def url_download(): url = request.forms.get('url') tags = request.forms.get('tag_list') tags = "url," + tags if request.forms.get("tor"): upload = network.download(url, tor=True) else: upload = network.download(url, tor=False) if upload == None: return template('error.tpl', error="server can't download from URL") # Set Project project = 'Main' db = Database() tf = tempfile.NamedTemporaryFile() tf.write(upload) if tf == None: return template('error.tpl', error="server can't download from URL") tf.flush() tf_obj = File(tf.name) tf_obj.name = tf_obj.sha256 new_path = store_sample(tf_obj) success = False if new_path: # Add file to the database. success = db.add(obj=tf_obj, tags=tags) if success: #redirect("/project/{0}".format(project)) redirect("/file/Main/" + tf_obj.sha256) else: return template('error.tpl', error="Unable to Store The File,already in database")
def url_download(): url = request.forms.get('url') tags = request.forms.get('tag_list') tags = "url,"+tags if request.forms.get("tor"): upload = network.download(url,tor=True) else: upload = network.download(url,tor=False) if upload == None: return template('error.tpl', error="server can't download from URL") # Set Project project = 'Main' db = Database() tf = tempfile.NamedTemporaryFile() tf.write(upload) if tf == None: return template('error.tpl', error="server can't download from URL") tf.flush() tf_obj = File(tf.name) tf_obj.name = tf_obj.sha256 new_path = store_sample(tf_obj) success = False if new_path: # Add file to the database. success = db.add(obj=tf_obj, tags=tags) if success: #redirect("/project/{0}".format(project)) redirect("/file/Main/"+tf_obj.sha256) else: return template('error.tpl', error="Unable to Store The File,already in database")
def add_file(): tags = request.forms.get('tags') upload = request.files.get('file') tf = tempfile.NamedTemporaryFile() tf.write(upload.file.read()) tf.flush() # Added to process zip files if request.headers.get('compression') == 'zip' or request.headers.get('compression') == 'ZIP': with upload_temp() as temp_dir: with ZipFile(tf.name) as zf: zf.extractall(temp_dir, pwd=request.headers.get('compression_password')) stored_files = [] for root, dirs, files in os.walk(temp_dir, topdown=False): for name in files: if not name == upload.filename: tf_obj=File(os.path.join(root,name)) new_path = store_sample(tf_obj) success = False if new_path: success = db.add(obj=tf_obj, tags=tags) if success: stored_files.append(name) if stored_files: return jsonize({'message': 'Files added: %s' % ','.join(stored_files)}) else: tf_obj = File(tf.name) tf_obj.name = upload.filename new_path = store_sample(tf_obj) success = False if new_path: # Add file to the database. success = db.add(obj=tf_obj, tags=tags) if success: return jsonize({'message' : 'added'}) else: response.status = 500 return jsonize({'message':'Unable to store file'})
def _process_uploaded(db, uploaded_file_path, file_name, tag_list=None, note_title=None, note_body=None): """_process_uploaded add one uploaded file to database and to storage then remove uploaded file""" log.debug("adding: {} as {}".format(uploaded_file_path, file_name)) malware = File(uploaded_file_path) malware.name = file_name if get_sample_path(malware.sha256): error = {"error": {"code": "DuplicateFileHash", "message": "File hash exists already: {} (sha256: {})".format(malware.name, malware.sha256)}} log.error("adding failed: {}".format(error)) raise ValidationError(detail=error) # TODO(frennkie) raise more specific error?! so that we can catch it..?! # Try to store file object into database if db.add(obj=malware, tags=tag_list): # If succeeds, store also in the local repository. # If something fails in the database (for example unicode strings) # we don't want to have the binary lying in the repository with no # associated database record. malware_stored_path = store_sample(malware) # run autoruns on the stored sample if cfg.get('autorun').enabled: autorun_module(malware.sha256) log.debug("added file \"{0}\" to {1}".format(malware.name, malware_stored_path)) if note_body and note_title: db.add_note(malware.sha256, note_title, note_body) log.debug("added note: \"{0}\"".format(note_title)) else: error = {"error": {"code": "DatabaseAddFailed", "message": "Adding File to Database failed: {} (sha256: {})".format(malware.name, malware.sha256)}} log.error("adding failed: {}".format(error)) raise ValidationError(detail=error) # clean up try: os.remove(uploaded_file_path) except OSError as err: log.error("failed to delete temporary file: {}".format(err)) return malware
def add_file(): tags = request.forms.get('tags') upload = request.files.get('file') tf = tempfile.NamedTemporaryFile() tf.write(upload.file.read()) tf_obj = File(tf.name) tf_obj.name = upload.filename new_path = store_sample(tf_obj) success = False if new_path: # Add file to the database. success = db.add(obj=tf_obj, tags=tags) if success: return jsonize({'message' : 'added'}) else: return HTTPError(500, 'Unable to store file')
def add_file(): tags = request.forms.get('tags') upload = request.files.get('file') tf = tempfile.NamedTemporaryFile() tf.write(upload.file.read()) tf.flush() tf_obj = File(tf.name) tf_obj.name = upload.filename new_path = store_sample(tf_obj) success = False if new_path: # Add file to the database. success = db.add(obj=tf_obj, tags=tags) if success: return jsonize({'message': 'added'}) else: return HTTPError(500, 'Unable to store file')
