Example #1
0
    def detail(request, task_id, page):
        report = AnalysisController.get_report(task_id)
        _ipInfos = {}
        if page == "network":
            for host in report['analysis']['network']['hosts']:
                _ipInfos[host] = AnalysisController.ipInfo(host)

        pages = {
            "summary": "summary/index",
            "static": "static/index",
            "extracted": "extracted/index",
            "behavior": "behavior/index",
            "network": "network/index",
            "misp": "misp/index",
            "dropped_files": "dropped/dropped_files",
            "dropped_buffers": "dropped/dropped_buffers",
            "memory": "memory/index",
            "procmemory": "procmemory/index",
            "options": "options/index",
            "feedback": "feedback/index"
        }

        if page in pages.keys():
            return render_template(request,
                                   "analysis/pages/%s.html" % pages[page],
                                   report=report,
                                   page=page,
                                   ipInfo=_ipInfos)
        else:
            return view_error(request,
                              msg="Analysis subpage not found",
                              status=404)
Example #2
0
    def http_data(request, body):
        task_id = body.get("task_id", None)
        request_body = body.get("request_body", False)
        protocol = body.get("protocol", None)
        request_index = body.get("request_index", None)

        if not task_id or not isinstance(request_index, int):
            return json_error_response(
                "missing task_id or valid request_index"
            )

        report = AnalysisController.get_report(task_id)

        if request_body:
            # @TO-DO: parse raw http request data, filter out body
            req = ""
            resp = report["analysis"]["network"]["http"][request_index]["data"]
        else:
            req, resp = AnalysisNetworkApi._request_response(
                report, protocol, request_index
            )

        return JsonResponse({
            "request": req,
            "response": resp,
        }, safe=False)
Example #3
0
    def export(request, task_id):
        if request.method == "POST":
            taken_dirs = request.POST.getlist("dirs")
            taken_files = request.POST.getlist("files")

            if not taken_dirs and not taken_files:
                return view_error(
                    request, "Please select at least one directory or file"
                    " to be exported."
                )

            zip = Task.create_zip(
                task_id=task_id, taken_dirs=taken_dirs, taken_files=taken_files
            )
            if not zip:
                return view_error(request, "Failed to create zip.")

            response = HttpResponse(
                zip.getvalue(), content_type="application/zip"
            )
            response["Content-Disposition"] = (
                "attachment; filename=%s.zip" % task_id
            )

            return response

        report = AnalysisController.get_report(task_id)

        dirs, files = Task.get_files(task_id)
        return render_template(
            request, "analysis/export.html", report=report, dirs=dirs,
            files=files
        )
Example #4
0
    def export(request, task_id):
        if request.method == "POST":
            taken_dirs = request.POST.getlist("dirs")
            taken_files = request.POST.getlist("files")

            try:
                zip = ExportController.create(task_id=task_id,
                                              taken_dirs=taken_dirs,
                                              taken_files=taken_files)

                response = HttpResponse(zip.getvalue(), content_type="application/zip")
                response["Content-Disposition"] = "attachment; filename=%s.zip" % task_id
                return response

            except Exception as e:
                return view_error(request, str(e))

        report = AnalysisController.get_report(task_id)

        if "analysis_path" not in report.get("analysis", {}).get("info", {}):
            return view_error(request, "The analysis was created before the export "
                                       "functionality was integrated with Cuckoo and is "
                                       "therefore not available for this task (in order to "
                                       "export this analysis, please reprocess its report).")

        analysis_path = report["analysis"]["info"]["analysis_path"]
        dirs, files = ExportController.get_files(analysis_path)
        return render_template(request, "analysis/export.html",
                               report=report, dirs=dirs, files=files)
Example #5
0
    def detail(request, task_id, page):
        report = AnalysisController.get_report(task_id)

        pages = {
            "summary": "summary/index",
            "static": "static/index",
            "extracted": "extracted/index",
            "behavior": "behavior/index",
            "network": "network/index",
            "misp": "misp/index",
            "dropped_files": "dropped/dropped_files",
            "dropped_buffers": "dropped/dropped_buffers",
            "memory": "memory/index",
            "procmemory": "procmemory/index",
            "options": "options/index",
            "feedback": "feedback/index"
        }

        if page in pages.keys():
            return render_template(
                request, "analysis/pages/%s.html" % pages[page],
                report=report, page=page
            )
        else:
            return view_error(
                request, msg="Analysis subpage not found", status=404
            )
Example #6
0
    def detail(request, task_id, page):
        report = AnalysisController.get_report(task_id)

        pages = {
            "summary": "summary/index",
            "static": "static/index",
            "behavior": "behavior/index",
            "network": "network/index",
            "misp": "misp/index",
            "dropped_files": "dropped/dropped_files",
            "dropped_buffers": "dropped/dropped_buffers",
            "procmemory": "procmemory/index",
            "options": "options/index",
            "feedback": "feedback/index"
        }

