def publisher(): jobs = Queue.objects.filter(published=False) try: gridfs = connect_gridfs() except Exception as e: logger.debug(e) for j in jobs: for r in gridfs.find({'sha256': j.malware.sha256}, limit=1): malware = r try: hpc = hpfeeds.new(j.channel.host, int(j.channel.port), j.channel.ident.encode(), j.channel.secret.encode()) except Exception as e: logger.debug(e) else: data = malware.read() hpc.publish([j.channel.pubchans], data) error_msg = hpc.wait() if error_msg: logger.debug('got error from server: {}'.format(error_msg)) else: # also can add a notification j.published = True j.save()
def publisher(): jobs = Queue.objects.filter(published=False) try: gridfs = connect_gridfs() except Exception as e: logger.debug(e) for j in jobs: for r in gridfs.find({'sha256': j.malware.sha256}, limit=1): malware = r try: hpc = hpfeeds.new(j.channel.host, int(j.channel.port), j.channel.ident.encode(), j.channel.secret.encode()) except Exception as e: logger.debug(e) else: data = malware.read() hpc.publish([j.channel.pubchans], data) error_msg = hpc.wait() if error_msg: logger.debug('got error from server: {}'.format(error_msg)) else: # also can add a notification j.published = True j.save()
def save_malware(buf, user=None, source=None): hashes = compute_hashes(buf) if not is_malware_exists(hashes['sha256']): columns = dict() columns.update(hashes) columns.update({ 'size': str(len(buf)), # bytes 'type': magic.from_buffer(str(buf)), 'crc32': binascii.crc32(buf), 'ssdeep': compute_ssdeep(str(buf)) }) # save malware into gridfs try: gridfs = connect_gridfs() except: return False else: with gridfs.new_file() as fp: fp.write(str(buf)) for attr, value in columns.items(): if attr != 'md5': setattr(fp, attr, value) fp.close() columns['user'] = user columns['source'] = source instance = Malware(**columns) instance.save() return hashes['sha256']
def test_can_upload(self): # test can upload condition = {'filename': self.file_name} gridfs = connect_gridfs() excepted_count = gridfs.find(condition).count() + 1 self._upload(self.file_path, self.file_name) count = gridfs.find(condition).count() self.assertEqual(count, excepted_count) # test can not upload repeatedly excepted_error = 'Duplicated Malware Sample.' response = self._upload(self.file_path, self.file_name) errors = response.context['form'].errors['malware'] self.assertIn(excepted_error, errors)
def test_can_upload(self): # test can upload condition = {'filename': self.file_name} gridfs = connect_gridfs() excepted_count = gridfs.find(condition).count() + 1 self._upload(self.file_path, self.file_name) count = gridfs.find(condition).count() self.assertEqual(count, excepted_count) # test can not upload repeatedly excepted_error = 'Duplicated Malware Sample.' response = self._upload(self.file_path, self.file_name) errors = response.context['form'].errors['malware'] self.assertIn(excepted_error, errors)
def form_valid(self, form): malware = form.cleaned_data['malware'] channels = form.cleaned_data['channels'] #list file_info = get_uploaded_file_info(malware) columns = file_info.copy() columns.update({ 'desc': form.cleaned_data['desc'], 'name': form.cleaned_data['name'] }) # save malware into gridfs try: gridfs = connect_gridfs() except: messages.error(self.request, e) else: with gridfs.new_file() as fp: for chunk in malware.chunks(): fp.write(chunk) for attr, value in columns.items(): if attr != 'md5': setattr(fp, attr, value) fp.close() # Save the owner and source of sample columns.update({ 'source': form.cleaned_data['source'], 'user': form.user }) sample = Malware(**columns) sample.save() # Save into pulishing queue for c in channels: Queue(malware=sample, channel=c).save() messages.success(self.request, 'New malware created.') return super(MalwareUploadView, self).form_valid(form)
def form_valid(self, form): malware = form.cleaned_data['malware'] channels = form.cleaned_data['channels'] #list file_info = get_uploaded_file_info(malware) columns = file_info.copy() columns.update({ 'desc': form.cleaned_data['desc'], 'name': form.cleaned_data['name'] }) # save malware into gridfs try: gridfs = connect_gridfs() except: messages.error(self.request, e) else: with gridfs.new_file() as fp: for chunk in malware.chunks(): fp.write(chunk) for attr, value in columns.items(): if attr != 'md5': setattr(fp, attr, value) fp.close() # Save the owner and source of sample columns.update({ 'source': form.cleaned_data['source'], 'user': form.user }) sample = Malware(**columns) sample.save() # Save into pulishing queue for c in channels: Queue(malware=sample, channel=c).save() messages.success(self.request, 'New malware created.') return super(MalwareUploadView, self).form_valid(form)