def upload(self, filePath, fileName, tags): rawFile = open(filePath, 'rb') log.debug(VIPER_URL_ADD % (self.host, self.port) + " file=" + fileName) try: form = MultiPartForm() form.add_file('file', fileName, fileHandle=rawFile) form.add_field('tags', tags) request = urllib2.Request(VIPER_URL_ADD % (self.host, self.port)) body = str(form) request.add_header('Content-type', form.get_content_type()) request.add_header('Content-length', len(body)) request.add_data(body) response_data = urllib2.urlopen(request, timeout=60).read() reponsejson = json.loads(response_data) log.info("Submitted to Viper, message: %s", reponsejson["message"]) except urllib2.URLError as e: raise Exception( "Unable to establish connection to Viper REST API server: %s" % e) except urllib2.HTTPError as e: raise Exception( "Unable to perform HTTP request to Viper REST API server (http code=%s)" % e) except ValueError as e: raise Exception("Unable to convert response to JSON: %s" % e) if reponsejson["message"] != 'added': raise Exception("Failed to store file in Viper: %s" % reponsejson["message"])
def upload(self, filePath, fileName, tags): rawFile = open(filePath, 'rb') log.debug(VXCAGE_URL_ADD % (self.host, self.port) + " file=" + fileName) try: form = MultiPartForm() form.add_file('file', fileName, fileHandle=rawFile) form.add_field('tags', tags) request = urllib2.Request(VXCAGE_URL_ADD % (self.host, self.port)) body = str(form) request.add_header('Content-type', form.get_content_type()) request.add_header('Content-length', len(body)) request.add_data(body) response_data = urllib2.urlopen(request, timeout=60).read() reponsejson = json.loads(response_data) log.info("Submitted to vxcage, message: %s", reponsejson["message"]) except urllib2.URLError as e: raise Exception("Unable to establish connection to VxCage REST API server: %s" % e) except urllib2.HTTPError as e: raise Exception("Unable to perform HTTP request to VxCage REST API server (http code=%s)" % e) except ValueError as e: raise Exception("Unable to convert response to JSON: %s" % e) if reponsejson["message"] != 'added': raise Exception("Failed to store file in VxCage: %s" % reponsejson["message"])
def _upload(self, objfile): upload = self.options.get("upload", None) if not upload or not objfile.is_permittedType(): #No Upload, skip return None log.info("Upload file: %s" % objfile.get_fileMd5()) file_extension = '.' + objfile.file_extension() fileName = objfile.get_fileMd5() + file_extension rawFile = open(objfile.temp_file, 'rb') try: form = MultiPartForm() form.add_file('file', fileName, fileHandle=rawFile) form.add_field('apikey', self.apikey) request = urllib2.Request(MALWARE_LU_URL_UPLOAD) request.add_header('User-agent', 'Ragpicker') body = str(form) request.add_header('Content-type', form.get_content_type()) request.add_header('Content-length', len(body)) request.add_data(body) response_data = urllib2.urlopen(request).read() reponsejson = json.loads(response_data) except urllib2.URLError as e: raise Exception("Unable to establish connection to malware.lu: %s" % e) except urllib2.HTTPError as e: raise Exception("Unable to perform HTTP request to malware.lu (http code=%s)" % e) except ValueError as e: raise Exception("Unable to convert response to JSON: %s" % e) return reponsejson