        if page in pages.keys():
            return render_template(request,
                                   "analysis/pages/%s.html" % pages[page],
                                   report=report,
                                   page=page)
        else:
            return view_error(request,
                              msg="Analysis subpage not found",
                              status=404)
Example #7
0
    def export(request, task_id):
        if request.method == "POST":
            taken_dirs = request.POST.getlist("dirs")
            taken_files = request.POST.getlist("files")

            try:
                zip = ExportController.create(task_id=task_id,
                                              taken_dirs=taken_dirs,
                                              taken_files=taken_files)

                response = HttpResponse(zip.getvalue(), content_type="application/zip")
                response["Content-Disposition"] = "attachment; filename=%s.zip" % task_id
                return response

            except Exception as e:
                return view_error(request, str(e))

        report = AnalysisController.get_report(task_id)

        if "analysis_path" not in report.get("analysis", {}).get("info", {}):
            return view_error(request, "The analysis was created before the export "
                                       "functionality was integrated with Cuckoo and is "
                                       "therefore not available for this task (in order to "
                                       "export this analysis, please reprocess its report).")

        analysis_path = report["analysis"]["info"]["analysis_path"]
        dirs, files = ExportController.get_files(analysis_path)
        return render_template(request, "analysis/export.html",
                               report=report, dirs=dirs, files=files)
Example #8
0
    def include_report_web(self, task_id):
        try:
            report = Report(AnalysisController.get_report(task_id)["analysis"])
        except Http404:
            # No report available so ignoring the rest of this function.
            return

        return self.include_report(report)
Example #9
0
    def create(task_id, taken_dirs, taken_files, report=None):
        """
        Returns a zip file as a file like object.
        :param task_id: task id
        :param taken_dirs: directories to include
        :param taken_files: files to include
        :param report: additional report dict
        :return: zip file
        """
        if not taken_dirs and not taken_files:
            raise Exception(
                "Please select at least one directory or file to be exported."
            )

        # @TO-DO: refactor
        taken_dirs_tmp = []
        for taken_dir in taken_dirs:
            if isinstance(taken_dir, tuple):
                taken_dirs_tmp.append(taken_dir[0])
            else:
                taken_dirs_tmp.append(taken_dir)

        taken_dirs = taken_dirs_tmp

        if not report:
            report = AnalysisController.get_report(task_id)

        report = report["analysis"]
        path = report["info"]["analysis_path"]

        f = io.BytesIO()
        z = zipfile.ZipFile(f, "w", zipfile.ZIP_DEFLATED, allowZip64=True)

        for dirpath, dirnames, filenames in os.walk(path):
            if os.path.basename(dirpath) == task_id:
                for filename in filenames:
                    if filename in taken_files:
                        z.write(os.path.join(dirpath, filename), filename)
            if os.path.basename(dirpath) in taken_dirs:
                for filename in filenames:
                    z.write(
                        os.path.join(dirpath, filename),
                        os.path.join(os.path.basename(dirpath), filename)
                    )

        # Creating an analysis.json file with additional information about this
        # analysis. This information serves as metadata when importing a task.
        obj = {
            "action": report.get("debug", {}).get("action", []),
            "errors": report.get("debug", {}).get("errors", []),
        }
        z.writestr(
            "analysis.json", json.dumps(obj, indent=4, default=json_default)
        )

        z.close()
        return f
Example #10
0
    def include_report_web(self, task_id):
        from cuckoo.web.controllers.analysis.analysis import AnalysisController
        from django.http import Http404
        try:
            report = Report(AnalysisController.get_report(task_id)["analysis"])
        except Http404:
            # No report available so ignoring the rest of this function.
            return

        return self.include_report(report)
Example #11
0
    def include_report_web(self, task_id):
        from cuckoo.web.controllers.analysis.analysis import AnalysisController
        from django.http import Http404
        try:
            report = Report(AnalysisController.get_report(task_id)["analysis"])
        except Http404:
            # No report available so ignoring the rest of this function.
            return

        return self.include_report(report)
Example #12
0
    def create(task_id, taken_dirs, taken_files, report=None):
        """
        Returns a zip file as a file like object.
        :param task_id: task id
        :param taken_dirs: directories to include
        :param taken_files: files to include
        :param report: additional report dict
        :return: zip file
        """
        if not taken_dirs and not taken_files:
            raise Exception(
                "Please select at least one directory or file to be exported.")

