def genObsSrcData(srcObj, data):
### Add object Contributor
from cybox.common.contributor import Contributor
oContributor = Contributor()
#oContributor.role = 'testRole'
#oContributor.name = 'testName'
#oContributor.email = 'testEmail'
#oContributor.phone = 'testPhone'
oContributor.organization = srcObj.Domain
from cybox.common.daterange import DateRange
oContributor.date = DateRange()
oContributor.date.start_date = data['attrib']['first']
#oContributor.date.end_date = data['attrib']['dateRange'].split(" - ")[1]
### Add object MeasureSource
from cybox.common.measuresource import MeasureSource
oMeasureSource = MeasureSource()
oMeasureSource.description = "<![CDATA[" + srcObj.pkgTitle + "]]>"
#oMeasureSource.sighting_count = int(['attrib']['Attacks'])
oMeasureSource.source_type = "Information Source"
oMeasureSource.name = srcObj.pkgLink
from cybox.common.contributor import Personnel
oMeasureSource.contributors = Personnel()
oMeasureSource.contributors.append(oContributor)
return (oMeasureSource)
def __init__(self,id=None,namespace=None,method=None,type=None,source=None,ordinal_position=None,
start_datetime=None,complete_datetime=None,lastupdate_datetime=None,analysts=None,summary=None,comments=None,tools=None,
dynamic_analysis_metadata=None,report=None,analysis_environment=None):
super(MaecAnalysis,self).__init__(id=id,method=method,type=type)
set_id_method(IDGenerator.METHOD_UUID)
if id is None:
if namespace is not None:
set_id_namespace(namespace)
self.id_ = create_id(prefix='analysis')
self.ordinal_position=ordinal_position
self.start_datetime=start_datetime
self.complete_datetime =complete_datetime
self.lastupdate_datetime =lastupdate_datetime
self.source=source
if analysts is not None:
self.analysts = Personnel()
for contr in analysts():
if isinstance(contr,Contributor):
self.analysts.append(contr)
self.summary =summary
if comments is not None:
self.comments = CommentList()
for comment in comments:
self.comments.append(comment)
if tools is not None:
for tool in tools:
if isinstance(tool,ToolInformation):
self.add_tool(tool)
if dynamic_analysis_metadata is not None and isinstance(dynamic_analysis_metadata,DynamicAnalysisMetadata):
self.dynamic_analysis_metadata =dynamic_analysis_metadata
self.report =report
if isinstance(analysis_environment,AnalysisEnvironment):
self.analysis_environment=analysis_environment
def add_discovery_method_contributor(self,contributor=None,contributors=None):
if self.contributors is None:
self.contributors = Personnel()
if contributor is not None:
self.contributors.append(contributor)
if contributors is not None:
for contr in contributors:
self.contributors.append(contr)
def genObsSrcData(srcObj, data):
### Add object Contributor
from cybox.common.contributor import Contributor
oContributor = Contributor()
#oContributor.role = 'testRole'
#oContributor.name = 'testName'
#oContributor.email = 'testEmail'
#oContributor.phone = 'testPhone'
oContributor.organization = srcObj.Domain
from cybox.common.daterange import DateRange
oContributor.date = DateRange()
if 'dateRange' in data['attrib']:
oContributor.date.start_date = data['attrib']['dateRange'].split(
" - ")[0]
oContributor.date.end_date = data['attrib']['dateRange'].split(
" - ")[1]
### Add object MeasureSource
from cybox.common.measuresource import MeasureSource
oMeasureSource = MeasureSource()
oMeasureSource.description = srcObj.pkgTitle
#oMeasureSource.sighting_count = int(['attrib']['Attacks'])
oMeasureSource.source_type = "Aggregator - OpenSource"
oMeasureSource.name = srcObj.pkgLink
from cybox.common.contributor import Personnel
oMeasureSource.contributors = Personnel()
oMeasureSource.contributors.append(oContributor)
### Generating InformationSourceType()
from cybox.common.measuresource import InformationSourceType
oMeasureSource.information_source_type = InformationSourceType()
oMeasureSource.information_source_type.value = "website - OpenSource"
oMeasureSource.information_source_type.condition = 'Equals'
#oMeasureSource.information_source_type.value = ''
#oMeasureSource.information_source_type.vocab_reference =
#from cybox.common.tools import ToolType
#oMeasureSource.tool_type.value = "website - OpenSource"
#oMeasureSource.tool_type.condition = 'Equals'