def run(self, objfile): self.key = "BlueCoatMAA" self.score = -1 host = self.options.get("host") port = self.options.get("port") timeout = self.options.get("timeout", 120) apikey = self.options.get("apikey") owner = self.options.get("user") https = self.options.get("https") database = Database() returnValue = {} if not host or not port or not apikey or not owner: raise Exception("BlueCoatMAA is not configured correctly") try: fileName = objfile.file.get_fileSha256() file_data = objfile.file.file_data message = MultiPartForm() message.add_file_data('unused', filename=fileName, file_data=file_data, mimetype='application/octet-stream') message.add_field('owner', owner) headers = {'Content-type': message.get_content_type()} h = httplib2.Http() protocol = "http" if https: protocol = "https" h = httplib2.Http(".cache", disable_ssl_certificate_validation=True) response, content = h.request( '%s://%s:%s/rapi/samples/basic?token=%s' % (protocol, host, port, apikey), "PUT", body=message.toBlueCoatString(), headers=headers) if not "'status': '200'" in str(response): log.error(str(content)) raise Exception(str(content)) data = json.loads(content) sample_id = data['results'][0]['samples_sample_id'] log.info("%s upload as new sample_id %d" % (fileName, sample_id)) headers = {'Content-Type': 'application/x-www-form-urlencoded'} parameters = {} parameters["sample_id"] = sample_id parameters["env"] = 'ivm' parameters["log_task"] = 1 parameters["tp_IVM.TIMEOUT"] = timeout response, content = h.request('%s://%s:%s/rapi/tasks?token=%s' % (protocol, host, port, apikey), 'PUT', body=urllib.urlencode(parameters), headers=headers) if not "'status': '200'" in str(response): log.error(str(content)) raise Exception(str(content)) data = json.loads(content) task_id = data['results'][0]['tasks_task_id'] log.info("new task_id %d" % task_id) returnValue = {"sample_id": sample_id, "task_id": task_id} #Insert Task-State-Report database.insertSandboxTaskStatus( sandboxName=MAA_SANDBOX_NAME, sha256=objfile.file.get_fileSha256(), taskID=task_id, sampleID=sample_id, taskState=MAA_TASK_STATE_START) except Exception as e: raise Exception("Failed to send the file to the BlueCoatMAA: %s" % e) return returnValue
def run(self, objfile): self.key = "BlueCoatMAA" self.score = -1 host = self.options.get("host") port = self.options.get("port") timeout = self.options.get("timeout", 120) apikey = self.options.get("apikey") owner = self.options.get("user") https = self.options.get("https") database = Database() returnValue = {} if not host or not port or not apikey or not owner: raise Exception("BlueCoatMAA is not configured correctly") try: fileName = objfile.file.get_fileSha256() file_data = objfile.file.file_data message = MultiPartForm() message.add_file_data('unused', filename=fileName, file_data=file_data, mimetype='application/octet-stream') message.add_field('owner', owner) headers = {'Content-type': message.get_content_type()} h = httplib2.Http() protocol = "http" if https: protocol = "https" h = httplib2.Http(".cache", disable_ssl_certificate_validation=True) response, content = h.request('%s://%s:%s/rapi/samples/basic?token=%s' % (protocol, host, port, apikey), "PUT", body=message.toBlueCoatString(), headers=headers) if not "'status': '200'" in str(response) : log.error(str(content)) raise Exception(str(content)) data = json.loads(content) sample_id = data['results'][0]['samples_sample_id'] log.info("%s upload as new sample_id %d" % (fileName, sample_id)) headers = {'Content-Type': 'application/x-www-form-urlencoded'} parameters = {} parameters["sample_id"] = sample_id parameters["env"] = 'ivm' parameters["log_task"] = 1 parameters["tp_IVM.TIMEOUT"] = timeout response, content = h.request('%s://%s:%s/rapi/tasks?token=%s' % (protocol, host, port, apikey), 'PUT', body=urllib.urlencode(parameters), headers=headers) if not "'status': '200'" in str(response) : log.error(str(content)) raise Exception(str(content)) data = json.loads(content) task_id = data['results'][0]['tasks_task_id'] log.info("new task_id %d" % task_id) returnValue = {"sample_id":sample_id, "task_id":task_id} #Insert Task-State-Report database.insertSandboxTaskStatus(sandboxName=MAA_SANDBOX_NAME, sha256=objfile.file.get_fileSha256(), taskID=task_id, sampleID=sample_id, taskState=MAA_TASK_STATE_START) except Exception as e: raise Exception("Failed to send the file to the BlueCoatMAA: %s" % e) return returnValue