def url_download():
url = request.forms.get('url')
tags = request.forms.get('tag_list')
tags = "url," + tags
if request.forms.get("tor"):
upload = network.download(url, tor=True)
else:
upload = network.download(url, tor=False)
if upload == None:
return template('error.tpl', error="server can't download from URL")
# Set Project
project = 'Main'
db = Database()
tf = tempfile.NamedTemporaryFile()
tf.write(upload)
if tf == None:
return template('error.tpl', error="server can't download from URL")
tf.flush()
tf_obj = File(tf.name)
tf_obj.name = tf_obj.sha256
new_path = store_sample(tf_obj)
success = False
if new_path:
# Add file to the database.
success = db.add(obj=tf_obj, tags=tags)
if success:
#redirect("/project/{0}".format(project))
redirect("/file/Main/" + tf_obj.sha256)
else:
return template('error.tpl',
error="Unable to Store The File,already in database")
def url_download():
url = request.forms.get('url')
tags = request.forms.get('tag_list')
tags = "url,"+tags
if request.forms.get("tor"):
upload = network.download(url,tor=True)
else:
upload = network.download(url,tor=False)
if upload == None:
return template('error.tpl', error="server can't download from URL")
# Set Project
project = 'Main'
db = Database()
tf = tempfile.NamedTemporaryFile()
tf.write(upload)
if tf == None:
return template('error.tpl', error="server can't download from URL")
tf.flush()
tf_obj = File(tf.name)
tf_obj.name = tf_obj.sha256
new_path = store_sample(tf_obj)
success = False
if new_path:
# Add file to the database.
success = db.add(obj=tf_obj, tags=tags)
if success:
#redirect("/project/{0}".format(project))
redirect("/file/Main/"+tf_obj.sha256)
else:
return template('error.tpl', error="Unable to Store The File,already in database")
def add_file():
tags = request.forms.get('tags')
upload = request.files.get('file')
tf = tempfile.NamedTemporaryFile()
tf.write(upload.file.read())
tf.flush()
# Added to process zip files
if request.headers.get('compression') == 'zip' or request.headers.get('compression') == 'ZIP':
with upload_temp() as temp_dir:
with ZipFile(tf.name) as zf:
zf.extractall(temp_dir, pwd=request.headers.get('compression_password'))
stored_files = []
for root, dirs, files in os.walk(temp_dir, topdown=False):
for name in files:
if not name == upload.filename:
tf_obj=File(os.path.join(root,name))
new_path = store_sample(tf_obj)
success = False
if new_path:
success = db.add(obj=tf_obj, tags=tags)
if success:
stored_files.append(name)
if stored_files:
return jsonize({'message': 'Files added: %s' % ','.join(stored_files)})
else:
tf_obj = File(tf.name)
tf_obj.name = upload.filename
new_path = store_sample(tf_obj)
success = False
if new_path:
# Add file to the database.
success = db.add(obj=tf_obj, tags=tags)
if success:
return jsonize({'message' : 'added'})
else:
response.status = 500
return jsonize({'message':'Unable to store file'})
def _process_uploaded(db, uploaded_file_path, file_name, tag_list=None, note_title=None, note_body=None):
"""_process_uploaded add one uploaded file to database and to storage then remove uploaded file"""
log.debug("adding: {} as {}".format(uploaded_file_path, file_name))
malware = File(uploaded_file_path)
malware.name = file_name
if get_sample_path(malware.sha256):
error = {"error": {"code": "DuplicateFileHash",
"message": "File hash exists already: {} (sha256: {})".format(malware.name, malware.sha256)}}
log.error("adding failed: {}".format(error))
raise ValidationError(detail=error) # TODO(frennkie) raise more specific error?! so that we can catch it..?!