#from cybox.common.tools import ToolType
#oMeasureSource.tools = cybox.TypedField("Tools", ToolInformationList)
#oTime = Time()
#oMeasureSource.time = cybox.TypedField("Time", Time)
#oMeasureSource.platform = cybox.TypedField("Platform", PlatformSpecification)
#oMeasureSource.system = cybox.TypedField("System", ObjectProperties)
#oMeasureSource.instance = cybox.TypedField("Instance", ObjectProperties)
return (oMeasureSource)
def __init_(self,contributors=None,time=None,tools=None,platform=None,system=None,instance=None,description=None,source_type=None,name=None,tool_type=None,
sighting_count=None,information_source_type=None):
super(CyboxDiscoveryMethod,self).__init__()
if contributors is not None:
self.contributors = Personnel()
for contr in contributors:
self.contributors.append(contr)
self.time=time
if tools is not None:
self.tools =ToolInformationList()
for tool in tools:
self.tools.append(tool)
self.platform = platform
self.system = system
self.instance =instance
self.description = description
self.information_source_type=information_source_type
self.sighting_count=sighting_count
self.source_type = source_type
self.tool_type = tool_type
self.name = name
class CyboxDiscoveryMethod(MeasureSource):
def __init_(self,contributors=None,time=None,tools=None,platform=None,system=None,instance=None,description=None,source_type=None,name=None,tool_type=None,
sighting_count=None,information_source_type=None):
super(CyboxDiscoveryMethod,self).__init__()
if contributors is not None:
self.contributors = Personnel()
for contr in contributors:
self.contributors.append(contr)
self.time=time
if tools is not None:
self.tools =ToolInformationList()
for tool in tools:
self.tools.append(tool)
self.platform = platform
self.system = system
self.instance =instance
self.description = description
self.information_source_type=information_source_type
self.sighting_count=sighting_count
self.source_type = source_type
self.tool_type = tool_type
self.name = name
def add_discovery_method_contributor(self,contributor=None,contributors=None):
if self.contributors is None:
self.contributors = Personnel()
if contributor is not None:
self.contributors.append(contributor)
if contributors is not None:
for contr in contributors:
self.contributors.append(contr)
def create_discovery_method_contributor(self,name=None,role=None,email=None,phone=None,organization=None,contribution_location=None,start_date=None,end_date=None):
contributor = Contributor()
contributor.name=name
contributor.role = role
contributor.email =email
contributor.phone =phone
contributor.organization = organization
if start_date is not None and end_date is not None:
if end_date > start_date:
daterange = DateRange()
daterange.end_date = end_date
daterange.start_date = start_date
contributor.date = daterange
else:
contributor.date =None
contributor.contribution_location =contribution_location
return contributor
def add_discovery_method_time(self,time):
self.time =time
def create_discovery_method_time(self, start_time=None,end_time=None,produced_time=None,received_time=None):
time = dstime(start_time=start_time,end_time=end_time,produced_time=produced_time,received_time=received_time)
return time
def create_discovery_method_observation_location(self):
'''
future implementation
'''
pass
def add_discovery_method_tool(self,tool,tools):
if self.tools is None:
self.tools = ToolInformationList()
if tool is not None:
self.tools.append(tool)
if tools is not None:
for tool in tools:
self.tools.append(tool)
def create_discovery_method_tool(self,name=None,type=None,description=None,vendor=None,version=None,service_pack=None,hashes=None):
tool = ToolInformation()
tool.name=name
if type is not None:
for typename in type :
tool.type_.append(String(value=typename))
if description is not None:
tool.description = StructuredText()
tool.description.value=description
tool.vendor =vendor
tool.version =version
tool.service_pack =service_pack
if hashes is not None:
for hashob in hashes:
tool.tool_hashes._set_hash(hashob[0],hashob[1])
return tool
def add_discovery_method_platform(self,platform):
self.platform = platform
def create_discovery_method_platform(self,description=None,identifiers=None):
