def add_whois(self, data, analyst, date=None, editable=True): """ Add whois information to the domain. :param data: The contents of the whois. :type data: str :param analyst: The user adding the whois. :type analyst: str :param date: The date for this whois entry. :type date: datetime.datetime :param editable: If this entry can be modified. :type editable: boolean :returns: :class:`crits.core.domains.domain.WhoisEntry` """ if not date: date = datetime.datetime.now() whois_entry = WhoisEntry(data).to_dict() e = EmbeddedWhoIs() e.date = date e.analyst = analyst e.editable = editable e.text = data e.data = whois_entry self.whois.append(e) return whois_entry
def whois_diff(self, from_date, to_date): """ Generate a diff between two whois entries. :param from_date: The date for the first whois entry. :type date: datetime.datetime :param to_date: The date for the second whois entry. :type date: datetime.datetime :returns: str, None """ from_whois = None to_whois = None for w in self.whois: if w.date == from_date: from_whois = str(WhoisEntry.from_dict(w.data)).splitlines(True) if w.date == to_date: to_whois = str(WhoisEntry.from_dict(w.data)).splitlines(True) if not from_whois or not to_whois: return None return unified_diff(from_whois, to_whois, fromfile=from_date, tofile=to_date)
def edit_whois(self, data, date=None): """ Edit whois information for the domain. :param data: The contents of the whois. :type data: str :param date: The date for this whois entry. :type date: datetime.datetime """ if not date: return for w in self.whois: if w.date == date: whois_entry = WhoisEntry(data).to_dict() w.data = whois_entry w.text = data
def get_domain_details(domain, analyst): """ Generate the data to render the Domain details template. :param domain: The name of the Domain to get details for. :type domain: str :param analyst: The user requesting this information. :type analyst: str :returns: template (str), arguments (dict) """ template = None allowed_sources = user_sources(analyst) dmain = Domain.objects(domain=domain, source__name__in=allowed_sources).first() if not dmain: error = ("Either no data exists for this domain" " or you do not have permission to view it.") template = "error.html" args = {'error': error} return template, args forms = {} #populate whois data into whois form # and create data object (keyed on date) for updating form on date select whois_data = {'': ''} #blank info for "Add New" option initial_data = {'data': ' '} raw_data = {} whois = getattr(dmain, 'whois', None) if whois: for w in whois: #build data as a display-friendly string w.date = datetime.datetime.strftime(w.date, settings.PY_DATETIME_FORMAT) from whois_parser import WhoisEntry #prettify the whois data w.data = unicode(WhoisEntry.from_dict(w.data)) if 'text' not in w: #whois data was added with old data format w.text = w.data #also save our text blob for easy viewing of the original data whois_data[w.date] = (w.data, w.text) #show most recent entry first initial_data = {'data': whois[-1].data, 'date': whois[-1].date} raw_data = {'data': whois[-1].text, 'date': whois[-1].date} whois_len = len( whois_data) - 1 #subtract one to account for blank "Add New" entry whois_data = json.dumps(whois_data) dmain.sanitize_sources(username="******" % analyst, sources=allowed_sources) forms['whois'] = UpdateWhoisForm(initial_data, domain=domain) forms['raw_whois'] = UpdateWhoisForm(raw_data, domain=domain, allow_adding=False) forms['diff_whois'] = DiffWhoisForm(domain=domain) # remove pending notifications for user remove_user_from_notification("%s" % analyst, dmain.id, 'Domain') # subscription subscription = { 'type': 'Domain', 'id': dmain.id, 'subscribed': is_user_subscribed("%s" % analyst, 'Domain', dmain.id), } #objects objects = dmain.sort_objects() #relationships relationships = dmain.sort_relationships("%s" % analyst, meta=True) # relationship relationship = {'type': 'Domain', 'value': dmain.id} #comments comments = {'comments': dmain.get_comments(), 'url_key': dmain.domain} #screenshots screenshots = dmain.get_screenshots(analyst) # favorites favorite = is_user_favorite("%s" % analyst, 'Domain', dmain.id) # services manager = crits.service_env.manager service_list = manager.get_supported_services('Domain', True) args = { 'objects': objects, 'relationships': relationships, 'comments': comments, 'favorite': favorite, 'relationship': relationship, 'subscription': subscription, 'screenshots': screenshots, 'domain': dmain, 'forms': forms, 'whois_data': whois_data, 'service_list': service_list, 'whois_len': whois_len } return template, args
