def post(self):
if 'file' in request.files:
f = AttachedFile.from_upload(request.files['file'])
else:
data = loads(request.data)
if 'file' in data:
f = AttachedFile.from_upload(data['file'])
else:
abort(400)
return render({'filename': url_for('api.AttachedFiles:get', id=f.id)})
def post(self):
if "file" in request.files:
f = AttachedFile.from_upload(request.files["file"])
else:
data = loads(request.data)
if "file" in data:
f = AttachedFile.from_upload(data["file"])
else:
abort(400)
return render({"filename": url_for("api.AttachedFiles:get", id=f.id)})
def post(self):
if 'file' in request.files:
f = AttachedFile.from_upload(request.files['file'])
else:
data = loads(request.data)
if 'file' in data:
f = AttachedFile.from_upload(data['file'])
else:
abort(400)
return render({'filename': url_for('api.AttachedFiles:get', id=f.id)})
def inv_import(self):
if request.method == "GET":
return render_template(
"{}/import.html".format(self.klass.__name__.lower()))
else:
text = request.form.get('text')
url = request.form.get('url')
if text:
investigation = Investigation(import_text=text)
investigation.save()
return redirect(
url_for(
'frontend.InvestigationView:import_from',
id=investigation.id))
else:
try:
if url:
import_method = ImportMethod.objects.get(acts_on="url")
results = import_method.run(url)
else:
target = AttachedFile.from_upload(request.files['file'])
import_method = ImportMethod.objects.get(
acts_on=target.content_type)
results = import_method.run(target)
return redirect(
url_for(
'frontend.InvestigationView:import_wait',
id=results.id))
except DoesNotExist:
flash("This file type is not supported.", "danger")
return render_template(
"{}/import.html".format(self.klass.__name__.lower()))
def attach_file(self, id):
if 'file' not in request.files:
abort(400)
e = get_object_or_404(self.klass, id=id)
f = AttachedFile.from_upload(request.files['file'])
if f:
f.attach(e)
return redirect(url_for('frontend.{}:get'.format(self.__class__.__name__), id=e.id))
def post_save(self, obj, request):
obj.save_observables()
file = request.files.get('vulscan-file')
if file:
file.filename = obj.updated.strftime(
"%Y-%m-%d_%H:%M") + '.{}'.format(file.filename.split('.')[1])
f = AttachedFile.from_upload(file)
f.attach(obj)
def attach_file(self, id):
if 'file' not in request.files:
abort(400)
e = get_object_or_404(self.klass, id=id)
f = AttachedFile.from_upload(request.files['file'])
if f:
f.attach(e)
return redirect(
url_for('frontend.{}:get'.format(self.__class__.__name__), id=e.id))
def save_file(uploaded_file, filename=None):
value = "FILE:{}".format(stream_sha256(uploaded_file))
mime_type = magic.from_buffer(uploaded_file.read(100), mime=True)
uploaded_file.seek(0)
body = AttachedFile.from_upload(uploaded_file, force_mime=mime_type)
f = observables.File.get_or_create(value=value, body=body, mime_type=mime_type)
if not filename:
filename = uploaded_file.filename
if filename not in f.filenames:
f.filenames.append(filename)
return f.save()
def save_file(uploaded_file, filename=None):
value = "FILE:{}".format(stream_sha256(uploaded_file))
mime_type = magic.from_buffer(uploaded_file.read(100), mime=True)
uploaded_file.seek(0)
body = AttachedFile.from_upload(uploaded_file, force_mime=mime_type)
f = observables.File.get_or_create(
value=value, body=body, mime_type=mime_type)
if not filename:
filename = uploaded_file.filename
if filename not in f.filenames:
f.filenames.append(filename)
return f.save()
def inv_import(self):
if request.method == "GET":
return render_template(
"{}/import.html".format(self.klass.__name__.lower()),
groups=get_user_groups())
else:
text = request.form.get('text')
url = request.form.get('url')
sharing = request.form.get('sharing')
if text:
investigation = Investigation(
created_by=current_user.username, import_text=text)
# set sharing permissions
investigation.save()
investigation.sharing_permissions(sharing)
return redirect(
url_for(
'frontend.InvestigationView:import_from',
id=investigation.id))
else:
try:
if url:
import_method = ImportMethod.objects.get(acts_on="url")
results = import_method.run(url)
elif "file" in request.files:
target = AttachedFile.from_upload(request.files['file'])
import_method = ImportMethod.objects.get(
acts_on=target.content_type)
results = import_method.run(target)
else:
flash("You need to provide an input", "danger")
return redirect(request.referrer)
return redirect(
url_for(
'frontend.InvestigationView:import_wait',
id=results.id))
except DoesNotExist:
flash("This file type is not supported.", "danger")
return render_template(
"{}/import.html".format(self.klass.__name__.lower()))
def post(self):
if 'file' not in request.files:
abort(400)
f = AttachedFile.from_upload(request.files['file'])
return render({'filename': url_for('api.Files:get', id=f.id)})