platform = PlatformSpecification()
if description is not None:
platform.description= StructuredText(value=description)
if not identifiers is None:
for identifier in identifiers:
platform.identifiers.append(identifier)
return platform
def create_discovery_method_platform_identifier(self,system=None,system_ref =None):
identifier = PlatformIdentifier()
identifier.system =system
identifier.system_ref =system_ref
return identifier
def add_discovery_method_system(self,system):
self.system = system
def create_discovery_method_system(self,available_physical_memory=None,bios_info=None,date=None,hostname=None,local_time=None,network_interface_list=None,os=None,processor=None,system_time=None,timezone_dst=None,
timezone_standard=None,total_physical_memory=None,uptime=None,username=None):
system = System()
system.available_physical_memory=available_physical_memory
system.bios_info = bios_info
system.date = Date(value=date)
system.hostname = hostname
system.local_time = Time(value=local_time)
if network_interface_list is not None:
system.network_interface_list = NetworkInterfaceList()
for netinter in network_interface_list:
system.network_interface_list.append(netinter)
system.os =os
system.processor =processor
system.system_time=Time(value=system_time)
system.timezone_dst = timezone_dst
system.timezone_standard =timezone_standard
system.total_physical_memory=total_physical_memory
if uptime is not None:
system.uptime = Duration()
system.uptime.value =uptime
system.username = username
return system
def create_discovery_method_system_bios_info(self,bios_date=None,manufacturer=None,bios_release_date=None,bios_serial_number =None,bios_version=None):
bios = BIOSInfo()
bios.bios_date = Date(value=bios_date)
bios.bios_manufacturer=manufacturer
bios.bios_release_date = Date(value=bios_release_date)
bios.bios_serial_number = bios_serial_number
bios.bios_version =bios_version
return bios
def create_discovery_method_system_os(self,bitness=None,platform=None,build_number=None,install_date=None,patch_level=None,environment_variable_list=None):
os_obj = OS()
os_obj.bitness =bitness
os_obj.build_number = build_number
if environment_variable_list is not None:
os_obj.environment_variable_list = EnvironmentVariableList()
for envar in environment_variable_list:
os_obj.environment_variable_list.append(envar)
os_obj.install_date = Date(value=install_date)
os_obj.patch_level= patch_level
os_obj.platform = platform # for platform creation should use creatediscoverymethodplatform
return os_obj
def create_discovery_method_env_var(self,name=None,value=None):
envvar = EnvironmentVariable()
envvar.name = String(name)
envvar.value = String(value)
return envvar
def create_discovery_method_system_network_interface(self,adapter=None,description=None,dhcp_lease_expires=None,dhcp_lease_obtained=None,dhcp_server_list=None,
mac=None,ip_lst=None,ip_gateway_lst=None):
netinter = NetworkInterface()
netinter.adapter=adapter
netinter.description = description
netinter.dhcp_lease_expires = DateTime(value=dhcp_lease_expires)
netinter.dhcp_lease_obtained =DateTime(value=dhcp_lease_obtained)
if dhcp_server_list is not None:
netinter.dhcp_server_list = DHCPServerList()
for srv in dhcp_server_list :
netinter.dhcp_server_list.append(srv)
netinter.mac = mac
netinter.ip_list =IPInfoList(ip_lst)
if ip_lst is not None:
netinter.ip_list = IPInfoList()
for ipinf in ip_lst:
netinter.ip_list.append(ipinf)
if ip_gateway_lst is not None:
netinter.ip_gateway_list= IPGatewayList()
for gateway in ip_gateway_lst:
netinter.ip_gateway_list.append(gateway)
return netinter
def create_discovery_method_system_network_interface_ip_info(self,ip_address=None,ip_cat=Address.CAT_IPV4,subnet_mask=None,submaskcat=Address.CAT_IPV4_NETMASK):
ipinf = IPInfo()
ipinf.ip_address = Address()
ipinf.ip_address.address_value=ip_address
ipinf.ip_address.category = ip_cat
ipinf.subnet_mask = Address()
ipinf.subnet_mask.address_value = subnet_mask
ipinf.subnet_mask.category=submaskcat
return ipinf
def create_discovery_method_network_interface_adress_gateway(self,ip_address=None,ip_cat=Address.CAT_IPV4_NET):
return Address(address_value=ip_address,category=ip_cat)
