def all_malicious(request):
log_form = login_form()
if request.user.is_authenticated():
user = User.objects.get(username=request.user.username)
if user.groups.filter(name="standard_users").count() > 0:
output = {'results': {}, 'error': {}, 'session': {}, 'login': {}}
output['login'] = log_form
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "malware")
objs = []
for data in con.find({}, {
'structure.filesize': 1,
'hash_data.file.md5': 1,
'_id': 0
}):
data = json.dumps(data)
data = json.loads(data)
hash_data = data.get("hash_data")
mfile = hash_data.get("file")
mhash = mfile.get("md5")
structure = data.get("structure")
filesize = structure.get("filesize")
obj = {'filesize': filesize, 'hash': mhash}
objs.append(obj)
output['results'] = objs
return render_to_response('reports.html',
output,
context_instance=RequestContext(request))
else:
output = {'results': {}, 'error': {}, 'session': {}}
output['error'] = "You must have a premium account to view this"
return render_to_response('error.html',
output,
context_instance=RequestContext(request))
def all_malicious(request):
log_form = login_form()
if request.user.is_authenticated():
user = User.objects.get(username=request.user.username)
if user.groups.filter(name="standard_users").count() > 0:
output = {"results": {}, "error": {}, "session": {}, "login": {}}
output["login"] = log_form
con = connect_to_mongo("127.0.0.1", 27017, "pdfs", "malware")
objs = []
for data in con.find({}, {"structure.filesize": 1, "hash_data.file.md5": 1, "_id": 0}):
data = json.dumps(data)
data = json.loads(data)
hash_data = data.get("hash_data")
mfile = hash_data.get("file")
mhash = mfile.get("md5")
structure = data.get("structure")
filesize = structure.get("filesize")
obj = {"filesize": filesize, "hash": mhash}
objs.append(obj)
output["results"] = objs
return render_to_response("reports.html", output, context_instance=RequestContext(request))
else:
output = {"results": {}, "error": {}, "session": {}}
output["error"] = "You must have a premium account to view this"
return render_to_response("error.html", output, context_instance=RequestContext(request))
def all_malicious(request):
log_form = login_form()
if request.user.is_authenticated():
user = User.objects.get(username=request.user.username)
if user.groups.filter(name="standard_users").count() > 0:
output = { 'results':{},'error':{},'session':{},'login':{} }
output['login'] = log_form
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "malware")
objs = []
for data in con.find({},{'structure.filesize':1,'hash_data.file.md5':1,'_id':0}):
data = json.dumps(data)
data = json.loads(data)
hash_data = data.get("hash_data")
mfile = hash_data.get("file")
mhash = mfile.get("md5")
structure = data.get("structure")
filesize = structure.get("filesize")
obj = {'filesize':filesize,'hash':mhash}
objs.append(obj)
output['results'] = objs
return render_to_response('reports.html',output,context_instance=RequestContext(request))
else:
output = { 'results':{},'error':{},'session':{} }
output['error'] = "You must have a premium account to view this"
return render_to_response('error.html',output, context_instance=RequestContext(request))
def last_fifty(request):
count = 0
log_form = login_form()
output = { 'results':{},'error':{},'session':{},'login':{} }
output['login'] = log_form
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "file_statistics")
objs = []
res = con.group(['hash'],None,{'initial':[]},'function(obj,prev) { prev.filesize = obj.filesize; prev.hash = obj.hash; prev.date_time = obj.date_time; }')
#for data in con.find({},{'date_time':1,'filesize':1,'hash':1,'_id':0}).sort('date_time',pymongo.DESCENDING).limit(50):
for data in res:
data = json.dumps(data)
data = json.loads(data)
mhash = data.get("hash")
try:
filesize = int(data.get("filesize"))
except:
filesize = "n/a"
timestamp = data.get("date_time")
date_obj = datetime.fromtimestamp(timestamp)
date_time = str(date_obj)
obj = {'date_time':date_time,'filesize':filesize,'hash':mhash}
objs.append(obj)
fobjs = sorted(objs, key=itemgetter('date_time'),reverse=True)
output['results'] = fobjs[0:50]
return render_to_response('reports.html',output,context_instance=RequestContext(request))
def process_file(request):
json = {'results': {}, 'error': {}, 'session': {}, 'login': {}}
