def get_conn(self):
try:
status = self.conn.conn.is_connected()
except Exception as err:
status = False
while not status:
try:
if self.conn is None:
self.conn = Connect_DB()
_ = self.conn.open_conn(self.host, self.user, self._pass, self.name, self.port)
if _ is not None:
log.log_info("Nueva Conexion")
log.log_info([self.host, self.user, self.name, self.port])
else:
self.conn = None
status = self.conn.conn.is_connected()
else:
status = self.conn.conn.is_connected()
if not status:
self.conn.conn.close()
self.conn = None
log.log_error("Recuperando Connexion...")
except Exception as err:
self.conn = None
log.log_error("Connectando ...")
time.sleep(5)
return self.conn
def load_trails(quiet=False):
from core.log import log_error
if not quiet:
print("[i] loading trails...")
log_error("[i] loading trails...", "INFO")
retval = TrailsDict()
if os.path.isfile(maltrail_config.TRAILS_FILE):
try:
with open(maltrail_config.TRAILS_FILE, "r") as f:
reader = csv.reader(f, delimiter=',', quotechar='\"')
for row in reader:
if row and len(row) == 3:
trail, info, reference = row
if not check_whitelisted(trail):
retval[trail] = (info, reference)
except Exception as ex:
# Log_error("[!] something went wrong during trails file read '%s' ('%s')"
# % (maltrail_config.TRAILS_FILE, ex),"INFO")
exit("[!] something went wrong during trails file read '%s' ('%s')"
% (maltrail_config.TRAILS_FILE, ex))
if not quiet:
_ = len(retval)
try:
_ = '{0:,}'.format(_)
except:
pass
print("[i] %s trails loaded" % _)
log_error("[i] %s trails loaded" % _, "INFO")
return retval
def validate_quantity(plural, item, source_file_placeholders,
translation_file):
plural_name = plural.get('name')
quantity = item.get('quantity')
for placeholder in source_file_placeholders[plural_name][quantity]:
if placeholder not in item.text:
log.log_error(placeholder + " doesn't exist in item '" + quantity +
"' of plural '" + plural_name + "'\n File: " +
translation_file)
def validate_translation(source_file_placeholders_dict, translation_file):
root = ET.parse(translation_file).getroot()
for str_element in root.findall('string'):
str_name = str_element.get('name')
str_value = str_element.text
if str_name in source_file_placeholders_dict.keys():
for placeholder in source_file_placeholders_dict[str_name]:
if not placeholder in str_value:
log.log_error(placeholder + " doesn't exist in '" +
str_name + "'\n File: " + translation_file)
def validate_string_translation(source_file_placeholders, translation_file):
root = ET.parse(translation_file).getroot()
for string in root.findall('string'):
name = string.get('name')
value = ''.join(string.itertext())
if name in source_file_placeholders.keys():
for placeholder in source_file_placeholders[name]:
if not placeholder in value:
log.log_error(placeholder + " doesn't exist in '" + name +
"'\n File: " + translation_file)
def update_timer():
retries = 0
if not config.no_updates: # 判断是否设置不更新,然后会利用抓取页面检测网络状态
while retries < CHECK_CONNECTION_MAX_RETRIES and not check_connection(
):
sys.stdout.write(
"[!] can't update because of lack of Internet connection (waiting..."
if not retries else '.')