def create_discovery_method_network_interface_adress_dhcp(self,ip_address=None,ip_cat=Address.CAT_IPV4_NET):
return Address(address_value=ip_address,category=ip_cat)
def add_discovery_method_instance(self,instance):
self.instance = instance
def create_discovery_method_instance(self,argument_list=None,child_pid_list=None,creation_time =None,is_hidden=None,image_info=None,extracted_features=None,environment_variable_list=None,
kernel_time=None,name=None,network_connection_list=None,parent_pid=None,pid=None,port_list=None,start_time=None,user_time=None,username=None):
instance = Process()
instance.argument_list= argument_list
instance.child_pid_list=child_pid_list
instance.creation_time = DateTime(creation_time)
instance.username=username
instance.user_time = Duration(user_time)
instance.start_time = DateTime(start_time)
instance.port_list =port_list
instance.pid = pid
instance.parent_pid = parent_pid
if network_connection_list is not None and (all(isinstance(x,NetworkConnection ) for x in network_connection_list)):
instance.network_connection_list = NetworkConnectionList()
for netcon in network_connection_list:
instance.network_connection_list.append(netcon)
else:
instance.network_connection_list= None
instance.name = name
instance.kernel_time = Duration(kernel_time)
if environment_variable_list is not None and (all(isinstance(x,EnvironmentVariable ) for x in environment_variable_list)):
instance.environment_variable_list = EnvironmentVariableList()
for envar in environment_variable_list:
instance.environment_variable_list.append(envar)
else:
instance.environment_variable_list =None
instance.extracted_features =extracted_features
instance.image_info = image_info
instance.is_hidden= is_hidden
return instance
def create_discovery_method_instance_child_pid_list(self,pid_list):
cplst = ChildPIDList()
if pid_list is not None and (all(isinstance(x, (int, long)) for x in pid_list)):
for pidn in pid_list:
cplst.append(pidn)
return cplst
def create_discovery_method_instance_argument_list(self,arg_list):
arglst = ArgumentList()
if arg_list is not None and (all(isinstance(x,str ) for x in arg_list)):
for argm in arg_list:
arglst.append(argm)
return arglst
def create_discovery_method_instnace_image_info(self,current_directory=None,command_line=None,path=None,file_name=None):
imaginf= ImageInfo()
imaginf.file_name=file_name
imaginf.path=path
imaginf.command_line = command_line
imaginf.current_directory = current_directory
return imaginf
def create_extracted_string(self,string_value,address=None,byte_string_value=None,length=None,language=None,hashes=None,encoding=None,english_translation=None):
exstr = ExtractedString(string_value=string_value)
exstr.address = address
exstr.byte_string_value =byte_string_value
exstr.length =length
exstr.language = language
exstr.hashes = hashes
exstr.encoding =encoding
exstr.english_translation = english_translation
return exstr
def create_discovery_method_instance_extracted_feautures(self,functions=None,imports=None,codesnippets=None,extractedstrings=None):
extft = ExtractedFeatures()
if functions is not None and (all(isinstance(x,str ) for x in functions)):
extft.functions = Functions()
for func in functions:
extft.functions.append(func)
if imports is not None and (all(isinstance(x,str ) for x in imports)):
extft.imports = Imports()
for imp in imports:
extft.imports.append(imp)
if codesnippets is not None and (all(isinstance(x,str ) for x in codesnippets)):
extft.code_snippets = CodeSnippets()
for codsn in codesnippets:
code = Code()
code.code_segment=codsn
extft.code_snippets.append(code)
if extractedstrings is not None and (all(isinstance(x,ExtractedString ) for x in extractedstrings)):
extft.strings = ExtractedStrings()
for exstr in extractedstrings:
extft.strings.append(exstr)
return extft
def create_network_connection(self,creation_time=None,destination_socket_address=None,destination_tcp_state=None,source_socket_address=None,source_tcp_state=None,tls_used=None,
layer7_protocol=None,layer4_protocol=None,layer3_protocol=None,layer7_connections=None):
network_connection = NetworkConnection()
network_connection.creation_time= DateTime(creation_time)
network_connection.destination_socket_address = destination_socket_address
