def skip_data(request):
out = { 'results':{},'error':{},'session':{}, 'success': True }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "malware")
con.update({"hash_data.file.md5":request.POST['hash']},{'$addToSet': { "tags":"research"} })
out['results'] = request.POST['hash']
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out),mimetype)
def snatch_data(request):
hold = []
out = { 'results':{},'error':{},'session':{} }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "malware")
data = con.find_one({'tags': { '$size': 1 } },{ 'hash_data.file.md5':1,'contents.objects.object.encoded':1,'contents.objects.object.decoded':1,'contents.objects.object.md5':1,'contents.objects.object.suspicious':1,'_id':0})
if data != None:
data = json.dumps(data)
data = json.loads(data)
hash_data = data.get("hash_data")
lfile = hash_data.get("file")
fhash = lfile.get("md5")
contents = data.get("contents")
objects = contents.get("objects")
object = objects.get("object")
for obj in object:
md5 = obj.get("md5")
encoded = obj.get("encoded")
decoded = obj.get("decoded")
suspicious = obj.get("suspicious")
d = { 'hash':md5,'encoded':encoded,'decoded':decoded, 'suspicious':suspicious }
hold.append(d)
out['results'] = hold
out['hash'] = fhash
else:
out['error'] = "No more objects"
return render_to_response('flagger.html',out,context_instance=RequestContext(request))
def flag_file(request):
out = { 'results':{},'error':{},'session':{}, 'success': True }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "pdf_repo")
tag = request.POST['tag']
con.update({"hash_data.file.md5":request.POST['hash']},{'$addToSet': { "tags":tag} },multi=True)
out['success'] = True
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out),mimetype)
def flag_data(request):
out = { 'results':{},'error':{},'session':{}, 'success': True }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "malware")
con.update({"contents.objects.object.md5":request.POST['hash']},{'$set': {'contents.objects.object.$.suspicious':'malicious'}},multi=True)
con.update({"contents.objects.object.md5":request.POST['hash']},{'$addToSet': { "tags":"checked"} },multi=True)
out['results'] = request.POST['hash']
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out),mimetype)
def skip_data(request):
out = {'results': {}, 'error': {}, 'session': {}, 'success': True}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "malware")
con.update({"hash_data.file.md5": request.POST['hash']},
{'$addToSet': {
"tags": "research"
}})
out['results'] = request.POST['hash']
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out), mimetype)
def flag_file(request):
out = {'results': {}, 'error': {}, 'session': {}, 'success': True}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "pdf_repo")
tag = request.POST['tag']
con.update({"hash_data.file.md5": request.POST['hash']},
{'$addToSet': {
"tags": tag
}},
multi=True)
out['success'] = True
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out), mimetype)
def all_object_comments(request):
out = {'results': {}, 'error': {}, 'session': {}, 'success': True}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "analyst_notes")
parent_hash = request.GET['parent_hash']
hashes = []
for item in con.find({"parent_hash": parent_hash}):
rjson = json.dumps(item)
data = json.loads(rjson)
hash = data.get("_id")
hashes.append(hash)
out['success'] = True
out['results'] = hashes
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out), mimetype)
def all_object_comments(request):
out = { 'results':{},'error':{},'session':{}, 'success': True }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "analyst_notes")
parent_hash = request.GET['parent_hash']
hashes = []
for item in con.find({"parent_hash":parent_hash}):
rjson = json.dumps(item)
data = json.loads(rjson)
hash = data.get("_id")
hashes.append(hash)
out['success'] = True
out['results'] = hashes
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out),mimetype)
def flag_data(request):
out = {'results': {}, 'error': {}, 'session': {}, 'success': True}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "malware")
con.update({"contents.objects.object.md5": request.POST['hash']},
{'$set': {
'contents.objects.object.$.suspicious': 'malicious'
}},
multi=True)
con.update({"contents.objects.object.md5": request.POST['hash']},
{'$addToSet': {
"tags": "checked"
}},
multi=True)
out['results'] = request.POST['hash']
