def create_sample_from_json_machex(self, machex_json, level):
"""
Creation from machex string data.
"""
try:
jdata = json.loads(machex_json)
mhash_sha256 = jdata["sha256"]
mhash_sha1 = jdata["sha1"]
mhash_md5 = jdata["md5"]
mtype = jdata["type"]
except Exception as e:
app.logger.error("Machex import failed : %s" % (e))
return None
qresult = Sample.query.filter_by(sha256=mhash_sha256)
exists = False
if qresult.count() != 0:
sample = qresult.first()
return None
sample = Sample()
sample.md5 = mhash_md5
sample.sha1 = mhash_sha1
sample.sha256 = mhash_sha256
sample.mime_type = mtype
sample.TLP_sensibility = level
sample.analysis_status = AnalysisStatus.TOSTART
if "full_mime_type" in jdata:
sample.full_mime_type = jdata["full_mime_type"]
if "size" in jdata:
sample.size = jdata["size"]
if "file_date" in jdata:
sample.file_date = jdata["file_date"]
db.session.add(sample)
if "file_metadata" in jdata:
for i in jdata["file_metadata"]:
self.add_metadata(
sample, SampleMetadataType.fromstring(
i['type']), i['value'])
if "filenames" in jdata:
for i in jdata["filenames"]:
self.add_filename(sample, i)
if "functions" in jdata:
for i in jdata["functions"]:
address = i["address"]
if isinstance(address, str):
address = int(address, 16)
name = ""
machoc_hash = -1
if "machoc" in i:
machoc_hash = i["machoc"]
if isinstance(machoc_hash, str):
machoc_hash = int(machoc_hash, 16)
if "name" in i:
name = i["name"]
self.add_function(sample, address, machoc_hash, name)
if "strings" in jdata and len(jdata["strings"]) > 0:
for i in jdata["strings"]:
typ = i["type"]
val = i["value"]
if not exists:
self.add_string(sample, typ, val)
if "abstract" in jdata:
sample.abstract = jdata["abstract"]
if "analyses" in jdata:
for i in jdata["analyses"]:
self.create_analysis(sample, i["data"], i["title"])
db.session.commit()
return sample
def create_sample_from_json_machex(self, machex_json, level):
"""
Creation from machex string data.
"""
try:
jdata = json.loads(machex_json)
mhash_sha256 = jdata["sha256"]
mhash_sha1 = jdata["sha1"]
mhash_md5 = jdata["md5"]
mtype = jdata["type"]
except Exception as e:
app.logger.error("Machex import failed : %s" % (e))
return None
qresult = Sample.query.filter_by(sha256=mhash_sha256)
exists = False
if qresult.count() != 0:
sample = qresult.first()
return None
sample = Sample()
sample.md5 = mhash_md5
sample.sha1 = mhash_sha1
sample.sha256 = mhash_sha256
sample.mime_type = mtype
sample.TLP_sensibility = level
sample.analysis_status = AnalysisStatus.TOSTART
if "full_mime_type" in jdata:
sample.full_mime_type = jdata["full_mime_type"]
if "size" in jdata:
sample.size = jdata["size"]
if "file_date" in jdata:
sample.file_date = jdata["file_date"]
db.session.add(sample)
if "file_metadata" in jdata:
for i in jdata["file_metadata"]:
self.add_metadata(sample,
SampleMetadataType.fromstring(i['type']),
i['value'])
if "filenames" in jdata:
for i in jdata["filenames"]:
self.add_filename(sample, i)
if "functions" in jdata:
for i in jdata["functions"]:
address = i["address"]
if isinstance(address, str):
address = int(address, 16)
name = ""
machoc_hash = -1
if "machoc" in i:
machoc_hash = i["machoc"]
if isinstance(machoc_hash, str):
machoc_hash = int(machoc_hash, 16)
if "name" in i:
name = i["name"]
self.add_function(sample, address, machoc_hash, name)
if "strings" in jdata and len(jdata["strings"]) > 0:
for i in jdata["strings"]:
typ = i["type"]
val = i["value"]
if not exists:
self.add_string(sample, typ, val)
if "abstract" in jdata:
sample.abstract = jdata["abstract"]
if "analyses" in jdata:
for i in jdata["analyses"]:
self.create_analysis(sample, i["data"], i["title"])
db.session.commit()
return sample
def create_sample_from_file(self, file_data, orig_filename="", user=None,
tlp_level=TLPLevel.TLPWHITE):
"""
Creates a sample from file data. Updates metadata, etc.