network_connection.destination_tcp_state = destination_tcp_state
network_connection.source_socket_address = source_socket_address
network_connection.source_tcp_state = source_tcp_state
network_connection.tls_used =tls_used
network_connection.layer7_protocol= layer7_protocol
network_connection.layer4_protocol =layer4_protocol
network_connection.layer3_protocol = layer3_protocol
network_connection.layer7_connections = layer7_connections
return network_connection
def create_layer7_connections(self,dns_queries=None,http_session=None):
ls7 = Layer7Connections()
ls7.dns_query =dns_queries
ls7.http_session= http_session
return ls7
def create_socket_address(self,hostname,port,ip_address,ip_cat=Address.CAT_IPV4,layer4_protocol='TCP',is_domain_name=True,hostname_value=None,naming_system=None):
socket = SocketAddress()
socket.ip_address = Address(address_value=ip_address,category=ip_cat)
socket.port = Port()
socket.port.port_value=port
socket.port.layer4_protocol =layer4_protocol
socket.hostname = Hostname()
socket.hostname.is_domain_name=is_domain_name
socket.hostname.hostname_value = hostname_value
socket.hostname.naming_system = naming_system
return socket
def create_port_list(self,portlist):
port_list = PortList()
if portlist is not None:
for port in portlist:port_list.append(port)
return port_list
def add_discovery_method_description(self,description):
self.description=description
def add_discovery_method_information_source_type(self,information_source_type):
self.information_source_type = information_source_type
def add_discovery_method_sighting_count(self,sighting_count):
self.sighting_count = sighting_count
def add_discovery_method_source_type(self,source_type):
self.source_type = source_type
def add_discovery_merhod_tool_type(self,tool_type):
self.tool_type = tool_type
def add_discovery_method_name(self,name):
self.name = name
def addanalysts(self,analysts=None):
if not isinstance(self.analysts,Personnel):
self.analysts = Personnel()
for contr in analysts:
if isinstance(contr,Contributor):
self.analysts.append(contr)
class MaecAnalysis(Analysis):
def __init__(self,id=None,namespace=None,method=None,type=None,source=None,ordinal_position=None,
start_datetime=None,complete_datetime=None,lastupdate_datetime=None,analysts=None,summary=None,comments=None,tools=None,
dynamic_analysis_metadata=None,report=None,analysis_environment=None):
super(MaecAnalysis,self).__init__(id=id,method=method,type=type)
set_id_method(IDGenerator.METHOD_UUID)
if id is None:
if namespace is not None:
set_id_namespace(namespace)
self.id_ = create_id(prefix='analysis')
self.ordinal_position=ordinal_position
self.start_datetime=start_datetime
self.complete_datetime =complete_datetime
self.lastupdate_datetime =lastupdate_datetime
self.source=source
if analysts is not None:
self.analysts = Personnel()
for contr in analysts():
if isinstance(contr,Contributor):
self.analysts.append(contr)
self.summary =summary
if comments is not None:
self.comments = CommentList()
for comment in comments:
self.comments.append(comment)
if tools is not None:
for tool in tools:
if isinstance(tool,ToolInformation):
self.add_tool(tool)
if dynamic_analysis_metadata is not None and isinstance(dynamic_analysis_metadata,DynamicAnalysisMetadata):
self.dynamic_analysis_metadata =dynamic_analysis_metadata
self.report =report
if isinstance(analysis_environment,AnalysisEnvironment):
self.analysis_environment=analysis_environment
def add_type(self,type=None):
self.type_=type
def add_method(self,method=None):
self.method =method
def add_ordinal_position(self,ordinal_position=None):
self.ordinal_position=ordinal_position
def addanalysisdatesinfo(self,start_datetime=None,complete_datetime=None,lastupdate_datetime=None):
self.start_datetime=start_datetime
self.complete_datetime =complete_datetime
self.lastupdate_datetime=lastupdate_datetime
def addsource(self,url=None,reference=None,organization=None,name=None,method=None):
source = Source()
source.url = url
source.reference = reference
source.organization = organization
source.name = name
source.method = method
self.source =source
def addanalysts(self,analysts=None):
if not isinstance(self.analysts,Personnel):
self.analysts = Personnel()
for contr in analysts:
