Beispiel #1
0
def run_module():
    project = request.forms.get('project')
    if project:
        __project__.open(project)

    sha256 = request.forms.get('sha256')
    if sha256:
        file_path = get_sample_path(sha256)
        if file_path:
            __sessions__.new(file_path)

    module_name = request.forms.get('module')
    if module_name in __modules__:
        module = __modules__[module_name]['obj']()
        module.run()

        module_output = copy.deepcopy(module.output)
        del (module.output[:])

        if module_output:
            return jsonize(
                dict(project=project,
                     module=module_name,
                     sha256=sha256,
                     output=module_output))
Beispiel #2
0
def module_cmdline(project=None, cmd_line=None, file_hash=None):
    html = ""
    cmd = Commands()
    split_commands = cmd_line.split(';')
    for split_command in split_commands:
        split_command = split_command.strip()
        if not split_command:
            continue
        root, args = parse(split_command)
        try:
            if root in cmd.commands:
                cmd.commands[root]['obj'](*args)
                html += print_output(cmd.output)
                del (cmd.output[:])
            elif root in __modules__:
                # if prev commands did not open a session open one on the current file
                if file_hash:
                    __project__.open(project)
                    path = get_sample_path(file_hash)
                    __sessions__.new(path)
                module = __modules__[root]['obj']()
                module.set_commandline(args)
                module.run()

                html += print_output(module.output)
                if cfg.modules.store_output and __sessions__.is_set():
                    Database().add_analysis(file_hash, split_command, module.output)
                del (module.output[:])
            else:
                html += '<p class="text-danger">{0} is not a valid command</p>'.format(cmd_line)
        except Exception:
            html += '<p class="text-danger">We were unable to complete the command {0}</p>'.format(cmd_line)
    __sessions__.close()
    return html
Beispiel #3
0
    def create(self, request, project=None, db=None, *args, **kwargs):
        """Create a new Project"""
        # kwargs provided by URLs/Routers: -

        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)

        if serializer.validated_data['name'] in get_project_list():
            # exists already
            # return Response(data=serializer.validated_data, status=status.HTTP_200_OK)
            error = {
                "error": {
                    "code":
                    "ExistsAlready",
                    "message":
                    "Project exists already: {}".format(
                        serializer.validated_data['name'])
                }
            }
            raise ValidationError(detail=error)

        new_project_new = serializer.validated_data['name']

        __project__.open(new_project_new)

        serializer_new = self.get_serializer(new_project_new)
        headers = self.get_success_headers(serializer_new.data)

        return Response(data=serializer_new.data,
                        status=status.HTTP_201_CREATED,
                        headers=headers)
Beispiel #4
0
def main():
    parser = argparse.ArgumentParser()
    parser.add_argument("-p",
                        "--project",
                        help="Specify a new or existing project name",
                        action="store",
                        required=False)
    parser.add_argument("-f",
                        "--file",
                        help="Specify a file to be opened directly",
                        action="store",
                        required=False)
    parser.add_argument("--version", action="version", version=__version__)

    args = parser.parse_args()

    if args.project:
        __project__.open(args.project)

    if args.file:
        if not os.path.exists(args.file):
            print("ERROR: The specified path does not exist")
            sys.exit(-1)

        __sessions__.new(args.file)

    c = console.Console()
    c.start()
Beispiel #5
0
    def run(self):
        super(pstParse, self).run()
        pst_path = __sessions__.current.file.path
        pff_test = subprocess.call('pffexport -V', shell=True)
        if pff_test == 127:
            self.log('error', "pffexport not install. Try: 'sudo apt-get install pff-tools'")
            return

        new_proj = self.args.proj
        save_path = self.args.output
            
        if new_proj:
            self.log('info', "Creating New Project")
            project_name = str(datetime.date.today())
            __project__.open('pst_{0}'.format(project_name))

        if save_path:
            save_path = self.args.output
        else:
            save_path = tempfile.mkdtemp()

        self.log('info', "Temp Dir created at {0}".format(save_path))
        
        self.log('info', "Processing Attachments, this might take a while...")
        counter = self.parse_pst(save_path, pst_path)
        self.log('success', "Stored {0} Email attachments".format(counter))
        
        if not self.args.keep:
            try:
                shutil.rmtree('{0}.export'.format(save_path))
                shutil.rmtree(save_path)
                self.log('info', "Removing Temp Dir")
            except OSError as e:
                self.log('error', "Unable to delete tmpdir: {0}".format(e))
Beispiel #6
0
    def post(self, request, *args, **kwargs):
        # Get the project and hash of the file
        project = kwargs.get('project', 'default')
        file_hash = request.POST.get('file_hash')
        try:
            hex_offset = int(request.POST.get('hex_start'))
        except Exception:
            return '<p class="text-danger">Error Generating Request</p>'
        hex_length = 256

        # get file path
        __project__.open(project)
        hex_path = get_sample_path(file_hash)

        # create the command string
        hex_cmd = 'hd -s {0} -n {1} {2}'.format(hex_offset, hex_length, hex_path)

        # get the output
        hex_string = getoutput(hex_cmd)
        # Format the data
        html_string = ''
        hex_rows = hex_string.split('\n')
        for row in hex_rows:
            if len(row) > 9:
                off_str = row[0:8]
                hex_str = row[9:58]
                asc_str = row[58:78]
                asc_str = asc_str.replace('"', '&quot;')
                asc_str = asc_str.replace('<', '&lt;')
                asc_str = asc_str.replace('>', '&gt;')
                html_string += '<div class="row"><span class="text-primary mono">{0}</span> \
                                <span class="text-muted mono">{1}</span> <span class="text-success mono"> \
                                {2}</span></div>'.format(off_str, hex_str, asc_str)
        # return the data
        return HttpResponse(html_string)
Beispiel #7
0
def module_cmdline(project=None, cmd_line=None, file_hash=None):
    html = ""
    cmd = Commands()
    split_commands = cmd_line.split(';')
    for split_command in split_commands:
        split_command = split_command.strip()
        if not split_command:
            continue
        root, args = parse(split_command)
        try:
            if root in cmd.commands:
                cmd.commands[root]['obj'](*args)
                html += print_output(cmd.output)
                del (cmd.output[:])
            elif root in __modules__:
                # if prev commands did not open a session open one on the current file
                if file_hash:
                    __project__.open(project)
                    path = get_sample_path(file_hash)
                    __sessions__.new(path)
                module = __modules__[root]['obj']()
                module.set_commandline(args)
                module.run()

                html += print_output(module.output)
                if cfg.modules.store_output and __sessions__.is_set():
                    Database().add_analysis(file_hash, split_command, module.output)
                del (module.output[:])
            else:
                html += '<p class="text-danger">{0} is not a valid command</p>'.format(cmd_line)
        except Exception:
            html += '<p class="text-danger">We were unable to complete the command {0}</p>'.format(cmd_line)
    __sessions__.close()
    return html
Beispiel #8
0
        def func_wrapper(viewset, *args, **kwargs):
            log.debug("running decorator: get_project_open_db - called by: {}".
                      format(viewset))

            project = viewset.kwargs.get(viewset.lookup_field_project, None)
            if project == 'default':
                __project__.open(project)
                db = Database()
            elif project in get_project_list():
                log.debug("setting project to: {}".format(project))
                __project__.open(project)
                db = Database()
            else:
                db = None

            if not db:
                error = {
                    "error": {
                        "code": "NotFound",
                        "message": "Project not found: {}".format(project)
                    }
                }
                log.error(error)
                raise NotFound(detail=error)

            return func(viewset, project=project, db=db, *args, **kwargs)
Beispiel #9
0
    def post(self, request, *args, **kwargs):
        # Get the project and hash of the file
        project = kwargs.get('project', 'default')
        file_hash = request.POST.get('file_hash')
        try:
            hex_offset = int(request.POST.get('hex_start'))
        except:
            return '<p class="text-danger">Error Generating Request</p>'
        hex_length = 256

