def publisher():
jobs = Queue.objects.filter(published=False)
try:
gridfs = connect_gridfs()
except Exception as e:
logger.debug(e)
for j in jobs:
for r in gridfs.find({'sha256': j.malware.sha256}, limit=1):
malware = r
try:
hpc = hpfeeds.new(j.channel.host, int(j.channel.port), j.channel.ident.encode(), j.channel.secret.encode())
except Exception as e:
logger.debug(e)
else:
data = malware.read()
hpc.publish([j.channel.pubchans], data)
error_msg = hpc.wait()
if error_msg:
logger.debug('got error from server: {}'.format(error_msg))
else:
# also can add a notification
j.published = True
j.save()
def publisher():
jobs = Queue.objects.filter(published=False)
try:
gridfs = connect_gridfs()
except Exception as e:
logger.debug(e)
for j in jobs:
for r in gridfs.find({'sha256': j.malware.sha256}, limit=1):
malware = r
try:
hpc = hpfeeds.new(j.channel.host, int(j.channel.port),
j.channel.ident.encode(),
j.channel.secret.encode())
except Exception as e:
logger.debug(e)
else:
data = malware.read()
hpc.publish([j.channel.pubchans], data)
error_msg = hpc.wait()
if error_msg:
logger.debug('got error from server: {}'.format(error_msg))
else:
# also can add a notification
j.published = True
j.save()
def save_malware(buf, user=None, source=None):
hashes = compute_hashes(buf)
if not is_malware_exists(hashes['sha256']):
columns = dict()
columns.update(hashes)
columns.update({
'size': str(len(buf)), # bytes
'type': magic.from_buffer(str(buf)),
'crc32': binascii.crc32(buf),
'ssdeep': compute_ssdeep(str(buf))
})
# save malware into gridfs
try:
gridfs = connect_gridfs()
except:
return False
else:
with gridfs.new_file() as fp:
fp.write(str(buf))
for attr, value in columns.items():
if attr != 'md5':
setattr(fp, attr, value)
fp.close()
columns['user'] = user
columns['source'] = source
instance = Malware(**columns)
instance.save()
return hashes['sha256']
def test_can_upload(self):
# test can upload
condition = {'filename': self.file_name}
gridfs = connect_gridfs()
excepted_count = gridfs.find(condition).count() + 1
self._upload(self.file_path, self.file_name)
count = gridfs.find(condition).count()
self.assertEqual(count, excepted_count)
# test can not upload repeatedly
excepted_error = 'Duplicated Malware Sample.'
response = self._upload(self.file_path, self.file_name)
errors = response.context['form'].errors['malware']
self.assertIn(excepted_error, errors)
def test_can_upload(self):
# test can upload
condition = {'filename': self.file_name}
gridfs = connect_gridfs()
excepted_count = gridfs.find(condition).count() + 1
self._upload(self.file_path, self.file_name)
count = gridfs.find(condition).count()
self.assertEqual(count, excepted_count)
# test can not upload repeatedly
excepted_error = 'Duplicated Malware Sample.'
response = self._upload(self.file_path, self.file_name)
errors = response.context['form'].errors['malware']
self.assertIn(excepted_error, errors)
def form_valid(self, form):
malware = form.cleaned_data['malware']
channels = form.cleaned_data['channels'] #list
file_info = get_uploaded_file_info(malware)
columns = file_info.copy()
columns.update({
'desc': form.cleaned_data['desc'],
'name': form.cleaned_data['name']
})
# save malware into gridfs
try:
gridfs = connect_gridfs()
except:
messages.error(self.request, e)
else:
with gridfs.new_file() as fp:
for chunk in malware.chunks():
fp.write(chunk)
for attr, value in columns.items():
if attr != 'md5':
setattr(fp, attr, value)
fp.close()
# Save the owner and source of sample
columns.update({
'source': form.cleaned_data['source'],
'user': form.user
})
sample = Malware(**columns)
sample.save()
# Save into pulishing queue
for c in channels:
Queue(malware=sample, channel=c).save()
messages.success(self.request, 'New malware created.')
return super(MalwareUploadView, self).form_valid(form)
def form_valid(self, form):
malware = form.cleaned_data['malware']
channels = form.cleaned_data['channels'] #list
file_info = get_uploaded_file_info(malware)
columns = file_info.copy()
columns.update({
'desc': form.cleaned_data['desc'],
'name': form.cleaned_data['name']
})
# save malware into gridfs
try:
gridfs = connect_gridfs()
except:
messages.error(self.request, e)
else:
with gridfs.new_file() as fp:
for chunk in malware.chunks():
fp.write(chunk)
for attr, value in columns.items():
if attr != 'md5':
setattr(fp, attr, value)
fp.close()
# Save the owner and source of sample
columns.update({
'source': form.cleaned_data['source'],
'user': form.user
})
sample = Malware(**columns)
sample.save()
# Save into pulishing queue
for c in channels:
Queue(malware=sample, channel=c).save()
messages.success(self.request, 'New malware created.')
return super(MalwareUploadView, self).form_valid(form)
