Exemple #1
0
def password_reset(user_id=None, expiration_ts=None, password_reset_hash=None):
    logging_prefix = logger_prefix + "password_reset({},{},{}) - ".format(user_id, expiration_ts, password_reset_hash)
    log.info(logging_prefix + "Starting")
    
    try:
        if sha256(SALTS['user'],user_id+expiration_ts) != password_reset_hash:
            flash("There was an error completing your request", 'danger')
            return redirect("/user/password/request_reset/")

        form = forms.passwordPerformResetForm(request.form)
        search_form = forms.searchForm()

        now = int(time.time())

        if now > int(expiration_ts): # passworD1!
            flash("This link has expired", 'danger')
            return redirect("/user/password/request_reset/")

        conn=get_mysql().cursor(DictCursor)
        conn.execute("SELECT COUNT(*) as count FROM password_reset_hashes WHERE hash = %s AND user_id = %s", (password_reset_hash,user_id))
        result = conn.fetchone()
        conn.close()

        if not result:
            flash("This link has expired", 'danger')
            return redirect("/user/password/request_reset/")

        if result['count'] == 0:
            flash("This link has expired", 'danger')
            return redirect("/user/password/request_reset/")

        if request.method == 'POST':
            if form.validate():
                password = form.user_password.data
                salted_password = sha256(SALTS['user'],password)

                conn=get_mysql().cursor()
                conn.execute("UPDATE users SET password = %s WHERE id = %s", (salted_password,user_id))
                conn.execute("DELETE FROM password_reset_hashes WHERE user_id = %s", (user_id,))
                get_mysql().commit()
                conn.close()

                flash("Your password has been updated", "success")
                return redirect("/user/login")
            else:
                print(form.errors)

    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)

    log.info(logging_prefix + "Rendering")
    return render_template("password_reset.html",
                        page_title="Reset Your Password",
                        page_type="PERFORM",
                        form=form,
                        search_form=search_form
            )
Exemple #2
0
def edit_user_permissions(action,value,user_id,user_c):
    logging_prefix = logger_prefix + "edit_user_permissions({},{},{},{}) - ".format(action,value,user_id,user_c)
    log.info(logging_prefix + "Starting") 

    action_column_map = {}
    action_column_map['approve'] = "approved"
    action_column_map['write_perm'] = "write_permission"
    action_column_map['delete_perm'] = "delete_permission"
    action_column_map['admin_perm'] = "admin"

    success = 1
    try:
        #make sure the value is valid
        if value not in ["0","1"]:
            raise Exception("Invald value: {}".format(value))

        #make sure the action is valid    
        try:
            column = action_column_map[action]
        except Exception as f:
            log.warning(logging_prefix + "Action '{}' not found in action_column_map".format(action))
            raise f

        #check the hash
        if user_c == sha256(SALTS['user'], str(user_id)):

            #if action is approve, emails need to be sent
            if action == "approve":
                conn = get_mysql().cursor(DictCursor)
                conn.execute("SELECT name, email FROM users WHERE id = %s", (user_id,))
                user = conn.fetchone()
                conn.close()

                if value == "1":
                    log.info(logging_prefix + "Setting approved=1 for user {}".format(user_id))
                    sendAccountApprovedEmail(user['email'])
                else:
                    log.info(logging_prefix + "Setting approved=0 for user {}".format(user_id))
                    sendAccountDisapprovedEmail(user['email'])

            #now update the desired setting
            conn = get_mysql().cursor()
            conn.execute("UPDATE users SET "+column+" = %s WHERE id = %s", (value,user_id))
            get_mysql().commit()
            conn.close()
            log.info(logging_prefix + "Successfully update {} to {} for user id {}".format(column,value,user_id))

        else:
            log.warning(logging_prefix + "Hash mismatch {} {}".format(user_id, user_c))
    except Exception as e:
        success = 0
        error = "There was an error completing your request. Details: {}".format(e)
        log.exception(logging_prefix + error)

    return jsonify({ "success" : success, "new_value" : value })
Exemple #3
0
def password_request_reset():
    logging_prefix = logger_prefix + "password_request_reset() - "
    log.info(logging_prefix + "Starting")
    try:
        form = forms.userEmailForm(request.form)
        search_form = forms.searchForm()

        if request.method == 'POST':
            if form.validate():
                email = form.user_email.data

                #make sure the email exists in the system
                conn=get_mysql().cursor(DictCursor)
                conn.execute("SELECT id FROM users WHERE email = %s", (email,))
                user = conn.fetchone()
                conn.close()

                if user:
                    expiration_ts = int(time.time()) + 3600
                    password_reset_hash = sha256(SALTS['user'],str(user['id']) + str(expiration_ts))

                    #set this value in the database, so it can be expired after the password is changed
                    conn=get_mysql().cursor(DictCursor)
                    conn.execute("INSERT INTO password_reset_hashes (user_id,hash) VALUES (%s,%s)", (user['id'],password_reset_hash))
                    get_mysql().commit()
                    conn.close()

                    password_reset_link = "/user/password/reset/{}/{}/{}/".format(user['id'],expiration_ts,password_reset_hash)

                    sendPasswordResetEmail(email, password_reset_link)

                    flash("An email has been sent to '{}' with a link to reset your password. This link expires in 1 hour.".format(email),'success')
                else:
                    flash("The email you entered was not found", "danger")

            else:
                print(form.errors)

