def post(request):
response = RequestResponse()
if check_params(request.POST, ['sid', 'pid']):
post_data = request.POST
user = Writer.get_user_by_session(post_data['sid'])
if user is not None:
if Post.objects.filter(pk=post_data['pid']).exists():
post_object = Post.objects.get(pk=post_data['pid'])
if post_object.writer == user:
post_object.delete()
response.set_status(200)
response.set_message('Post uploaded successfully')
else:
response.set_status(400)
response.set_message('Do not have access to delete')
else:
response.set_status(400)
response.set_message('Post not found. Invalid "pid"')
else:
response.set_status(400)
response.set_message('Incorrect session')
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def get(request):
response = RequestResponse()
if check_params(request.GET, ['auth', 'email']):
get_data = request.GET
if Writer.objects.filter(email=get_data['email']).exists():
writer_object = Writer.objects.get(email=get_data['email'])
if not writer_object.is_active:
if EmailValidation.objects.filter(
code=get_data['auth'],
writer=writer_object).exists():
validation_object = EmailValidation.objects.get(
code=get_data['auth'], writer=writer_object)
writer_object.is_active = True
writer_object.save()
validation_object.delete()
response.set_status(200)
response.set_message('User successfully activated')
else:
response.set_status(400)
response.set_message('Validation code incorrect')
else:
response.set_status(400)
response.set_message('Already activated')
else:
response.set_status(400)
response.set_message('User not found')
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def post(request):
response = RequestResponse()
if check_params(request.POST, ['email', 'password']):
post_data = request.POST
user = Writer.get_user_by_email_password(post_data['email'],
post_data['password'])
if user is not None and user.is_active:
data = Login.create_session_for_user(user)
response.set_data(data)
response.set_status(200)
response.set_message('Session created successfully')
elif user is not None and not user.is_active:
response.set_status(400)
response.set_message('Account not active')
else:
response.set_status(400)
response.set_message('Incorrect credentials')
elif check_params(request.POST, ['username', 'password']):
post_data = request.POST
user = Writer.get_user_by_username_password(
post_data['username'], post_data['password'])
if user is not None and user.is_active:
data = Login.create_session_for_user(user)
response.set_data(data)
response.set_status(200)
response.set_message('Session created successfully')
elif user is not None and not user.is_active:
response.set_status(400)
response.set_message('Account not active')
else:
response.set_status(400)
response.set_message('Incorrect credentials')
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def post(request):
response = RequestResponse()
if check_params(request.POST, ['sid']):
post_data = request.POST
if Session.objects.filter(code=post_data['sid']).exists():
session_object = Session.objects.get(code=post_data['sid'])
session_object.delete()
response.set_status(200)
response.set_message('Session removed successfully')
else:
response.set_status(400)
response.set_message('Incorrect session')
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def post(request):
response = RequestResponse()
if check_params(request.POST,
['name', 'username', 'password', 'email', 'phone']):
post_data = request.POST
if Writer.objects.filter(email=post_data['email']).exists() or \
Writer.objects.filter(username=post_data['username']).exists():
response.set_status(400)
response.set_message('User already registered')
else:
user = Writer()
user.username = post_data['username']
user.name = post_data['name']
user.email = post_data['email']
user.phone = post_data['phone']
user.password = Writer.encrypt_password(post_data['password'])
user.save()
four_digit_code = random4()
new_validation = EmailValidation(writer=user,
code=four_digit_code)
new_validation.save()
try:
email_subject = 'Welcome to the Wall!'
link = 'http://' + request.META['HTTP_HOST'] + '/api/activate/?email=' + \
user.email + '&auth=' + four_digit_code
email_body = "Hi %s,\rwelcome to the wall. Your activation code is %s.\r\r" \
"Or you can directly activate your account by clicking here: %s" \
% (user.name, four_digit_code, link)
send(user.name, user.email, email_subject, email_body)
except KeyError:
data = {'activation_code': four_digit_code}
response.set_data(data)
response.set_status(200)
response.set_message('User successfully added')
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def post(request):
response = RequestResponse()
if check_params(request.POST, ['sid', 'title', 'content']):
post_data = request.POST
user = Writer.get_user_by_session(post_data['sid'])
if user is not None:
if len(post_data['content']) <= 2048:
new_post = Post(writer=user,
title=post_data['title'],
content=post_data['content'])
new_post.save()
response.set_status(200)
response.set_message('Post uploaded successfully')
else:
response.set_status(400)
response.set_message('Content too large')
else:
response.set_status(400)
response.set_message('Incorrect session')
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def post(request):
response = RequestResponse()
if check_params(request.POST, ['sid', 'pid', 'comment']):
post_data = request.POST
user = Writer.get_user_by_session(post_data['sid'])
if user is not None:
if Post.objects.filter(pk=post_data['pid']).exists():
post_object = Post.objects.get(pk=post_data['pid'])
new_comment = Comment(post=post_object,
commenter=user,
content=post_data['comment'])
new_comment.save()
response.set_status(200)
response.set_message('Comment added successfully')
else:
response.set_status(400)
response.set_message('Invalid post id')
else:
response.set_status(400)
response.set_message('Incorrect session')
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def main_classification(js_dirs=arg_obj['d'],
js_files=arg_obj['f'],
labels_f=arg_obj['lf'],
labels_d=arg_obj['l'],
model=arg_obj['m'],
threshold=arg_obj['th'],
level=arg_obj['level'],
features_choice=arg_obj['features'],
n=arg_obj['n'][0],
analysis_path=arg_obj['analysis_path'][0]):
"""
Main function, performs a static analysis (syntactic) of JavaScript files given as input
before predicting if the executables are benign or malicious.