        # get file path
        __project__.open(project)
        hex_path = get_sample_path(file_hash)

        # create the command string
        hex_cmd = 'hd -s {0} -n {1} {2}'.format(hex_offset, hex_length, hex_path)

        # get the output
        hex_string = getoutput(hex_cmd)
        # Format the data
        html_string = ''
        hex_rows = hex_string.split('\n')
        for row in hex_rows:
            if len(row) > 9:
                off_str = row[0:8]
                hex_str = row[9:58]
                asc_str = row[58:78]
                asc_str = asc_str.replace('"', '&quot;')
                asc_str = asc_str.replace('<', '&lt;')
                asc_str = asc_str.replace('>', '&gt;')
                html_string += '<div class="row"><span class="text-primary mono">{0}</span> \
                                <span class="text-muted mono">{1}</span> <span class="text-success mono"> \
                                {2}</span></div>'.format(off_str, hex_str, asc_str)
        # return the data
        return HttpResponse(html_string)
Beispiel #10
0
def file_download(file_hash, project=False):
    if project in project_list():
        __project__.open(project)
    else:
        __project__.open('../')
        project = 'Main'
    # Open the Database
    db = Database()
    # Open a session
    rows = db.find(key='sha256', value=file_hash)
    if not rows:
        return template(
            'error.tpl',
            error="{0} Does not match any hash in the Database".format(
                file_hash))

    path = get_sample_path(rows[0].sha256)
    if not path:
        return template('error.tpl', error="File not found on disk")

    response.content_length = os.path.getsize(path)
    response.content_type = 'application/octet-stream; charset=UTF-8'
    data = ''
    for chunk in File(path).get_chunks():
        data += chunk
    return data
Beispiel #11
0
    def post(self, request, *args, **kwargs):
        project_name = request.POST['project'].replace(' ', '_')
        if project_name not in get_project_list():
            log.debug("creating new project: {}".format(project_name))

        log.debug("redirecting to project: {}".format(project_name))
        __project__.open(project_name)
        return redirect(reverse('main-page-project', kwargs={'project': project_name}))
Beispiel #12
0
    def post(self, request, *args, **kwargs):
        project_name = request.POST['project'].replace(' ', '_')
        if project_name not in get_project_list():
            log.debug("creating new project: {}".format(project_name))

        log.debug("redirecting to project: {}".format(project_name))
        __project__.open(project_name)
        return redirect(reverse('main-page-project', kwargs={'project': project_name}))
Beispiel #13
0
def open_db(project):
    # Check for valid project
    project_list = __project__.list()
    if any(d.get('name', None) == project for d in project_list):
        # Open Project
        __project__.open(project)
        # Init DB
        return Database()
Beispiel #14
0
    def cmd_projects(self, *args):
        parser = argparse.ArgumentParser(
            prog='projects',
            description="Open a file",
            epilog="List or switch existing projects")
        group = parser.add_mutually_exclusive_group()
        group.add_argument('-l',
                           '--list',
                           action='store_true',
                           help="List all existing projects")
        group.add_argument('-s',
                           '--switch',
                           metavar='PROJECT NAME',
                           help="Switch to the specified project")

        try:
            args = parser.parse_args(args)
        except:
            return

        projects_path = os.path.join(os.getcwd(), 'projects')

        if not os.path.exists(projects_path):
            self.log('info', "The projects directory does not exist yet")
            return

        if args.list:
            self.log('info', "Projects Available:")

            rows = []
            for project in os.listdir(projects_path):
                project_path = os.path.join(projects_path, project)
                if os.path.isdir(project_path):
                    current = ''
                    if __project__.name and project == __project__.name:
                        current = 'Yes'
                    rows.append([
                        project,
                        time.ctime(os.path.getctime(project_path)), current
                    ])

            self.log(
                'table',
                dict(header=['Project Name', 'Creation Time', 'Current'],
                     rows=rows))
        elif args.switch:
            if __sessions__.is_set():
                __sessions__.close()
                self.log('info', "Closed opened session")

            __project__.open(args.switch)
            self.log('info',
                     "Switched to project {0}".format(bold(args.switch)))

            # Need to re-initialize the Database to open the new SQLite file.
            self.db = Database()
        else:
            self.log('info', parser.print_usage())
Beispiel #15
0
def open_db(project):
    # Check for valid project
    if project == 'default':
        __project__.open(project)
        return Database()
    else:
        try:
            __project__.open(project)
            return Database()
        except Exception:
            return False
Beispiel #16
0
def open_db(project):
    project_list = __project__.list()
    # Check for valid project
    if project == 'default':
        __project__.open(project)
    elif any(d.get('name', None) == project for d in project_list):
        # Open Project
        __project__.open(project)
    else:
        return False
    return Database()
Beispiel #17
0
def open_db(project):
    # Check for valid project
    if project == 'default':
        __project__.open(project)
        return Database()
    else:
        try:
            __project__.open(project)
            return Database()
        except Exception:
            return False
Beispiel #18
0
def tags(tag_action=False):
    # Set DB
    db = Database()

    # Search or Delete
    if request.method == 'GET':
        action = request.query.action
        value = request.query.value.strip()

        if value:
            if action == 'search':
                # This will search all projects
                # Get project list
                projects = project_list()
                # Add Main db to list.
                projects.append('../')
                # Search All projects
                p_list = []
                results = {}
                for project in projects:
                    __project__.open(project)
                    # Init DB
                    db = Database()
                    #get results
                    proj_results = []
                    rows = db.find(key='tag', value=value)
                    for row in rows:
                        if project == '../':
                            project = 'Main'
                        proj_results.append([row.name, row.sha256])
                    results[project] = proj_results
                    p_list.append(project)
                # Return the search template
                return template('search.tpl', projects=p_list, results=results)
            else:
                return template(
                    'error.tpl',
                    error="'{0}' Is not a valid tag action".format(action))

