_path)
except:
core.updatelog('Something went wrong while creating lab directory!')
logging.error(traceback.format_exc())
core.handle_exit()
'''
CHECK IGNORE CSS VAR
'''
if not settings['ignore_css']:
core.ignore_css = False
core.updatelog('CSS files will not be ignored!')
'''
ALL THE INTEL EXTRACTION SETTINGS GO HERE
'''
if not settings['extract_comments']:
# comment extraction set to false
core.extract_comments = False
core.updatelog('Skipping comments extraction')
if not settings['extract_btc_addresses']:
# BTC Address extraction set to false
core.extract_btc_addresses = False
core.updatelog('Skipping Bitcoin address extraction')
if not settings['extract_base64_strings']:
# Base64 encoded strings extraction set to false
core.extract_base64_strings = False
core.updatelog('Skipping Base64 strings extraction')
if not settings['extract_email_addresses']:
# Comments extraction set to false
core.extract_email_addresses = False
core.updatelog('Skipping email address extraction')
if not settings['extract_ipv4_addresses']:
# IPv4 address extraction set to false
core.extract_ipv4_addresses = False
core.updatelog('Skipping IPv4 address extraction')
if not settings['extract_ipv6_addresses']:
# IPv6 address extraction set to false
core.extract_ipv6_addresses = False
core.updatelog('Skipping IPv6 address extraction')
return [True, 'All settings loaded']
except Exception as e:
core.updatelog('Something went wrong while reading settings file. Error: ' + str(e))
logging.error(traceback.format_exc())
return [False, 'error reading settings file']
else:
core.updatelog('Settings file not found... Some features might not work as intended')
return [False, 'settings.json not found']