"""
if TLPLevel.tostring(tlp_level) == "":
return None
sha_256 = sha256(file_data).hexdigest()
sample = None
# check if we already had the file or not
# If not, we will just update some information
if Sample.query.filter_by(sha256=sha_256).count() != 0:
sample = Sample.query.filter_by(sha256=sha_256).first()
if sample.storage_file is not None and sample.storage_file != "" and os.path.exists(
sample.storage_file):
return sample
# Create if needed
if sample is None:
sample = Sample()
db.session.add(sample)
sample.TLP_sensibility = tlp_level
sample.family_id = None
sample.file_date = datetime.datetime.now()
elif sample.file_date is None:
sample.file_date = datetime.datetime.now()
# Drop file to disk
filename = sha_256 + ".bin"
file_path = os.path.join(app.config['STORAGE_PATH'], filename)
with open(file_path, 'wb') as myfile:
myfile.write(file_data)
# Generic data
sample.analysis_status = AnalysisStatus.TOSTART
sample.storage_file = file_path
mime_type = self.do_sample_type_detect(file_path)
sample.mime_type = mime_type[0]
sample.full_mime_type = mime_type[1]
sample.md5 = md5(file_data).hexdigest()
sample.sha1 = sha1(file_data).hexdigest()
sample.sha256 = sha_256
sample.size = len(file_data)
# Specific metadata, resulting from Tasks
sample.import_hash = ""
sample.machoc_hash = ""
db.session.commit()
if orig_filename != "":
self.add_filename(sample, orig_filename)
if user is not None:
self.add_user(user, sample)
return sample
def create_sample_from_file(self,
file_data,
orig_filename="",
user=None,
tlp_level=TLPLevel.TLPWHITE):
"""
Creates a sample from file data. Updates metadata, etc.
"""
sha_256 = sha256(file_data).hexdigest()
sample = None
# check if we already had the file or not
# If not, we will just update some information
if Sample.query.filter_by(sha256=sha_256).count() != 0:
sample = Sample.query.filter_by(sha256=sha_256).first()
if sample.storage_file is not None and sample.storage_file != "" and os.path.exists(
sample.storage_file):
return sample
# Create if needed
if sample is None:
sample = Sample()
db.session.add(sample)
sample.TLP_sensibility = tlp_level
sample.family_id = None
sample.file_date = datetime.datetime.now()
elif sample.file_date is None:
sample.file_date = datetime.datetime.now()
# Drop file to disk
filename = sha_256 + ".bin"
file_path = os.path.join(app.config['STORAGE_PATH'], filename)
with open(file_path, 'wb') as myfile:
myfile.write(file_data)
# Generic data
sample.analysis_status = AnalysisStatus.TOSTART
sample.storage_file = file_path
mime_type = self.do_sample_type_detect(file_path)
sample.mime_type = mime_type[0]
sample.full_mime_type = mime_type[1]
sample.md5 = md5(file_data).hexdigest()
sample.sha1 = sha1(file_data).hexdigest()
sample.sha256 = sha_256
sample.size = len(file_data)
# Specific metadata, resulting from Tasks
sample.import_hash = ""
sample.machoc_hash = ""
db.session.commit()
if orig_filename != "":
self.add_filename(sample, orig_filename)
if user is not None:
self.add_user(user, sample)
return sample