def login(self, login, password, new_key=False):
"""
Get API key using login and password.
:param str login:
:param str password:
:return None:
:raises VxCubeApiException, VxCubeApiHttpException
"""
logger.debug("Login with %s", login)
if self._raw_api.api_key:
logger.info("Use login with existing API key")
data = filter_data(login=login, password=password, new_key=new_key)
response = self._raw_api.login.post(json=data)
if not isinstance(response, dict) or "api_key" not in response:
logger.error("Unknown server response")
raise VxCubeApiException("Incorrect server response")
self._raw_api.api_key = response["api_key"]
def analyses(self,
analysis_id=None,
count=None,
offset=None,
format_group_name=None):
"""
Get analysis by ID or get a filtered list of analyses.
:param int analysis_id:
:param int count:
:param int offset:
:param str format_group_name:
:return Analysis or list[Analysis]:
:raises VxCubeApiHttpException
"""
if analysis_id:
logger.debug("Get analysis")
return self._raw_api.analyses.get(analysis_id)
logger.debug("Get analysis list")
data = filter_data(count=count,
offset=offset,
format_group_name=format_group_name)
return self._raw_api.analyses.get(json=data)
def samples(self,
sample_id=None,
count=None,
offset=None,
md5=None,
sha1=None,
sha256=None,
format_name=None,
format_group_name=None):
"""
Get sample by ID or get a filtered list of samples.
:param int sample_id:
:param int count:
:param int offset:
:param str md5:
:param str sha1:
:param str sha256:
:param str format_name:
:param str format_group_name:
:return List[Sample] or Sample:
:raises VxCubeApiHttpException
"""
if sample_id:
logger.debug("Get sample")
return self._raw_api.samples.get(sample_id)
logger.debug("Get list of samples")
data = filter_data(count=count,
offset=offset,
md5=md5,
sha1=sha1,
sha256=sha256,
format_name=format_name,
format_group_name=format_group_name)
return self._raw_api.samples.get(json=data)
def test_filter_data():
data = filter_data(a=[], b="", c={}, d=False, e=None)
assert set(data.keys()) == {"a", "b", "c", "d"}
def phone_actions(self, count=None, offset=None, search=None):
logger.debug("Get phone actions of task %d", self.id)
data = filter_data(count=count, offset=offset, search=search)
return self._api.phone_actions.get(json=data)
def intents(self, count=None, offset=None, search=None):
logger.debug("Get intents of task %d", self.id)
data = filter_data(count=count, offset=offset, search=search)
return self._api.intents.get(json=data)
def apilog(self, count=None, offset=None, search=None):
logger.debug("Get API log of task %d", self.id)
data = filter_data(count=count, offset=offset, search=search)
return self._api.api_log.get(json=data)
def start_analysis(self,
sample_id,
platforms,
analysis_time=None,
format_name=None,
custom_cmd=None,
generate_cureit=None,
drop_size_limit=None,
net=None,
copylog=False,
crypto_api_limit=64,
dump_size_limit=64,
flex_time=False,
forwards=None,
get_lib=False,
injects_limit=100,
monkey_clicker=None,
dump_browsers=True,
dump_mapped=True,
dump_ssdt=True,
no_clean=False,
optional_count=None,
proc_lifetime=None,
set_date=None,
userbatch=None,
dump_processes=True,
write_file_limit=512):
"""
Start sample analysis.
:param int sample_id:
:param list platforms:
:param int analysis_time:
:param str format_name:
:param str custom_cmd:
:param bool generate_cureit:
:param int drop_size_limit:
:param str net:
:param bool copylog:
:param int crypto_api_limit:
:param int dump_size_limit:
:param bool flex_time:
:param list forwards:
:param bool get_lib:
:param int injects_limit:
:param bool monkey_clicker:
:param bool dump_browsers:
:param bool dump_mapped:
:param bool dump_ssdt:
:param bool no_clean:
:param int optional_count:
:param int proc_lifetime:
:param str set_date:
:param str userbatch:
:param bool dump_processes:
:param int write_file_limit:
:return Analyse:
:raises VxCubeApiHttpException
"""
logger.debug("Start analysis")
data = filter_data(sample_id=sample_id,
platforms=platforms,
analysis_time=analysis_time,
format_name=format_name,
custom_cmd=custom_cmd,
generate_cureit=generate_cureit,
drop_size_limit=drop_size_limit,
net=net,
copylog=copylog,
crypto_api_limit=crypto_api_limit,
dump_size_limit=dump_size_limit,
flex_time=flex_time,
forwards=forwards,
get_lib=get_lib,
injects_limit=injects_limit,
monkey_clicker=monkey_clicker,
dump_browsers=dump_browsers,
dump_mapped=dump_mapped,
dump_ssdt=dump_ssdt,
dump_processes=dump_processes,
no_clean=no_clean,
optional_count=optional_count,
proc_lifetime=proc_lifetime,
set_date=set_date,
write_file_limit=write_file_limit)
if userbatch:
with file_wrapper(userbatch) as file:
return self._raw_api.analyses.post(files={
"userbatch": (file.name, file, "application/octet-stream")
},
data=data)
return self._raw_api.analyses.post(json=data)