sys.stdout.flush()
log_error(
"[!] can't update because of lack of Internet connection (waiting...",
"Warning")
time.sleep(10)
retries += 1
if retries:
print(")")
# 超出次数,那么使用update_trails的离线模式
if config.no_updates or retries == CHECK_CONNECTION_MAX_RETRIES:
if retries == CHECK_CONNECTION_MAX_RETRIES:
print("[x] going to continue without online update")
log_error("[x] going to continue without online update", "Warning")
_ = update_trails(offline=True)
else: # 正常进入
_ = update_trails()
# update_ipcat()
# 有新的trails
if _:
trails.clear()
trails.update(_)
elif not trails: # load_trails()只是加载trails()进内存
_ = load_trails()
trails.update(_)
_regex = ""
for trail in trails:
if "static" in trails[trail][1]:
if re.search(r"[\].][*+]|\[[a-z0-9_.\-]+\]", trail, re.I):
try:
re.compile(trail)
except:
pass
else:
if re.escape(trail) != trail:
index = _regex.count("(?P<g")
if index < 100: # Reference: https://stackoverflow.com/questions/478458/python-regular-expressions-with-more-than-100-groups
_regex += "|(?P<g%s>%s)" % (index, trail)
trails._regex = _regex.strip('|')
def update_timer_cron():
if platform.system() != 'Windows':
fcntl = __import__("fcntl")
f = open('scheduler.lock', 'wb')
try:
def unlock():
fcntl.flock(f, fcntl.LOCK_UN)
f.close()
fcntl.flock(f, fcntl.LOCK_EX | fcntl.LOCK_NB)
log_error("cron_job start update_trail", "INFO")
read_config(CONFIG_FILE)
update_timer()
unlock()
except:
log_error("process locks up", "INFO")
def match_particular_property(index, source_data_field, translation_data_field,
translation_file):
"""Logs error if particular 'source_data_field' doesn't match with the
particular 'translation_data_field'
Parameters:
'index': json main list index
'source_data_field': will refer to a particular source data field object
'translation_data_field': will refer to a particular translation data field object
'translation_file': translation file whose data is getting compared
"""
if source_data_field != translation_data_field:
log.log_error(f"Keys don't matched." +
f"\nValue: '{translation_data_field}'" +
f"\nExpected Value: '{source_data_field}'" +
f"\nList Index: {index}"
f"\nFile: '{translation_file}'")
def project_init():
if not maltrail_config.DISABLE_CHECK_SUDO and not check_sudo():
exit("[!] please run '%s' with sudo/Administrator privileges" %
__file__)
try: # 进入初始化模块
init()
get_error_log_handle()
msg = "[i] using '%s' for trail storage" % maltrail_config.TRAILS_FILE
if os.path.isfile(maltrail_config.TRAILS_FILE):
mtime = time.gmtime(os.path.getmtime(maltrail_config.TRAILS_FILE))
msg += " (last modification: '%s')" % time.strftime(
HTTP_TIME_FORMAT, mtime)
log_error(msg, "INFO")
except KeyboardInterrupt:
print("\r[x] stopping (Ctrl-C pressed)")
def validate_item(plural, source_file_placeholders, translation_file):
items = plural.findall('item')
source_placeholder = list(
source_file_placeholders[plural.get('name')].values())[0]
for item in items:
if (get_placeholders(item.text) != source_placeholder):
log.log_error("Plural '" + plural.get('name') + "': item '" +
item.get('quantity') +
"' contain different placeholder " +
"or format specifier from default string \n File: " +
translation_file)
for item in items:
if item.get('quantity') in source_file_placeholders[plural.get(
'name')]:
validate_quantity(plural, item, source_file_placeholders,
translation_file)
def match_property(index, property, source_data, translation_data,
translation_file):
"""Logs error if 'source_data' property doesn't match with the
'translation_data' property.
