def run(self): # FIXME --dry-run if self.web_subcommand: self.start_webserver() elif self.run_subcommand: self.handle_user_consent() start_time = time.time() self.prepare() print("Running the pre-analysis..") prem = PreAnalysisManager(self.card, self.gp) prem_results = prem.run() start_report = { "start-time": start_time, # set end-time and duration, so that the analysis can be viewed mid run "end-time": "", "duration": "", "message": self.message, "card": self.card.get_report(), "pre-analysis-results": prem_results, } with MongoConnection(database=self.database, host=self.db_host, port=self.db_port) as con: self.report_id = con.col.insert_one(start_report).inserted_id print("Running the analysis..") anam = AnalysisManager(self.card, self.gp, self.config, update_attack=self.add_attack_to_db) anam_results = anam.run() print("Running the post-analysis..") end_time = time.time() end_report = { "end-time": end_time, "duration": end_time - start_time, } with MongoConnection(database=self.database, host=self.db_host, port=self.db_port) as con: con.col.update_one({"_id": self.report_id}, {"$set": end_report}) # self.save_record() if self.start_web: self.start_webserver() elif self.list_subcommand: self.print_attack_list() elif self.attack_validator_subcommand: self.validate_attacks()
def card_form_template(form): """ Render all attacks for given ATR, which does not equal given card. This could be potentially misleading in the results. """ atr = request.form["card-atr"] with MongoConnection(**db_config) as con: card = con.col.find_one({"card.atr": atr}, projection=["card"]) with MongoConnection(**db_config) as con: runs = con.col.find({"card.atr": atr}) return render_template("atr-body.j2", form=form, card=card, runs=runs, marks=marks)
def get_stage_data(analysis_id, attack_name, stage_index, stage_name): with MongoConnection(**db_config) as con: analysis = con.col.find_one({"_id": ObjectId(analysis_id)}) stage = analysis["analysis-results"][attack_name]["results"][int(stage_index)] sdk_version = analysis["analysis-results"][attack_name]["sdk_version"] # return jsonify(stage) return render_template( "stage.j2", stage=stage, attack_name=attack_name, sdk_version=sdk_version )
def add_attack_to_db(self, attack_name, attack_results): """ Adds the attack results to the database """ key = "analysis-results.%s" % attack_name value = attack_results with MongoConnection(database=self.database, host=self.db_host, port=self.db_port) as con: con.col.update_one({"_id": self.report_id}, {"$set": {key: value}})
def attack_form_template(form): name = request.form["attack-attack_name"].strip() with MongoConnection(**db_config) as con: field = "analysis-results.%s" % name sieve = { "analysis-results.%s" % name: {"$exists": True}, "card": {"$exists": True}, } runs = con.col.find(sieve, projection=[field, "card"]) return render_template("attacks.j2", form=form, runs=runs, marks=marks)
def index(): form = MainForm() form.run.analysis.choices = get_analysis_choices() form.card.atr.choices = get_card_atr_choices() form.attack.attack_name.choices = get_attack_choices() if request.method == "POST": # handle run form return form_handler_template(form=form) else: with MongoConnection(**db_config) as con: analysis = con.col.find_one(sort=[("start-time", pymongo.DESCENDING)]) return render_template("base.j2", analysis=analysis, form=form, marks=marks)
def get_analysis_choices() -> List[Tuple[str, str]]: with MongoConnection(**db_config) as con: all_attack_ids = con.col.find(projection=["_id"], sort=[("start-time", pymongo.ASCENDING)]) choices = [] for index, attack in enumerate(all_attack_ids): _id = attack["_id"] label = str(index) + ": " + add_whitespace_id(str(_id)) choices.append((str(_id), label)) # choices = [(str(x["_id"]), str(i + 1)) for i, x in enumerate(all_attack_ids)] # we will reverse the order to show the newest analysis runs on top return choices[::-1]
def get_attack_choices() -> List[Tuple[str, str]]: """ Probably quite slow and ineffient method of getting all the attacks. """ with MongoConnection(**db_config) as con: runs = con.col.find(projection=["analysis-results"]) attacks = [] for run in runs: try: attacks.extend(list(run["analysis-results"].keys())) except (AttributeError, KeyError): continue attacks = sorted(set(attacks)) choices = [(a, a) for a in attacks] return choices
def get_card_atr_choices() -> List[Tuple[str, str]]: with MongoConnection(**db_config) as con: records = con.col.find(projection=["card"]) choices = [] for record in records: try: atr = record["card"]["atr"] except KeyError: continue if isinstance(atr, list): # FIXME remove on fresh database, where 'atr's are string atr = " ".join(["{:02X}".format(byte) for byte in atr]) label = convert_atr(atr) choices.append((atr, label)) choices = list(set(choices)) choices.sort(key=lambda x: x[1]) return choices
def run_form_template(form): attack_id = request.form["run-analysis"] with MongoConnection(**db_config) as con: run = con.col.find_one({"_id": ObjectId(attack_id)}) return render_template("runs.j2", analysis=run, form=form, marks=marks)