    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)

    return render_template("password_reset.html",
                        page_title="Reset Your Password",
                        page_type="REQUEST",
                        form=form,
                        search_form=search_form
            )
Exemple #4
0
def user_delete(user_id, user_id_hash):
    logging_prefix = logger_prefix + "user_delete({},{}) - ".format(user_id, user_id_hash)
    log.info(logging_prefix + "Starting")

    redirect_url = "/admin/"
    try:
        redirect_url = request.args.get("_r")
        if not redirect_url:
            log.warning(logging_prefix + "redirect_url not set, using default")
            redirect_url = "/admin/"

        #check user_id against user_id_hash and perform delete if match
        if user_id_hash == sha256( SALTS['user'], user_id ):
            #now delete the user
            conn=get_mysql().cursor(DictCursor)
            conn.execute("DELETE FROM users WHERE id=%s", (user_id,))
            conn.close()
            flash("The user has been deleted", "success")
        else:
            flash("Unable to delete user", "danger")
        
    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)
        
    return redirect(redirect_url)
Exemple #5
0
def main():
    logging_prefix = logger_prefix + "main() - "
    log.info(logging_prefix + "Starting")

    try:
        conn=get_mysql().cursor(DictCursor)
        conn.execute("SELECT id, name, email, company, justification, email_verified, approved, write_permission, delete_permission, admin, created, last_login FROM users ORDER BY created DESC")

        users = conn.fetchall()
        for user in users:
            user['id_hash'] = sha256( SALTS['user'], str(user['id']) )

        conn.close()

        email_user_form = forms.sendUserEmailForm()

    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)


    return render_template("admin.html",
                        page_title="Admin",
                        url = "/admin/",
                        users=users,
                        email_user_form = email_user_form
            )
Exemple #6
0
def verify(email, verification_hash):
    logging_prefix = logger_prefix + "verify() - "
    log.info(logging_prefix + "Starting")

    email = unquote_plus(email)

    print(email)
    print(verification_hash)

    try:
        conn=get_mysql().cursor(DictCursor)
        conn.execute("SELECT id, email, name, company, justification FROM users WHERE verification_hash = %s", (verification_hash,))
        r = conn.fetchone()
        if not r:
            log.error(logging_prefix + "User with email '{}' was not found".format(email))
            flash("Your user was not found, try registering again",'danger')
        elif r['email'] == email:
            log.info(logging_prefix + "Successful validation of {}".format(email))
            flash("Your email address have been verified, you will not be able to log in until you get approved by the Site Admin",'success')

            #update the database marking this user active
            user_id = r['id']
            conn.execute("UPDATE users SET email_verified=1 WHERE id = %s", (user_id,))
            get_mysql().commit()

            #id, email, name, company
            sendNewUserToApproveEmail(r['id'], r['email'],r['name'],r['company'],r['justification'])
        else:
            log.warning(logging_prefix + "Unsuccessful validation of {}".format(email))
            flash("We were unable to verify your account",'danger')

    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)
    finally:
        conn.close()

    return redirect("/", code=307)
Exemple #7
0
    def validate(self):
        #flash("Password is still a string field, change this", "warning")

        try:
            rv = Form.validate(self)
            if not rv:
                return False

            #check to see if user already exists
            #theres probably still a race condition here, not sure how to prevent it
            try:
                conn = get_mysql().cursor()
                conn.execute("SELECT id FROM users WHERE email = %s",
                             (self.user_email.data.strip(), ))
                user_exists = (len(conn.fetchall()) != 0)
                conn.close()
                if user_exists:
                    self.user_email.errors.append(
                        'Email address is already registered')
                    return False
            except Exception as s:
                conn.close()
                raise s

            #check password complexity
            pwd = self.user_password.data

            # searching for digits
            digit_error = re.search(r"\d", pwd) is None

            # searching for uppercase
            uppercase_error = re.search(r"[A-Z]", pwd) is None

            # searching for lowercase
            lowercase_error = re.search(r"[a-z]", pwd) is None

            # searching for symbols
            #NOTE: if viewing in sublime, this is correct below, the format is jacked
            symbol_error = re.search(r"[ !#$%&'()*+,-./[\\\]^_`{|}~" + r'"]',
                                     pwd) is None

            if digit_error or uppercase_error or lowercase_error or symbol_error:
                self.user_password.errors.append(
                    'Password must contain at least one number, one lowercase letter, one uppercase letter and one symbol'
                )
                return False
        except Exception as e:
            flash("Error validating form, details: {}".format(e))
            return False

        return True
Exemple #8
0
def reverify():
    logging_prefix = logger_prefix + "reverify() - "
    log.info(logging_prefix + "Starting")
    try:
        form = forms.userEmailForm(request.form)
        search_form = forms.searchForm()

        if request.method == 'POST':
            if form.validate():
                email = form.user_email.data

