def search_view():
arg_hash = request.args['md5']
hash = parse_hash_list((arg_hash))
if hash:
found = single_hash_search(hash)
if found:
return jsonify(found), 200
else:
return jsonify(dict(error='Not a valid API end point.', response=404)), 404
else:
return 'Missing Parameters', 400
def intel():
# TODO : Handle edge case where VT didn't return anything, but when you requery it only pulls cached results
form = SearchForm(request.form)
selection = []
if form.validate_on_submit():
#: Check if User is using Single Hash Search
if form.label.data:
user_hash = parse_hash_list(form.label.data)
selection.append(single_hash_search(user_hash))
#: Check if User is using Batch Hash Search
if form.hashes.data:
hash_list = parse_hash_list(form.hashes.data)
if isinstance(hash_list, list):
selection = batch_search_hash(hash_list)
else:
selection.append(single_hash_search(hash_list))
# return redirect(url_for('intel'))
# selection = list(r.table('sessions').run(g.rdb_sess_conn))
# print selection
# r.table('sessions').delete().run(g.rdb_sess_conn)
return render_template('intel.html', form=form, searchs=selection, my_github=github)
def intel():
# TODO : Handle edge case where VT didn't return anything, but when you requery it only pulls cached results
form = SearchForm(request.form)
selection = []
if form.validate_on_submit():
#: Check if User is using Single Hash Search
if form.label.data:
user_hash = parse_hash_list(form.label.data)
selection.append(single_hash_search(user_hash))
#: Check if User is using Batch Hash Search
if form.hashes.data:
hash_list = parse_hash_list(form.hashes.data)
if isinstance(hash_list, list):
selection = batch_search_hash(hash_list)
else:
selection.append(single_hash_search(hash_list))
# return redirect(url_for('intel'))
# selection = list(r.table('sessions').run(g.rdb_sess_conn))
# print selection
# r.table('sessions').delete().run(g.rdb_sess_conn)
return render_template('intel.html', form=form, searchs=selection, my_github=github)
def sample(id):
#: Check sample id is valid hash value
a_sample_id = parse_hash_list(id)
if not a_sample_id:
abort(404)
#: Check that id exists in DB
found = is_hash_in_db(a_sample_id)
if not found:
abort(404)
#: Pull out all important information from sample to display to user
av_results, metascan_results, detection_ratio, exif, file_metadata, pe, tags, trid = parse_sample_data(found)
return render_template('analysis.html', sample=found, file=file_metadata, tags=tags, pe=pe, exif=exif, trid=trid,
av_results=av_results, metascan_results=metascan_results, detection_ratio=detection_ratio)
def sample(id):
#: Check sample id is valid hash value
a_sample_id = parse_hash_list(id)
if not a_sample_id:
abort(404)
#: Check that id exists in DB
found = is_hash_in_db(a_sample_id)
if not found:
abort(404)
#: Pull out all important information from sample to display to user
av_results, metascan_results, detection_ratio, exif, file_metadata, pe, tags, trid = parse_sample_data(found)
return render_template('analysis.html', sample=found, file=file_metadata, tags=tags, pe=pe, exif=exif, trid=trid,
av_results=av_results, metascan_results=metascan_results, detection_ratio=detection_ratio)
def batch_search_view():
arg_hash = request.args.getlist('md5')
hash_list = parse_hash_list(list_to_string(arg_hash))
if hash_list:
found = batch_search_hash(hash_list)
if found:
return jsonify(results=found), 200
# return json.dumps(found)
# return jsonify(json.dumps(found))
else:
return jsonify(dict(error='Not a valid API end point.', response=404)), 404
else:
return jsonify(dict(error='Missing Parameters', response=400)), 400
