コード例 #1
0
ファイル: cowrie_to_stix.py プロジェクト: mmali277/CybOX 
def create_file_observable(ct, bol):
    obj = File()
    obj.file_path = d[ct]['ttylog']
    obj.accessed_time = d[ct]['timestamp']
    obj.custom_properties = CustomProperties()
    if bol == False:
        obj.size_in_bytes = d[ct]['size']
        create_custom_properties(obj, "session_Duration", d[ct]['duration'])
    create_custom_properties(obj, "Event_Name", d[ct]['eventid'])
    create_custom_properties(obj, "Message", d[ct]['message'])
    create_custom_properties(obj, "Service", d[ct]['system'])
    create_custom_properties(obj, "Host", d[ct]['sensor'])
    create_custom_properties(obj, "Source_IP_Address", d[ct]['src_ip'])

    return obj
コード例 #2
0
ファイル: cowrie_to_stix.py プロジェクト: mmali277/CybOX 
def create_download_upload_file_observable(ct, hashList, bol):
    obj = File()
    obj.custom_properties = CustomProperties()
    #obj.file_path=d[ct]['url']
    try:
        obj.hashes = create_hash(d[ct]['shasum'], hashList, d[ct]['message'])
        create_custom_properties(obj, "OutFile", d[ct]['outfile'])
        create_custom_properties(obj, "Service", d[ct]['system'])
    except:
        print()
    finally:
        if bol == True:
            #print(bol)
            create_custom_properties(obj, "URL", d[ct]['url'])
            #obj.hashes=create_hash(d[ct]['shasum'],hashList,d[ct]['message'])
            #create_custom_properties(obj, "OutFile", d[ct]['outfile'])

        obj.accessed_time = d[ct]['timestamp']
        #create_custom_properties(obj, "URL", d[ct]['url'])
        create_custom_properties(obj, "Event_Name", d[ct]['eventid'])
        create_custom_properties(obj, "Message", d[ct]['message'])
        create_custom_properties(obj, "Host", d[ct]['sensor'])
        create_custom_properties(obj, "Source_IP_Address", d[ct]['src_ip'])
    return obj