                #make sure the email exists in the system
                conn=get_mysql().cursor(DictCursor)
                conn.execute("SELECT verification_hash FROM users WHERE email = %s", (email,))
                user = conn.fetchone()
                conn.close()

                if user:
                    sendAccountVerificationEmail(email, user['verification_hash'])

                    flash("A verification email has been sent to '{}' with a link to verify your account.".format(email),'success')
                else:
                    flash("The email you entered was not found", "danger")

            else:
                print(form.errors)

    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)

    return render_template("account_reverify.html",
                        page_title="Verify Account",
                        form=form,
                        search_form=search_form
            )
def es_to_form(report_id):
    form = forms.reportForm()

    # get the values from ES
    results = get_es().get(ES_PREFIX + "threat_reports", doc_type="report", id=report_id)

    # store certain fields from ES, so this form can be used in an update
    form.doc_index.data = results["_index"]
    form.doc_type.data = results["_type"]

    report_data = results["_source"]

    form.report_name.data = report_data["name"]
    form.report_id.data = report_data["identifier"]
    form.report_occurred_at.data = datetime.strptime(report_data["created_s"], "%Y-%m-%dT%H:%M:%S")
    form.report_description.data = report_data["description"]
    form.report_criticality.data = report_data["criticality"]

    idx = 0
    for entry in range(len(form.report_class.entries)):
        form.report_class.pop_entry()
    for i in multikeysort(report_data["classification"], ["family", "id"]):
        report_class_form = forms.TPXClassificationForm()
        report_class_form.a_family = i["family"]
        report_class_form.a_id = i["id"]

        form.report_class.append_entry(report_class_form)

        # set the options since this select is dynamic
        form.report_class[idx].a_id.choices = fetch_child_data("tpx_classification", i["family"])
        idx += 1

    form.report_tlp.data = int(report_data["tlp"])

    for entry in range(len(form.report_sections.entries)):
        form.report_sections.pop_entry()
    for i in multikeysort(report_data["section"], ["order"]):
        report_section_form = forms.ReportSectionsForm()
        report_section_form.title = i["title"]
        report_section_form.tlp = i["tlp"]
        report_section_form.text = i["content"]

        form.report_sections.append_entry(report_section_form)

    form.report_source_reliability.data = report_data["source_reliability"]
    form.report_info_reliability.data = report_data["info_reliability"]

    for entry in range(len(form.report_sources.entries)):
        form.report_sources.pop_entry()
    for i in sorted(report_data["source"]):
        report_source_form = forms.ReportSourcesForm()
        report_source_form.source = i

        form.report_sources.append_entry(report_source_form)

    """
    Related element
    """

    for entry in range(len(form.report_actors.entries)):
        form.report_actors.pop_entry()
    if report_data["related_actor"]:
        idx = 0
        for i in multikeysort(report_data["related_actor"], ["name", "id"]):
            sub_form = forms.RelatedActorsForm()
            sub_form.data = i["id"] + ":::" + i["name"]
            has_related_elements = False

            idx2 = 0
            for entry in range(len(sub_form.related_elements.entries)):
                sub_form.related_elements.pop_entry()
            for j in multikeysort(report_data["related_element_choices"], ["display_text"]):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = j["value"] in i["elements"]
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j["value"]
                sub_form.related_elements[idx2].element_text = j["display_text"]

                if is_related:
                    has_related_elements = True

                idx2 += 1

            form.report_actors.append_entry(sub_form)

            form.report_actors[idx].has_related_elements.data = has_related_elements
            idx += 1
    else:
        sub_form = forms.RelatedActorsForm()
        sub_form.data = "_NONE_"
        form.report_actors.append_entry(sub_form)

    for entry in range(len(form.report_reports.entries)):
        form.report_reports.pop_entry()
    if report_data["related_report"]:
        idx = 0
        for i in multikeysort(report_data["related_report"], ["name", "id"]):
            sub_form = forms.RelatedReportsForm()
            sub_form.data = i["id"] + ":::" + i["name"]
            has_related_elements = False

            idx2 = 0
            for entry in range(len(sub_form.related_elements.entries)):
                sub_form.related_elements.pop_entry()
            for j in multikeysort(report_data["related_element_choices"], ["display_text"]):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = j["value"] in i["elements"]
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j["value"]
                sub_form.related_elements[idx2].element_text = j["display_text"]

                if is_related:
                    has_related_elements = True

                idx2 += 1

            form.report_reports.append_entry(sub_form)

            form.report_reports[idx].has_related_elements.data = has_related_elements
            idx += 1
    else:
        sub_form = forms.RelatedReportsForm()
        sub_form.data = "_NONE_"
        form.report_reports.append_entry(sub_form)

    for entry in range(len(form.report_ttps.entries)):
        form.report_ttps.pop_entry()
    if report_data["related_ttp"]:
        idx = 0
        for i in multikeysort(report_data["related_ttp"], ["name", "id"]):
            sub_form = forms.RelatedTTPsForm()
            sub_form.data = i["id"] + ":::" + i["name"]
            has_related_elements = False

            idx2 = 0
            for entry in range(len(sub_form.related_elements.entries)):
                sub_form.related_elements.pop_entry()
            for j in multikeysort(report_data["related_element_choices"], ["display_text"]):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = j["value"] in i["elements"]
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j["value"]
                sub_form.related_elements[idx2].element_text = j["display_text"]

                if is_related:
                    has_related_elements = True

                idx2 += 1

            form.report_ttps.append_entry(sub_form)

            form.report_ttps[idx].has_related_elements.data = has_related_elements
            idx += 1
    else:
        sub_form = forms.RelatedTTPsForm()
        sub_form.data = "_NONE_"
        form.report_ttps.append_entry(sub_form)