-------
Parameters:
- js_dirs: list of strings
Directories containing the JS files to be analysed.
- js_files: list of strings
Files to be analysed.
- labels_f: list of strings
Indicates the label's name of the files considered: either benign or malicious.
- labels_d: list of strings
Indicates the label's name of the current data: either benign or malicious.
- model: str
Path to the model used to classify the new files
- threshold: int
Threshold over which all samples are considered malicious
- n: Integer
Stands for the size of the sliding-window which goes through the units contained in the
files to be analysed.
- level: str
Either 'tokens', 'ast', 'cfg', 'pdg', or 'pdg-dfg' depending on the units you want
to extract.
- analysis_path: str
Folder to store the features' analysis results in.
- features_choice: str
Either 'ngrams' or 'value' depending on the features you want.
Default values are the ones given in the command lines or in the
ArgumentParser object (function parsingCommands()).
-------
Returns:
The results of the static analysis of the files given as input:
either benign or malicious
"""
if js_dirs is None and js_files is None:
logging.error('Please, indicate at least a directory (--d option) '
'or a JS file (--f option) to be analyzed')
elif js_dirs is not None and labels_d is not None and len(js_dirs) != len(
labels_d):
logging.error(
'Please, indicate as many directory labels (--l option) as the number %s '
'of directories to analyze', str(len(js_dirs)))
elif js_files is not None and labels_f is not None and len(
js_files) != len(labels_f):
logging.error(
'Please, indicate as many file labels (--lf option) as the number %s '
'of files to analyze', str(len(js_files)))
elif model is None:
logging.error(
'Please, indicate a model (--m option) to be used to classify new files.\n'
'(see >$ python3 <path-of-clustering/learner.py> -help) to build a model)'
)
elif utility.check_params(level, features_choice) == 0:
return
else:
features2int_dict_path = os.path.join(
analysis_path, 'Features', features_choice[0],
level[0] + '_selected_features_99')
names, attributes, labels = static_analysis.main_analysis\
(js_dirs=js_dirs, labels_dirs=labels_d, js_files=js_files, labels_files=labels_f,
n=n, level=level[0], features_choice=features_choice[0],
features2int_dict_path=features2int_dict_path)
if names:
# Uncomment to save the analysis results in pickle objects.
"""
machine_learning.save_analysis_results(os.path.join(js_dirs[0], "Analysis-res-stored"),
names, attributes, labels)
"""
test_model(names,
labels,
attributes,
model=model[0],
threshold=threshold[0])
else:
logging.warning('No valid JS file found for the analysis')
def post(request):
response = RequestResponse()
if check_params(request.POST, []):
post_data = request.POST
max_per_request = 5
first_post = 0
if 'max_per_request' in post_data:
try:
max_per_request = int(post_data['max_per_request'])
except ValueError:
pass
if 'first_post' in post_data:
try:
first_post = int(post_data['first_post'])
except ValueError:
pass
data = {'next_post_serial': first_post + max_per_request}
posts = Post.objects.filter(
published=True).order_by('-created_at')[first_post:first_post +
max_per_request]
selected_posts = []
for post in posts:
all_comments = Comment.objects.filter(
published=True, post=post).order_by('created_at')
comments = []
for comment in all_comments:
one_comment = {
'commenter':
comment.commenter.pk,
'commenter_username':
comment.commenter.username,
'comment':
comment.content,
'comment_published':
comment.created_at.strftime("%A, %d. %B %Y %I:%M%p")
}
comments.append(one_comment)
one_post = {
'post_id':
post.id,
'post_title':
post.title,
'post_content':
post.content,
'post_published':
post.created_at.strftime("%A, %d. %B %Y %I:%M%p"),
'post_writer':
post.writer.pk,
'post_writer_username':
post.writer.username,
'comments':
comments
}
selected_posts.append(one_post)
data['posts'] = selected_posts
response.set_status(200)
response.set_message('Post loaded successfully')
response.set_data(data)
else:
response.set_status(400)
response.set_message('Incorrect Parameters')
return Response(response.respond())
def main_learn(js_dirs=arg_obj['d'],
js_dirs_validate=arg_obj['vd'],
labels_validate=arg_obj['vl'],
labels_d=arg_obj['l'],
model_dir=arg_obj['md'],
model_name=arg_obj['mn'],
print_score=arg_obj['ps'],
print_res=arg_obj['pr'],
level=arg_obj['level'],
n=arg_obj['n'][0],
estimators=arg_obj['nt'],
features_choice=arg_obj['features'],
analysis_path=arg_obj['analysis_path'][0]):
"""
Main function, performs a static analysis (syntactic) of JavaScript files given as input
to build a model to classify future JavaScript files.