    # Add / Delete
    if request.method == 'POST':
        file_hash = request.forms.get('sha256')
        project = request.forms.get('project')
        tag_name = request.forms.get('tag')
        if tag_action == 'add':
            if file_hash and project:
                tags = request.forms.get('tags')
                db.add_tags(file_hash, tags)
        if tag_action == 'del':
            if file_hash and tag_name:
                db.delete_tag(tag_name, file_hash)
        redirect('/file/{0}/{1}'.format(project, file_hash))
Beispiel #19
0
def add_file():
    tags = request.forms.get('tag_list')
    uploads = request.files.getlist('file')

    # Set Project
    project = request.forms.get('project')
    if project in project_list():
        __project__.open(project)
    else:
        __project__.open('../')
        project = 'Main'
    db = Database()
    file_list = []
    # Write temp file to disk
    with upload_temp() as temp_dir:
        for upload in uploads:
            file_path = os.path.join(temp_dir, upload.filename)
            with open(file_path, 'w') as tmp_file:
                tmp_file.write(upload.file.read())
            # Zip Files
            if request.forms.get('unzip'):
                zip_pass = request.forms.get('zip_pass')
                try:
                    with ZipFile(file_path) as zf:
                        zf.extractall(temp_dir, pwd=zip_pass)
                    for root, dirs, files in os.walk(temp_dir, topdown=False):
                        for name in files:
                            if not name == upload.filename:
                                file_list.append(os.path.join(root, name))
                except Exception as e:
                    return template('error.tpl',
                                    error="Error with zipfile - {0}".format(e))
            # Non zip files
            else:
                file_list.append(file_path)

        # Add each file
        for new_file in file_list:
            print new_file
            obj = File(new_file)
            new_path = store_sample(obj)
            success = True
            if new_path:
                # Add file to the database.
                success = db.add(obj=obj, tags=tags)
                if not success:
                    return template(
                        'error.tpl',
                        error="Unable to Store The File: {0}".format(
                            upload.filename))
    redirect("/project/{0}".format(project))
Beispiel #20
0
def tags(tag_action=False):
    # Set DB
    db = Database()
    
    # Search or Delete
    if request.method == 'GET':
        action = request.query.action
        value = request.query.value.strip()
        
        if value:
            if action == 'search':
                # This will search all projects
                # Get project list
                projects = project_list()
                # Add Main db to list.
                projects.append('../')
                # Search All projects
                p_list = []
                results = {}
                for project in projects:
                    __project__.open(project)
                    # Init DB
                    db = Database()
                    #get results
                    proj_results = []
                    rows = db.find(key='tag', value=value)
                    for row in rows:
                        if project == '../':
                            project = 'Main'
                        proj_results.append([row.name, row.sha256])
                    results[project] = proj_results
                    p_list.append(project)
                # Return the search template
                return template('search.tpl', projects=p_list, results=results)
            else:
                return template('error.tpl', error="'{0}' Is not a valid tag action".format(action))
                             
    # Add / Delete                        
    if request.method == 'POST':
        file_hash = request.forms.get('sha256')
        project = request.forms.get('project')
        tag_name = request.forms.get('tag')
        if tag_action == 'add':
            if file_hash and project:
                tags = request.forms.get('tags')
                db.add_tags(file_hash, tags)
        if tag_action == 'del':
            if file_hash and tag_name:
                db.delete_tag(tag_name, file_hash)
        redirect('/file/{0}/{1}'.format(project, file_hash))
Beispiel #21
0
def tags(tag_action=False):
    # Set DB
    db = Database()

    # Search or Delete
    if request.method == "GET":
        action = request.query.action
        value = request.query.value.strip()

        if value:
            if action == "search":
                # This will search all projects
                # Get project list
                projects = project_list()
                # Add Main db to list.
                projects.append("../")
                # Search All projects
                p_list = []
                results = {}
                for project in projects:
                    __project__.open(project)
                    # Init DB
                    db = Database()
                    # get results
                    proj_results = []
                    rows = db.find(key="tag", value=value)
                    for row in rows:
                        if project == "../":
                            project = "Main"
                        proj_results.append([row.name, row.sha256])
                    results[project] = proj_results
                    p_list.append(project)
                # Return the search template
                return template("search.tpl", projects=p_list, results=results)
            else:
                return template("error.tpl", error="'{0}' Is not a valid tag action".format(action))

    # Add / Delete
    if request.method == "POST":
        file_hash = request.forms.get("sha256")
        project = request.forms.get("project")
        tag_name = request.forms.get("tag")
        if tag_action == "add":
            if file_hash and project:
                tags = request.forms.get("tags")
                db.add_tags(file_hash, tags)
        if tag_action == "del":
            if file_hash and tag_name:
                db.delete_tag(tag_name, file_hash)
        redirect("/file/{0}/{1}".format(project, file_hash))
Beispiel #22
0
def cuckoo_submit():
    # Get Query Strings
    project = request.query.project
    file_hash = request.query.hash
    if project in project_list():
        __project__.open(project)
    else:
        __project__.open("../")
        project = "Main"
    # Open the Database
    db = Database()
    # Open a session
    try:
        path = get_sample_path(file_hash)
        __sessions__.new(path)
    except:
        return '<span class="alert alert-danger">Invalid Submission</span>'

    try:
        # Return URI For Existing Entry
        check_uri = "{0}/files/view/sha256/{1}".format(cuckoo_api, file_hash)
        check_file = requests.get(check_uri)
        if check_file.status_code == 200:
            check_result = dict(check_file.json())
            cuckoo_id = check_result["sample"]["id"]
            return '<a href="{0}/submit/status/{1}" target="_blank"> Link To Cukoo Report</a>'.format(
                cuckoo_web, str(cuckoo_id)
            )
    except Exception as e:
        return '<span class="alert alert-danger">Error Connecting To Cuckoo</span>'

    # If it doesn't exist, submit it.

    # Get the file data from viper
    file_data = open(__sessions__.current.file.path, "rb").read()
    file_name = __sessions__.current.file.name

    if file_data:
        # Submit file data to cuckoo
        uri = "{0}{1}".format(cuckoo_api, "/tasks/create/file")
        options = {"file": (file_name, file_data)}
        cuckoo_response = requests.post(uri, files=options)
        if cuckoo_response.status_code == 200:
            cuckoo_id = dict(cuckoo_response.json())["task_id"]
            return '<a href="{0}/submit/status/{1}" target="_blank"> Link To Cukoo Report</a>'.format(
                cuckoo_web, str(cuckoo_id)
            )
    else:
        return '<span class="alert alert-danger">Unable to Submit File</span>'
Beispiel #23
0
    def cmd_projects(self, *args):
        parser = argparse.ArgumentParser(prog='projects', description="Open a file", epilog="List or switch existing projects")
        group = parser.add_mutually_exclusive_group()
        group.add_argument('-l', '--list', action='store_true', help="List all existing projects")
        group.add_argument('-s', '--switch', metavar='PROJECT NAME', help="Switch to the specified project")

        try:
            args = parser.parse_args(args)
        except:
            return

        cfg = Config()
        if cfg.paths.storage_path:
            base_path = cfg.paths.storage_path
        else:
            base_path = os.path.join(expanduser("~"), '.viper')

        projects_path = os.path.join(base_path, 'projects')
        
        if not os.path.exists(projects_path):
            self.log('info', "The projects directory does not exist yet")
            return

        if args.list:
            self.log('info', "Projects Available:")

            rows = []
            for project in os.listdir(projects_path):
                project_path = os.path.join(projects_path, project)
                if os.path.isdir(project_path):
                    current = ''
                    if __project__.name and project == __project__.name:
                        current = 'Yes'
                    rows.append([project, time.ctime(os.path.getctime(project_path)), current])

            self.log('table', dict(header=['Project Name', 'Creation Time', 'Current'], rows=rows))
        elif args.switch:
            if __sessions__.is_set():
                __sessions__.close()
                self.log('info', "Closed opened session")

