def save_malware(buf, user=None, source=None):
hashes = compute_hashes(buf)
if not is_malware_exists(hashes['sha256']):
columns = dict()
columns.update(hashes)
columns.update({
'size': str(len(buf)), # bytes
'type': magic.from_buffer(str(buf)),
'crc32': binascii.crc32(buf),
'ssdeep': compute_ssdeep(str(buf))
})
# save malware into gridfs
try:
gridfs = connect_gridfs()
except:
return False
else:
with gridfs.new_file() as fp:
fp.write(str(buf))
for attr, value in columns.items():
if attr != 'md5':
setattr(fp, attr, value)
fp.close()
columns['user'] = user
columns['source'] = source
instance = Malware(**columns)
instance.save()
return hashes['sha256']
def form_valid(self, form):
malware = form.cleaned_data['malware']
channels = form.cleaned_data['channels'] #list
file_info = get_uploaded_file_info(malware)
columns = file_info.copy()
columns.update({
'desc': form.cleaned_data['desc'],
'name': form.cleaned_data['name']
})
# save malware into gridfs
try:
gridfs = connect_gridfs()
except:
messages.error(self.request, e)
else:
with gridfs.new_file() as fp:
for chunk in malware.chunks():
fp.write(chunk)
for attr, value in columns.items():
if attr != 'md5':
setattr(fp, attr, value)
fp.close()
# Save the owner and source of sample
columns.update({
'source': form.cleaned_data['source'],
'user': form.user
})
sample = Malware(**columns)
sample.save()
# Save into pulishing queue
for c in channels:
Queue(malware=sample, channel=c).save()
messages.success(self.request, 'New malware created.')
return super(MalwareUploadView, self).form_valid(form)
def form_valid(self, form):
malware = form.cleaned_data['malware']
channels = form.cleaned_data['channels'] #list
file_info = get_uploaded_file_info(malware)
columns = file_info.copy()
columns.update({
'desc': form.cleaned_data['desc'],
'name': form.cleaned_data['name']
})
# save malware into gridfs
try:
gridfs = connect_gridfs()
except:
messages.error(self.request, e)
else:
with gridfs.new_file() as fp:
for chunk in malware.chunks():
fp.write(chunk)
for attr, value in columns.items():
if attr != 'md5':
setattr(fp, attr, value)
fp.close()
# Save the owner and source of sample
columns.update({
'source': form.cleaned_data['source'],
'user': form.user
})
sample = Malware(**columns)
sample.save()
# Save into pulishing queue
for c in channels:
Queue(malware=sample, channel=c).save()
messages.success(self.request, 'New malware created.')
return super(MalwareUploadView, self).form_valid(form)