def process_sandbox_infos(self, incident_report, html_report):
errors = [e.text for e in incident_report.findall("./errors/error")]
for error in errors:
self._error(error)
info = {
"Report Id": incident_report.find("./id").text,
"Joe Sandbox Version": incident_report.find("./version").text,
"Architecture": incident_report.find("./arch").text,
"System": incident_report.find("./system").text,
"File Type": incident_report.find("./filetype").text,
}
# upload HTML report
fp = io.BytesIO(html_report)
fp.name = "report.html"
ret = add_object(self.obj._meta['crits_type'], self.obj.id,
object_type=ObjectTypes.FILE_UPLOAD,
source=get_user_organization(self.current_task.user),
method=self.name,
reference=None,
file_=fp,
tlp=self.obj.tlp,
user=str(self.current_task.user))
if ret['success']:
md5 = hashlib.md5(html_report).hexdigest()
info["md5"] = md5
else:
self._warning(ret["message"])
self._add_result("Joe Sandbox Infos", "Report", info)
self._notify()
def obj_create(self, bundle, **kwargs):
"""
Handles adding objects through the API.
:param bundle: Bundle containing the object to add.
:type bundle: Tastypie Bundle object.
:returns: Bundle object.
:raises BadRequest: If necessary data is not provided or creation fails.
"""
analyst = bundle.request.user.username
crits_type = bundle.data.get('crits_type', None)
crits_id = bundle.data.get('crits_id', None)
object_type = bundle.data.get('object_type', None)
if not object_type:
raise BadRequest("You must provide an Object Type!")
ot_array = object_type.split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
source = bundle.data.get('source', None)
method = bundle.data.get('method', None)
reference = bundle.data.get('reference', None)
add_indicator = bundle.data.get('add_indicator', None)
filedata = bundle.data.get('filedata', None)
value = bundle.data.get('value', None)
if not crits_type or not crits_id:
raise BadRequest("You must provide a top-level object!")
if not filedata and not value:
raise BadRequest("You must provide a value or filedata!")
result = add_object(crits_type,
crits_id,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=filedata,
add_indicator=add_indicator)
if not result['success']:
raise BadRequest(result['message'])
else:
return bundle
def obj_create(self, bundle, **kwargs):
"""
Handles adding objects through the API.
:param bundle: Bundle containing the object to add.
:type bundle: Tastypie Bundle object.
:returns: Bundle object.
:raises BadRequest: If necessary data is not provided or creation fails.
"""
analyst = bundle.request.user.username
crits_type = bundle.data.get('crits_type', None)
crits_id = bundle.data.get('crits_id', None)
object_type = bundle.data.get('object_type', None)
if not object_type:
raise BadRequest("You must provide an Object Type!")
ot_array = object_type.split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
source = bundle.data.get('source', None)
method = bundle.data.get('method', None)
reference = bundle.data.get('reference', None)
add_indicator = bundle.data.get('add_indicator', None)
filedata = bundle.data.get('filedata', None)
value = bundle.data.get('value', None)
if not crits_type or not crits_id:
raise BadRequest("You must provide a top-level object!")
if not filedata and not value:
raise BadRequest("You must provide a value or filedata!")