-------
Parameters:
- js_dirs: list of strings
Directories containing the JS files to be analysed.
- js_dirs_validate: list of strings
2 JS dir (1 benign, 1 malicious) to select the features with chi2.
- labels_validate: list of strings
Labels of the 2 JS dir for the features selection process
- labels_d: list of strings
Indicates the label's name of the directories considered: either benign or malicious.
- model_dir: String
Path to store the model that will be produced.
Default value being the folder JS-Analysis/Classification/.
- model_name: String
Name of the model that will be produced.
Default value being model.
- print_score: Boolean
Indicates whether to print or not the classifier's performance.
- print_res: Boolean
Indicates whether to print or not the classifier's predictions.
- n: Integer
Stands for the size of the sliding-window which goes through the units contained in the
files to be analysed.
- estimators: int
Number of trees in the forest.
- level: str
Either 'tokens', 'ast', 'cfg', 'pdg', or 'pdg-dfg' depending on the units you want
to extract.
- features_choice: str
Either 'ngrams' or 'value' depending on the features you want.
- analysis_path: str
Folder to store the features' analysis results in.
Default values are the ones given in the command lines or in the
ArgumentParser object (function parsingCommands()).
"""
if js_dirs is None:
logging.error(
'Please, indicate at least 2 directories (--d option), at least one benign '
'and one malicious (--l option to pass the corresponding labels).\nGot 0 '
'directories with the following labels: %s', labels_d)
elif len(js_dirs) < 2 or labels_d is None\
or 'benign' not in labels_d or 'malicious' not in labels_d:
logging.error(
'Please, indicate at least 2 directories (--d option), at least one benign '
'and one malicious (--l option to pass the corresponding labels).\nGot %s '
'directories with the following labels: %s', str(len(js_dirs)),
labels_d)
elif js_dirs is not None and (labels_d is None
or len(js_dirs) != len(labels_d)):
logging.error(
'Please, indicate as many directory labels (--l option) as the number %s of '
'directories to analyze', str(len(js_dirs)))
elif js_dirs_validate is None:
logging.error(
'Please, indicate the 2 JS directories (--vd option) '
'with corresponding labels (--vl option, 1 benign and 1 malicious) '
'for the features validation process')
elif len(js_dirs_validate) != 2 or labels_validate is None\
or 'benign' not in labels_validate or 'malicious' not in labels_validate:
logging.error(
'Please, indicate the 2 JS directories (--vd option) '
'with corresponding labels (--vl option, 1 benign and 1 malicious) '
'for the features validation process.\nGot %s directories with following '
'labels %s', str(len(js_dirs_validate)), labels_validate)
elif utility.check_params(level, features_choice) == 0:
return
else:
analysis_path = os.path.join(analysis_path, 'Features')
utility.check_folder_exists(analysis_path)
features2int_dict_path = os.path.join(
analysis_path, features_choice[0],
level[0] + '_selected_features_99')
features_preselection.handle_features_all(js_dirs, labels_d, level[0],
features_choice[0],
analysis_path, n)
features_selection.store_features_all(js_dirs_validate,
labels_validate, level[0],
features_choice[0],
analysis_path, n)
names, attributes, labels = static_analysis.main_analysis\
(js_dirs=js_dirs, labels_dirs=labels_d, js_files=None, labels_files=None,
n=n, level=level[0], features_choice=features_choice[0],
features2int_dict_path=features2int_dict_path)
if names:
# Uncomment to save the analysis results in pickle objects.
"""
utility.save_analysis_results(os.path.join(model_dir[0], "Analysis-n" + str(n) + "-dict"
+ str(dict_not_hash)),
names, attributes, labels)
"""
classify(names,
labels,
attributes,
model_dir=model_dir[0],
model_name=model_name[0],
print_score=print_score[0],
print_res=print_res[0],
estimators=estimators[0])
else:
logging.warning('No valid JS file found for the analysis')