    # convert editor dictionary of ids and times to names and times
    editors = get_editor_names(get_mysql(), report_data["editor"])

    return form, editors
Exemple #10
0
def register():
    logging_prefix = logger_prefix + "register() - "
    log.info(logging_prefix + "Starting")
    try:

        form = forms.registerForm(request.form)
        search_form = forms.searchForm()

        if request.method == 'POST':

            #verify captcha
            perform_validate = True
            try:
                if RECAPTCHA_ENABLED:
                    captcha_value = request.form['g-recaptcha-response']
                    r = requests.post("https://www.google.com/recaptcha/api/siteverify", data={
                            'secret': RECAPTCHA_PRIVATE_KEY,
                            'response': request.form['g-recaptcha-response']
                        })
                    r_json = json.loads(r.text)

                    if not r_json['success']:
                        flash("Bots are not allowed",'danger')
                        perform_validate = False

            except Exception as s:
                log.exception(logging_prefix + "Error preforming captcha validation")
                raise s

            if perform_validate and form.validate():
                log.info(logging_prefix + "Sign up Detected")

                #get data from form
                name = form.user_name.data
                email = form.user_email.data 
                password = form.user_password.data
                company = form.user_company.data
                reason = form.user_reason.data

                #create the necessary hashes
                salted_password = sha256(SALTS['user'],password)
                verification_hash = sha256(SALTS['email_verification'], email)

                #insert data into mysql
                insert = "INSERT INTO users (email, password, name, company, justification, email_verified, verification_hash) VALUES (%s,%s,%s,%s,%s,%s,%s)"
                values = (email, salted_password, name, company, reason, 0, verification_hash)
                log.info(logging_prefix + "Adding new user {}".format(values))

                try:
                    conn=get_mysql().cursor()
                    conn.execute(insert, values)
                    get_mysql().commit()
                    conn.close()
                except Exception as s:
                    conn.close()
                    raise s

                #email the user to verify email
                try:
                    sendAccountVerificationEmail(email, verification_hash)
                except Exception as s:
                    log.exception(logging_prefix + "Unable to send email to {} with verification_hash {}".format(email, verification_hash))
                    raise s

                flash("You have been registered. A verification email with an actviation link has been sent to {} from [email protected]".format(email),'success')
            else:

                print(form.errors)
        else:
            pass

    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)


    return render_template("register.html",
                        page_title="Register",
                        form=form,
                        recaptcha_enabled=RECAPTCHA_ENABLED,
                        recaptcha_key=RECAPTCHA_PUBLIC_KEY,
                        search_form=search_form
            )
Exemple #11
0
def login():
    logging_prefix = logger_prefix + "login() - "
    log.info(logging_prefix + "Starting")

    try:
        form = forms.loginForm(request.form)
        search_form = forms.searchForm()

        if request.method == 'POST':
            if form.validate():
                email = form.user_email.data 
                password = form.user_password.data

                hashed_password = sha256(SALTS['user'], password)

                conn=get_mysql().cursor(DictCursor)
                #since email is unique
                conn.execute("SELECT id, password, name, email_verified, approved, write_permission, delete_permission, admin FROM users WHERE email = %s", (email,))
                user = conn.fetchone()
                

                if user:
            
                    if user['password'] == hashed_password:
                        #we have found a valid user

                        if user['email_verified']==0:
                            #the user has not verified their email address
                            flash("Your email address has not been verified. Click here if you did not receive a verification email", "danger")

                        elif user['approved']==0:
                            #the user has not been approved, or their access has been disapproved
                            flash("Your account has been approved yet, you will receive an email when your account has been approved", "danger")

                        else:
                            #woohoo successful login, set up session variables
                            session['logged_in']    =   True
                            session['id']           =   user['id']
                            session['name']         =   user['name']
                            session['email']        =   email
                            session['approved']     =   (user['approved'] == 1)
                            session['write']        =   (user['write_permission'] == 1)
                            session['delete']       =   (user['delete_permission'] == 1)
                            session['admin']        =   (user['admin'] == 1)
                            session['expires']      =   math.ceil(time.time()) + SESSION_EXPIRE
                                                                            #now + 10 minutes of inactivity
                                                                            #each time this user loads a page
                                                                            #the expiration time gets now + 10m

                            #update last login timestamp
                            conn=get_mysql().cursor(DictCursor)
                            conn.execute("UPDATE users SET last_login=%s WHERE id = %s", (datetime.now(), user['id']))
                            get_mysql().commit()
                            conn.close()

                            flash("You have been logged in", "success")

