def generate_alerts(self, search_start_time): alerts = {} #alerts["HIDDEN ELEMENT"] = self.get_hidden_iframes_css(search_start_time) alerts["HIDDEN ELEMENT"] = self.get_hidden_iframes(search_start_time) alerts["PROFILING SCRIPT"] = self.get_cart_id_injections( search_start_time) alerts["SCANBOX FRAMEWORK"] = self.get_scanbox_injections( search_start_time) for alert in alerts: for elem in alerts[alert]: if hasattr(elem, 'uri') and (elem.domain == None or not self.check_whitelist(elem.uri)): print "alert for ", elem.raw infected_page = Page.objects.get( Q(event_time__gte=search_start_time), page_id=elem.page_id) infected_page_url = "" if infected_page is not None: infected_page_url = infected_page.uri a = Alert(reason=alert, raw=elem.raw, uri=elem.uri, page=infected_page_url, page_id=elem.page_id, org_id=elem.org_id, event_time=elem.event_time) a.save() alerts_nocheck = {} if settings.ENABLE_EMAIL_ALERTS: alerts_nocheck["EMAIL DISCLOSURE"] = self.get_email_disclosures( search_start_time) print "here" alerts_nocheck["SUSPICIOUS SCRIPT"] = self.get_pastebin_injections( search_start_time) alerts_nocheck["WEBSHELL INJECTION"] = self.get_shell_injections( search_start_time) alerts_nocheck["VBSCRIPT INJECTION"] = self.get_vbscript_injections( search_start_time) alerts_nocheck["EVERCOOKIE SCRIPT"] = self.get_evercookie_scripts( search_start_time) for alert in alerts_nocheck: for elem in alerts_nocheck[alert]: print elem.raw infected_page = Page.objects.get( Q(event_time__gte=search_start_time), page_id=elem.page_id) infected_page_url = "" if infected_page is not None: infected_page_url = infected_page.uri a = Alert(reason=alert, raw=elem.raw, uri=elem.uri, page=infected_page_url, page_id=elem.page_id, org_id=elem.org_id, event_time=elem.event_time) a.save()