# Try to store file object into database
if db.add(obj=malware, tags=tag_list):
# If succeeds, store also in the local repository.
# If something fails in the database (for example unicode strings)
# we don't want to have the binary lying in the repository with no
# associated database record.
malware_stored_path = store_sample(malware)
# run autoruns on the stored sample
if cfg.get('autorun').enabled:
autorun_module(malware.sha256)
log.debug("added file \"{0}\" to {1}".format(malware.name, malware_stored_path))
if note_body and note_title:
db.add_note(malware.sha256, note_title, note_body)
log.debug("added note: \"{0}\"".format(note_title))
else:
error = {"error": {"code": "DatabaseAddFailed",
"message": "Adding File to Database failed: {} (sha256: {})".format(malware.name, malware.sha256)}}
log.error("adding failed: {}".format(error))
raise ValidationError(detail=error)
# clean up
try:
os.remove(uploaded_file_path)
except OSError as err:
log.error("failed to delete temporary file: {}".format(err))
return malware
def add_file():
tags = request.forms.get('tags')
upload = request.files.get('file')
tf = tempfile.NamedTemporaryFile()
tf.write(upload.file.read())
tf_obj = File(tf.name)
tf_obj.name = upload.filename
new_path = store_sample(tf_obj)
success = False
if new_path:
# Add file to the database.
success = db.add(obj=tf_obj, tags=tags)
if success:
return jsonize({'message' : 'added'})
else:
return HTTPError(500, 'Unable to store file')
def add_file():
tags = request.forms.get('tags')
upload = request.files.get('file')
tf = tempfile.NamedTemporaryFile()
tf.write(upload.file.read())
tf.flush()
tf_obj = File(tf.name)
tf_obj.name = upload.filename
new_path = store_sample(tf_obj)
success = False
if new_path:
# Add file to the database.
success = db.add(obj=tf_obj, tags=tags)
if success:
return jsonize({'message': 'added'})
else:
return HTTPError(500, 'Unable to store file')
def copy(self,
id,
src_project,
dst_project,
copy_analysis=True,
copy_notes=True,
copy_tags=True,
copy_children=True,
_parent_sha256=None): # noqa
session = self.Session()
# make sure to open source project
__project__.open(src_project)
# get malware from DB
malware = session.query(Malware). \
options(subqueryload(Malware.analysis)). \
options(subqueryload(Malware.note)). \
options(subqueryload(Malware.parent)). \
options(subqueryload(Malware.tag)). \
get(id)
# get path and load file from disk
malware_path = get_sample_path(malware.sha256)
sample = File(malware_path)
sample.name = malware.name
log.debug("Copying ID: {} ({}): from {} to {}".format(
malware.id, malware.name, src_project, dst_project))
# switch to destination project, add to DB and store on disk
__project__.open(dst_project)
dst_db = Database()
dst_db.add(sample)
store_sample(sample)
print_success("Copied: {} ({})".format(malware.sha256, malware.name))
if copy_analysis:
log.debug("copy analysis..")
for analysis in malware.analysis:
dst_db.add_analysis(malware.sha256,
cmd_line=analysis.cmd_line,
results=analysis.results)
if copy_notes:
log.debug("copy notes..")
for note in malware.note:
dst_db.add_note(malware.sha256,
title=note.title,
body=note.body)
if copy_tags:
log.debug("copy tags..")