                            if request.args.get("r"):
                                return redirect(request.args.get("r"))
                            else:
                                return redirect("/") 
                    else:
                        log.warning(logging_prefix + "Invalid login attempt for {}".format(email))
                        flash("The username or password is incorrect", "danger")
                else:
                    log.warning(logging_prefix + "Invalid login attempt for {}".format(email))
                    flash("The username or password is incorrect", "danger")
            else:
                print(form.errors)

    except Exception as e:
        error = "There was an error completing your request. Details: {}".format(e)
        flash(error,'danger')
        log.exception(logging_prefix + error)

    return render_template("login.html",
                        page_title="Login",
                        form=form,
                        search_form=search_form
            ) 
Exemple #12
0
        def wrapped(*args, **kwargs):

            r = quote_plus(request.url)
            try:
                if access_level != PUBLIC:
                    if 'logged_in' not in session:
                        flash("You must log in to continue", 'danger')
                        return redirect("/user/login/?r={}".format(r),
                                        code=307)
                    elif not session['logged_in']:
                        flash("You must log in to continue", 'danger')
                        return redirect("/user/login/?r={}".format(r),
                                        code=307)
                    elif session['expires'] < math.ceil(
                            time.time()) and SESSION_EXPIRE != -1:
                        flash(
                            "Your session has expired, log in below to continue",
                            'danger')
                        return redirect("/user/logout/?r={}".format(r),
                                        code=307)

                    #since the user is logged in requery the database for their current permissons
                    if 'id' not in session:
                        log.error(logging_prefix -
                                  "ID not in session: {}".format(session))
                        flash(
                            "Theres an issue with your session, please log in again. Error 001.",
                            'danger')
                        return redirect("/user/login/?r={}".format(r),
                                        code=307)

                    conn = get_mysql().cursor(DictCursor)
                    conn.execute(
                        "SELECT email_verified, approved, write_permission, delete_permission, admin FROM users WHERE id = %s",
                        (session['id'], ))
                    user = conn.fetchone()
                    conn.close()

                    if not user:
                        log.error(logging_prefix -
                                  "User not found: {}".format(session))
                        flash(
                            "Theres an issue with your session, please log in again. Error 002.",
                            'danger')
                        return redirect("/user/logout/?r={}".format(r),
                                        code=307)

                    if user['email_verified'] != 1:
                        flash("Your email address has not been verified yet",
                              'danger')
                        return redirect("/user/logout/?r={}".format(r),
                                        code=307)

                    session['approved'] = (user['approved'] == 1)
                    session['write'] = (user['write_permission'] == 1)
                    session['delete'] = (user['delete_permission'] == 1)
                    session['admin'] = (user['admin'] == 1)

                    #now that we know this user is logged in set the expiration to much later
                    session['expires'] = math.ceil(
                        time.time()) + SESSION_EXPIRE

                    #compare the users current access to the access level needed for this page
                    if not session['approved']:
                        #if read is not set, the users account has been disabled
                        flash("Your account has been disabled", 'danger')
                        return redirect("/user/logout/?r={}".format(r),
                                        code=307)

                    elif access_level == WRITE and not session['write']:
                        return render_template("error_403.html")
                    elif access_level == DELETE and not session['delete']:
                        return render_template("error_403.html")
                    elif access_level == ADMIN and not session['admin']:
                        return render_template("error_403.html")

            except Exception as e:
                log.exception("Error performing user authentication")
                flash(
                    "Your account could not be verified, please log in again",
                    'danger')
                return redirect("/user/logout/?r={}".format(r), code=307)

            return f(*args, **kwargs)
Exemple #13
0
def es_to_form(actor_id):
    form = forms.actorForm()
    editors = []

    #get the values from ES
    results = get_es().get(ES_PREFIX + "threat_actors", doc_type="actor", id=actor_id)

    #store certain fields from ES, so this form can be used in an update
    form.doc_index.data = results['_index']
    form.doc_type.data = results['_type']

    actor_data = results['_source']

    form.actor_name.data = actor_data['name']
    form.actor_occurred_at.data = datetime.strptime(actor_data['created_s'],"%Y-%m-%dT%H:%M:%S")
    form.actor_description.data  = actor_data['description']
    form.actor_criticality.data  = actor_data['criticality']

    #blank this field, and then add data
    idx = 0
    for entry in range(len(form.actor_class.entries)): form.actor_class.pop_entry()
    for i in multikeysort(actor_data['classification'], ['family', 'id']):
        actor_class_form = forms.TPXClassificationForm()
        actor_class_form.a_family = i['family']
        actor_class_form.a_id = i['id']

        form.actor_class.append_entry(actor_class_form)