if isinstance(contr,Contributor):
self.analysts.append(contr)
def createanalystscontributor(self,name=None,role=None,email=None,phone=None,organization=None,contribution_location=None,start_date=None,end_date=None):
contributor = Contributor()
contributor.name=name
contributor.role = role
contributor.email =email
contributor.phone =phone
contributor.organization = organization
if start_date is not None and end_date is not None:
if end_date > start_date:
daterange = DateRange()
daterange.end_date = end_date
daterange.start_date = start_date
contributor.date = daterange
else:
contributor.date =None
contributor.contribution_location =contribution_location
return contributor
def addsummary(self,summary=None):
self.summary=summary
def addcomment(self,comment=None):
if not isinstance(self.comments,CommentList):
self.comments = CommentList()
if isinstance(comment,Comment):
self.comments.append(comment)
def createcomment(self,author=None,value=None,timestamp=None,observation_name=None):
comment = Comment()
comment.author =author
comment.value=value
comment.timestamp=timestamp
comment.observation_name=observation_name
return comment
def addfindingsbundlereference(self,bundle_id=None):
self.set_findings_bundle(bundle_id=bundle_id)
def createanalysistool(self,name=None,type=None,description=None,vendor=None,version=None,service_pack=None,hashes=None):
tool = ToolInformation()
tool.name=name
if type is not None:
for typename in type :
tool.type_.append(String(value=typename))
if description is not None:
tool.description = StructuredText()
tool.description.value=description
tool.vendor =vendor
tool.version =version
tool.service_pack =service_pack
if hashes is not None:
for hashob in hashes:
tool.tool_hashes._set_hash(hashob[0],hashob[1])
return tool
def adddynamicanalysismetadata(self,metadata=None):
if isinstance(metadata,DynamicAnalysisMetadata):
self.dynamic_analysis_metadata=metadata
def createdynamicanalysismetadata(self,exit_code=None,command_line=None,analysis_duration=None):
metadata = DynamicAnalysisMetadata()
metadata.exit_code =exit_code
metadata.command_line =command_line
metadata.analysis_duration = analysis_duration
return metadata
def addreport(self,report=None):
self.report=report
def addanalysisenvironment(self,analysis_environment=None):
if isinstance(analysis_environment,AnalysisEnvironment):
self.analysis_environment=analysis_environment
def createanalysisenvironment(self,analysis_systems=None,network_infrastructure_captured_protocols=None,hypervisor_host_system=None):
analysis_environment = AnalysisEnvironment()
analysis_environment.network_infrastructure=NetworkInfrastructure()
for capt_prot in network_infrastructure_captured_protocols:
if isinstance(capt_prot,CapturedProtocol):
analysis_environment.network_infrastructure.captured_protocols.append(capt_prot)
analysis_environment.hypervisor_host_system=hypervisor_host_system
analysis_environment.analysis_systems =AnalysisSystemList()
if analysis_systems is not None:
for analysis_system in analysis_systems:
if isinstance(analysis_system,AnalysisSystem):
analysis_environment.analysis_systems.append(analysis_system)
return analysis_environment
def createanalysisenvironmentHVhostsystem(self,available_physical_memory=None,bios_info=None,date=None,hostname=None,local_time=None,network_interface_list=None,os=None,processor=None,system_time=None,timezone_dst=None,
timezone_standard=None,total_physical_memory=None,uptime=None,username=None,vm_hypervisor=None):
system = HypervisorHostSystem()
system.available_physical_memory=available_physical_memory
system.bios_info = bios_info
system.date = Date(value=date)
system.hostname = hostname
system.local_time = Time(value=local_time)
if network_interface_list is not None:
system.network_interface_list = NetworkInterfaceList()
for netinter in network_interface_list:
system.network_interface_list.append(netinter)
system.os =os
system.processor =processor
system.system_time=Time(value=system_time)
system.timezone_dst = timezone_dst
system.timezone_standard =timezone_standard
system.total_physical_memory=total_physical_memory
if uptime is not None:
system.uptime = Duration()
system.uptime.value =uptime
system.username = username
