def get_id(self): if isinstance(self.dl_req.json(), list): if len(self.dl_req.json()) > 0: return self.dl_req.json()[0]['id'] else: log_event( "[-] No File Catalog data found for {}.".format(self.md5), True) self.connection.send( "[-] No File Catalog data found for {}.".format(self.md5)) return None else: return self.dl_req.json()['id']
def isQueued(self): log_event("[+] Checking for queued downloads.") self.fileName = self.md5.lower() isqueued = requests.get("{}{}{}".format( self.protection_url, 'api/bit9platform/v1/fileCatalog?q=uploadStatus:0&limit=0&q=fileName:', self.fileName), headers=self.protection_headers, verify=False) if isqueued.ok: log_event("[+] File is queued for uploading") return True return False
def archive_and_encrypt(self): try: log_event("[*] Archiving downloaded file/s.") prog_path = r"C:\Program Files\7-Zip\7z.exe" if isfile(prog_path): archive_name = datetime.now().strftime('%H_%M_%d_%m_%Y') isZipped = check_call([ prog_path, 'a', '-p{}'.format(self.password), '-y', r'{}/archive-{}.zip'.format(self.archives, archive_name), './{}/*'.format(self.protection_path), './{}/*'.format( self.response_path) ], stdout=open(devnull, 'w')) if isZipped != 0: raise CalledProcessError(cmd=prog_path, returncode=1, output='Failed to archive file/s') else: log_event('[+] File/s have been archived [{}.zip].'.format( archive_name)) for file_response in listdir(self.response_path): tmp_path = join(self.response_path, file_response) remove(tmp_path) for file_protection in listdir(self.protection_path): tmp_path = join(self.protection_path, file_protection) remove(tmp_path) else: raise WindowsError('[-] 7zip is missing in your system.') except CalledProcessError as cpe: log_event(cpe, True) except WindowsError as we: log_event(we, True)
def download_binary_cbr(self): temp_text = {'msg': "[+] Download successful", 'code': 1} try: filename = join(self.response_path, self.md5.lower()) if not isfile(filename): binary = self.cb.binary(self.md5) dump = open(filename, "wb") dump.write(binary) dump.close() else: temp_text = {'msg': "[-] File exists.", 'code': 1} except (ObjectNotFoundError, HTTPError): temp_text = {'msg': "[-] File was not found", 'code': 0} log_event(temp_text['msg'], (temp_text['code'] is 0)) return temp_text
def get_fileCatalogData(self): self.dl_req = requests.get("{}{}{}".format( self.protection_url, 'api/bit9platform/v1/fileCatalog?q=md5:', self.md5), headers=self.protection_headers, verify=False) if self.dl_req.ok: self.fc_id = self.get_id() if self.fc_id: log_event("[+] Requested file found.[id] = {}".format( self.fc_id)) return True return False else: log_event("[-] Could not fetch File Catalog Data", True) self.connection.send("[-] Could not fetch File Catalog Data") return False
def queue_file(self): log_event("[+] Queuing file for upload") compId = self.dl_req.json()[0]['computerId'] self.data = { 'computerId': compId, 'fileCatalogId': self.fc_id, 'priority': 2, 'uploadStatus': 0 } self.upload_req = requests.post("{}{}".format( self.protection_url, 'api/bit9platform/v1/fileUpload'), headers=self.protection_headers, data=self.data, verify=False) if self.upload_req.ok: self.check_fileQueue() else: log_event("[-] Requested file not found.", True) self.connection.send("[-] Requested file not found.")
def check_dirs(self): if not isdir(self.protection_path): log_event("[+] Creating {} directory".format(self.protection_path)) makedirs(self.protection_path) if not isdir(self.response_path): log_event("[+] Creating {} directory".format(self.response_path)) makedirs(self.response_path) if not isdir(self.archives): log_event("[+] Creating {} directory".format(self.archives)) makedirs(self.archives) if not isdir(self.logs): log_event("[+] Creating {} directory".format(self.logs)) makedirs(self.logs)
def start_service(self): log_event(self.banner) log_event("[*] Connecting to {}".format(self.protection_url)) log_event("[*] Connecting to {}".format(self.response_url)) self.listener = Listener((self.address, self.port)) while True: try: self.connection = self.listener.accept() while True: self.get_md5() log_event("[*] Processing {}.".format(self.md5)) if self.get_fileCatalogData(): if not self.isQueued(): self.queue_file() elif self.download_binary_cbr()['code']: continue else: continue except EOFError as eof: log_event("[-] Lost connection to client.", True) self.archive_and_encrypt()
def download_binary_cbp(self): log_event("[+] Downloading sample") dl = requests.get("{}{}".format( self.protection_url, 'api/bit9platform/v1/fileUpload/{}?downloadFile=true'.format( self.fileId)), headers=self.headers, verify=False, stream=True) chunk_size = 1024 size = int(dl.headers['Content-Length']) / chunk_size i = 0 if dl.ok: pbar = ProgressBar(widgets=[Percentage(), Bar()], maxval=size).start() with open("{}/{}".format(self.protection_path, self.fileName), 'wb') as f: for chunk in dl.iter_content(chunk_size): f.write(chunk) pbar.update(i) i += 1 #~ log_event("[+] Download complete") pbar.finish() f.close() log_event("[+] Download complete.") self.connection.send("[+] Download complete.") else: #~ print("[-] Unable to download file") log_event("[-] Unable to download file.", True) self.connection.send("[-] Unable to download file.")
def check_fileQueue(self): self.fileId = self.upload_req.json()['id'] log_event("[+] File is now queued. [id] = {}".format(self.fileId)) check_queue = requests.post("{}{}".format( self.protection_url, 'api/bit9platform/v1/fileUpload'), headers=self.protection_headers, data=self.data, verify=False) ctr = 1 while check_queue.json()['uploadStatus'] is not 3: log_event("[+] Sleeping for {} seconds.".format( self.protection_interval)) sleep(self.protection_interval) check_queue = requests.post("{}{}".format( self.protection_url, 'api/bit9platform/v1/fileUpload'), headers=self.protection_headers, data=self.data, verify=False) #Sleep until 5 minutes has passed ctr = ctr + 1 if ctr is self.protection_counter: log_event("[-] File is still queued. Check the queue later.", True) self.connection.send( "[-] File is still queued. Check the queue later.") break if check_queue.json()['uploadStatus'] is 3: self.download_binary_cbp()