def configuration(self, id): """Configure a named configuration. .. :quickref: Module; Configure a named configuration Requires the `manage_modules` permission. For each configuration available, you should set the value in a form parameter named ``config_NAME``. For boolean values, any value not ``0`` or ``False`` is considered to be ``True``. If successful, will return the named configuration in ``config``. Otherwise, errors will be available in ``errors``. :param id: id of the named configuration. """ config = Config(get_or_404(Config.get_collection(), _id=id)) if request.method == "POST": errors = update_config(config['config']) if errors is not None: return errors config.save() dispatcher.reload() return redirect({'config': config}, url_for('ModulesView:index')) else: return render({'config': config}, 'modules/configuration.html')
def create_comment_configuration(): comments = Config.get(name='comments') if comments is None: comments = Config({ 'name': 'comments', 'description': 'Analysis comments configuration.', 'config': [ { 'name': 'enable', 'description': 'Let users add comments to an analysis.', 'type': 'bool', 'default': True, 'value': True }, { 'name': 'minimum_length', 'description': 'Define a minimal character count to be enforced when submitting an analysis', 'type': 'integer', 'default': 0, 'value': None } ] }) comments.save()
def create_virustotal_configuration(): vt = Config.get(name='virustotal') if vt is None: vt = Config({ 'name': 'virustotal', 'description': 'VirusTotal API configuration, in order to be able to submit hashes.', 'config': [ { 'name': 'api_key', 'description': 'VirusTotal Intelligence API key.', 'type': 'str', 'value': None } ]}) vt.save()
def create_reverseit_configuration(): reverseit = Config.get(name='reverseit') if reverseit is None: reverseit = Config({ 'name': 'reverseit', 'description': 'Reverseit API configuration, in order to be able to submit hashes.', 'config': [{ 'name': 'api_key', 'description': 'Reverseit API key.', 'type': 'str', 'value': None }] }) reverseit.save()
def create_extracted_schedule(): extracted = Config.get(name="extracted") if extracted is None: extracted = Config({ "name": "extracted", "description": "Define which modules are scheduled by default on extracted files", "config": [ { "name": "modules", "type": "text", "value": """peepdf document_preview exiftool office_macros virustotal_public """ } ] }) extracted.save()
def update(self, module, path, repository): named_configs = [] if module.name: module_info = ModuleInfo.get(name=module.name) # Ignore duplicates if module_info and not module_info['path'].startswith( 'fame.modules.{}.'.format(repository['name'])): print "Duplicate name '{}', ignoring module.".format( module.name) return None # Handle named configs for named_config in module.named_configs: config = Config.get(name=named_config) # Creation if config is None: config = Config(module.named_config(named_config)) config.save() # Update else: config.update_config(module.named_config(named_config)) named_configs.append(config) # Handle module info if module_info is None: module_info = module.static_info() module_info['enabled'] = False else: module_info.update_config(module.static_info()) module_info['class'] = module.__name__ module_info['path'] = path module_info.save() return named_configs
def create_types(): types = Config.get(name='types') if types is None: types = Config({ 'name': 'types', 'description': 'Mappings for file type determination.', 'config': [ { 'name': 'mappings', 'type': 'text', 'value': """[types] application/x-dosexec = executable application/vnd.openxmlformats-officedocument.wordprocessingml.document = word application/vnd.openxmlformats-officedocument.spreadsheetml.sheet = excel application/msword = word application/vnd.ms-excel = excel application/vnd.ms-powerpoint = powerpoint text/html = html text/rtf = rtf application/x-coredump = memory_dump application/pdf = pdf application/zip = zip text/x-mail = eml message/rfc822 = eml application/CDFV2-unknown = msg application/java-archive = jar application/x-7z-compressed = 7z application/x-rar = rar application/x-iso9660-image = iso [details] MIME entity, ISO-8859 text, with CRLF line terminators = word MIME entity, ISO-8859 text, with very long lines, with CRLF line terminators = word Dalvik dex file = dex [extensions] exe = executable scr = executable doc = word docx = word docm = word xls = excel xlsx = excel xslm = excel ppt = powerpoint pptx = powerpoint rtf = rtf html = html js = javascript pdf = pdf apk = apk jar = jar zip = zip msg = msg eml = eml iso = iso msi = executable 7z = 7z rar = rar""", 'description': "In order to determine the file type, FAME will use the `python-magic` library. It will then try to find a match in 'mappings' for either the extension, the detailed type or the mime type (in this order of priority). If no matching type was found, the mime type will be used." } ] }) types.save()