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out), mimetype)
def get_object_comment(request):
out = {'results': {}, 'error': {}, 'session': {}, 'success': True}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "analyst_notes")
raw_hash = request.GET['raw_hash']
data = con.find_one({"_id": raw_hash}, {"_id": 0, "notes": 1})
if data != None:
data = json.dumps(data)
data = json.loads(data)
notes = data.get("notes")
else:
notes = ""
out['success'] = True
out['results'] = notes
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out), mimetype)
def get_object_comment(request):
out = { 'results':{},'error':{},'session':{}, 'success': True }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "analyst_notes")
raw_hash = request.GET['raw_hash']
data = con.find_one({"_id":raw_hash},{"_id":0,"notes":1})
if data != None:
data = json.dumps(data)
data = json.loads(data)
notes = data.get("notes")
else:
notes = ""
out['success'] = True
out['results'] = notes
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out),mimetype)
def snatch_data(request):
hold = []
out = {'results': {}, 'error': {}, 'session': {}}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "malware")
data = con.find_one({'tags': {
'$size': 1
}}, {
'hash_data.file.md5': 1,
'contents.objects.object.encoded': 1,
'contents.objects.object.decoded': 1,
'contents.objects.object.md5': 1,
'contents.objects.object.suspicious': 1,
'_id': 0
})
if data != None:
data = json.dumps(data)
data = json.loads(data)
hash_data = data.get("hash_data")
lfile = hash_data.get("file")
fhash = lfile.get("md5")
contents = data.get("contents")
objects = contents.get("objects")
object = objects.get("object")
for obj in object:
md5 = obj.get("md5")
encoded = obj.get("encoded")
decoded = obj.get("decoded")
suspicious = obj.get("suspicious")
d = {
'hash': md5,
'encoded': encoded,
'decoded': decoded,
'suspicious': suspicious
}
hold.append(d)
out['results'] = hold
out['hash'] = fhash
else:
out['error'] = "No more objects"
return render_to_response('flagger.html',
out,
context_instance=RequestContext(request))
def add_object_comment(request):
out = { 'results':{},'error':{},'session':{}, 'success': True }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "analyst_notes")
raw_hash = request.POST['raw_hash']
notes = request.POST['notes']
parent_hash = request.POST['parent_hash']
user = request.user.username
obj = {'_id':raw_hash,'notes':notes,'user':user,'date_time':time(),'parent_hash':parent_hash}
count = con.find({"_id":raw_hash}).count()
if count < 1:
con.insert(obj)
else:
con.update({"_id":raw_hash},{"$set": {"notes":notes}},True)
out['success'] = True
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out),mimetype)
def get_status(request):
hold = []
out = { 'results':{},'error':{},'session':{} }
con = connect_to_mongo('127.0.0.1',27017, "pdfs", "pdf_repo")
data = con.find_one({"hash_data.file.md5":request.POST['hash']},{'tags':1,'_id':0})
if data != None:
data = json.dumps(data)
data = json.loads(data)
tags = data.get("tags")
all_tags = ', '.join(tags)
out['results'] = all_tags
out['success'] = True
else:
out['success'] = False
out['error'] = "Tag data was blank"
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out),mimetype)
def get_status(request):
hold = []
out = {'results': {}, 'error': {}, 'session': {}}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "pdf_repo")
data = con.find_one({"hash_data.file.md5": request.POST['hash']}, {
'tags': 1,
'_id': 0
})
if data != None:
data = json.dumps(data)
data = json.loads(data)
tags = data.get("tags")
all_tags = ', '.join(tags)
out['results'] = all_tags
out['success'] = True
else:
out['success'] = False
out['error'] = "Tag data was blank"
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out), mimetype)
def add_object_comment(request):
out = {'results': {}, 'error': {}, 'session': {}, 'success': True}
con = connect_to_mongo('127.0.0.1', 27017, "pdfs", "analyst_notes")
raw_hash = request.POST['raw_hash']
notes = request.POST['notes']
parent_hash = request.POST['parent_hash']
user = request.user.username
obj = {
'_id': raw_hash,
'notes': notes,
'user': user,
'date_time': time(),
'parent_hash': parent_hash
}
count = con.find({"_id": raw_hash}).count()
if count < 1:
con.insert(obj)
else:
con.update({"_id": raw_hash}, {"$set": {"notes": notes}}, True)
out['success'] = True
mimetype = 'application/javascript'
return HttpResponse(json.dumps(out), mimetype)