            __project__.open(args.switch)
            self.log('info', "Switched to project {0}".format(bold(args.switch)))

            # Need to re-initialize the Database to open the new SQLite file.
            self.db = Database()
        else:
            self.log('info', parser.print_usage())
Beispiel #24
0
def file_info(file_hash, project=False):
    contents = {}
    if project in project_list():
        __project__.open(project)
        contents['project'] = project
    else:
        __project__.open('../')
        contents['project'] = 'Main'
    # Open the Database
    db = Database()
    # Open a session
    try:
        path = get_sample_path(file_hash)
        __sessions__.new(path)
    except:
        return template('error.tpl', error="{0} Does not match any hash in the Database".format(file_hash))
    
    # Get the file info
    contents['file_info'] = [
                __sessions__.current.file.name,
                __sessions__.current.file.tags,
                __sessions__.current.file.path,
                __sessions__.current.file.size,
                __sessions__.current.file.type,
                __sessions__.current.file.mime,
                __sessions__.current.file.md5,
                __sessions__.current.file.sha1,
                __sessions__.current.file.sha256,
                __sessions__.current.file.sha512,
                __sessions__.current.file.ssdeep,
                __sessions__.current.file.crc32                
                ]
                
    # Get Any Notes
    note_list = []
    malware = db.find(key='sha256', value=file_hash)
    if malware:
        notes = malware[0].note
        if notes:
            rows = []
            for note in notes:
                note_list.append([note.title, note.body, note.id])
    contents['notes'] = note_list
    
    # Close the session
    __sessions__.close()
    # Return the page
    return template('file.tpl', **contents)
Beispiel #25
0
def cuckoo_submit():
    # Get Query Strings
    project = request.query.project
    file_hash = request.query.hash
    if project in project_list():
        __project__.open(project)
    else:
        __project__.open('../')
        project = 'Main'
    # Open the Database
    db = Database()
    # Open a session
    try:
        path = get_sample_path(file_hash)
        __sessions__.new(path)
    except:
        return '<span class="alert alert-danger">Invalid Submission</span>'

    try:
        # Return URI For Existing Entry
        check_uri = '{0}/files/view/sha256/{1}'.format(cuckoo_api, file_hash)
        check_file = requests.get(check_uri)
        if check_file.status_code == 200:
            check_result = dict(check_file.json())
            cuckoo_id = check_result['sample']['id']
            return '<a href="{0}/analysis/{1}" target="_blank"> Link To Cukoo Report</a>'.format(
                cuckoo_web, str(cuckoo_id))
    except Exception as e:
        return '<span class="alert alert-danger">Error Connecting To Cuckoo</span>'

    # If it doesn't exist, submit it.

    # Get the file data from viper
    file_data = open(__sessions__.current.file.path, 'rb').read()
    file_name = __sessions__.current.file.name

    if file_data:
        # Submit file data to cuckoo
        uri = '{0}{1}'.format(cuckoo_api, '/tasks/create/file')
        options = {'file': (file_name, file_data)}
        cuckoo_response = requests.post(uri, files=options)
        if cuckoo_response.status_code == 200:
            cuckoo_id = dict(cuckoo_response.json())['task_id']
            return '<a href="{0}/analysis/{1}" target="_blank"> Link To Cukoo Report</a>'.format(
                cuckoo_web, str(cuckoo_id))
    else:
        return '<span class="alert alert-danger">Unable to Submit File</span>'
Beispiel #26
0
def add_file():
    tags = request.forms.get('tag_list')
    upload = request.files.get('file')

    # Set Project
    project = request.forms.get('project')
    if project in project_list():
        __project__.open(project)
    else:
        __project__.open('../')
        project = 'Main'
    db = Database()    

    # Write temp file to disk
    with upload_temp() as temp_dir:
        file_path = os.path.join(temp_dir, upload.filename)
        with open(file_path, 'w') as tmp_file:
            tmp_file.write(upload.file.read())
        file_list = []
        # Zip Files
        if request.forms.get('unzip'):
            zip_pass = request.forms.get('zip_pass')
            try:
                with ZipFile(file_path) as zf:
                    zf.extractall(temp_dir, pwd=zip_pass)            
                for root, dirs, files in os.walk(temp_dir, topdown=False):
                    for name in files:
                        if not name == upload.filename:
                            file_list.append(os.path.join(root, name))
            except Exception as e:
                return template('error.tpl', error="Error with zipfile - {0}".format(e))
        # Non zip files
        else:
            file_list.append(file_path)
        
        # Add each file
        for new_file in file_list:
            obj = File(new_file)
            new_path = store_sample(obj)
            success = False
            if new_path:
                # Add file to the database.
                success = db.add(obj=obj, tags=tags)
    if success:
        redirect("/project/{0}".format(project))
    else:
        return template('error.tpl', error="Unable to Store The File")
Beispiel #27
0
    def cmd_projects(self, *args):
        parser = argparse.ArgumentParser(
            prog="projects", description="Open a file", epilog="List or switch existing projects"
        )
        group = parser.add_mutually_exclusive_group()
        group.add_argument("-l", "--list", action="store_true", help="List all existing projects")
        group.add_argument("-s", "--switch", metavar="PROJECT NAME", help="Switch to the specified project")

        try:
            args = parser.parse_args(args)
        except:
            return

        projects_path = os.path.join(os.getcwd(), "projects")

        if not os.path.exists(projects_path):
            self.log("info", "The projects directory does not exist yet")
            return

        if args.list:
            self.log("info", "Projects Available:")

            rows = []
            for project in os.listdir(projects_path):
                project_path = os.path.join(projects_path, project)
                if os.path.isdir(project_path):
                    current = ""
                    if __project__.name and project == __project__.name:
                        current = "Yes"
                    rows.append([project, time.ctime(os.path.getctime(project_path)), current])

            self.log("table", dict(header=["Project Name", "Creation Time", "Current"], rows=rows))
        elif args.switch:
            if __sessions__.is_set():
                __sessions__.close()
                self.log("info", "Closed opened session")