        # @TO-DO: refactor
        taken_dirs_tmp = []
        for taken_dir in taken_dirs:
            if isinstance(taken_dir, tuple):
                taken_dirs_tmp.append(taken_dir[0])
            else:
                taken_dirs_tmp.append(taken_dir)

        taken_dirs = taken_dirs_tmp

        if not report:
            report = AnalysisController.get_report(task_id)

        report = report["analysis"]
        path = report["info"]["analysis_path"]

        f = io.BytesIO()
        z = zipfile.ZipFile(f, "w", zipfile.ZIP_DEFLATED, allowZip64=True)

        for dirpath, dirnames, filenames in os.walk(path):
            if os.path.basename(dirpath) == task_id:
                for filename in filenames:
                    if filename in taken_files:
                        z.write(os.path.join(dirpath, filename), filename)
            if os.path.basename(dirpath) in taken_dirs:
                for filename in filenames:
                    z.write(os.path.join(dirpath, filename),
                            os.path.join(os.path.basename(dirpath), filename))

        # Creating an analysis.json file with additional information about this
        # analysis. This information serves as metadata when importing a task.
        obj = {
            "action": report.get("debug", {}).get("action", []),
            "errors": report.get("debug", {}).get("errors", []),
        }
        z.writestr("analysis.json",
                   json.dumps(obj, indent=4, default=json_default))

        z.close()
        return f
Example #13
0
    def misp_export(request, task_id):
        if request.method == "POST":
            try:
                ExportController.misp_export(task_id=task_id)
                return render_template(request, "success.html", **{
                    "message": "Event uploaded to MISP",
                })

            except Exception as e:
                return view_error(request, str(e))

        report = AnalysisController.get_report(task_id)

        return render_template(request, "analysis/misp_export.html",
                               report=report)
Example #14
0
    def get_files(request, body):
        task_id = body.get('task_id', None)

        if not task_id:
            return json_error_response("invalid task_id")

        report = AnalysisController.get_report(task_id)
        if not report["analysis"].get("info", {}).get("analysis_path"):
            raise CuckooApiError("old-style analysis")

        analysis_path = report["analysis"]["info"]["analysis_path"]

        try:
            dirs, files = ExportController.get_files(analysis_path)
        except Exception as e:
            return json_error_response(message=str(e))

        return JsonResponse({"dirs": dirs, "files": files}, safe=False)
Example #15
0
    def get_files(request, body):
        task_id = body.get('task_id', None)

        if not task_id:
            return json_error_response("invalid task_id")

        report = AnalysisController.get_report(task_id)
        if not report["analysis"].get("info", {}).get("analysis_path"):
            raise CuckooApiError("old-style analysis")

        analysis_path = report["analysis"]["info"]["analysis_path"]

        try:
            dirs, files = ExportController.get_files(analysis_path)
        except Exception as e:
            return json_error_response(message=str(e))

        return JsonResponse({"dirs": dirs, "files": files}, safe=False)
Example #16
0
    def estimate_size(task_id, taken_dirs, taken_files):
        report = AnalysisController.get_report(task_id)
        report = report["analysis"]
        path = report["info"]["analysis_path"]

        size_total = 0

        for directory in taken_dirs:
            destination = "%s/%s" % (path, directory)
            if os.path.isdir(destination):
                size_total += get_directory_size(destination)

        for filename in taken_files:
            destination = "%s/%s" % (path, filename)
            if os.path.isfile(destination):
                size_total += os.path.getsize(destination)

        # estimate file size after zipping; 60% compression rate typically
        size_estimated = size_total / 6.5

        return {
            "size": int(size_estimated),
            "size_human": filesizeformat(size_estimated)
        }
Example #17
0
    def estimate_size(task_id, taken_dirs, taken_files):
        report = AnalysisController.get_report(task_id)
        report = report["analysis"]
        path = report["info"]["analysis_path"]

        size_total = 0

        for directory in taken_dirs:
            destination = "%s/%s" % (path, directory)
            if os.path.isdir(destination):
                size_total += get_directory_size(destination)

        for filename in taken_files:
            destination = "%s/%s" % (path, filename)
            if os.path.isfile(destination):
                size_total += os.path.getsize(destination)

        # estimate file size after zipping; 60% compression rate typically
        size_estimated = size_total / 6.5

        return {
            "size": int(size_estimated),
            "size_human": filesizeformat(size_estimated)
        }
Example #18
0
    def http_data(request, body):
        task_id = body.get("task_id", None)
        request_body = body.get("request_body", False)
        protocol = body.get("protocol", None)
        request_index = body.get("request_index", None)

        if not task_id or not isinstance(request_index, int):
            return json_error_response(
                "missing task_id or valid request_index")

        report = AnalysisController.get_report(task_id)

        if request_body:
            # @TO-DO: parse raw http request data, filter out body
            req = ""
            resp = report["analysis"]["network"]["http"][request_index]["data"]
        else:
            req, resp = AnalysisNetworkApi._request_response(
                report, protocol, request_index)

        return JsonResponse({
            "request": req,
            "response": resp,
        }, safe=False)