log_form = login_form()
if request.method == 'POST':
form = UploadFileForm(request.POST, request.FILES)
if form.is_valid():
data = handle_uploaded_file(request.FILES, request.session,
request.user)
hash = data.file_md5
return HttpResponseRedirect(reverse('report', args=[hash]))
else:
json['error'] = "no file found"
return render_to_response('error.html',
json,
context_instance=RequestContext(request))
else:
json['error'] = "processing file failed"
return render_to_response('error.html',
json,
context_instance=RequestContext(request))
return render_to_response(
'report.html', {
'results': simplejson.dumps(data, cls=DjangoJSONEncoder),
'login': log_form
},
context_instance=RequestContext(request))
def handle_login(request):
json = {
'errors': {},
'text': {},
'success': False,
}
form = login_form(request.POST)
if form.is_valid():
user = authenticate(username=request.POST['username'],
password=request.POST['password'])
if user is not None:
if user.is_active:
login(request, user)
form = UploadFileForm()
return render_to_response('index.html',{'form': form},context_instance=RequestContext(request))
else:
# Return a 'disabled account' error message
json['error']= 'Account disabled.'
return render_to_response('error.html',json, context_instance=RequestContext(request))
else:
# Return an 'invalid login' error message.
json['error'] = 'Username and/or password invalid.'
return render_to_response('error.html',json, context_instance=RequestContext(request))
else:
json['error'] = "Please fill in all fields"
return render_to_response('error.html',json, context_instance=RequestContext(request))
return HttpResponse(simplejson.dumps(json, cls=DjangoJSONEncoder))
def last_fifty(request):
count = 0
log_form = login_form()
output = {'results': {}, 'error': {}, 'session': {}, 'login': {}}
output['login'] = log_form
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "file_statistics")
objs = []
res = con.group(['hash'], None, {
'initial': []
}, 'function(obj,prev) { prev.filesize = obj.filesize; prev.hash = obj.hash; prev.date_time = obj.date_time; }'
)
#for data in con.find({},{'date_time':1,'filesize':1,'hash':1,'_id':0}).sort('date_time',pymongo.DESCENDING).limit(50):
for data in res:
data = json.dumps(data)
data = json.loads(data)
mhash = data.get("hash")
try:
filesize = int(data.get("filesize"))
except:
filesize = "n/a"
timestamp = data.get("date_time")
date_obj = datetime.fromtimestamp(timestamp)
date_time = str(date_obj)
obj = {'date_time': date_time, 'filesize': filesize, 'hash': mhash}
objs.append(obj)
fobjs = sorted(objs, key=itemgetter('date_time'), reverse=True)
output['results'] = fobjs[0:50]
return render_to_response('reports.html',
output,
context_instance=RequestContext(request))
def interact(request,rhash,template_name):
json = { 'results':{},'error':{},'session':{},'login':{} }
log_form = login_form()
json['login'] = log_form
error_text = rhash + '_store_error'
if request.session.get(error_text):
json['error'] = request.session[error_text]
if request.session.get(rhash):
json['results'] = request.session[rhash]
return render_to_response(template_name,json,context_instance=RequestContext(request))
else:
data = get_sample(rhash)
if data == None:
json['error'] = "File not yet uploaded"
return render_to_response('error.html',json, context_instance=RequestContext(request))
else:
has_related = contains_related(data.file_md5)
if has_related == False:
related_data = generate_related(data) #get the related in JSON form
data.add_related(related_data) #send that to the object for processing
upsert_related_sample(data.file_md5,related_data) #update the mongo record with the related data
json['results'] = data
request.session[rhash] = data
return render_to_response(template_name,json,context_instance=RequestContext(request))
def accounts(request):
form = UploadFileForm()
log_form = login_form()
return render_to_response('accounts.html', {
'form': form,
'login': log_form
},
context_instance=RequestContext(request))
def handle_register(request):
json = {
'error': {},
'text': {},
'success': False,
}
form = register_form(request.POST)
if form.is_valid():
username = request.POST['username']
first = request.POST['first']
last = request.POST['last']
company = request.POST['company']
