Пример #1
0
    def __init__(self, dsmConfig, dsmInit=False):
        super(Ds_Manager, self).__init__()
        self.dsmConfig = dsmConfig
        self.dsmDb = Dsm_Db(dsmConfig.DS_DB_HOST, dsmConfig.DS_DB_NAME)
        
        self.sm = Sm_Api(self.dsmConfig.DS_SM_SENDER, self.dsmConfig.DS_SM_HOST)

        self.apkValidator = Apk_Validator()
        self.apkDetector = Apk_Detector('md5', 20, self.dsmConfig.DS_VT_APIKEY)

        self.inOss = Dsm_Oss(self.dsmConfig.DS_OSS_ENDPOINT,
                        self.dsmConfig.DS_OSS_ACCESSID,
                        self.dsmConfig.DS_OSS_ACCESSKEY,
                        self.dsmConfig.DS_OSS_INBUCKET)
        self.outOss = Dsm_Oss(self.dsmConfig.DS_OSS_ENDPOINT,
                        self.dsmConfig.DS_OSS_ACCESSID,
                        self.dsmConfig.DS_OSS_ACCESSKEY,
                        self.dsmConfig.DS_OSS_OUTBUCKET)

        if dsmInit:
            self.do_init()

        self.do_sync()
Пример #2
0
class Ds_Manager(object):
    '''
    DS Manager
    '''

    def __init__(self, dsmConfig, dsmInit=False):
        super(Ds_Manager, self).__init__()
        self.dsmConfig = dsmConfig
        self.dsmDb = Dsm_Db(dsmConfig.DS_DB_HOST, dsmConfig.DS_DB_NAME)
        
        self.sm = Sm_Api(self.dsmConfig.DS_SM_SENDER, self.dsmConfig.DS_SM_HOST)

        self.apkValidator = Apk_Validator()
        self.apkDetector = Apk_Detector('md5', 20, self.dsmConfig.DS_VT_APIKEY)

        self.inOss = Dsm_Oss(self.dsmConfig.DS_OSS_ENDPOINT,
                        self.dsmConfig.DS_OSS_ACCESSID,
                        self.dsmConfig.DS_OSS_ACCESSKEY,
                        self.dsmConfig.DS_OSS_INBUCKET)
        self.outOss = Dsm_Oss(self.dsmConfig.DS_OSS_ENDPOINT,
                        self.dsmConfig.DS_OSS_ACCESSID,
                        self.dsmConfig.DS_OSS_ACCESSKEY,
                        self.dsmConfig.DS_OSS_OUTBUCKET)

        if dsmInit:
            self.do_init()

        self.do_sync()

    def do_init(self):
        self.sm.send_msg('Initiating')
        self.dsmDb.do_init()
        self.inOss.do_init()
        self.outOss.do_init()

        self.gen_tmp_dir(tmpDirName=self.dsmConfig.DS_TMPDIR)
        self.gen_tmp_apk(tmpDirName=self.dsmConfig.DS_TMPDIR)

    def gen_tmp_dir(self, tmpDirName='tmp'):
        if not os.path.isdir(tmpDirName):
            os.makedirs(tmpDirName)

    def gen_tmp_apk(self, tmpDirName='tmp', tmpApkName='tmp.apk'):
        if not os.path.isdir(tmpDirName):
            self.gen_tmp_dir(tmpDirName)

        tmpApk = tmpDirName + '/' + tmpApkName

        if os.path.isfile(tmpApk):
            os.remove(tmpApk)
        return tmpApk

    def do_run(self):
        #running
        while True:
            self.sm.send_msg('Listing')
            objList = self.inOss.list_objects()
            if len(objList) == 0:
                self.sm.send_msg('Sleeping')
                time.sleep(self.dsmConfig.DS_RFSINT)
                continue

            for oneObj in objList:
                tmpApk = self.gen_tmp_apk(tmpDirName=self.dsmConfig.DS_TMPDIR)

                self.sm.send_msg('Downloading %s' % oneObj)
                self.inOss.download_to_local(oneObj, tmpApk)

                self.sm.send_msg('Validating %s' % tmpApk)
                if self.apkValidator.validate(tmpApk) != self.apkValidator.AV_OK:
                    self.sm.send_msg('%s is not valid' % tmpApk)
                    continue
                self.sm.send_msg('%s is valid' % tmpApk)

                self.sm.send_msg('Saving %s' % tmpApk)
                self.do_save(tmpApk, oneObj)

                objHashList = self.do_queue()
                self.do_detect(objHashList)

    def do_sync(self):
        pass

    def do_save(self, localPath, oneObj):
        fileHash = uh.utils_hash_file(localPath)

        if self.dsmDb.apk_exists(fileHash):
            return

        objName = self.gen_obj_name(fileHash)
        self.outOss.upload_to_oss(localPath, objName)
        self.inOss.rm_object(oneObj)
        self.dsmDb.set_apk(fileHash, objName)

    def do_queue(self):
        self.sm.send_msg('Queueing')
        return self.dsmDb.get_apks_by_state(self.dsmDb.DM_STATE_UNKNOWN)

    def do_detect(self, objHashList):
        self.sm.send_msg('Detecting')
        while len(objHashList) != 0:
            objHash = objHashList.pop(0)
            self.sm.send_msg('Detecting %s' % objHash)

            self.sm.send_msg('Scanning %s' % objHash)
            result = self.apkDetector.scan(objHash)
            if result == self.apkDetector.AD_OK:
                report = self.apkDetector.get_report()
                state = self.dsmDb.DM_STATE_BENIGN
                if report['positives'] >= self.dsmConfig.DS_VT_POSTHR:
                    state = self.dsmDb.DM_STATE_MALWARE
                    self.sm.send_msg('APK %s is MALWARE' % objHash)
                else:
                    self.sm.send_msg('APK %s is BENIGN' % objHash)
                self.dsmDb.set_apk_state(objHash, state)
            elif result == self.apkDetector.AD_ERR_NOFILE:
                self.sm.send_msg('APK %s is MISSING' % objHash)
            elif result == self.apkDetector.AD_ERR_QUEUED:
                self.sm.send_msg('APK %s is QUEUED' % objHash)
                objHashList.append(objHash)
            elif result == self.apkDetector.AD_ERR_NOTINDB:
                #upload
                self.sm.send_msg('APK %s is NOT IN DB' % objHash)

                objName = self.gen_obj_name(objHash)
                tmpApk = self.gen_tmp_apk(self.dsmConfig.DS_TMPDIR)
                self.outOss.download_to_local(objName, tmpApk)

                sendRes = self.apkDetector.send(tmpApk)

                if sendRes == self.apkDetector.AD_ERR_QUEUED:
                    self.sm.send_msg('APK %s is QUEUED' % objHash)
                    objHashList.append(objHash)
                elif sendRes == self.apkDetector.AD_ERR_TOOBIG:
                    self.sm.send_msg('APK %s is TOOBIG' % objHash)
                    self.dsmDb.set_apk_state(objHash, self.dsmDb.DM_STATE_TOOBIG)
                else:
                    self.sm.send_msg('APK %s UNKNOWN ERROR' % objHash)
            else:
                self.sm.send_msg('APK %s UNKNOWN ERROR' % objHash)

    def gen_obj_name(self, objHash):
        return objHash + '.apk'