def migrate_exploits(self): """ Create exploit objects from exploits on samples. """ if not self.unsupported_attrs: return if 'exploit' not in self.unsupported_attrs: return from crits.exploits.handlers import add_new_exploit exploits = self.unsupported_attrs['exploit'] for exp in exploits: # Create a new exploit object. Use the source and campaign from the # current sample. The "old" exploit format was a list of dictionaries # with the key of "cve" and a value that we will use for name and CVE. result = add_new_exploit(exp['cve'], cve=exp['cve'], source=self.source, campaign=self.campaign) if result['success']: self.add_relationship(result['object'], RelationshipTypes.RELATED_TO, rel_reason="Migrated") # Save the object after relationship was created. self.save() else: print "\n\tError migrating %s: %s" % (self.id, result['message'])
def migrate_exploits(self): """ Create exploit objects from exploits on samples. """ if not self.unsupported_attrs: return if 'exploit' not in self.unsupported_attrs: return from crits.exploits.handlers import add_new_exploit exploits = self.unsupported_attrs['exploit'] for exp in exploits: print "Migrating exploit for %s" % self.id # Create a new exploit object. Use the source and campaign from the # current sample. The "old" exploit format was a list of dictionaries # with the key of "cve" and a value that we will use for name and CVE. result = add_new_exploit(exp['cve'], cve=exp['cve'], source=self.source, campaign=self.campaign) if result['success']: self.add_relationship(result['object'], "Related_To", rel_reason="Migrated") # Save the object after relationship was created. self.save() else: print "Error migrating %s: %s" % (self.id, result['message'])
def obj_create(self, bundle, **kwargs): """ Handles creating Exploits through the API. :param bundle: Bundle containing the information to create the Exploit. :type bundle: Tastypie Bundle object. :returns: HttpResponse object. """ user = bundle.request.user data = bundle.data name = data.get('name', None) cve = data.get('cve', '') description = data.get('description', None) source = data.get('source', None) reference = data.get('reference', None) method = data.get('method', None) tlp = data.get('tlp', 'amber') campaign = data.get('campaign', None) confidence = data.get('confidence', None) bucket_list = data.get('bucket_list', None) ticket = data.get('ticket', None) if user.has_access_to(ExploitACL.WRITE): result = add_new_exploit(name, cve, description=description, source=source, source_method=method, source_reference=reference, source_tlp=tlp, campaign=campaign, confidence=confidence, user=user, bucket_list=bucket_list, ticket=ticket) else: result = { 'success': False, 'message': 'User does not have permission to create Object.' } content = { 'return_code': 0, 'type': 'Exploit', 'message': result.get('message', ''), 'id': result.get('id', '') } if result.get('id'): url = reverse('api_dispatch_detail', kwargs={ 'resource_name': 'exploits', 'api_name': 'v1', 'pk': result.get('id') }) content['url'] = url if not result['success']: content['return_code'] = 1 self.crits_response(content)
def add_exploit(request): """ Add a exploit. Should be an AJAX POST. :param request: Django request. :type request: :class:`django.http.HttpRequest` :returns: :class:`django.http.HttpResponse` """ if request.method == "POST" and request.is_ajax(): data = request.POST form = AddExploitForm(request.user, data) if form.is_valid(): cleaned_data = form.cleaned_data name = cleaned_data['name'] cve = cleaned_data['cve'] description = cleaned_data['description'] source = cleaned_data['source_name'] reference = cleaned_data['source_reference'] method = cleaned_data['source_method'] tlp = cleaned_data['source_tlp'] campaign = cleaned_data['campaign'] confidence = cleaned_data['confidence'] user = request.user bucket_list = cleaned_data.get( form_consts.Common.BUCKET_LIST_VARIABLE_NAME) ticket = cleaned_data.get(form_consts.Common.TICKET_VARIABLE_NAME) related_id = cleaned_data['related_id'] related_type = cleaned_data['related_type'] relationship_type = cleaned_data['relationship_type'] result = add_new_exploit(name, cve=cve, description=description, source=source, source_method=method, source_reference=reference, source_tlp=tlp, campaign=campaign, confidence=confidence, user=user, bucket_list=bucket_list, ticket=ticket, related_id=related_id, related_type=related_type, relationship_type=relationship_type) return HttpResponse(json.dumps(result, default=json_handler), content_type="application/json") return HttpResponse(json.dumps({ 'success': False, 'form': form.as_table() }), content_type="application/json") return render_to_response("error.html", {'error': 'Expected AJAX/POST'}, RequestContext(request))
def add_exploit(request): """ Add a exploit. Should be an AJAX POST. :param request: Django request. :type request: :class:`django.http.HttpRequest` :returns: :class:`django.http.HttpResponse` """ if request.method == "POST" and request.is_ajax(): data = request.POST form = AddExploitForm(request.user, data) if form.is_valid(): cleaned_data = form.cleaned_data name = cleaned_data['name'] cve = cleaned_data['cve'] description = cleaned_data['description'] source = cleaned_data['source_name'] reference = cleaned_data['source_reference'] method = cleaned_data['source_method'] tlp = cleaned_data['source_tlp'] campaign = cleaned_data['campaign'] confidence = cleaned_data['confidence'] user = request.user bucket_list = cleaned_data.get(form_consts.Common.BUCKET_LIST_VARIABLE_NAME) ticket = cleaned_data.get(form_consts.Common.TICKET_VARIABLE_NAME) related_id = cleaned_data['related_id'] related_type = cleaned_data['related_type'] relationship_type = cleaned_data['relationship_type'] result = add_new_exploit(name, cve=cve, description=description, source=source, source_method=method, source_reference=reference, source_tlp=tlp, campaign=campaign, confidence=confidence, user=user, bucket_list=bucket_list, ticket=ticket, related_id=related_id, related_type=related_type, relationship_type=relationship_type) return HttpResponse(json.dumps(result, default=json_handler), content_type="application/json") return HttpResponse(json.dumps({'success': False, 'form':form.as_table()}), content_type="application/json") return render_to_response("error.html", {'error': 'Expected AJAX/POST'}, RequestContext(request))
def obj_create(self, bundle, **kwargs): """ Handles creating Exploits through the API. :param bundle: Bundle containing the information to create the Exploit. :type bundle: Tastypie Bundle object. :returns: HttpResponse object. """ user = bundle.request.user data = bundle.data name = data.get('name', None) cve = data.get('cve', '') description = data.get('description', None) source = data.get('source', None) reference = data.get('reference', None) method = data.get('method', None) tlp = data.get('tlp', 'amber') campaign = data.get('campaign', None) confidence = data.get('confidence', None) bucket_list = data.get('bucket_list', None) ticket = data.get('ticket', None) if user.has_access_to(ExploitACL.WRITE): result = add_new_exploit(name, cve, description=description, source=source, source_method=method, source_reference=reference, source_tlp=tlp, campaign=campaign, confidence=confidence, user=user, bucket_list=bucket_list, ticket=ticket) else: result = {'success':False, 'message':'User does not have permission to create Object.'} content = {'return_code': 0, 'type': 'Exploit', 'message': result.get('message', ''), 'id': result.get('id', '')} if result.get('id'): url = reverse('api_dispatch_detail', kwargs={'resource_name': 'exploits', 'api_name': 'v1', 'pk': result.get('id')}) content['url'] = url if not result['success']: content['return_code'] = 1 self.crits_response(content)