            __project__.open(args.switch)
            self.log("info", "Switched to project {0}".format(bold(args.switch)))

            # Need to re-initialize the Database to open the new SQLite file.
            self.db = Database()
        else:
            self.log("info", parser.print_usage())
Beispiel #28
0
    def run(self):
        super(PST, self).run()
        if not __sessions__.is_set():
            self.log(
                'error',
                "No open session. This command expects a file to be open.")
            return

        pst_path = __sessions__.current.file.path
        pff_test = subprocess.call('pffexport -V', shell=True)
        if pff_test == 127:
            self.log(
                'error',
                "pffexport not installed. Try: 'sudo apt-get install pff-tools'"
            )
            return

        new_proj = self.args.proj
        save_path = self.args.output

        if new_proj:
            self.log('info', "Creating New Project")
            project_name = str(datetime.date.today())
            __project__.open('pst_{0}'.format(project_name))

        if save_path:
            save_path = self.args.output
        else:
            save_path = tempfile.mkdtemp()

        self.log('info', "Temp Dir created at {0}".format(save_path))

        self.log('info', "Processing Attachments, this might take a while...")
        counter = self.parse_pst(save_path, pst_path)
        self.log('success', "Stored {0} Email attachments".format(counter))

        if not self.args.keep:
            try:
                shutil.rmtree('{0}.export'.format(save_path))
                shutil.rmtree(save_path)
                self.log('info', "Removing Temp Dir")
            except OSError as e:
                self.log('error', "Unable to delete tmpdir: {0}".format(e))
Beispiel #29
0
    def run(self, *args):
        try:
            args = self.parser.parse_args(args)
        except SystemExit:
            return

        if cfg.get('paths').storage_path:
            base_path = cfg.get('paths').storage_path
        else:
            base_path = os.path.join(expanduser("~"), '.viper')

        projects_path = os.path.join(base_path, 'projects')

        if args.list:
            if not os.path.exists(projects_path):
                self.log('info', "The projects directory does not exist yet")
                return

            self.log('info', "Projects Available:")

            rows = []
            for project in os.listdir(projects_path):
                project_path = os.path.join(projects_path, project)
                if os.path.isdir(project_path):
                    current = ''
                    if __project__.name and project == __project__.name:
                        current = 'Yes'
                    rows.append([project, time.ctime(os.path.getctime(project_path)), current])

            self.log('table', dict(header=['Project Name', 'Creation Time', 'Current'], rows=rows))
        elif args.switch:
            if __sessions__.is_set():
                __sessions__.close()
                self.log('info', "Closed opened session")

            __project__.open(args.switch)
            self.log('info', "Switched to project {0}".format(bold(args.switch)))

            # Need to re-initialize the Database to open the new SQLite file.
            db.__init__()
        else:
            self.log('info', self.parser.print_usage())
Beispiel #30
0
        def func_wrapper(viewset, *args, **kwargs):
            log.debug("running decorator: get_project_open_db - called by: {}".format(viewset))

            project = viewset.kwargs.get(viewset.lookup_field_project, None)
            if project == 'default':
                __project__.open(project)
                db = Database()
            elif project in get_project_list():
                log.debug("setting project to: {}".format(project))
                __project__.open(project)
                db = Database()
            else:
                db = None

            if not db:
                error = {"error": {"code": "NotFound", "message": "Project not found: {}".format(project)}}
                log.error(error)
                raise NotFound(detail=error)

            return func(viewset, project=project, db=db, *args, **kwargs)
Beispiel #31
0
def run_module():
    # Optional Project
    project = request.forms.get('project')
    # Optional sha256   
    sha256 = request.forms.get('sha256')
    # Not Optional Command Line Args
    cmd_line = request.forms.get('cmdline')
    if project:
        __project__.open(project)
    else:
        __project__.open('../')
    if sha256:
        file_path = get_sample_path(sha256)
        if file_path:
            __sessions__.new(file_path)
    if not cmd_line:
        response.code = 404
        return jsonize({'message':'Invalid command line'})
    results = module_cmdline(cmd_line, sha256)  
    __sessions__.close()
    return jsonize(results)
Beispiel #32
0
def run_module():
    project = request.forms.get('project')
    if project:
        __project__.open(project)

    sha256 = request.forms.get('sha256')
    if sha256:
        file_path = get_sample_path(sha256)
        if file_path:
            __sessions__.new(file_path)

    module_name = request.forms.get('module')
    if module_name in __modules__:
        module = __modules__[module_name]['obj']()
        module.run()

        module_output = copy.deepcopy(module.output)
        del(module.output[:])

        if module_output:
            return jsonize(dict(project=project, module=module_name, sha256=sha256, output=module_output))
Beispiel #33
0
def landing(p=False):
    contents = {}
    if p in project_list():
        __project__.open(p)
        contents['p'] = p
    else:
        __project__.open("../")
        contents['p'] = 'Main'
    db = Database()
    # Pagination
    # 25 per page
    value = 25
    offset = 0
    contents['count'] = db.get_sample_count()
    page = request.query.page
    if not page:
        page = 0
    offset = int(page) * int(value)
    contents['act_page'] = page
    contents['latest'] = db.find('latest', value=value, offset=offset)
    # return the Template
    return template('index.tpl', **contents)
Beispiel #34
0
    def create(self, request, project=None, db=None, *args, **kwargs):
        """Create a new Project"""
        # kwargs provided by URLs/Routers: -

        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)

        if serializer.validated_data['name'] in get_project_list():
            # exists already
            # return Response(data=serializer.validated_data, status=status.HTTP_200_OK)
            error = {"error": {"code": "ExistsAlready",
                               "message": "Project exists already: {}".format(serializer.validated_data['name'])}}
            raise ValidationError(detail=error)

        new_project_new = serializer.validated_data['name']

        __project__.open(new_project_new)

        serializer_new = self.get_serializer(new_project_new)
        headers = self.get_success_headers(serializer_new.data)

        return Response(data=serializer_new.data, status=status.HTTP_201_CREATED, headers=headers)
Beispiel #35
0
def landing(p=False):
    contents = {}
    if p in project_list():
        __project__.open(p)
        contents['p'] = p
    else:
        __project__.open("../")
        contents['p'] = 'Main'
    db = Database() 
    # Pagination
    # 25 per page
    value = 25
    offset = 0
    contents['count'] = db.get_sample_count()
    page = request.query.page
    if not page:
        page = 0
    offset = int(page) * int(value) 
    contents['act_page'] = page   
    contents['latest'] = db.find('latest', value=value, offset=offset)
    # return the Template
    return template('index.tpl', **contents)
Beispiel #36
0
def landing(p=False):
    contents = {}
    if p in project_list():
        __project__.open(p)
        contents["p"] = p
    else:
        __project__.open("../")
        contents["p"] = "Main"
    db = Database()
    # Pagination
    # 25 per page
    value = 25
    offset = 0
    contents["count"] = db.get_sample_count()
    page = request.query.page
    if not page:
        page = 0
    offset = int(page) * int(value)
    contents["act_page"] = page
    contents["latest"] = db.find("latest", value=value, offset=offset)
    # return the Template
    return template("index.tpl", **contents)
Beispiel #37
0
def file_download(file_hash, project=False):
    if project in project_list():
        __project__.open(project)
    else:
        __project__.open('../')
        project = 'Main'
    # Open the Database
    db = Database()
    # Open a session
    rows = db.find(key='sha256', value=file_hash)
    if not rows:
        return template('error.tpl', error="{0} Does not match any hash in the Database".format(file_hash))
        
