def post(self):
if "file" in request.files:
f = AttachedFile.from_upload(request.files["file"])
else:
data = loads(request.data)
if "file" in data:
f = AttachedFile.from_upload(data["file"])
else:
abort(400)
return render({"filename": url_for("api.AttachedFiles:get", id=f.id)})
def post(self):
if 'file' in request.files:
f = AttachedFile.from_upload(request.files['file'])
else:
data = loads(request.data)
if 'file' in data:
f = AttachedFile.from_upload(data['file'])
else:
abort(400)
return render({'filename': url_for('api.AttachedFiles:get', id=f.id)})
def post(self):
if 'file' in request.files:
f = AttachedFile.from_upload(request.files['file'])
else:
data = loads(request.data)
if 'file' in data:
f = AttachedFile.from_upload(data['file'])
else:
abort(400)
return render({'filename': url_for('api.AttachedFiles:get', id=f.id)})
def inv_import(self):
if request.method == "GET":
return render_template(
"{}/import.html".format(self.klass.__name__.lower()))
else:
text = request.form.get('text')
url = request.form.get('url')
if text:
investigation = Investigation(import_text=text)
investigation.save()
return redirect(
url_for(
'frontend.InvestigationView:import_from',
id=investigation.id))
else:
try:
if url:
import_method = ImportMethod.objects.get(acts_on="url")
results = import_method.run(url)
else:
target = AttachedFile.from_upload(request.files['file'])
import_method = ImportMethod.objects.get(
acts_on=target.content_type)
results = import_method.run(target)
return redirect(
url_for(
'frontend.InvestigationView:import_wait',
id=results.id))
except DoesNotExist:
flash("This file type is not supported.", "danger")
return render_template(
"{}/import.html".format(self.klass.__name__.lower()))
def attach_file(self, id):
if 'file' not in request.files:
abort(400)
e = get_object_or_404(self.klass, id=id)
f = AttachedFile.from_upload(request.files['file'])
if f:
f.attach(e)
return redirect(url_for('frontend.{}:get'.format(self.__class__.__name__), id=e.id))
def post_save(self, obj, request):
obj.save_observables()
file = request.files.get('vulscan-file')
if file:
file.filename = obj.updated.strftime(
"%Y-%m-%d_%H:%M") + '.{}'.format(file.filename.split('.')[1])
f = AttachedFile.from_upload(file)
f.attach(obj)
def attach_file(self, id):
if 'file' not in request.files:
abort(400)
e = get_object_or_404(self.klass, id=id)
f = AttachedFile.from_upload(request.files['file'])
if f:
f.attach(e)
return redirect(
url_for('frontend.{}:get'.format(self.__class__.__name__), id=e.id))
def save_file(uploaded_file, filename=None):
value = "FILE:{}".format(stream_sha256(uploaded_file))
mime_type = magic.from_buffer(uploaded_file.read(100), mime=True)
uploaded_file.seek(0)
body = AttachedFile.from_upload(uploaded_file, force_mime=mime_type)
f = observables.File.get_or_create(value=value, body=body, mime_type=mime_type)
if not filename:
filename = uploaded_file.filename
if filename not in f.filenames:
f.filenames.append(filename)
return f.save()
def save_file(uploaded_file, filename=None):
value = "FILE:{}".format(stream_sha256(uploaded_file))
mime_type = magic.from_buffer(uploaded_file.read(100), mime=True)
uploaded_file.seek(0)
body = AttachedFile.from_upload(uploaded_file, force_mime=mime_type)
f = observables.File.get_or_create(
value=value, body=body, mime_type=mime_type)
if not filename:
filename = uploaded_file.filename
if filename not in f.filenames:
f.filenames.append(filename)
return f.save()
def save_as_pdf(self, results, url):
tmpdir = mkdtemp()
try:
options = {"load-error-handling": "ignore"}
pdfkit.from_url(url, path.join(tmpdir, 'out.pdf'), options=options)
with open(path.join(tmpdir, 'out.pdf'), 'rb') as pdf:
pdf_import = AttachedFile.from_content(
pdf, 'import.pdf', 'application/pdf')
results.investigation.update(import_document=pdf_import)
except Exception, e:
print e
def save_as_pdf(self, results, url):
tmpdir = mkdtemp()
try:
options = {"load-error-handling": "ignore"}
pdfkit.from_url(url, path.join(tmpdir, 'out.pdf'), options=options)
with open(path.join(tmpdir, 'out.pdf'), 'rb') as pdf:
pdf_import = AttachedFile.from_content(pdf, 'import.pdf',
'application/pdf')
results.investigation.update(import_document=pdf_import)
except Exception, e:
print e
def from_data(cls, data, hash_sha256=None):
"""Creates a Certificate observable based on raw certificate data and
its hash_sha256 value.
"""
if hash_sha256 is None:
hash_sha256 = hashlib.sha256(data).hexdigest()
body = AttachedFile.from_content(
BytesIO(data),
"cert.der",
"application/pkix-cert",
)
return cls.get_or_create(
value="CERT:{}".format(hash_sha256),
body=body,
)
def do_import(self, results, url):
response = requests.get(url, proxies=yeti_config.proxy)
content_type = magic.from_buffer(response.content, mime=True)
if content_type == "text/html":
import_html(results, response.content)
self.save_as_pdf(results, url)
else:
target = AttachedFile.from_content(
StringIO(response.content), url, content_type)
results.investigation.update(import_document=target)
try:
method = ImportMethod.objects.get(acts_on=content_type)
method.do_import(results, target.filepath)
except:
raise ValueError(
"unsupported file type: '{}'".format(content_type))
def do_import(self, results, url):
response = requests.get(url, proxies=yeti_config.proxy)
content_type = magic.from_buffer(response.content, mime=True)
if content_type == "text/html":
import_html(results, response.content)
self.save_as_pdf(results, url)
else:
target = AttachedFile.from_content(StringIO(response.content), url,
content_type)
results.investigation.update(import_document=target)
try:
method = ImportMethod.objects.get(acts_on=content_type)
method.do_import(results, target.filepath)
except:
raise ValueError(
"unsupported file type: '{}'".format(content_type))
def inv_import(self):
if request.method == "GET":
return render_template(
"{}/import.html".format(self.klass.__name__.lower()),
groups=get_user_groups())
else:
text = request.form.get('text')
url = request.form.get('url')
sharing = request.form.get('sharing')
if text:
investigation = Investigation(
created_by=current_user.username, import_text=text)
# set sharing permissions
investigation.save()
investigation.sharing_permissions(sharing)
return redirect(
url_for(
'frontend.InvestigationView:import_from',
id=investigation.id))
else:
try:
if url:
import_method = ImportMethod.objects.get(acts_on="url")
results = import_method.run(url)
elif "file" in request.files:
target = AttachedFile.from_upload(request.files['file'])
import_method = ImportMethod.objects.get(
acts_on=target.content_type)
results = import_method.run(target)
else:
flash("You need to provide an input", "danger")
return redirect(request.referrer)
return redirect(
url_for(
'frontend.InvestigationView:import_wait',
id=results.id))
except DoesNotExist:
flash("This file type is not supported.", "danger")
return render_template(
"{}/import.html".format(self.klass.__name__.lower()))
def post(self):
if 'file' not in request.files:
abort(400)
f = AttachedFile.from_upload(request.files['file'])
return render({'filename': url_for('api.Files:get', id=f.id)})