def get_domain_details(domain, analyst): """ Generate the data to render the Domain details template. :param domain: The name of the Domain to get details for. :type domain: str :param analyst: The user requesting this information. :type analyst: str :returns: template (str), arguments (dict) """ template = None allowed_sources = user_sources(analyst) dmain = Domain.objects(domain=domain, source__name__in=allowed_sources).first() if not dmain: error = ("Either no data exists for this domain" " or you do not have permission to view it.") template = "error.html" args = {'error': error} return template, args forms = {} #populate whois data into whois form # and create data object (keyed on date) for updating form on date select whois_data = {'':''} #blank info for "Add New" option initial_data = {'data':' '} raw_data = {} whois = getattr(dmain, 'whois', None) if whois: for w in whois: #build data as a display-friendly string w.date = datetime.datetime.strftime(w.date, settings.PY_DATETIME_FORMAT) from whois_parser import WhoisEntry #prettify the whois data w.data = unicode(WhoisEntry.from_dict(w.data)) if 'text' not in w: #whois data was added with old data format w.text = w.data #also save our text blob for easy viewing of the original data whois_data[w.date] = (w.data, w.text) #show most recent entry first initial_data = {'data':whois[-1].data, 'date': whois[-1].date} raw_data = {'data':whois[-1].text, 'date': whois[-1].date} whois_len = len(whois_data)-1 #subtract one to account for blank "Add New" entry whois_data = json.dumps(whois_data) dmain.sanitize_sources(username="******" % analyst, sources=allowed_sources) forms['whois'] = UpdateWhoisForm(initial_data, domain=domain) forms['raw_whois'] = UpdateWhoisForm(raw_data, domain=domain, allow_adding=False) forms['diff_whois'] = DiffWhoisForm(domain=domain) # remove pending notifications for user remove_user_from_notification("%s" % analyst, dmain.id, 'Domain') # subscription subscription = { 'type': 'Domain', 'id': dmain.id, 'subscribed': is_user_subscribed("%s" % analyst, 'Domain', dmain.id), } #objects objects = dmain.sort_objects() #relationships relationships = dmain.sort_relationships("%s" % analyst, meta=True) # relationship relationship = { 'type': 'Domain', 'value': dmain.id } #comments comments = {'comments': dmain.get_comments(), 'url_key':dmain.domain} #screenshots screenshots = dmain.get_screenshots(analyst) # favorites favorite = is_user_favorite("%s" % analyst, 'Domain', dmain.id) # services manager = crits.service_env.manager service_list = manager.get_supported_services('Domain', True) args = {'objects': objects, 'relationships': relationships, 'comments': comments, 'favorite': favorite, 'relationship': relationship, 'subscription': subscription, 'screenshots': screenshots, 'domain': dmain, 'forms': forms, 'whois_data': whois_data, 'service_list': service_list, 'whois_len': whois_len} return template, args
def get_domain_details(domain, analyst): """ Generate the data to render the Domain details template. :param domain: The name of the Domain to get details for. :type domain: str :param analyst: The user requesting this information. :type analyst: str :returns: template (str), arguments (dict) """ template = None allowed_sources = user_sources(analyst) dmain = Domain.objects(domain=domain, source__name__in=allowed_sources).first() if not dmain: error = "Either no data exists for this domain" " or you do not have permission to view it." template = "error.html" args = {"error": error} return template, args forms = {} # populate whois data into whois form # and create data object (keyed on date) for updating form on date select whois_data = {"": ""} # blank info for "Add New" option initial_data = {"data": " "} raw_data = {} whois = getattr(dmain, "whois", None) if whois: for w in whois: # build data as a display-friendly string w.date = datetime.datetime.strftime(w.date, settings.PY_DATETIME_FORMAT) from whois_parser import WhoisEntry # prettify the whois data w.data = unicode(WhoisEntry.from_dict(w.data)) if "text" not in w: # whois data was added with old data format w.text = w.data # also save our text blob for easy viewing of the original data whois_data[w.date] = (w.data, w.text) # show most recent entry first initial_data = {"data": whois[-1].data, "date": whois[-1].date} raw_data = {"data": whois[-1].text, "date": whois[-1].date} whois_len = len(whois_data) - 1 # subtract one to account for blank "Add New" entry whois_data = json.dumps(whois_data) dmain.sanitize_sources(username="******" % analyst, sources=allowed_sources) forms["whois"] = UpdateWhoisForm(initial_data, domain=domain) forms["raw_whois"] = UpdateWhoisForm(raw_data, domain=domain, allow_adding=False) forms["diff_whois"] = DiffWhoisForm(domain=domain) # remove pending notifications for user remove_user_from_notification("%s" % analyst, dmain.id, "Domain") # subscription subscription = { "type": "Domain", "id": dmain.id, "subscribed": is_user_subscribed("%s" % analyst, "Domain", dmain.id), } # objects objects = dmain.sort_objects() # relationships relationships = dmain.sort_relationships("%s" % analyst, meta=True) # relationship relationship = {"type": "Domain", "value": dmain.id} # comments comments = {"comments": dmain.get_comments(), "url_key": dmain.domain} # screenshots screenshots = dmain.get_screenshots(analyst) # favorites favorite = is_user_favorite("%s" % analyst, "Domain", dmain.id) # services service_list = get_supported_services("Domain") # analysis results service_results = dmain.get_analysis_results() args = { "objects": objects, "relationships": relationships, "comments": comments, "favorite": favorite, "relationship": relationship, "subscription": subscription, "screenshots": screenshots, "domain": dmain, "forms": forms, "whois_data": whois_data, "service_list": service_list, "service_results": service_results, "whois_len": whois_len, } return template, args