    path = get_sample_path(rows[0].sha256)
    if not path:
        return template('error.tpl', error="File not found on disk")

    response.content_length = os.path.getsize(path)
    response.content_type = 'application/octet-stream; charset=UTF-8'
    data = ''
    for chunk in File(path).get_chunks():
        data += chunk
    return data
Beispiel #38
0
def find_file():
    key = request.forms.get('key')
    value = request.forms.get('term').lower()
    project_search = request.forms.get('project')
    curr_project = request.forms.get('curr_project')
    results = {}
    projects = []
    if project_search:
        # Get list of project paths
        projects_path = os.path.join(os.getcwd(), 'projects')
        if os.path.exists(projects_path):
            for name in os.listdir(projects_path):
                projects.append(name)
        projects.append('../')
    else:
        # If not searching all projects what are we searching
        if curr_project == 'Main':
            projects.append('../')
        else:
            projects.append(curr_project)

    # Search each Project in the list
    for project in projects:
        __project__.open(project)
        # Init DB
        db = Database()
        #get results
        proj_results = []
        rows = db.find(key=key, value=value)
        for row in rows:
            if project == '../':
                project = 'Main'
            proj_results.append([row.name, row.sha256])
        results[project] = proj_results

    return template('search.tpl', results=results)
Beispiel #39
0
def find_file():
    key = request.forms.get("key")
    value = request.forms.get("term").lower()
    project_search = request.forms.get("project")
    curr_project = request.forms.get("curr_project")
    results = {}
    projects = []
    if project_search:
        # Get list of project paths
        projects_path = os.path.join(os.getcwd(), "projects")
        if os.path.exists(projects_path):
            for name in os.listdir(projects_path):
                projects.append(name)
        projects.append("../")
    else:
        # If not searching all projects what are we searching
        if curr_project == "Main":
            projects.append("../")
        else:
            projects.append(curr_project)

    # Search each Project in the list
    for project in projects:
        __project__.open(project)
        # Init DB
        db = Database()
        # get results
        proj_results = []
        rows = db.find(key=key, value=value)
        for row in rows:
            if project == "../":
                project = "Main"
            proj_results.append([row.name, row.sha256])
        results[project] = proj_results

    return template("search.tpl", results=results)
Beispiel #40
0
def find_file():
    key = request.forms.get('key')
    value = request.forms.get('term')
    project_search = request.forms.get('project')
    curr_project = request.forms.get('curr_project')
    results = {}
    projects = []
    if project_search:
        # Get list of project paths
        projects_path = os.path.join(os.getcwd(), 'projects')
        if os.path.exists(projects_path):
            for name in os.listdir(projects_path):
                projects.append(name)
        projects.append('../')
    else:
        # If not searching all projects what are we searching
        if curr_project == 'Main':
            projects.append('../')
        else:
            projects.append(curr_project)
    
    # Search each Project in the list
    for project in projects:
        __project__.open(project)
        # Init DB
        db = Database()
        #get results
        proj_results = []
        rows = db.find(key=key, value=value)
        for row in rows:
            if project == '../':
                project = 'Main'
            proj_results.append([row.name, row.sha256])
        results[project] = proj_results
 
    return template('search.tpl', results=results)
Beispiel #41
0
#!/usr/bin/env python
# This file is part of Viper - https://github.com/viper-framework/viper
# See the file 'LICENSE' for copying permission.

import os
import argparse

from viper.core.project import __project__

parser = argparse.ArgumentParser()
parser.add_argument('-p', '--project', help='Specify a new or existing project name', action='store', required=False)
args = parser.parse_args()

if args.project:
    __project__.open(args.project)

'''
IMPORTANT
The Console import needs to be called after the project is set. 
Otherwise the table prefixes are not created properly.
'''
from viper.core.ui import console

config_file = 'viper.conf'
if not os.path.exists(config_file):
    print ""
    print "[!] Unable to find config file at {0}".format(config_file)
    print ""
else:
    c = console.Console()
    c.start()
Beispiel #42
0
    def copy(self,
             id,
             src_project,
             dst_project,
             copy_analysis=True,
             copy_notes=True,
             copy_tags=True,
             copy_children=True,
             _parent_sha256=None):  # noqa
        session = self.Session()

        # make sure to open source project
        __project__.open(src_project)

        # get malware from DB
        malware = session.query(Malware). \
            options(subqueryload(Malware.analysis)). \
            options(subqueryload(Malware.note)). \
            options(subqueryload(Malware.parent)). \
            options(subqueryload(Malware.tag)). \
            get(id)

        # get path and load file from disk
        malware_path = get_sample_path(malware.sha256)
        sample = File(malware_path)
        sample.name = malware.name

        log.debug("Copying ID: {} ({}): from {} to {}".format(
            malware.id, malware.name, src_project, dst_project))
        # switch to destination project, add to DB and store on disk
        __project__.open(dst_project)
        dst_db = Database()
        dst_db.add(sample)
        store_sample(sample)
        print_success("Copied: {} ({})".format(malware.sha256, malware.name))

        if copy_analysis:
            log.debug("copy analysis..")
            for analysis in malware.analysis:
                dst_db.add_analysis(malware.sha256,
                                    cmd_line=analysis.cmd_line,
                                    results=analysis.results)

        if copy_notes:
            log.debug("copy notes..")
            for note in malware.note:
                dst_db.add_note(malware.sha256,
                                title=note.title,
                                body=note.body)

        if copy_tags:
            log.debug("copy tags..")
            dst_db.add_tags(malware.sha256, [x.tag for x in malware.tag])

        if copy_children:
            children = session.query(Malware).filter(
                Malware.parent_id == malware.id).all()
            if not children:
                pass
            else:
                _parent_sha256 = malware.sha256  # set current recursion item as parent
                for child in children:
                    self.copy(child.id,
                              src_project=src_project,
                              dst_project=dst_project,
                              copy_analysis=copy_analysis,
                              copy_notes=copy_notes,
                              copy_tags=copy_tags,
                              copy_children=copy_children,
                              _parent_sha256=_parent_sha256)
                    # restore parent-child relationships
                    log.debug("add parent {} to child {}".format(
                        _parent_sha256, child.sha256))
                    if _parent_sha256:
                        dst_db.add_parent(child.sha256, _parent_sha256)

        # switch back to source project
        __project__.open(src_project)

        # store tuple of ID (in source project) and sha256 of copied samples
        self.copied_id_sha256.append((malware.id, malware.sha256))

        return True
Beispiel #43
0
    def copy(self, id, src_project, dst_project,
             copy_analysis=True, copy_notes=True, copy_tags=True, copy_children=True, _parent_sha256=None):  # noqa
        session = self.Session()

