Exemplo n.º 1
0
def setupSsh():
    remote = ssh(host, user, pwd, pkey)
    remote.precall("cd %s" % remote_git)
    return remote
Exemplo n.º 2
0
def setupSsh():
    remote = ssh(host, user, pwd, pkey)
    remote.precall('cd %s' % remote_git)
    return remote
Exemplo n.º 3
0
def download_report_by_id(analysis_id, db_client):

    data = db_client.get_analysis_basic_information(analysis_id)
    if data == None:
        log.error("Analysis not found.")
        return 0

    cuckoo_id = data[1]
    kernel_analysis = data[2]
    state = data[3]
    server_id = data[5]
    md5 = data[7]

    if cuckoo_id == 0:
        log.warning("Cuckoo identifiers = zero")
        return 0

    server_info = db_client.get_server(server_id)
    if not server_info:
        log.error("Bad server information")
        return 0

    if server_info[1] == "localhost" or server_info[1] == "127.0.0.1":
        cuckoo_path = server_info[5]
        report_path = cuckoo_path + "/storage/analyses/" + str(cuckoo_id) + "/reports/report.json"
        stdin, stdout, stderr = os.popen3("ls " + report_path)
        stdout_l = ""
        stderr_l = ""
        if stdout:
            stdout_l = stdout.read()
        if stderr:
            stderr_l = stderr.read()
        log.debug("LS local STDOUT: " + stdout_l)
        log.debug("LS local STDERR: " + stderr_l)
        if stdout_l == "":
            log.warning("Analysis not finished yet.")
            return 0
        db_client.set_finished_analysis(analysis_id)
        report_name = os.path.join(ROOT_DIR, "results", md5 + "." + str(analysis_id) + ".json")
        os.rename(report_path, report_name)
        log.info("Analysis #" + str(analysis_id) + " report downloaded")
        db_client.set_reported_analysis(analysis_id)
        update_score(db_client, report_name, analysis_id)
        return 1

    ssh_client = ssh()
    if ssh_client.create(server_info[1], server_info[2], server_info[3], server_info[4], server_info[5]) == 0:
        log.error("SSH connection error")
        return 0

    # if was not reported as finished, check if finished
    if state < 2:
        state = ssh_client.check_report(cuckoo_id)
        # still running...
        if state == 0:
            log.warning("Analysis not finished yet.")
            return 0
        else:
            db_client.set_finished_analysis(analysis_id)

    temp_path = ssh_client.download_report(cuckoo_id)
    if not temp_path:
        log.error("Could not download " + str(analysis_id) + " report")
    else:
        report_name = os.path.join(ROOT_DIR, "results", md5 + "." + str(analysis_id) + ".json")
        os.rename(temp_path, report_name)
        log.info("Analysis #" + str(analysis_id) + " report downloaded")
        db_client.set_reported_analysis(analysis_id)
        update_score(db_client, report_name, analysis_id)

    ssh_client.close()
    return 1
Exemplo n.º 4
0
def handle_analysis(db_client, analysis_id):

    global last_server_id

    data = db_client.get_analysis_basic_information(analysis_id)
    md5 = data[7]
    cuckoo_id = data[1]
    kernelmode_analysis = data[2]

    if cuckoo_id != 0:
        log.warning("Already started analysis")
        return 0

    file_path = os.path.join(ROOT_DIR, "binaries", md5 + ".bin")
    if not os.path.exists(file_path):
        log.warning('File "' + file_path + '": not found')
        return 0

    conf = db_client.load_conf()
    parse_metadata = conf[0]
    auto_download_reports = conf[1]
    enable_usermode_analysis = conf[6]
    enable_kernelmode_analysis = conf[7]
    usermode_timeout = conf[8]
    kernelmode_timeout = conf[9]

    fhandle = open(file_path, "rb")
    fdata = fhandle.read()
    fhandle.close()

    state = 0
    state_k = 0
    ssh_client = ssh()

    # get server
    original_server_id = last_server_id
    server_info = get_server_info(db_client)
    if not server_info:
        log.error("Cannot get server information.")
        return 0

    # local server ?
    if server_info[1] == "127.0.0.1" or server_info[1] == "localhost":
        is_available = 2
    else:
        is_available = ssh_client.create(server_info[1], server_info[2], server_info[3], server_info[4], server_info[5])

    #  Every server down
    if is_available == 0:
        log.error("No available servers found.")
        return 0

    if is_available == 1:
        # Start remote analyses
        if kernelmode_analysis == 1:
            cuckoo_id = ssh_client.start_single_analysis(file_path, True, kernelmode_timeout)
        else:
            cuckoo_id = ssh_client.start_single_analysis(file_path, False, usermode_timeout)
        ssh_client.close()
    else:
        # Localhost, start local analysis
        if kernelmode_analysis == 1:
            cuckoo_id = start_local_analysis(file_path, server_info[5], True, kernelmode_timeout)
        else:
            cuckoo_id = start_local_analysis(file_path, server_info[5], False, usermode_timeout)

    if cuckoo_id == 0:
        log.error("Could not start cuckoo task")
        return 0