result = add_object(crits_type,
crits_id,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=filedata,
add_indicator=add_indicator)
if not result['success']:
raise BadRequest(result['message'])
else:
return bundle
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
user = request.user
result = ""
message = ""
my_type = request.POST['otype']
acl = get_acl_object(my_type)
if user.has_access_to(acl.OBJECTS_ADD):
form = AddObjectForm(user,
request.POST,
request.FILES)
if not form.is_valid() and 'value' not in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({'message': message,
'form': form,
'success': False})
if request.is_ajax():
return HttpResponse(response, content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response':response},
RequestContext(request))
source = request.POST['source_name']
oid = request.POST['oid']
object_type = request.POST['object_type']
method = request.POST['source_method']
reference = request.POST['source_reference']
tlp = request.POST['source_tlp']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
source,
method,
reference,
tlp,
user.username,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
else:
results = {'success':False,
'message':'User does not have permission to add object'}
if results['success']:
subscription = {
'type': my_type,
'id': oid
}
if results.get('relationships', None):
relationship = {'type': my_type,
'value': oid}
relationships = results['relationships']
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'relationships': relationships,
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
rel_msg = render_to_string('relationships_listing_widget.html',
{'relationship': relationship,
'nohide': True,
'relationships': relationships},
RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html",
{"error" : error },
RequestContext(request))
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
user = request.user
result = ""
message = ""
my_type = request.POST['otype']
acl = get_acl_object(my_type)
if user.has_access_to(acl.OBJECTS_ADD):
form = AddObjectForm(user, request.POST, request.FILES)
if not form.is_valid() and 'value' not in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({
'message': message,
'form': form,
'success': False
})
if request.is_ajax():
return HttpResponse(response,
content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': response},
RequestContext(request))
source = request.POST['source_name']
oid = request.POST['oid']
object_type = request.POST['object_type']
method = request.POST['source_method']
reference = request.POST['source_reference']
tlp = request.POST['source_tlp']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
source,
method,
reference,
tlp,
user.username,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
else:
results = {
'success': False,
'message': 'User does not have permission to add object'
}
if results['success']:
subscription = {'type': my_type, 'id': oid}
if results.get('relationships', None):
relationship = {'type': my_type, 'value': oid}
relationships = results['relationships']
html = render_to_string(
'objects_listing_widget.html', {
'objects': results['objects'],
'relationships': relationships,
'subscription': subscription
}, RequestContext(request))
result = {
'success': True,
'html': html,
'message': results['message']
}
rel_msg = render_to_string(
'relationships_listing_widget.html', {
'relationship': relationship,
'nohide': True,
'relationships': relationships
}, RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html', {
'objects': results['objects'],
'subscription': subscription
}, RequestContext(request))
result = {
'success': True,
'html': html,
'message': results['message']
}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html", {"error": error},
RequestContext(request))
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
result = ""
message = ""
my_type = request.POST['otype']
all_obj_type_choices = [(c[0],
c[0],
{'datatype':c[1].keys()[0],
'datatype_value':c[1].values()[0]}
) for c in get_object_types(False)]
form = AddObjectForm(analyst,
all_obj_type_choices,
request.POST,
request.FILES)
if not form.is_valid() and not 'value' in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({'message': message,
'form': form,
'success': False})
if request.is_ajax():
return HttpResponse(response, mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response':response},
RequestContext(request))
source = request.POST['source']
oid = request.POST['oid']
ot_array = request.POST['object_type'].split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
method = request.POST['method']
reference = request.POST['reference']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
if results['success']:
subscription = {
'type': my_type,
'id': oid
}
if results.get('relationships', None):
relationship = {'type': my_type,
'value': oid}
relationships = results['relationships']
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'relationships': relationships,
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
rel_msg = render_to_string('relationships_listing_widget.html',
{'relationship': relationship,
'nohide': True,
'relationships': relationships},
RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html",
{"error" : error },
RequestContext(request))
def obj_create(self, bundle, **kwargs):
"""
Handles adding objects through the API.
:param bundle: Bundle containing the object to add.
:type bundle: Tastypie Bundle object.
:returns: HttpResponse.
"""
analyst = bundle.request.user.username
crits_type = bundle.data.get('crits_type', None)
crits_id = bundle.data.get('crits_id', None)
object_type = bundle.data.get('object_type', None)
content = {'return_code': 1,
'type': crits_type}
if not object_type:
content['message'] = "You must provide an Object Type!"
self.crits_response(content)
ot_array = object_type.split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
source = bundle.data.get('source', None)
method = bundle.data.get('method', None)
reference = bundle.data.get('reference', None)
add_indicator = bundle.data.get('add_indicator', None)
filedata = bundle.data.get('filedata', None)
value = bundle.data.get('value', None)
if not crits_type or not crits_id:
content['message'] = "You must provide a top-level object!"
self.crits_response(content)
if not filedata and not value:
content['message'] = "You must provide a value or filedata!"
