def __init__(self, values=None, filename=None, stream=None, create=True):
# When only passing a dict
if isinstance(values, dict):
MongoDict.__init__(self, values)
else:
MongoDict.__init__(self, {})
self['probable_names'] = []
self['parent_analyses'] = []
self['groups'] = []
self['owners'] = []
# filename should be set
if filename is not None and stream is not None:
self._compute_hashes(stream)
# If the file already exists in the database, update it
self.existing = False
existing_file = self.collection.find_one({'sha256': self['sha256']})
if existing_file:
self._add_to_previous(existing_file, filename)
self.existing = True
# Otherwise, compute default properties and save
elif create:
self._store_file(filename, stream)
self._compute_default_properties()
self.save()
def __init__(self, values):
self['status'] = self.STATUS_PENDING
self['executed_modules'] = []
self['pending_modules'] = []
self['waiting_modules'] = []
self['canceled_modules'] = []
self['tags'] = []
self['iocs'] = []
self['results'] = {}
self['generated_files'] = {}
self['extracted_files'] = []
self['support_files'] = {}
self['logs'] = []
self['extractions'] = []
self['probable_names'] = []
self['options'] = {}
self['date'] = datetime.datetime.now()
self['end_date'] = None
self['groups'] = []
self['analyst'] = []
MongoDict.__init__(self, values)
self._file = File(store.files.find_one({'_id': self['file']}))
if '_id' not in self:
self._init_threat_intelligence()
self.save()
if self['modules']:
self.queue_modules(self['modules'])
else:
self._automatic()
def __init__(self, values):
self['permissions'] = []
self['api_key'] = User.generate_api_key()
MongoDict.__init__(self, values)
self.is_authenticated = True
self.is_active = True
self.is_anonymous = False
self.is_api = False
self.files = FilteredCollection(store.files, self.filters())
self.analyses = FilteredCollection(store.analysis, self.filters())
def delete(self):
# First, remove modules from database
for module in ModuleInfo.find():
if module['path'].startswith('fame.modules.{}.'.format(self['name'])):
module.delete()
# Then, delete the files
try:
rmtree(self.path())
except:
pass
# Finally, delete record of repository
MongoDict.delete(self)
def __init__(self, values):
self['status'] = self.STATUS_PENDING
self['executed_modules'] = []
self['pending_modules'] = []
self['waiting_modules'] = []
self['canceled_modules'] = []
self['preloading_modules'] = []
self['tags'] = []
self['iocs'] = []
self['results'] = {}
self['generated_files'] = {}
self['extracted_files'] = []
self['support_files'] = {}
self['logs'] = []
self['extractions'] = []
self['probable_names'] = []
self['options'] = {}
self['date'] = datetime.datetime.now()
self['end_date'] = None
self['groups'] = []
self['analyst'] = []
MongoDict.__init__(self, values)
self._file = File(store.files.find_one({'_id': self['file']}))
if '_id' not in self:
self._init_threat_intelligence()
# Sort preloading and processing modules
if self['modules']:
processing = []
for module_name in self['modules']:
module = dispatcher.get_module(module_name)
if module is not None:
if module.info['type'] == "Preloading":
self['preloading_modules'].append(module_name)
else:
processing.append(module_name)
self['modules'] = processing
self.save()
if self['modules']:
self.queue_modules(self['modules'])
self._automatic()
self.resume()
def __init__(self,
values=None,
filename=None,
stream=None,
create=True,
hash=""):
# When only passing a dict
if isinstance(values, dict):
self['comments'] = []
MongoDict.__init__(self, values)
else:
MongoDict.__init__(self, {})
self['probable_names'] = []
self['parent_analyses'] = []
self['groups'] = []
self['owners'] = []
self['comments'] = []
self['analysis'] = []
if hash:
self._init_with_hash(hash)
else:
self._init_with_file(filename, stream, create)
def __init__(self, values={}):
keyfile = os.path.join(FAME_ROOT, "conf", "id_rsa")
self['ssh_cmd'] = "ssh -o StrictHostKeyChecking=no -i {}".format(
keyfile)
MongoDict.__init__(self, values)
def __init__(self, values):
self["created"] = datetime.now()
self["updated"] = datetime.now()
self["analyses"] = []
MongoDict.__init__(self, values)
def __init__(self, values):
self['created'] = datetime.now()
self['updated'] = datetime.now()
self['analyses'] = []
MongoDict.__init__(self, values)