Parameters:
'index': json main list index
'property': property which needs to be compared
'source_data': will refer to a source json data object
'translation_data': will refer to a translation json data object
'translation_file': translation file which whose data is getting compared
"""
if source_data[index][property] != translation_data[index][property]:
log.log_error(f"Keys don't matched." +
f"\nValue: '{translation_data[index][property]}'" +
f"\nExpected Value: '{source_data[index][property]}'" +
f"\nProperty: '{property}'"
f"\nList Index: {index}"
f"\nFile: '{translation_file}'")
exit("[!] please run '%s' with sudo/Administrator privileges when using 'UDP_ADDRESS' configuration value" % __file__)
start_logd(address=config.UDP_ADDRESS, port=config.UDP_PORT, join=False)
try:
update_timer()
start_httpd(address=config.HTTP_ADDRESS, port=config.HTTP_PORT, pem=config.SSL_PEM if config.USE_SSL else None, join=True)
except KeyboardInterrupt:
print("\r[x] stopping (Ctrl-C pressed)")
if __name__ == "__main__":
show_final = True
try:
main()
except SystemExit, ex:
show_final = False
print(ex)
except Exception:
msg = "\r[!] unhandled exception occurred ('%s')" % sys.exc_info()[1]
msg += "\n[x] please report the following details at 'https://github.com/stamparm/maltrail/issues':\n---\n'%s'\n---" % traceback.format_exc()
log_error("\n\n%s" % msg.replace("\r", ""))
print(msg)
finally:
if show_final:
print("[i] finished")
os._exit(0)
exit("[!] missing pcap file '%s'" % options.pcap_file)
else:
print("[i] using pcap file '%s'" % options.pcap_file)
try:
init()
monitor()
except KeyboardInterrupt:
print("\r[x] stopping (Ctrl-C pressed)")
if __name__ == "__main__":
show_final = True
try:
main()
except SystemExit, ex:
show_final = False
print(ex)
except Exception:
msg = "\r[!] unhandled exception occurred ('%s')" % sys.exc_info()[1]
msg += "\n[x] please report the following details at 'https://github.com/stamparm/maltrail/issues':\n---\n'%s'\n---" % traceback.format_exc()
log_error("\n\n%s" % msg.replace("\r", ""))
print(msg)
finally:
if show_final:
print("[i] finished")
os._exit(0)
if config.USE_SERVER_UPDATE_TRAILS:
update_timer()
start_httpd(address=config.HTTP_ADDRESS, port=config.HTTP_PORT, pem=config.SSL_PEM if config.USE_SSL else None, join=True)
except KeyboardInterrupt:
print("\r[x] stopping (Ctrl-C pressed)")
if __name__ == "__main__":
show_final = True
try:
main()
except SystemExit, ex:
show_final = False
print(ex)
except IOError:
show_final = False
log_error("\n\n[!] session abruptly terminated\n[?] (hint: \"https://stackoverflow.com/a/20997655\")")
except Exception:
msg = "\r[!] unhandled exception occurred ('%s')" % sys.exc_info()[1]
msg += "\n[x] please report the following details at 'https://github.com/stamparm/maltrail/issues':\n---\n'%s'\n---" % traceback.format_exc()
log_error("\n\n%s" % msg.replace("\r", ""))
print(msg)
finally:
if show_final:
print("[i] finished")
os._exit(0)
def register_cronjob(app):
# 保证系统只启动一次定时任务,使用文件锁
scheduler.init_app(app)
scheduler.start()
print("scheduler job started.")
log_error("scheduler job started.", "INFO")
try:
init()
monitor()
except KeyboardInterrupt:
print("\r[x] stopping (Ctrl-C pressed)")
if __name__ == "__main__":
show_final = True
try:
main()
except SystemExit, ex:
show_final = False
print(ex)
except IOError:
show_final = False
log_error("\n\n[!] session abruptly terminated\n[?] (hint: \"https://stackoverflow.com/a/20997655\")")
except Exception:
msg = "\r[!] unhandled exception occurred ('%s')" % sys.exc_info()[1]
msg += "\n[x] please report the following details at 'https://github.com/stamparm/maltrail/issues':\n---\n'%s'\n---" % traceback.format_exc()
log_error("\n\n%s" % msg.replace("\r", ""))
print(msg)
finally:
if show_final:
print("[i] finished")
os._exit(0)
def register_project_init():
print("%s : v%s\n" % (NAME, VERSION))
init_config()
project_init()
cron_job_load_trails()
log_error("init success", "INFO")