self.crits_response(content)
result = add_object(crits_type,
crits_id,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=filedata,
add_indicator=add_indicator)
if result.get('message'):
content['message'] = result.get('message')
content['id'] = crits_id
rname = self.resource_name_from_type(crits_type)
url = reverse('api_dispatch_detail',
kwargs={'resource_name': rname,
'api_name': 'v1',
'pk': crits_id})
content['url'] = url
if result['success']:
content['return_code'] = 0
self.crits_response(content)
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == "POST":
analyst = "%s" % request.user
result = ""
message = ""
my_type = request.POST["otype"]
all_obj_type_choices = [
(c[0], c[0], {"datatype": c[1].keys()[0], "datatype_value": c[1].values()[0]})
for c in get_object_types(False)
]
form = AddObjectForm(analyst, all_obj_type_choices, request.POST, request.FILES)
if not form.is_valid() and not "value" in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({"message": message, "form": form, "success": False})
if request.is_ajax():
return HttpResponse(response, mimetype="application/json")
else:
return render_to_response("file_upload_response.html", {"response": response}, RequestContext(request))
source = request.POST["source"]
oid = request.POST["oid"]
ot_array = request.POST["object_type"].split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
method = request.POST["method"]
reference = request.POST["reference"]
add_indicator = request.POST.get("add_indicator", None)
data = None
# if it was a file upload, handle the file appropriately
if "value" in request.FILES:
data = request.FILES["value"]
value = request.POST.get("value", None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(
my_type,
oid,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True,
)
if results["success"]:
subscription = {"type": my_type, "id": oid}
if results.get("relationships", None):
relationship = {"type": my_type, "value": oid}
relationships = results["relationships"]
html = render_to_string(
"objects_listing_widget.html",
{"objects": results["objects"], "relationships": relationships, "subscription": subscription},
RequestContext(request),
)
result = {"success": True, "html": html, "message": results["message"]}
rel_msg = render_to_string(
"relationships_listing_widget.html",
{"relationship": relationship, "nohide": True, "relationships": relationships},
RequestContext(request),
)
result["rel_made"] = True
result["rel_msg"] = rel_msg
else:
html = render_to_string(
"objects_listing_widget.html",
{"objects": results["objects"], "subscription": subscription},
RequestContext(request),
)
result = {"success": True, "html": html, "message": results["message"]}
else:
message = "Error adding object: %s" % results["message"]
result = {"success": False, "message": message}
if request.is_ajax():
return HttpResponse(json.dumps(result), mimetype="application/json")
else:
return render_to_response(
"file_upload_response.html", {"response": json.dumps(result)}, RequestContext(request)
)
else:
error = "Expected POST"
return render_to_response("error.html", {"error": error}, RequestContext(request))
def obj_create(self, bundle, **kwargs):
"""
Handles adding objects through the API.
:param bundle: Bundle containing the object to add.
:type bundle: Tastypie Bundle object.
:returns: HttpResponse.
"""
analyst = bundle.request.user.username
crits_type = bundle.data.get('crits_type', None)
crits_id = bundle.data.get('crits_id', None)
object_type = bundle.data.get('object_type', None)
content = {'return_code': 1, 'type': crits_type}
if not object_type:
content['message'] = "You must provide an Object Type!"
self.crits_response(content)
ot_array = object_type.split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
source = bundle.data.get('source', None)
method = bundle.data.get('method', None)
reference = bundle.data.get('reference', None)
add_indicator = bundle.data.get('add_indicator', None)
filedata = bundle.data.get('filedata', None)
value = bundle.data.get('value', None)
if not crits_type or not crits_id:
content['message'] = "You must provide a top-level object!"
self.crits_response(content)
if not filedata and not value:
content['message'] = "You must provide a value or filedata!"
self.crits_response(content)
result = add_object(crits_type,
crits_id,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=filedata,
add_indicator=add_indicator)
if result.get('message'):
content['message'] = result.get('message')
content['id'] = crits_id
rname = self.resource_name_from_type(crits_type)
url = reverse('api_dispatch_detail',
kwargs={
'resource_name': rname,
'api_name': 'v1',
'pk': crits_id
})
content['url'] = url
if result['success']:
content['return_code'] = 0
self.crits_response(content)
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
result = ""
message = ""
my_type = request.POST['otype']
all_obj_type_choices = [(c[0],
c[0],
{'datatype':c[1].keys()[0],
'datatype_value':c[1].values()[0]}
) for c in get_object_types(False)]
form = AddObjectForm(analyst,
all_obj_type_choices,
request.POST,
request.FILES)
if not form.is_valid() and not 'value' in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({'message': message,
'form': form,
'success': False})
if request.is_ajax():
return HttpResponse(response, mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response':response},
RequestContext(request))
source = request.POST['source']
oid = request.POST['oid']
ot_array = request.POST['object_type'].split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
method = request.POST['method']
reference = request.POST['reference']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
if results['success']:
subscription = {
'type': my_type,
'id': oid
}
if results.get('relationships', None):
relationship = {'type': my_type,
'value': oid}
relationships = results['relationships']
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'relationships': relationships,
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
rel_msg = render_to_string('relationships_listing_widget.html',
{'relationship': relationship,
'nohide': True,
'relationships': relationships},
RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html",
{"error" : error },
RequestContext(request))