email = request.POST['email']
password = request.POST['password']
confirm_password = request.POST['confirm_password']
if password == confirm_password:
user, created = User.objects.get_or_create(first_name = first, last_name = last, username = username, email = email)
standard_users = Group.objects.get(name="standard_users")
if created:
user.set_password(password)
user.groups.add(standard_users)
user.is_active = True
user.save()
key = hashlib.sha224(username + email + ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(10))).hexdigest()
profile = user_profile(api_key=key,company=company,user=user)
profile.save()
json['success'] = True
json['text'] = "Registration successful"
form = UploadFileForm()
log_form = login_form()
return render_to_response('index.html',{'form': form,'login':log_form},context_instance=RequestContext(request))
else:
json['success'] = False
json['error'] = "Username already taken"
return render_to_response('error.html',json, context_instance=RequestContext(request))
else:
json['success'] = False
json['error'] = "Passwords do not match"
return render_to_response('error.html',json, context_instance=RequestContext(request))
else:
json['error'] = form.errors
return render_to_response('error.html',json, context_instance=RequestContext(request))
return HttpResponse(simplejson.dumps(json, cls=DjangoJSONEncoder))
def process_file(request):
json = { 'results':{},'error':{},'session':{},'login':{} }
log_form = login_form()
if request.method == 'POST':
form = UploadFileForm(request.POST, request.FILES)
if form.is_valid():
data = handle_uploaded_file(request.FILES,request.session,request.user)
hash = data.file_md5
return HttpResponseRedirect(reverse('report', args=[hash]))
else:
json['error'] = "no file found"
return render_to_response('error.html',json, context_instance=RequestContext(request))
else:
json['error'] = "processing file failed"
return render_to_response('error.html',json, context_instance=RequestContext(request))
return render_to_response('report.html', {'results': simplejson.dumps(data, cls=DjangoJSONEncoder), 'login': log_form}, context_instance=RequestContext(request))
def interact(request, rhash, template_name):
json = {'results': {}, 'error': {}, 'session': {}, 'login': {}}
log_form = login_form()
json['login'] = log_form
error_text = rhash + '_store_error'
if request.session.get(error_text):
json['error'] = request.session[error_text]
if request.session.get(rhash):
json['results'] = request.session[rhash]
return render_to_response(template_name,
json,
context_instance=RequestContext(request))
else:
data = get_sample(rhash)
if data == None:
json['error'] = "File not yet uploaded"
return render_to_response('error.html',
json,
context_instance=RequestContext(request))
else:
has_related = contains_related(data.file_md5)
if has_related == False:
related_data = generate_related(
data) #get the related in JSON form
data.add_related(
related_data) #send that to the object for processing
upsert_related_sample(
data.file_md5, related_data
) #update the mongo record with the related data
json['results'] = data
request.session[rhash] = data
return render_to_response(template_name,
json,
context_instance=RequestContext(request))
def main(request):
log_form = login_form()
return render_to_response('api.html',{'login': log_form},context_instance=RequestContext(request))
def standard(request):
form = SearchForm()
log_form = login_form()
sform = SearchOptions()
return render_to_response('search.html',{'form': form, 'login': log_form,'sform':sform},context_instance=RequestContext(request))
def main(request):
log_form = login_form()
return render_to_response('api.html', {'login': log_form},
context_instance=RequestContext(request))
def handle_logout(request):
logout(request)
form = UploadFileForm()
log_form = login_form()
return render_to_response('index.html',{'form': form, 'login': log_form},context_instance=RequestContext(request))
def show_login(request):
form = login_form()
return render_to_response('login.html',{'form': form},context_instance=RequestContext(request))
def accounts(request):
form = UploadFileForm()
log_form = login_form()
return render_to_response('accounts.html',{'form': form, 'login': log_form},context_instance=RequestContext(request))