def create_resource(user):
try:
resource_name = request.json["resource_name"].strip()
resource_type = request.json["resource_type"].lower()
resource_type = ResourceType.get_type_from_string(resource_type)
resource, created = ResourceManager.get_or_create(resource_name, resource_type)
project = User(user.get("_id")).get_active_project()
project.add_resource(resource)
response = []
response.append(resource.to_JSON())
if created:
resource.launch_plugins(project.get_id())
# Deal with the case of URL resources where we have the chance to add a Domain or IP
if resource.get_type() == ResourceType.URL:
ip_or_domain = urllib.parse.urlparse(resource_name).netloc
resource_type = ResourceType.validate_ip_or_domain(ip_or_domain)
if ip_or_domain:
resource, created = ResourceManager.get_or_create(
ip_or_domain, resource_type
)
project.add_resource(resource)
response.append(
{
"success_message": f"Added new resource: {ip_or_domain}",
"new_resource": resource.to_JSON(),
"type": resource.get_type_value(),
}
)
if created:
resource.launch_plugins(project.get_id())
# TODO: Deal with the case of domain -> IP
# TODO: Deal with the case of emails -> domains -> IP
return jsonify(response)
except ResourceTypeException:
return jsonify({"error_message": "Trying to add an unknown resource type"}), 400
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Server error :("}), 400
def get_lazy_plugin_results(user):
"""
Return a resource but with a plugin selected history snapshot
"""
resource_id = request.json["params"]["resource_id"]
plugin_name = request.json["params"]["plugin_name"]
if "timestamp_index" in request.json["params"]:
timestamp_index = request.json["params"]["timestamp_index"]
else:
timestamp_index = 0
try:
resource = ResourceManager.get(resource_id)
if resource:
return jsonify(resource.to_JSON(timestamp_index=timestamp_index))
else:
return jsonify({"error_message": "Resource not found"})
except ValueError:
raise ResourceTypeException()
except ResourceTypeException:
return jsonify({"error_message": "Received an unknown type of resource"}), 400
except Exception as e:
print(f"Error getting ip list {e}")
return jsonify({"error_message": "Error getting resources"}), 400
def get_resources(user):
try:
project_id = request.json["project_id"]
user_projects = [str(project) for project in User(user).get_projects()]
# User unable to load the project
if not project_id in user_projects:
return (
jsonify({
"error_message":
f"User is not allowed to load project {project_id}"
}),
400,
)
project = Project(project_id)
resources = project.get_resources()
results = []
for resource in resources:
results.append(ResourceManager.get(resource).to_JSON())
return jsonify(results)
except Exception as e:
print(f"Error getting resource list {e}")
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Error getting resources"}), 400
def add_tag(user):
try:
resource_id = request.json["resource_id"]
tag_id = request.json["tag_id"]
resource = ResourceManager.get(resource_id)
resource.add_tag(tag_id)
return jsonify({"success_message": "Tag added to resource"})
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Error adding tag"}), 400
def botscout_task(plugin_name, project_id, resource_id, resource_type, ip):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = botscout_ip(ip)
else:
print("BotScout resource type does not found")
resource = ResourceManager.get(resource_id)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def pulsedive_task(plugin_name, project_id, resource_id, resource_type,
domain_or_hash):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN or resource_type == ResourceType.HASH:
query_result = pulsedive_get_ioc_byvalue(domain_or_hash)
else:
print("PulseDive resource type does not found")
resource = ResourceManager.get(resource_id, resource_type)
resource.set_plugin_results(plugin_name, project_id, resource_id,
resource_type, query_result)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def finishing_task(plugin_name, project_id, resource_id, resource_type, result,
result_status):
try:
if not result:
print(
f"[!] Plugin {plugin_name} for resource {resource_id} didn't return a result"
)
return
print(result)
resource = ResourceManager.get(resource_id)
resource.set_plugin_results(plugin_name, project_id, result)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def get_resources(user):
try:
project_id = request.json["project_id"]
project = Project(project_id)
resources = project.get_resources()
results = []
for resource in resources:
results.append(ResourceManager.get(resource).resource_json())
return jsonify(results)
except Exception as e:
print(f"Error getting resource list {e}")
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Error getting resources"}), 400
def search(user):
try:
query = request.json["query"]
if not query:
return jsonify({"error_message": "Search with no query"}), 400
resources = list(ResourceManager.search_by_name(query))
for resource in resources:
if resource.get("hash"):
resource["canonical_name"] = resource.get("hash")
resource["projects"] = []
for project in Projects.search_resource_in_projects(
resource["_id"]):
resource["projects"].append(project)
return bson.json_util.dumps(resources)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Server error :("}), 400
def remove_tag(user):
try:
resource_id = request.json["resource_id"]
tag_id = request.json["tag_id"]
resource = ResourceManager.get(resource_id)
if resource.remove_tag(tag_id):
return jsonify({"success_message": "Tag removed to resource"})
else:
return (
jsonify({
"error_message": "There was a problem removing a tag",
}),
400,
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Error removing tag"}), 400
def get_full_resource(user):
"""
Return a resource with all its results
"""
resource_id = request.json["resource_id"]
try:
resource = ResourceManager.get(resource_id)
if resource:
return dumps(resource.to_JSON())
else:
return jsonify({"error_message": "Resource not found"})
except ValueError:
raise ResourceTypeException()
except ResourceTypeException:
return jsonify({"error_message": "Received an unknown type of resource"}), 400
except Exception as e:
print(f"Error getting ip list {e}")
return jsonify({"error_message": "Error getting resources"}), 400
def delete(tag_id):
db = DB("tags")
db.collection.delete_one({"_id": bson.ObjectId(tag_id)})
ResourceManager.remove_tag(bson.ObjectId(tag_id))
return (True, "Tag delete from system")