def get_result(scan_id):
clf = joblib.load(
'/Users/rop/python/machine_learning/classifier/classifier.pkl')
features = pickle.loads(
open(
os.path.join(
'/Users/rop/python/machine_learning/classifier/features.pkl'),
'rb').read())
#####reading file and analyzing ....
BASE_PATH = "/Users/rop/projects/malware_detection/views/"
filename = connectiondb('win').find_one({
'scan_id': scan_id
}).get('filename')
filepath = os.path.join(BASE_PATH, filename)
print(filepath)
exists = os.path.isfile(filepath)
data = []
if exists:
data = extract_infos(filepath)
print(data)
else:
print('No such a file')
return render_template('panel.htm')
pe_features = list()
for x in features:
pe_features.append(data[x])
res = clf.predict([pe_features])[0]
print('The file %s is %s' %
(os.path.basename(filename), ['malicious', 'legitimate'][res]))
result = 'The file %s is probably %s' % (os.path.basename(filename),
['malicious', 'legitimate'][res])
topitems = Counter(data)
topitems = topitems.most_common(5)
topitems = dict(topitems)
print(topitems)
if res == 0:
scan_result = "malicious"
else:
scan_result = "legitimate"
connectiondb('win').update_one(
{'scan_id': scan_id},
{'$set': {
"scann_result": str(scan_result),
"scanned": True
}})
print('res')
result = {"status": 0, "res": out}
time.sleep(1)
result = json.dumps(result)
return render_template('panel.htm',
topitems=topitems,
output=str(result),
scan_id=scan_id,
result=scan_result,
current_user=current_user)
def register():
if request.method == 'POST':
name = request.form['username']
print(name)
email = request.form['email']
password = request.form['password']
confirm_password = request.form['confirm-password']
id = uuid.uuid4()
if not valid_username(name)[1]:
message = valid_username(name)[0]
flash(message)
return redirect('/register')
if not validate_email(email)[1]:
message = validate_email(email)[0]
flash(message)
return redirect('/register')
if password != confirm_password:
message = "Password does not match!"
flash(message)
return redirect('/register')
result = connectiondb('users').insert_one({
'uid': str(id),
'name': str(name),
'email': str(email),
'password': str(password)
})
print(result)
flash('Thanks for registering')
return redirect('/login')
return render_template('register.htm')
def show(scan_id):
BASE_PATH = "/Users/rop/projects/malware_detection/views/"
filename = connectiondb('win').find_one({
'scan_id': scan_id
}).get('filename')
filepath = os.path.join(BASE_PATH, filename)
data = extract_infos(filepath)
return render_template('table.htm', x=data, current_user=current_user)
def upload_file():
if request.method == 'POST':
if 'file' not in request.files:
flash('No file part')
return redirect(request.url)
file = request.files['file']
print(file)
if file.filename == '':
flash('No selected file')
return redirect(request.url)
if file and allowed_file(file.filename):
filename = secure_filename(file.filename)
file.save(
os.path.join(current_app.config['UPLOAD_FOLDER'], filename))
scan_id = str(uuid4())
time = strftime("%Y-%m-%d %H:%M:%S", gmtime())
connectiondb('win').insert_one({
'scan_time':
time,
'uid':
current_user.uid,
'filename':
str(filename),
'token':
session['access_token'],
'file_hash':
file_md5(
os.path.join(current_app.config['UPLOAD_FOLDER'],
filename)),
'scanned':
False,
'scann_result':
'unknown',
'scan_id':
scan_id
})
# return render_template('panel.htm' , route="malware" , current_user=current_user , scan_id=scan_id)
return redirect('/result/{}'.format(scan_id))
return render_template('panel.htm',
route="malware",
current_user=current_user)
def valid_username(username):
user = connectiondb('users').find_one({'name': request.form['username']})
user_list = []
if len(username) > 24 or len(username) < 3:
username_message = 'Username value out of range(3-24)'
flag = False
elif user:
username_message = "That username is taken. Please choose another username"
flag = False
else:
username_message = "That is a valid username."
flag = True
user_list.append(username_message)
user_list.append(flag)
result = tuple(user_list)
return result
def login():
if request.method == "GET":
return render_template('login.htm', current_user=current_user)
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
username = request.json.get('username', None)
password = request.json.get('password', None)
if not username:
return jsonify({"msg": "Missing username parameter"}), 400
if not password:
return jsonify({"msg": "Missing password parameter"}), 400
user = connectiondb('users').find_one({'name': username})
if username != user['name'] or password != user['password']:
return jsonify({"msg": "Bad username or password"}), 401
# Identity can be any data that is json serializable
access_token = create_access_token(identity={
"username": username,
"email": "*****@*****.**",
"uid": user['uid']
})
ret = {
'access_token':
create_access_token(identity={
"username": username,
"email": "*****@*****.**",
"uid": user['uid']
}),
'refresh_token':
create_refresh_token(identity={
"username": username,
"email": "*****@*****.**",
"uid": user['uid']
})
}
# session['access_token'] = access_token
# session['refresh_token'] = refresh_token
# return jsonify(access_token=access_token), 200
return jsonify(ret), 200
def detail():
result = []
ben = []
mal = []
uid = current_user.uid
data = list(
connectiondb('win').find({'uid': uid}, {
'_id': 0,
'scanned': 0
}))
for i in data:
result.append(i['scann_result'])
leg = result.count('legitimate')
mal = result.count('malicious')
print(leg)
print(mal)
return render_template("/detail.htm",
data=data,
result=result,
leg=leg,
mal=mal,
route='detail',
current_user=current_user)