        #set the options since this select is dynamic
        form.actor_class[idx].a_id.choices = fetch_child_data('tpx_classification',i['family'])
        idx += 1

    form.actor_tlp.data = str(actor_data['tlp'])

    for entry in range(len(form.actor_type.entries)): form.actor_type.pop_entry()
    for i in sorted(actor_data['type']):
        actor_type_form = forms.TypeForm()
        actor_type_form.a_type = i
        form.actor_type.append_entry(actor_type_form)


    for entry in range(len(form.actor_motivations.entries)): form.actor_motivations.pop_entry()
    for i in sorted(actor_data['motivation']):
        actor_motivation_form = forms.MotivationForm()
        actor_motivation_form.motivation = i
        actor_motivation_form.motivation_other = ""
        form.actor_motivations.append_entry(actor_motivation_form)

    for entry in range(len(form.actor_aliases.entries)): form.actor_aliases.pop_entry()
    for i in sorted(actor_data['alias']):
        actor_alias_form = forms.AliasForm()
        actor_alias_form.alias = i
        form.actor_aliases.append_entry(actor_alias_form)

    for entry in range(len(form.actor_comms.entries)): form.actor_comms.pop_entry()
    for i in multikeysort(actor_data['communication_address'], ['type', 'value']):
        actor_comms_form = forms.CommunicationsForm()
        actor_comms_form.a_type = i['type']
        actor_comms_form.a_type_other = ""
        actor_comms_form.address = i['value']
        form.actor_comms.append_entry(actor_comms_form)

    for entry in range(len(form.actor_financials.entries)): form.actor_financials.pop_entry()
    for i in multikeysort(actor_data['financial_account'], ['type', 'value']):
        actor_fin_form = forms.FinancialsForm()
        actor_fin_form.f_type = i['type']
        actor_fin_form.f_type_other = ""
        actor_fin_form.account = i['value']
        form.actor_financials.append_entry(actor_fin_form)

    for entry in range(len(form.actor_locations.entries)): form.actor_locations.pop_entry()
    for i in sorted(actor_data['frequented_location']):
        actor_locations_form = forms.LocationsForm()
        actor_locations_form.location = i
        form.actor_locations.append_entry(actor_locations_form)

    for entry in range(len(form.actor_affliations.entries)): form.actor_affliations.pop_entry()
    for i in sorted(actor_data['country_affiliation']):
        actor_affil_form = forms.AffiliationsForm()
        actor_affil_form.affiliation = i
        actor_affil_form.affiliation_other = ""
        form.actor_affliations.append_entry(actor_affil_form)

    for entry in range(len(form.actor_known_targets.entries)): form.actor_known_targets.pop_entry()
    for i in sorted(actor_data['known_target']):
        actor_known_target_form = forms.KnownTargetsForm()
        actor_known_target_form.target = i
        actor_known_target_form.target_other = ""
        form.actor_known_targets.append_entry(actor_known_target_form)

    for entry in range(len(form.actor_origin.entries)): form.actor_origin.pop_entry()
    #theres only one of these, at least there should be
    actor_affil_form = forms.AffiliationsForm()
    actor_affil_form.affiliation = actor_data['origin']
    actor_affil_form.affiliation_other = ""
    form.actor_origin.append_entry(actor_affil_form)

    for entry in range(len(form.actor_infra_ipv4.entries)): form.actor_infra_ipv4.pop_entry()
    for i in sorted(actor_data['infrastructure']['ipv4']):
        actor_infra_ipv4_form = forms.InfrastructureIPv4Form()
        actor_infra_ipv4_form.ipv4 = i
        form.actor_infra_ipv4.append_entry(actor_infra_ipv4_form)

    for entry in range(len(form.actor_infra_fqdn.entries)): form.actor_infra_fqdn.pop_entry()
    for i in sorted(actor_data['infrastructure']['fqdn']):
        actor_infra_fqdn_form = forms.InfrastructureIPv4Form()
        actor_infra_fqdn_form.fqdn = i
        form.actor_infra_fqdn.append_entry(actor_infra_fqdn_form)

    form.actor_infra_action.data = actor_data['infrastructure']['action']
    form.actor_infra_operation.data = actor_data['infrastructure']['operation']
    form.actor_infra_status.data = actor_data['infrastructure']['status']


    for entry in range(len(form.actor_infra_types.entries)): form.actor_infra_types.pop_entry()
    for i in sorted(actor_data['infrastructure']['type']):
        actor_infra_type_form = forms.InfrastructureTypesForm()
        actor_infra_type_form.infra_type = i
        form.actor_infra_types.append_entry(actor_infra_type_form)

    for entry in range(len(form.actor_detections.entries)): form.actor_detections.pop_entry()
    for i in multikeysort(actor_data['detection_rule'], ["type", "id"]):
        actor_detection_form = forms.DetectionsForm()
        actor_detection_form.d_type = i['type']
        actor_detection_form.rule_id = i['id']
        actor_detection_form.rule = i['value']
        form.actor_detections.append_entry(actor_detection_form)

    '''
    Related element
    '''
    
    for entry in range(len(form.actor_actors.entries)): form.actor_actors.pop_entry()
    if actor_data['related_actor']:
        idx = 0
        for i in multikeysort(actor_data['related_actor'], ['name', 'id']):
            sub_form = forms.RelatedActorsForm()
            sub_form.data = i['id'] + ":::" + i['name']
            has_related_elements = False

            idx2=0
            for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry()
            for j in multikeysort(actor_data['related_element_choices'],['display_text']):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = (j['value'] in i['elements'])
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j['value']
                sub_form.related_elements[idx2].element_text = j['display_text']

                if is_related:
                    has_related_elements = True

                idx2 +=1

            form.actor_actors.append_entry(sub_form)