        # make sure to open source project
        __project__.open(src_project)

        # get malware from DB
        malware = session.query(Malware). \
            options(subqueryload(Malware.analysis)). \
            options(subqueryload(Malware.note)). \
            options(subqueryload(Malware.parent)). \
            options(subqueryload(Malware.tag)). \
            get(id)

        # get path and load file from disk
        malware_path = get_sample_path(malware.sha256)
        sample = File(malware_path)
        sample.name = malware.name

        log.debug("Copying ID: {} ({}): from {} to {}".format(malware.id, malware.name, src_project, dst_project))
        # switch to destination project, add to DB and store on disk
        __project__.open(dst_project)
        dst_db = Database()
        dst_db.add(sample)
        store_sample(sample)
        print_success("Copied: {} ({})".format(malware.sha256, malware.name))

        if copy_analysis:
            log.debug("copy analysis..")
            for analysis in malware.analysis:
                dst_db.add_analysis(malware.sha256, cmd_line=analysis.cmd_line, results=analysis.results)

        if copy_notes:
            log.debug("copy notes..")
            for note in malware.note:
                dst_db.add_note(malware.sha256, title=note.title, body=note.body)

        if copy_tags:
            log.debug("copy tags..")
            dst_db.add_tags(malware.sha256, [x.tag for x in malware.tag])

        if copy_children:
            children = session.query(Malware).filter(Malware.parent_id == malware.id).all()
            if not children:
                pass
            else:
                _parent_sha256 = malware.sha256  # set current recursion item as parent
                for child in children:
                    self.copy(child.id,
                              src_project=src_project, dst_project=dst_project,
                              copy_analysis=copy_analysis, copy_notes=copy_notes, copy_tags=copy_tags,
                              copy_children=copy_children, _parent_sha256=_parent_sha256)
                    # restore parent-child relationships
                    log.debug("add parent {} to child {}".format(_parent_sha256, child.sha256))
                    if _parent_sha256:
                        dst_db.add_parent(child.sha256, _parent_sha256)

        # switch back to source project
        __project__.open(src_project)

        # store tuple of ID (in source project) and sha256 of copied samples
        self.copied_id_sha256.append((malware.id, malware.sha256))

        return True
Beispiel #44
0
    def run(self, *args):
        try:
            args = self.parser.parse_args(args)
        except SystemExit:
            return

        if __config__.get("paths").storage_path:
            base_path = __config__.get("paths").storage_path
        else:
            base_path = os.path.join(expanduser("~"), ".viper")

        projects_path = os.path.join(base_path, "projects")

        if args.list:
            if not os.path.exists(projects_path):
                self.log("info", "No projects have been created yet")
                return

            self.log("info", "Projects Available:")

            rows = []
            for project in os.listdir(projects_path):
                project_path = os.path.join(projects_path, project)
                if os.path.isdir(project_path):
                    current = ""
                    if __project__.name and project == __project__.name:
                        current = "Yes"
                    rows.append([
                        project,
                        time.ctime(os.path.getctime(project_path)), current
                    ])

            self.log(
                "table",
                dict(header=["Project Name", "Creation Time", "Current"],
                     rows=rows))
        elif args.switch:
            if __sessions__.is_set():
                __sessions__.close()
                self.log("info", "Closed opened session")

            __project__.open(args.switch)
            self.log("info",
                     "Switched to project {0}".format(bold(args.switch)))

            # Need to re-initialize the Database to open the new SQLite file.
            Database().__init__()
        elif args.close:
            if __project__.name != "default":
                if __sessions__.is_set():
                    __sessions__.close()

                __project__.close()
        elif args.delete:
            project_to_delete = args.delete
            if project_to_delete == "default":
                self.log("error", "You can't delete the \"default\" project")
                return

            # If it"s the currently opened project, we close it.
            if project_to_delete == __project__.name:
                # We close any opened session.
                if __sessions__.is_set():
                    __sessions__.close()

                __project__.close()

            project_path = os.path.join(projects_path, project_to_delete)
            if not os.path.exists(project_path):
                self.log(
                    "error",
                    "The folder for project \"{}\" does not seem to exist".
                    format(project_to_delete))
                return

            self.log(
                "info",
                "You asked to delete project with name \"{}\" located at \"{}\""
                .format(project_to_delete, project_path))

            confirm = input(
                "Are you sure you want to delete the project? You will permanently delete all associated files! [y/N] "
            )
            if confirm.lower() != "y":
                return

            try:
                shutil.rmtree(project_path)
            except Exception as e:
                self.log(
                    "error",
                    "Something failed while trying to delete folder: {}".
                    format(e))
                return

            self.log(
                "info", "Project \"{}\" was delete successfully".format(
                    project_to_delete))
        else:
            self.log("info", self.parser.print_usage())
Beispiel #45
0
    def cmd_projects(self, *args):
        def usage():
            print("usage: projects [-h] [-l] [-s=project]")

        def help():
            usage()
            print("")
            print("Options:")
            print("\t--help (-h)\tShow this help message")
            print("\t--list (-l)\tList all existing projects")
            print("\t--switch (-s)\tSwitch to the specified project")
            print("")

        try:
            opts, argv = getopt.getopt(args, "hls:", ["help", "list", "switch="])
        except getopt.GetoptError as e:
            print(e)
            usage()
            return

        arg_list = False
        arg_switch = None

        for opt, value in opts:
            if opt in ("-h", "--help"):
                help()
                return
            elif opt in ("-l", "--list"):
                arg_list = True
            elif opt in ("-s", "--switch"):
                arg_switch = value

        projects_path = os.path.join(os.getcwd(), "projects")

        if not os.path.exists(projects_path):
            print_info("The projects directory does not exist yet")
            return

        if arg_list:
            print_info("Projects Available:")

            rows = []
            for project in os.listdir(projects_path):
                project_path = os.path.join(projects_path, project)
                if os.path.isdir(project_path):
                    current = ""
                    if __project__.name and project == __project__.name:
                        current = "Yes"
                    rows.append([project, time.ctime(os.path.getctime(project_path)), current])

            print(table(header=["Project Name", "Creation Time", "Current"], rows=rows))
            return
        elif arg_switch:
            if __sessions__.is_set():
                __sessions__.close()
                print_info("Closed opened session")

            __project__.open(arg_switch)
            print_info("Switched to project {0}".format(bold(arg_switch)))

            # Need to re-initialize the Database to open the new SQLite file.
            self.db = Database()
            return

        usage()
Beispiel #46
0
#!/usr/bin/env python
# This file is part of Viper - https://github.com/botherder/viper
# See the file 'LICENSE' for copying permission.

