def test_init():
    user1 = User('alice', '123', 'alice@email')
    user2 = User('admin', '123', 'admin@email')
    db.session.add(user1)
    db.session.flush()
    db.session.commit()
    user2.isAdmin = 1
    db.session.add(user2)
    db.session.flush()
    db.session.commit()
    feed1 = Feedback("msg1")
    db.session.add(feed1)
    db.session.flush()
    db.session.commit()
    feed2 = Feedback("msg2")
    db.session.add(user2)
    db.session.flush()
    db.session.commit()
    rep1 = Report(1, 1, "msg1")
    db.session.add(feed1)
    db.session.flush()
    db.session.commit()
    rep2 = Report(1, 1, "msg2")
    db.session.add(rep2)
    db.session.flush()
    db.session.commit()
    return "success"
예제 #2
0
    def _do_work(self, submission):
        s = Session()
        r = Report(
            module=self.__ModuleName__,
            short="Short desc...",
            full="",
            submission=submission
        )
        s.add(r)
        #Do the actual work
        sql = """select sha1, md5, FileName, FileSize, ProductName, ProductVersion, Language, ApplicationType, o.OpSystemCode, OpSystemName, OpSystemVersion, o.MfgCode, MfgName
                from file f inner join Prod p on p.ProductCode=f.ProductCode inner join OS o on f.OpSystemCode=o.OpSystemCode inner join Mfg m on m.MfgCode=o.MfgCode
                where sha1=?;"""
        results = self.db.execute(sql, (submission.file.sha1.upper(),)).fetchall()

        if len(results) == 0:
            # Unknown in Db
            r.short = "Unknown File - sha1 : %s" % (submission.file.sha1)
        else:
            # Known in Hash Db
            r.short = "File known to be safe (%s match)" % (len(results))
            r.threat_level = 0
            for result in results:
                report_details = {
                    'FileName': result[2],
                    'FileSize': result[3],
                    'Product': {
                        'ProductName': result[4],
                        'ProductVersion': result[5],
                        'Language': result[6],
                        'ApplicationType': result[7],
                        'OS': {
                            'OpSystemCode': result[8],
                            'OpSystemName': result[9],
                            'OpSystemVersion': result[10],
                            'MfgCode': result[11],
                            'MfgName': result[12],
                        },
                    },
                }
                json = JSONEncoder().encode(report_details)
                section = ReportSection(
                    type='json',
                    value=json,
                    report=r
                )
                s.add(section)
        s.commit()
        #r._sa_instance_state.session.expunge(r)
        return r
예제 #3
0
 def _do_work(self, submission):
     #Do the actual work
     report = self.vt.get(submission.file.sha256)
     s = Session()
     r = Report(
         module=self.__ModuleName__,
         short="Short desc...",
         full="",
         submission=submission
     )
     s.add(r)
     new_vt_submission = False
     if report is None:
         # Unknown in VT
         r.short = "Unknown on VT"
         if self.module_config['submit_unknown']:
             report = self.vt.scan(submission.file.path, reanalyze=True)
             report.join()
             new_vt_submission = True
     try:
         assert report.done is True
         # Known in VT
         r.short = "Detection rate : %s/%s - %s" % (report.positives, report.total, report.verbose_msg)
         if new_vt_submission:
             r.short += " (First submission in VT)"
         if report.positives == 0:
             r.threat_level = 0
         elif report.positives > 5:
             r.threat_level = 100
         report_details = report._report
         json = JSONEncoder().encode(report_details)
         section = ReportSection(
             type='json',
             value=json,
             report=r
         )
         s.add(section)
     except Exception as e:
         logging.error("Could not get report from vt : %s"%e)
     s.commit()
     #r._sa_instance_state.session.expunge(r)
     return r
def report():
    user_name = request.cookies.get("user_name")
    current_user = User.query.filter(User.username == user_name).all()[0]
    msg = request.values.get('msg', type=str, default=None)
    #被举报者id
    reported_id = request.values.get('reported_id', type=int, default=None)
    #举报内容,0,1,2,3分别代表 昵称、头像、座右铭、笔记文件
    to_report = request.values.get('to_report', type=int, default=None)
    #文件号,如果to_report=3则必填
    file_id = request.values.get('file_id', type=str, default=None)
    #是否匿名,取0 or 1
    anonymous = request.values.get('anonymous', type=int, default=None)
    return_json = {'code': 900, 'data': {}}
    #被举报者不存在
    if not User.query.get(reported_id):
        return_json['code'] = 400
        return_json['data']['msg'] = "User does not exists"
        return jsonify(return_json)
    #举报内容为文件,文件号为空
    if to_report == 3 and file_id == None:
        return_json['code'] = 900
        return_json['data']['msg'] = "Error: file_id empty"
        return jsonify(return_json)
    # msg非法
    if msg == None:
        return_json['data'][
            'msg'] = "message can not be None or Too long(over 200 bytes)"
        return jsonify(return_json)
    elif len(msg) == 0 or len(msg) > MAXMSG:
        return_json['data'][
            'msg'] = "message can not be None or Too long(over 200 bytes)"
        return jsonify(return_json)

    else:  #msg合法
        my_id = current_user.id
        if anonymous == 0:
            my_id = -1
        my_report = Report(reported_id, to_report, msg, file_id, my_id)
        try:
            db.session.add(my_report)
            db.session.flush()
            db.session.commit()
        except:
            return_json['code'] = 300
            return_json['data']['msg'] = 'Database error'
            return jsonify(return_json)
        return_json['code'] = 200
        return_json['data']['msg'] = "report success"
        return jsonify(return_json)
예제 #5
0
    def _do_work(self, submission):
        a = AnalyzePDF(submission.file.path, toolpath=self.module_config['tool_path'])
        sev, comment = a.analyze() #  (sev (0-5+), "comment")
        r = Report(
            module=self.__ModuleName__,
            short="%s (%s)" % (sev, comment),
            full="",
            submission=submission
        )
        if sev >= 5:
            r.threat_level = 100
        elif sev >=2:
            r.threat_level = 50
        else:
            r.threat_level = 0
        Session.add(r)


        section = ReportSection(
            type='text',
            value=a.anomalies_string,
            report=r
        )
        Session.add(section)

        section = ReportSection(
            type='text',
            value=a.pdfid_str,
            report=r
        )

        Session.add(section)

        Session.commit()
        #r._sa_instance_state.session.expunge(r)
        return r