            form.actor_actors[idx].has_related_elements.data = has_related_elements
            idx+=1
    else:
        sub_form = forms.RelatedActorsForm()
        sub_form.data = "_NONE_"
        form.actor_actors.append_entry(sub_form)
            
    for entry in range(len(form.actor_reports.entries)): form.actor_reports.pop_entry()
    if actor_data['related_report']:
        idx = 0
        for i in multikeysort(actor_data['related_report'], ['name', 'id']):
            sub_form = forms.RelatedReportsForm()
            sub_form.data = i['id'] + ":::" + i['name']
            has_related_elements = False

            idx2=0
            for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry()
            for j in multikeysort(actor_data['related_element_choices'],['display_text']):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = (j['value'] in i['elements'])
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j['value']
                sub_form.related_elements[idx2].element_text = j['display_text']

                if is_related:
                    has_related_elements = True

                idx2 +=1

            form.actor_reports.append_entry(sub_form)

            form.actor_reports[idx].has_related_elements.data = has_related_elements
            idx+=1
    else:
        sub_form = forms.RelatedReportsForm()
        sub_form.data = "_NONE_"
        form.actor_reports.append_entry(sub_form)

            
    for entry in range(len(form.actor_ttps.entries)): form.actor_ttps.pop_entry()
    if actor_data['related_ttp']:
        idx = 0
        for i in multikeysort(actor_data['related_ttp'], ['name', 'id']):
            sub_form = forms.RelatedTTPsForm()
            sub_form.data = i['id'] + ":::" + i['name']
            has_related_elements = False

            idx2=0
            for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry()
            for j in multikeysort(actor_data['related_element_choices'],['display_text']):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = (j['value'] in i['elements'])
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j['value']
                sub_form.related_elements[idx2].element_text = j['display_text']

                if is_related:
                    has_related_elements = True

                idx2 +=1

            form.actor_ttps.append_entry(sub_form)

            form.actor_ttps[idx].has_related_elements.data = has_related_elements
            idx+=1

    else:
        sub_form = forms.RelatedTTPsForm()
        sub_form.data = "_NONE_"
        form.actor_ttps.append_entry(sub_form)

    #convert editor dictionary of ids and times to names and times
    editors = get_editor_names(get_mysql(), actor_data['editor'])

    return form, editors
Exemple #14
0
def es_to_form(ttp_id):
    form = forms.ttpForm()

    #get the values from ES
    results = get_es().get(ES_PREFIX + "threat_ttps",
                           doc_type="ttp",
                           id=ttp_id)

    #store certain fields from ES, so this form can be used in an update
    form.doc_index.data = results['_index']
    form.doc_type.data = results['_type']

    ttp_data = results['_source']

    form.ttp_name.data = ttp_data['name']
    form.ttp_first_observed.data = datetime.strptime(ttp_data['created_s'],
                                                     "%Y-%m-%dT%H:%M:%S")
    form.ttp_description.data = ttp_data['description']
    form.ttp_criticality.data = int(ttp_data['criticality'])

    idx = 0
    for entry in range(len(form.ttp_class.entries)):
        form.ttp_class.pop_entry()
    for i in multikeysort(ttp_data['classification'], ['family', 'id']):
        ttp_class_form = forms.TPXClassificationForm()
        ttp_class_form.a_family = i['family']
        ttp_class_form.a_id = i['id']

        form.ttp_class.append_entry(ttp_class_form)

        #set the options since this select is dynamic
        form.ttp_class[idx].a_id.choices = fetch_child_data(
            'tpx_classification', i['family'])
        idx += 1

    if ttp_data['related_actor']:
        for entry in range(len(form.ttp_actors.entries)):
            form.ttp_actors.pop_entry()
        for i in multikeysort(ttp_data['related_actor'], ['name', 'id']):
            sub_form = forms.RelatedActorsForm()
            sub_form.data = i['id'] + ":::" + i['name']

            form.ttp_actors.append_entry(sub_form)

    if ttp_data['related_report']:
        for entry in range(len(form.ttp_reports.entries)):
            form.ttp_reports.pop_entry()
        for i in multikeysort(ttp_data['related_report'], ['name', 'id']):
            sub_form = forms.RelatedReportsForm()
            sub_form.data = i['id'] + ":::" + i['name']

            form.ttp_reports.append_entry(sub_form)

    if ttp_data['related_ttp']:
        for entry in range(len(form.ttp_ttps.entries)):
            form.ttp_ttps.pop_entry()
        for i in multikeysort(ttp_data['related_ttp'], ['name', 'id']):
            sub_form = forms.RelatedTTPsForm()
            sub_form.data = i['id'] + ":::" + i['name']

            form.ttp_ttps.append_entry(sub_form)

    #convert editor dictionary of ids and times to names and times
    editors = get_editor_names(get_mysql(), ttp_data['editor'])

    return form, editors
Exemple #15
0
def es_to_form(report_id):
    form = forms.reportForm()

    #get the values from ES
    results = get_es().get(ES_PREFIX + "threat_reports",
                           doc_type="report",
                           id=report_id)