dst_db.add_tags(malware.sha256, [x.tag for x in malware.tag])
if copy_children:
children = session.query(Malware).filter(
Malware.parent_id == malware.id).all()
if not children:
pass
else:
_parent_sha256 = malware.sha256 # set current recursion item as parent
for child in children:
self.copy(child.id,
src_project=src_project,
dst_project=dst_project,
copy_analysis=copy_analysis,
copy_notes=copy_notes,
copy_tags=copy_tags,
copy_children=copy_children,
_parent_sha256=_parent_sha256)
# restore parent-child relationships
log.debug("add parent {} to child {}".format(
_parent_sha256, child.sha256))
if _parent_sha256:
dst_db.add_parent(child.sha256, _parent_sha256)
# switch back to source project
__project__.open(src_project)
# store tuple of ID (in source project) and sha256 of copied samples
self.copied_id_sha256.append((malware.id, malware.sha256))
return True
def copy(self, id, src_project, dst_project,
copy_analysis=True, copy_notes=True, copy_tags=True, copy_children=True, _parent_sha256=None): # noqa
session = self.Session()
# make sure to open source project
__project__.open(src_project)
# get malware from DB
malware = session.query(Malware). \
options(subqueryload(Malware.analysis)). \
options(subqueryload(Malware.note)). \
options(subqueryload(Malware.parent)). \
options(subqueryload(Malware.tag)). \
get(id)
# get path and load file from disk
malware_path = get_sample_path(malware.sha256)
sample = File(malware_path)
sample.name = malware.name
log.debug("Copying ID: {} ({}): from {} to {}".format(malware.id, malware.name, src_project, dst_project))
# switch to destination project, add to DB and store on disk
__project__.open(dst_project)
dst_db = Database()
dst_db.add(sample)
store_sample(sample)
print_success("Copied: {} ({})".format(malware.sha256, malware.name))
if copy_analysis:
log.debug("copy analysis..")
for analysis in malware.analysis:
dst_db.add_analysis(malware.sha256, cmd_line=analysis.cmd_line, results=analysis.results)
if copy_notes:
log.debug("copy notes..")
for note in malware.note:
dst_db.add_note(malware.sha256, title=note.title, body=note.body)
if copy_tags:
log.debug("copy tags..")
dst_db.add_tags(malware.sha256, [x.tag for x in malware.tag])
if copy_children:
children = session.query(Malware).filter(Malware.parent_id == malware.id).all()
if not children:
pass
else:
_parent_sha256 = malware.sha256 # set current recursion item as parent
for child in children:
self.copy(child.id,
src_project=src_project, dst_project=dst_project,
copy_analysis=copy_analysis, copy_notes=copy_notes, copy_tags=copy_tags,
copy_children=copy_children, _parent_sha256=_parent_sha256)
# restore parent-child relationships
log.debug("add parent {} to child {}".format(_parent_sha256, child.sha256))
if _parent_sha256:
dst_db.add_parent(child.sha256, _parent_sha256)
# switch back to source project
__project__.open(src_project)
# store tuple of ID (in source project) and sha256 of copied samples
self.copied_id_sha256.append((malware.id, malware.sha256))
return True
def _process_uploaded(db,
uploaded_file_path,
file_name,
tag_list=None,
note_title=None,
note_body=None):
"""_process_uploaded add one uploaded file to database and to storage then remove uploaded file"""
log.debug("adding: {} as {}".format(uploaded_file_path, file_name))
malware = File(uploaded_file_path)
malware.name = file_name
if get_sample_path(malware.sha256):
error = {
"error": {
"code":
"DuplicateFileHash",
"message":
"File hash exists already: {} (sha256: {})".format(
malware.name, malware.sha256)
}
}
log.error("adding failed: {}".format(error))
raise ValidationError(
detail=error
) # TODO(frennkie) raise more specific error?! so that we can catch it..?!
# Try to store file object into database
if db.add(obj=malware, tags=tag_list):
# If succeeds, store also in the local repository.
# If something fails in the database (for example unicode strings)
# we don't want to have the binary lying in the repository with no
# associated database record.
malware_stored_path = store_sample(malware)
# run autoruns on the stored sample
if cfg.get('autorun').enabled:
autorun_module(malware.sha256)
log.debug("added file \"{0}\" to {1}".format(
malware.name, malware_stored_path))
if note_body and note_title:
db.add_note(malware.sha256, note_title, note_body)
log.debug("added note: \"{0}\"".format(note_title))
else:
error = {
"error": {
"code":
"DatabaseAddFailed",
"message":
"Adding File to Database failed: {} (sha256: {})".format(
malware.name, malware.sha256)
}
}
log.error("adding failed: {}".format(error))
raise ValidationError(detail=error)
# clean up
try:
os.remove(uploaded_file_path)
except OSError as err:
log.error("failed to delete temporary file: {}".format(err))
return malware
