def addObjects(self):
"""Adds objects elements."""
# File objects
# Subject
if self.results["target"]["category"] == "file":
self.objects.add_file(self.createFileObject(self.results["target"]["file"]))
elif self.results["target"]["category"] == "url":
self.objects.add_uri(maec.uriObject(
id = hashlib.md5(self.results["target"]["url"]).hexdigest(),
uriString = self.results["target"]["url"])
)
else:
raise CuckooReportError("Unknown target type")
# Dropped files
if "dropped" in self.results and isinstance(self.results["dropped"], list):
for f in self.results["dropped"]:
found = False
for exist in self.objects.get_file():
if exist.get_md5() == f["md5"]:
found = True
if not found:
self.objects.add_file(self.createFileObject(f))
# URI objects
if "network" in self.results and isinstance(self.results["network"], dict):
if "http" in self.results["network"] and isinstance(self.results["network"]["http"], list):
for req in self.results["network"]["http"]:
found = False
for exist in self.objects.get_uri():
if exist.get_id() == req["uri"]:
found = True
if not found:
self.objects.add_uri(self.createUriObject(req))
def createUriObject(self, req):
"""Creates URI object
@param req: HTTP request as described in cuckoo dict
@return: created URI object
"""
uri = maec.uriObject(id=req["uri"],
uriString=req["uri"],
protocol="http",
hostname=req["host"],
port=req["port"],
path=req["path"],
ipProtocol="tcp")
# Add details
prop = maec.objectProperty()
prop.add_property(
maec.property(type_="httpMethod", valueOf_=req["method"]))
if req["method"] == "POST":
prop.add_property(
maec.property(type_="postData",
valueOf_="<![CDATA[%s]]>" % req["body"]))
if "user-agent" in req:
prop.add_property(
maec.property(type_="userAgent", valueOf_=req["user-agent"]))
prop.set_references(
maec.reference(valueOf_="uri[@id='%s']" % req["uri"]))
self.properties.add_objectProperty(prop)
return uri
def createUriObject(self, req):
"""Creates URI object
@param req: HTTP request as described in cuckoo dict
@return: created URI object
"""
uri = maec.uriObject(id=req['uri'],
uriString=req['uri'],
protocol='http',
hostname=req['host'],
port=req['port'],
path=req['path'],
ipProtocol='tcp')
# Add details
prop = maec.objectProperty()
prop.add_property(
maec.property(type_='httpMethod', valueOf_=req['method']))
if req['method'] == 'POST':
prop.add_property(
maec.property(type_='postData',
valueOf_="<![CDATA[%s]]>" % req['body']))
if 'user-agent' in req:
prop.add_property(
maec.property(type_='userAgent', valueOf_=req['user-agent']))
prop.set_references(
maec.reference(valueOf_="uri[@id='%s']" % req['uri']))
self.properties.add_objectProperty(prop)
return uri
def createUriObject(self, req):
"""Creates URI object
@param req: HTTP request as described in cuckoo dict
@return: created URI object
"""
uri = maec.uriObject(
id = req["uri"],
uriString = req["uri"],
protocol = "http",
hostname = req["host"],
port = req["port"],
path = req["path"],
ipProtocol = "tcp"
)
# Add details
prop = maec.objectProperty()
prop.add_property(maec.property(
type_= "httpMethod",
valueOf_ = req["method"]
)
)
if req["method"] == "POST":
prop.add_property(maec.property(
type_= "postData",
valueOf_ = "<![CDATA[%s]]>" % req["body"]
)
)
if "user-agent" in req:
prop.add_property(maec.property(
type_= "userAgent",
valueOf_ = req["user-agent"]
)
)
prop.set_references(
maec.reference(
valueOf_ = "uri[@id='%s']" % req["uri"]
)
)
self.properties.add_objectProperty(prop)
return uri
def createUriObject(self, req):
"""Creates URI object
@param req: HTTP request as described in cuckoo dict
@return: created URI object
"""
uri = maec.uriObject(
id = req['uri'],
uriString = req['uri'],
protocol = 'http',
hostname = req['host'],
port = req['port'],
path = req['path'],
ipProtocol = 'tcp'
)
# Add details
prop = maec.objectProperty()
prop.add_property(maec.property(
type_= 'httpMethod',
valueOf_ = req['method']
)
)
if req['method'] == 'POST':
prop.add_property(maec.property(
type_= 'postData',
valueOf_ = "<![CDATA[%s]]>" % req['body']
)
)
if 'user-agent' in req:
prop.add_property(maec.property(
type_= 'userAgent',
valueOf_ = req['user-agent']
)
)
prop.set_references(
maec.reference(
valueOf_ = "uri[@id='%s']" % req['uri']
)
)
self.properties.add_objectProperty(prop)
return uri
def addObjects(self):
"""Adds objects elements."""
# File objects
# Subject
if self.results["target"]["category"] == "file":
self.objects.add_file(
self.createFileObject(self.results["target"]["file"]))
elif self.results["target"]["category"] == "url":
self.objects.add_uri(
maec.uriObject(id=hashlib.md5(
self.results["target"]["url"]).hexdigest(),
uriString=self.results["target"]["url"]))
else:
raise CuckooReportError("Unknown target type")
# Dropped files
if "dropped" in self.results and isinstance(self.results["dropped"],
list):
for f in self.results["dropped"]:
found = False
for exist in self.objects.get_file():
if exist.get_md5() == f["md5"]:
found = True
if not found:
self.objects.add_file(self.createFileObject(f))
# URI objects
if "network" in self.results and isinstance(self.results["network"],
dict):
if "http" in self.results["network"] and isinstance(
self.results["network"]["http"], list):
for req in self.results["network"]["http"]:
found = False
for exist in self.objects.get_uri():
if exist.get_id() == req["uri"]:
found = True
if not found:
self.objects.add_uri(self.createUriObject(req))