    # Update analysis info
    db_client.set_analysis_dispatched(analysis_id, cuckoo_id, server_info[0])
    log.info(
        "New analysis for task ID "
        + str(analysis_id)
        + " created (server "
        + str(server_info[0])
        + ":"
        + str(cuckoo_id)
        + ")"
    )

    return
Exemplo n.º 5
0
Arquivo: misc.py Projeto: primmus/CAAS
def download_report_by_id(analysis_id, db_client):

    data = db_client.get_analysis_basic_information(analysis_id)
    if data == None:
        log.error("Analysis not found.")
        return 0

    cuckoo_id = data[1]
    kernel_analysis = data[2]
    state = data[3]
    server_id = data[5]
    md5 = data[7]

    if cuckoo_id == 0:
        log.warning("Cuckoo identifiers = zero")
        return 0

    server_info = db_client.get_server(server_id)
    if not server_info:
        log.error("Bad server information")
        return 0

    if server_info[1] == "localhost" or server_info[1] == "127.0.0.1":
        cuckoo_path = server_info[5]
        report_path = cuckoo_path + "/storage/analyses/" + str(
            cuckoo_id) + "/reports/report.json"
        stdin, stdout, stderr = os.popen3("ls " + report_path)
        stdout_l = ""
        stderr_l = ""
        if stdout:
            stdout_l = stdout.read()
        if stderr:
            stderr_l = stderr.read()
        log.debug("LS local STDOUT: " + stdout_l)
        log.debug("LS local STDERR: " + stderr_l)
        if stdout_l == "":
            log.warning("Analysis not finished yet.")
            return 0
        db_client.set_finished_analysis(analysis_id)
        report_name = os.path.join(ROOT_DIR, "results",
                                   md5 + "." + str(analysis_id) + ".json")
        os.rename(report_path, report_name)
        log.info("Analysis #" + str(analysis_id) + " report downloaded")
        db_client.set_reported_analysis(analysis_id)
        update_score(db_client, report_name, analysis_id)
        return 1

    ssh_client = ssh()
    if ssh_client.create(server_info[1], server_info[2], server_info[3],
                         server_info[4], server_info[5]) == 0:
        log.error("SSH connection error")
        return 0

    # if was not reported as finished, check if finished
    if state < 2:
        state = ssh_client.check_report(cuckoo_id)
        # still running...
        if state == 0:
            log.warning("Analysis not finished yet.")
            return 0
        else:
            db_client.set_finished_analysis(analysis_id)

    temp_path = ssh_client.download_report(cuckoo_id)
    if not temp_path:
        log.error("Could not download " + str(analysis_id) + " report")
    else:
        report_name = os.path.join(ROOT_DIR, "results",
                                   md5 + "." + str(analysis_id) + ".json")
        os.rename(temp_path, report_name)
        log.info("Analysis #" + str(analysis_id) + " report downloaded")
        db_client.set_reported_analysis(analysis_id)
        update_score(db_client, report_name, analysis_id)

    ssh_client.close()
    return 1
Exemplo n.º 6
0
Arquivo: misc.py Projeto: primmus/CAAS
def handle_analysis(db_client, analysis_id):

    global last_server_id

    data = db_client.get_analysis_basic_information(analysis_id)
    md5 = data[7]
    cuckoo_id = data[1]
    kernelmode_analysis = data[2]

    if cuckoo_id != 0:
        log.warning("Already started analysis")
        return 0

    file_path = os.path.join(ROOT_DIR, "binaries", md5 + ".bin")
    if not os.path.exists(file_path):
        log.warning("File \"" + file_path + "\": not found")
        return 0

    conf = db_client.load_conf()
    parse_metadata = conf[0]
    auto_download_reports = conf[1]
    enable_usermode_analysis = conf[6]
    enable_kernelmode_analysis = conf[7]
    usermode_timeout = conf[8]
    kernelmode_timeout = conf[9]

    fhandle = open(file_path, "rb")
    fdata = fhandle.read()
    fhandle.close()

    state = 0
    state_k = 0
    ssh_client = ssh()

    # get server
    original_server_id = last_server_id
    server_info = get_server_info(db_client)
    if not server_info:
        log.error("Cannot get server information.")
        return 0

    # local server ?
    if server_info[1] == "127.0.0.1" or server_info[1] == "localhost":
        is_available = 2
    else:
        is_available = ssh_client.create(server_info[1], server_info[2],
                                         server_info[3], server_info[4],
                                         server_info[5])

#  Every server down
    if is_available == 0:
        log.error("No available servers found.")
        return 0

    if is_available == 1:
        # Start remote analyses
        if kernelmode_analysis == 1:
            cuckoo_id = ssh_client.start_single_analysis(
                file_path, True, kernelmode_timeout)
        else:
            cuckoo_id = ssh_client.start_single_analysis(
                file_path, False, usermode_timeout)
        ssh_client.close()
    else:
        # Localhost, start local analysis
        if kernelmode_analysis == 1:
            cuckoo_id = start_local_analysis(file_path, server_info[5], True,
                                             kernelmode_timeout)
        else:
            cuckoo_id = start_local_analysis(file_path, server_info[5], False,
                                             usermode_timeout)

    if cuckoo_id == 0:
        log.error("Could not start cuckoo task")
        return 0

    # Update analysis info
    db_client.set_analysis_dispatched(analysis_id, cuckoo_id, server_info[0])
    log.info("New analysis for task ID " + str(analysis_id) +
             " created (server " + str(server_info[0]) + ":" + str(cuckoo_id) +
             ")")

    return