    #store certain fields from ES, so this form can be used in an update
    form.doc_index.data = results['_index']
    form.doc_type.data = results['_type']

    report_data = results['_source']

    form.report_name.data = report_data['name']
    form.report_id.data = report_data['identifier']
    form.report_occurred_at.data = datetime.strptime(report_data['created_s'],
                                                     "%Y-%m-%dT%H:%M:%S")
    form.report_description.data = report_data['description']
    form.report_criticality.data = report_data['criticality']

    idx = 0
    for entry in range(len(form.report_class.entries)):
        form.report_class.pop_entry()
    for i in multikeysort(report_data['classification'], ['family', 'id']):
        report_class_form = forms.TPXClassificationForm()
        report_class_form.a_family = i['family']
        report_class_form.a_id = i['id']

        form.report_class.append_entry(report_class_form)

        #set the options since this select is dynamic
        form.report_class[idx].a_id.choices = fetch_child_data(
            'tpx_classification', i['family'])
        idx += 1

    form.report_tlp.data = int(report_data['tlp'])

    for entry in range(len(form.report_sections.entries)):
        form.report_sections.pop_entry()
    for i in multikeysort(report_data['section'], ['order']):
        report_section_form = forms.ReportSectionsForm()
        report_section_form.title = i['title']
        report_section_form.tlp = i['tlp']
        report_section_form.text = i['content']

        form.report_sections.append_entry(report_section_form)

    form.report_source_reliability.data = report_data["source_reliability"]
    form.report_info_reliability.data = report_data["info_reliability"]

    for entry in range(len(form.report_sources.entries)):
        form.report_sources.pop_entry()
    for i in sorted(report_data['source']):
        report_source_form = forms.ReportSourcesForm()
        report_source_form.source = i

        form.report_sources.append_entry(report_source_form)
    '''
    Related element
    '''

    for entry in range(len(form.report_actors.entries)):
        form.report_actors.pop_entry()
    if report_data['related_actor']:
        idx = 0
        for i in multikeysort(report_data['related_actor'], ['name', 'id']):
            sub_form = forms.RelatedActorsForm()
            sub_form.data = i['id'] + ":::" + i['name']
            has_related_elements = False

            idx2 = 0
            for entry in range(len(sub_form.related_elements.entries)):
                sub_form.related_elements.pop_entry()
            for j in multikeysort(report_data['related_element_choices'],
                                  ['display_text']):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = (j['value'] in i['elements'])
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j['value']
                sub_form.related_elements[idx2].element_text = j[
                    'display_text']

                if is_related:
                    has_related_elements = True

                idx2 += 1

            form.report_actors.append_entry(sub_form)

            form.report_actors[
                idx].has_related_elements.data = has_related_elements
            idx += 1
    else:
        sub_form = forms.RelatedActorsForm()
        sub_form.data = "_NONE_"
        form.report_actors.append_entry(sub_form)

    for entry in range(len(form.report_reports.entries)):
        form.report_reports.pop_entry()
    if report_data['related_report']:
        idx = 0
        for i in multikeysort(report_data['related_report'], ['name', 'id']):
            sub_form = forms.RelatedReportsForm()
            sub_form.data = i['id'] + ":::" + i['name']
            has_related_elements = False

            idx2 = 0
            for entry in range(len(sub_form.related_elements.entries)):
                sub_form.related_elements.pop_entry()
            for j in multikeysort(report_data['related_element_choices'],
                                  ['display_text']):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = (j['value'] in i['elements'])
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j['value']
                sub_form.related_elements[idx2].element_text = j[
                    'display_text']

                if is_related:
                    has_related_elements = True

                idx2 += 1

            form.report_reports.append_entry(sub_form)

            form.report_reports[
                idx].has_related_elements.data = has_related_elements
            idx += 1
    else:
        sub_form = forms.RelatedReportsForm()
        sub_form.data = "_NONE_"
        form.report_reports.append_entry(sub_form)

    for entry in range(len(form.report_ttps.entries)):
        form.report_ttps.pop_entry()
    if report_data['related_ttp']:
        idx = 0
        for i in multikeysort(report_data['related_ttp'], ['name', 'id']):
            sub_form = forms.RelatedTTPsForm()
            sub_form.data = i['id'] + ":::" + i['name']
            has_related_elements = False

            idx2 = 0
            for entry in range(len(sub_form.related_elements.entries)):
                sub_form.related_elements.pop_entry()
            for j in multikeysort(report_data['related_element_choices'],
                                  ['display_text']):
                sub_sub_form = forms.ElementObservablesFrom()

                sub_form.related_elements.append_entry(sub_sub_form)

                is_related = (j['value'] in i['elements'])
                sub_form.related_elements[idx2].element = is_related
                sub_form.related_elements[idx2].element_value = j['value']
                sub_form.related_elements[idx2].element_text = j[
                    'display_text']

                if is_related:
                    has_related_elements = True

                idx2 += 1

            form.report_ttps.append_entry(sub_form)

            form.report_ttps[
                idx].has_related_elements.data = has_related_elements
            idx += 1
    else:
        sub_form = forms.RelatedTTPsForm()
        sub_form.data = "_NONE_"
        form.report_ttps.append_entry(sub_form)

    #convert editor dictionary of ids and times to names and times
    editors = get_editor_names(get_mysql(), report_data['editor'])

    return form, editors