import argparse

from viper.core.ui import console
from viper.core.project import __project__

parser = argparse.ArgumentParser()
parser.add_argument('-p',
                    '--project',
                    help='Specify a new or existing project name',
                    action='store',
                    required=False)
args = parser.parse_args()

if args.project:
    __project__.open(args.project)

c = console.Console()
c.start()
Beispiel #47
0
def create_project(request):
    project_name = request.POST['project'].replace(' ', '_')
    __project__.open(project_name)
    return redirect('/project/{0}'.format(project_name))
Beispiel #48
0
    def cmd_projects(self, *args):
        def usage():
            print("usage: projects [-h] [-l] [-s=project]")

        def help():
            usage()
            print("")
            print("Options:")
            print("\t--help (-h)\tShow this help message")
            print("\t--list (-l)\tList all existing projects")
            print("\t--switch (-s)\tSwitch to the specified project")
            print("")

        try:
            opts, argv = getopt.getopt(args, 'hls:',
                                       ['help', 'list', 'switch='])
        except getopt.GetoptError as e:
            print(e)
            usage()
            return

        arg_list = False
        arg_switch = None

        for opt, value in opts:
            if opt in ('-h', '--help'):
                help()
                return
            elif opt in ('-l', '--list'):
                arg_list = True
            elif opt in ('-s', '--switch'):
                arg_switch = value

        projects_path = os.path.join(os.getcwd(), 'projects')

        if not os.path.exists(projects_path):
            print_info("The projects directory does not exist yet")
            return

        if arg_list:
            print_info("Projects Available:")

            rows = []
            for project in os.listdir(projects_path):
                project_path = os.path.join(projects_path, project)
                if os.path.isdir(project_path):
                    current = ''
                    if __project__.name and project == __project__.name:
                        current = 'Yes'
                    rows.append([
                        project,
                        time.ctime(os.path.getctime(project_path)), current
                    ])

            print(
                table(header=['Project Name', 'Creation Time', 'Current'],
                      rows=rows))
            return
        elif arg_switch:
            if __sessions__.is_set():
                __sessions__.close()
                print_info("Closed opened session")

            __project__.open(arg_switch)
            print_info("Switched to project {0}".format(bold(arg_switch)))

            # Need to re-initialize the Database to open the new SQLite file.
            self.db = Database()
            return

        usage()
Beispiel #49
0
def add_project():
    project_name = request.forms.get('project').strip()
    __project__.open(project_name)
    redirect('/project/{0}'.format(project_name))
Beispiel #50
0
def add_file():
    tags = request.forms.get('tag_list')
    uploads = request.files.getlist('file')

    # Set Project
    project = request.forms.get('project')
    if project in project_list():
        __project__.open(project)
    else:
        __project__.open('../')
        project = 'Main'
    db = Database()
    file_list = []
    # Write temp file to disk
    with upload_temp() as temp_dir:
        for upload in uploads:
            file_path = os.path.join(temp_dir, upload.filename)
            with open(file_path, 'w') as tmp_file:
                tmp_file.write(upload.file.read())
            # Zip Files
            if request.forms.get('compression') == 'zip':
                zip_pass = request.forms.get('zip_pass')
                try:
                    with ZipFile(file_path) as zf:
                        zf.extractall(temp_dir, pwd=zip_pass)
                    for root, dirs, files in os.walk(temp_dir, topdown=False):
                        for name in files:
                            if not name == upload.filename:
                                file_list.append(os.path.join(root, name))
                except Exception as e:
                    return template('error.tpl',
                                    error="Error with zipfile - {0}".format(e))
            # GZip Files
            elif request.forms.get('compression') == 'gz':
                try:
                    gzf = GzipFile(file_path, 'rb')
                    decompress = gzf.read()
                    gzf.close()
                    with open(file_path[:-3], "wb") as df:
                        df.write(decompress)
                    file_list.append(file_path[:-3])
                except Exception as e:
                    return template(
                        'error.tpl',
                        error="Error with gzipfile - {0}".format(e))
            # BZip2 Files
            elif request.forms.get('compression') == 'bz2':
                try:
                    bz2f = BZ2File(file_path, 'rb')
                    decompress = bz2f.read()
                    bz2f.close()
                    with open(file_path[:-3], "wb") as df:
                        df.write(decompress)
                    file_list.append(file_path[:-3])
                except Exception as e:
                    return template(
                        'error.tpl',
                        error="Error with bzip2file - {0}".format(e))
            # Tar Files (any, including tar.gz tar.bz2)
            elif request.forms.get('compression') == 'tar':
                try:
                    if not tarfile.is_tarfile(file_path):
                        return template('error.tpl',
                                        error="This is not a tar file")
                    with tarfile.open(file_path, 'r:*') as tarf:
                        tarf.extractall(temp_dir)
                    for root, dirs, files in os.walk(temp_dir, topdown=False):
                        for name in files:
                            if not name == upload.filename:
                                file_list.append(os.path.join(root, name))
                except Exception as e:
                    return template('error.tpl',
                                    error="Error with tarfile - {0}".format(e))
            # Non zip files
            elif request.forms.get('compression') == 'none':
                file_list.append(file_path)

        # Add each file
        for new_file in file_list:
            print new_file
            obj = File(new_file)
            new_path = store_sample(obj)
            success = True
            if new_path:
                # Add file to the database.
                success = db.add(obj=obj, tags=tags)
                if not success:
                    return template(
                        'error.tpl',
                        error="Unable to Store The File: {0}".format(
                            upload.filename))
    redirect("/project/{0}".format(project))
Beispiel #51
0
def add_project():
    project_name = request.forms.get('project').strip()
    __project__.open(project_name)
    redirect('/project/{0}'.format(project_name))
Beispiel #52
0
def find_file():
    def details(row):
        tags = []
        for tag in row.tag:
            tags.append(tag.tag)

        entry = dict(
            id=row.id,
            name=row.name,
            type=row.type,
            size=row.size,
            md5=row.md5,
            sha1=row.sha1,
            sha256=row.sha256,
            sha512=row.sha512,
            crc32=row.crc32,
            ssdeep=row.ssdeep,
            created_at=row.created_at.__str__(),
            tags=tags
        )

        return entry

    for entry in ['md5', 'sha256', 'ssdeep', 'tag', 'name', 'all','latest']:
        value = request.forms.get(entry)
        if value:
            key = entry
            break

    if not value:
        response.code = 400
        return jsonize({'message':'Invalid search term'})

    # Get the scope of the search
    
    project_search = request.forms.get('project')
    projects = []
    results = {}
    if project_search and project_search == 'all':
        # Get list of project paths
        projects_path = os.path.join(os.getcwd(), 'projects')
        if os.path.exists(projects_path):
            for name in os.listdir(projects_path):
                projects.append(name)
        projects.append('../')
    # Specific Project
    elif project_search:
        projects.append(project_search)
    # Primary
    else:
        projects.append('../')

    # Search each Project in the list
    for project in projects:
        __project__.open(project)
        # Init DB
        db = Database()
        #get results
        proj_results = []
        rows = db.find(key=key, value=value)
        for row in rows:
            if project == '../':
                project = 'default'
            proj_results.append(details(row))
        results[project] = proj_results
    return jsonize(results)