system.vm_hypervisor=vm_hypervisor
return system
def createanalysisenvironmentsystembiosinfo(self,bios_date=None,manufacturer=None,bios_release_date=None,bios_serial_number =None,bios_version=None):
bios = BIOSInfo()
bios.bios_date = Date(value=bios_date)
bios.bios_manufacturer=manufacturer
bios.bios_release_date = Date(value=bios_release_date)
bios.bios_serial_number = bios_serial_number
bios.bios_version =bios_version
return bios
def createanalysisenvironmentsystemos(self,bitness=None,platform=None,build_number=None,install_date=None,patch_level=None,environment_variable_list=None):
os_obj = OS()
os_obj.bitness =bitness
os_obj.build_number = build_number
if environment_variable_list is not None:
os_obj.environment_variable_list = EnvironmentVariableList()
for envar in environment_variable_list:
os_obj.environment_variable_list.append(envar)
os_obj.install_date = Date(value=install_date)
os_obj.patch_level= patch_level
os_obj.platform = platform # for platform creation should use creatediscoverymethodplatform
return os_obj
def createanalysisenvironmentsystemEnvVar(self,name=None,value=None):
envvar = EnvironmentVariable()
envvar.name = String(name)
envvar.value = String(value)
return envvar
def createanalysisenvironmentsystemnetworkinterface(self,adapter=None,description=None,dhcp_lease_expires=None,dhcp_lease_obtained=None,dhcp_server_list=None,
mac=None,ip_lst=None,ip_gateway_lst=None):
netinter = NetworkInterface()
netinter.adapter=adapter
netinter.description = description
netinter.dhcp_lease_expires = DateTime(value=dhcp_lease_expires)
netinter.dhcp_lease_obtained =DateTime(value=dhcp_lease_obtained)
if dhcp_server_list is not None:
netinter.dhcp_server_list = DHCPServerList()
for srv in dhcp_server_list :
netinter.dhcp_server_list.append(srv)
netinter.mac = mac
netinter.ip_list =IPInfoList(ip_lst)
if ip_lst is not None:
netinter.ip_list = IPInfoList()
for ipinf in ip_lst:
netinter.ip_list.append(ipinf)
if ip_gateway_lst is not None:
netinter.ip_gateway_list= IPGatewayList()
for gateway in ip_gateway_lst:
netinter.ip_gateway_list.append(gateway)
return netinter
def createanalysisenvironmentsystemnetworkinterfaceIpInfo(self,ip_address=None,ip_cat=Address.CAT_IPV4,subnet_mask=None,submaskcat=Address.CAT_IPV4_NETMASK):
ipinf = IPInfo()
ipinf.ip_address = Address()
ipinf.ip_address.address_value=ip_address
ipinf.ip_address.category = ip_cat
ipinf.subnet_mask = Address()
ipinf.subnet_mask.address_value = subnet_mask
ipinf.subnet_mask.category=submaskcat
return ipinf
def createanalysisenvironmentsystemnetworkinerfaceAdressGateway(self,ip_address=None,ip_cat=Address.CAT_IPV4_NET):
return Address(address_value=ip_address,category=ip_cat)
def createanalysisenvironmentsystemnetworkinerfaceAdressDHCP(self,ip_address=None,ip_cat=Address.CAT_IPV4_NET):
return Address(address_value=ip_address,category=ip_cat)
def createanalysisenvironmentsystemplatform(self,description=None,identifiers=None):
platform = PlatformSpecification()
if description is not None:
platform.description= StructuredText(value=description)
if not identifiers is None:
for identifier in identifiers:
platform.identifiers.append(identifier)
return platform
def createanalysisenvironmentsystemplatformidentifier(self,system=None,system_ref =None):
identifier = PlatformIdentifier()
identifier.system =system
identifier.system_ref =system_ref
return identifier
def createanalysisenvironmentanalysissystem(self,installed_programs=None,network_interfaces=None):
analysis_system=AnalysisSystem()
for program in installed_programs:
if isinstance(program,PlatformSpecification):
analysis_system.installed_programs.append(program)
analysis_system.network_interface_list=NetworkInterfaceList()
for nw in network_interfaces:
if isinstance(nw,NetworkInterface):
analysis_system.network_interface_list.append(nw)
return analysis_system
def createanalysisenvironmentnetworkinfrastructurecapturedprotocol(self,port_number=None,layer7_protocol=None,layer4_protocol=None,interaction_level=None):
protocol = CapturedProtocol()
protocol.port_number= port_number
protocol.layer7_protocol=layer7_protocol
protocol.layer4_protocol=layer4_protocol
protocol.interaction_level = interaction_level
return protocol
