def stat(self, proto, count): ''' Statistical API call. Sends the 1 minute count of packets for a given protocol to the backend database. :param proto: Protocol name :param count: Packet count :type proto: str :type count: int :return: None ''' if self.host in ['localhost', '127.0.0.1']: s = self.Session() s.add(Stat(proto, self.username, count)) s.commit() s.close() log.debug('DATABASE: Added Stat %s:%s:%s' % (proto, count, self.username)) else: self.call('/post/stat', { 'proto': proto, 'count': count, 'username': self.username })
def account(self, username, password, info, proto, parser): ''' Account API call. This function handles adding accounts into the database. :param username: Account Username :param password: Account Password :param info: General Information Field :param proto: Discovered Protocol :param parser: Parser/Agent to discovere account :type username: str :type password: str :type info: str :type proto: str :type parser: str :return: None ''' # If the anonymization bit is set, then we need to hide the password. # We will still display the first 3 characters, however will asterisk # the rest of the password past that point. if self.anonymize: if len(password) >= 3: password = '******' % (password[:3], '*' * (len(password) - 3)) if self.host in ['localhost', '127.0.0.1']: s = self.Session() if s.query(Account).filter_by(username=bleach.clean(username))\ .filter_by(password=bleach.clean(password))\ .filter_by(info=bleach.clean(info)).count() < 1 and password != '': s.add(Account(bleach.clean(username), bleach.clean(password), bleach.clean(info), bleach.clean(proto), bleach.clean(parser) ) ) s.commit() log.debug('DATABASE: Added Account: %s:%s:%s:%s:%s' %\ (username, password, info, proto, parser)) else: self.call('/post/account', { 'username': username, 'password': password, 'info': info, 'proto': proto, 'parser': parser, })
def call(self, url, data, files={}): """ This is the core function that calls the API. all API calls route through here. :param url: URL of Call :param data: Data to be sent with call :type url: str :type data: dictionary, str :return: urllib2 Response Object """ ssl = {True: "https://", False: "http://"} location = "%s%s:%s%s" % (ssl[self.ssl], self.host, self.port, url) log.debug("CLIENT: %s" % location) return self.opener.post(location, data=data, files=files)
def run(self): ''' Process startup. ''' s = Session() while int(time.time()) < self.delay: log.debug('%s: Parser Waiting til %s currently %s. sleeping 1s.' %( self.name, self.delay, int(time.time()))) time.sleep(1) self.command = setting('%s_command' % self.name).value\ .replace('{IF}', setting('listen_interface').value) self.api = DoflerClient( host=setting('server_host').value, port=setting('server_port').intvalue, username=setting('server_username').value, password=setting('server_password').value, ssl=setting('server_ssl').boolvalue, anon=setting('server_anonymize').boolvalue) s.close() self.realtime_process()
def call(self, url, data, files={}): ''' This is the core function that calls the API. all API calls route through here. :param url: URL of Call :param data: Data to be sent with call :type url: str :type data: dictionary, str :return: urllib2 Response Object ''' ssl = { True: 'https://', False: 'http://' } location = '%s%s:%s%s' % (ssl[self.ssl], self.host, self.port, url) log.debug('CLIENT: %s' % location) return self.opener.post(location, data=data, files=files)
def stat(self, proto, count): """ Statistical API call. Sends the 1 minute count of packets for a given protocol to the backend database. :param proto: Protocol name :param count: Packet count :type proto: str :type count: int :return: None """ if self.host in ["localhost", "127.0.0.1"]: s = self.Session() s.add(Stat(proto, self.username, count)) s.commit() s.close() log.debug("DATABASE: Added Stat %s:%s:%s" % (proto, count, self.username)) else: self.call("/post/stat", {"proto": proto, "count": count, "username": self.username})
def image(self, filename): ''' Image API Call. Uploads the image into the database. :param fobj: File-like object with the image contents :param filename: Filename or extension of the file. :type fobj: fileobject :type filename: str :return: None ''' if os.path.exists(filename): if self.host in ['localhost', '127.0.0.1']: with open(filename, 'rb') as imagefile: data = imagefile.read() md5 = md5hash(data) s = self.Session() if s.query(Image).filter_by(md5sum=md5).count() > 0: image = s.query(Image).filter_by(md5sum=md5).one() image.timestamp = int(time.time()) image.count += 1 s.merge(image) log.debug('DATABASE: Updated Image %s' % image.md5sum) else: ftype = filename.split('.')[-1] image = Image(int(time.time()), ftype, data, md5) s.add(image) log.debug('DATABASE: Added Image %s' % image.md5sum) s.commit() s.close() else: try: self.call('/post/image', {'filetype': filename.split('.')[-1]}, {'file': open(filename, 'rb')}) except: log.error('API: Upload Failed. %s=%skb' % (filename, os.path.getsize(filename) / 1024)) else: log.error('API: %s doesnt exist' % filename)
def account(self, username, password, info, proto, parser): """ Account API call. This function handles adding accounts into the database. :param username: Account Username :param password: Account Password :param info: General Information Field :param proto: Discovered Protocol :param parser: Parser/Agent to discovere account :type username: str :type password: str :type info: str :type proto: str :type parser: str :return: None """ # If the anonymization bit is set, then we need to hide the password. # We will still display the first 3 characters, however will replace # the rest of the password with a random number of asterisks. if self.anonymize: if len(password) >= 3: password = "******" % (password[:3], "*" * (randint(2, 8))) if self.host in ["localhost", "127.0.0.1"]: s = self.Session() # Check if the account already exists # Tip: don't check for the password (if anonymized) try: account = s.query(Account).filter_by(username=username, proto=proto, info=info).one() except: s.add(Account(username, password, info, proto, parser)) s.commit() log.debug("DATABASE: Added Account: %s:%s:%s:%s:%s" % (username, password, info, proto, parser)) else: self.call( "/post/account", {"username": username, "password": password, "info": info, "proto": proto, "parser": parser}, )