def copy(self, id, src_project, dst_project, copy_analysis=True, copy_notes=True, copy_tags=True, copy_children=True, _parent_sha256=None): # noqa session = self.Session() # make sure to open source project __project__.open(src_project) # get malware from DB malware = session.query(Malware). \ options(subqueryload(Malware.analysis)). \ options(subqueryload(Malware.note)). \ options(subqueryload(Malware.parent)). \ options(subqueryload(Malware.tag)). \ get(id) # get path and load file from disk malware_path = get_sample_path(malware.sha256) sample = File(malware_path) sample.name = malware.name log.debug("Copying ID: {} ({}): from {} to {}".format( malware.id, malware.name, src_project, dst_project)) # switch to destination project, add to DB and store on disk __project__.open(dst_project) dst_db = Database() dst_db.add(sample) store_sample(sample) print_success("Copied: {} ({})".format(malware.sha256, malware.name)) if copy_analysis: log.debug("copy analysis..") for analysis in malware.analysis: dst_db.add_analysis(malware.sha256, cmd_line=analysis.cmd_line, results=analysis.results) if copy_notes: log.debug("copy notes..") for note in malware.note: dst_db.add_note(malware.sha256, title=note.title, body=note.body) if copy_tags: log.debug("copy tags..") dst_db.add_tags(malware.sha256, [x.tag for x in malware.tag]) if copy_children: children = session.query(Malware).filter( Malware.parent_id == malware.id).all() if not children: pass else: _parent_sha256 = malware.sha256 # set current recursion item as parent for child in children: self.copy(child.id, src_project=src_project, dst_project=dst_project, copy_analysis=copy_analysis, copy_notes=copy_notes, copy_tags=copy_tags, copy_children=copy_children, _parent_sha256=_parent_sha256) # restore parent-child relationships log.debug("add parent {} to child {}".format( _parent_sha256, child.sha256)) if _parent_sha256: dst_db.add_parent(child.sha256, _parent_sha256) # switch back to source project __project__.open(src_project) # store tuple of ID (in source project) and sha256 of copied samples self.copied_id_sha256.append((malware.id, malware.sha256)) return True
def copy(self, id, src_project, dst_project, copy_analysis=True, copy_notes=True, copy_tags=True, copy_children=True, _parent_sha256=None): # noqa session = self.Session() # make sure to open source project __project__.open(src_project) # get malware from DB malware = session.query(Malware). \ options(subqueryload(Malware.analysis)). \ options(subqueryload(Malware.note)). \ options(subqueryload(Malware.parent)). \ options(subqueryload(Malware.tag)). \ get(id) # get path and load file from disk malware_path = get_sample_path(malware.sha256) sample = File(malware_path) sample.name = malware.name log.debug("Copying ID: {} ({}): from {} to {}".format(malware.id, malware.name, src_project, dst_project)) # switch to destination project, add to DB and store on disk __project__.open(dst_project) dst_db = Database() dst_db.add(sample) store_sample(sample) print_success("Copied: {} ({})".format(malware.sha256, malware.name)) if copy_analysis: log.debug("copy analysis..") for analysis in malware.analysis: dst_db.add_analysis(malware.sha256, cmd_line=analysis.cmd_line, results=analysis.results) if copy_notes: log.debug("copy notes..") for note in malware.note: dst_db.add_note(malware.sha256, title=note.title, body=note.body) if copy_tags: log.debug("copy tags..") dst_db.add_tags(malware.sha256, [x.tag for x in malware.tag]) if copy_children: children = session.query(Malware).filter(Malware.parent_id == malware.id).all() if not children: pass else: _parent_sha256 = malware.sha256 # set current recursion item as parent for child in children: self.copy(child.id, src_project=src_project, dst_project=dst_project, copy_analysis=copy_analysis, copy_notes=copy_notes, copy_tags=copy_tags, copy_children=copy_children, _parent_sha256=_parent_sha256) # restore parent-child relationships log.debug("add parent {} to child {}".format(_parent_sha256, child.sha256)) if _parent_sha256: dst_db.add_parent(child.sha256, _parent_sha256) # switch back to source project __project__.open(src_project) # store tuple of ID (in source project) and sha256 of copied samples self.copied_id_sha256.append((malware.id, malware.sha256)) return True
def _process_uploaded(db, uploaded_file_path, file_name, tag_list=None, note_title=None, note_body=None): """_process_uploaded add one uploaded file to database and to storage then remove uploaded file""" log.debug("adding: {} as {}".format(uploaded_file_path, file_name)) malware = File(uploaded_file_path) malware.name = file_name if get_sample_path(malware.sha256): error = { "error": { "code": "DuplicateFileHash", "message": "File hash exists already: {} (sha256: {})".format( malware.name, malware.sha256) } } log.error("adding failed: {}".format(error)) raise ValidationError( detail=error ) # TODO(frennkie) raise more specific error?! so that we can catch it..?! # Try to store file object into database if db.add(obj=malware, tags=tag_list): # If succeeds, store also in the local repository. # If something fails in the database (for example unicode strings) # we don't want to have the binary lying in the repository with no # associated database record. malware_stored_path = store_sample(malware) # run autoruns on the stored sample if cfg.get('autorun').enabled: autorun_module(malware.sha256) log.debug("added file \"{0}\" to {1}".format( malware.name, malware_stored_path)) if note_body and note_title: db.add_note(malware.sha256, note_title, note_body) log.debug("added note: \"{0}\"".format(note_title)) else: error = { "error": { "code": "DatabaseAddFailed", "message": "Adding File to Database failed: {} (sha256: {})".format( malware.name, malware.sha256) } } log.error("adding failed: {}".format(error)) raise ValidationError(detail=error) # clean up try: os.remove(uploaded_file_path) except OSError as err: log.error("failed to delete temporary file: {}".format(err)) return malware