def test_init():
user1 = User('alice', '123', 'alice@email')
user2 = User('admin', '123', 'admin@email')
db.session.add(user1)
db.session.flush()
db.session.commit()
user2.isAdmin = 1
db.session.add(user2)
db.session.flush()
db.session.commit()
feed1 = Feedback("msg1")
db.session.add(feed1)
db.session.flush()
db.session.commit()
feed2 = Feedback("msg2")
db.session.add(user2)
db.session.flush()
db.session.commit()
rep1 = Report(1, 1, "msg1")
db.session.add(feed1)
db.session.flush()
db.session.commit()
rep2 = Report(1, 1, "msg2")
db.session.add(rep2)
db.session.flush()
db.session.commit()
return "success"
def _do_work(self, submission):
s = Session()
r = Report(
module=self.__ModuleName__,
short="Short desc...",
full="",
submission=submission
)
s.add(r)
#Do the actual work
sql = """select sha1, md5, FileName, FileSize, ProductName, ProductVersion, Language, ApplicationType, o.OpSystemCode, OpSystemName, OpSystemVersion, o.MfgCode, MfgName
from file f inner join Prod p on p.ProductCode=f.ProductCode inner join OS o on f.OpSystemCode=o.OpSystemCode inner join Mfg m on m.MfgCode=o.MfgCode
where sha1=?;"""
results = self.db.execute(sql, (submission.file.sha1.upper(),)).fetchall()
if len(results) == 0:
# Unknown in Db
r.short = "Unknown File - sha1 : %s" % (submission.file.sha1)
else:
# Known in Hash Db
r.short = "File known to be safe (%s match)" % (len(results))
r.threat_level = 0
for result in results:
report_details = {
'FileName': result[2],
'FileSize': result[3],
'Product': {
'ProductName': result[4],
'ProductVersion': result[5],
'Language': result[6],
'ApplicationType': result[7],
'OS': {
'OpSystemCode': result[8],
'OpSystemName': result[9],
'OpSystemVersion': result[10],
'MfgCode': result[11],
'MfgName': result[12],
},
},
}
json = JSONEncoder().encode(report_details)
section = ReportSection(
type='json',
value=json,
report=r
)
s.add(section)
s.commit()
#r._sa_instance_state.session.expunge(r)
return r
def _do_work(self, submission):
#Do the actual work
report = self.vt.get(submission.file.sha256)
s = Session()
r = Report(
module=self.__ModuleName__,
short="Short desc...",
full="",
submission=submission
)
s.add(r)
new_vt_submission = False
if report is None:
# Unknown in VT
r.short = "Unknown on VT"
if self.module_config['submit_unknown']:
report = self.vt.scan(submission.file.path, reanalyze=True)
report.join()
new_vt_submission = True
try:
assert report.done is True
# Known in VT
r.short = "Detection rate : %s/%s - %s" % (report.positives, report.total, report.verbose_msg)
if new_vt_submission:
r.short += " (First submission in VT)"
if report.positives == 0:
r.threat_level = 0
elif report.positives > 5:
r.threat_level = 100
report_details = report._report
json = JSONEncoder().encode(report_details)
section = ReportSection(
type='json',
value=json,
report=r
)
s.add(section)
except Exception as e:
logging.error("Could not get report from vt : %s"%e)
s.commit()
#r._sa_instance_state.session.expunge(r)
return r
def report():
user_name = request.cookies.get("user_name")
current_user = User.query.filter(User.username == user_name).all()[0]
msg = request.values.get('msg', type=str, default=None)
#被举报者id
reported_id = request.values.get('reported_id', type=int, default=None)
#举报内容,0,1,2,3分别代表 昵称、头像、座右铭、笔记文件
to_report = request.values.get('to_report', type=int, default=None)
#文件号,如果to_report=3则必填
file_id = request.values.get('file_id', type=str, default=None)
#是否匿名,取0 or 1
anonymous = request.values.get('anonymous', type=int, default=None)
return_json = {'code': 900, 'data': {}}
#被举报者不存在
if not User.query.get(reported_id):
return_json['code'] = 400
return_json['data']['msg'] = "User does not exists"
return jsonify(return_json)
#举报内容为文件,文件号为空
if to_report == 3 and file_id == None:
return_json['code'] = 900
return_json['data']['msg'] = "Error: file_id empty"
return jsonify(return_json)
# msg非法
if msg == None:
return_json['data'][
'msg'] = "message can not be None or Too long(over 200 bytes)"
return jsonify(return_json)
elif len(msg) == 0 or len(msg) > MAXMSG:
return_json['data'][
'msg'] = "message can not be None or Too long(over 200 bytes)"
return jsonify(return_json)
else: #msg合法
my_id = current_user.id
if anonymous == 0:
my_id = -1
my_report = Report(reported_id, to_report, msg, file_id, my_id)
try:
db.session.add(my_report)
db.session.flush()
db.session.commit()
except:
return_json['code'] = 300
return_json['data']['msg'] = 'Database error'
return jsonify(return_json)
return_json['code'] = 200
return_json['data']['msg'] = "report success"
return jsonify(return_json)
def _do_work(self, submission):
a = AnalyzePDF(submission.file.path, toolpath=self.module_config['tool_path'])
sev, comment = a.analyze() # (sev (0-5+), "comment")
r = Report(
module=self.__ModuleName__,
short="%s (%s)" % (sev, comment),
full="",
submission=submission
)
if sev >= 5:
r.threat_level = 100
elif sev >=2:
r.threat_level = 50
else:
r.threat_level = 0
Session.add(r)
section = ReportSection(
type='text',
value=a.anomalies_string,
report=r
)
Session.add(section)
section = ReportSection(
type='text',
value=a.pdfid_str,
report=r
)
Session.add(section)
Session.commit()
#r._sa_instance_state.session.expunge(r)
return r
