def apply_result(self):
samplecontrol = SampleController()
sample = SampleController.get_by_id(self.sid)
if sample is None:
app.logger.error(self.tmessage + "Sample has disappeared...")
raise IOError
app.logger.debug(self.tmessage + "APPLY_RESULT")
# TXT report
app.logger.info("Creating new analyzeit report")
SampleController.create_analysis(sample, self.txt_report, "analyzeit",
True)
functions = self.parse_machoc_signatures()
# IDA COMMANDS report:
app.logger.info("Parsing idacommands")
functions = self.parse_ida_cmds(sample.id, functions)
# Functions: just push the list
app.logger.info("Storing functions")
samplecontrol.add_multiple_functions(sample, functions)
# global machoc match
app.logger.info("Calculating machoc80 matches")
samplecontrol.match_by_machoc80(sample)
return True
def apply_result(self):
with app.app_context():
samplecontrol = SampleController()
sample = SampleController.get_by_id(self.sid)
if sample is None:
app.logger.error(self.tmessage + "Sample has disappeared...")
raise IOError
app.logger.debug(self.tmessage + "APPLY_RESULT")
# TXT report
app.logger.info("Creating new analyzeit report")
SampleController.create_analysis(
sample, self.txt_report, "analyzeit", True)
functions = self.parse_machoc_signatures()
# IDA COMMANDS report:
app.logger.info("Parsing idacommands")
functions = self.parse_ida_cmds(sample.id, functions)
# Functions: just push the list
app.logger.info("Storing functions")
samplecontrol.add_multiple_functions(self.sid, functions)
# global machoc match
app.logger.info("Calculating machoc80 matches")
samplecontrol.match_by_machoc80(sample)
return True
def apply_result(self):
sc = SampleController()
idac = IDAActionsController()
sample = SampleController.get_by_id(self.sid)
if sample is None:
app.logger.error(self.tmessage + "Sample has disappeared...")
raise IOError
app.logger.debug(self.tmessage + "APPLY_RESULT")
# TXT report
app.logger.info("Starting analysis creation")
SampleController.create_analysis(sample, self.txt_report, "analyzeit",
True)
# MACHOC report: we load the functions, hashes, etc.
app.logger.info("Starting functions")
fname = self.storage_file + '.sign'
functions = []
if os.path.exists(fname):
fdata = open(fname, 'rb').read()
items = fdata.split(";")
for i in items:
if ":" in i:
subitems = i.split(":")
machoc_h = subitems[0].strip()
address = subitems[1].strip()
functions.append([address, machoc_h, ""])
# IDA COMMANDS report:
# update functions list with idc.MakeName() information
# TODO: also store comments
app.logger.info("Starting idacommands")
fname = self.storage_file + '.idacmd'
if os.path.exists(fname):
fdata = open(fname, 'rb').read()
for line in fdata.split("\n"):
if line.startswith("idc.MakeName::"):
items = line.split("::")
if len(items) == 3:
addr = items[1]
name = items[2]
if addr.startswith("0x"):
addr = addr[2:]
for i in functions:
if i[0] == addr:
i[2] = name
name_action = idac.add_name(int(addr, 16), name)
SampleController.add_idaaction(sample.id, name_action)
elif line.startswith("idc.MakeRptCmt::"):
items = line.split("::")
if len(items) == 3:
addr = items[1]
value = items[2]
if addr.startswith("0x"):
addr = addr[2:]
try:
addr = int(addr, 16)
except Exception:
continue
act = idac.add_comment(addr, value)
SampleController.add_idaaction(sample.id, act)
# Functions: just push the list
app.logger.info("Storing actions")
if len(functions) > 0:
sc.add_multiple_functions(sample, functions)
# global machoc match
app.logger.info("Matching actions")
sc.match_by_machoc80(sample)
app.logger.debug(self.tmessage + "END - TIME %i" %
(int(time.time()) - self.tstart))
return True
def apply_result(self):
sc = SampleController()
idac = IDAActionsController()
sample = SampleController.get_by_id(self.sid)
if sample is None:
app.logger.error(self.tmessage + "Sample has disappeared...")
raise IOError
app.logger.debug(self.tmessage + "APPLY_RESULT")
# TXT report
app.logger.info("Starting analysis creation")
SampleController.create_analysis(
sample, self.txt_report, "analyzeit", True)
# MACHOC report: we load the functions, hashes, etc.
app.logger.info("Starting functions")
fname = self.storage_file + '.sign'
functions = []
if os.path.exists(fname):
fdata = open(fname, 'rb').read()
items = fdata.split(";")
for i in items:
if ":" in i:
subitems = i.split(":")
machoc_h = subitems[0].strip()
address = subitems[1].strip()
functions.append([address, machoc_h, ""])
# IDA COMMANDS report:
# update functions list with idc.MakeName() information
# TODO: also store comments
app.logger.info("Starting idacommands")
fname = self.storage_file + '.idacmd'
if os.path.exists(fname):
fdata = open(fname, 'rb').read()
for line in fdata.split("\n"):
if line.startswith("idc.MakeName::"):
items = line.split("::")
if len(items) == 3:
addr = items[1]
name = items[2]
if addr.startswith("0x"):
addr = addr[2:]
for i in functions:
if i[0] == addr:
i[2] = name
name_action = idac.add_name(int(addr, 16), name)
SampleController.add_idaaction(sample.id, name_action)
elif line.startswith("idc.MakeRptCmt::"):
items = line.split("::")
if len(items) == 3:
addr = items[1]
value = items[2]
if addr.startswith("0x"):
addr = addr[2:]
try:
addr = int(addr, 16)
except Exception:
continue
act = idac.add_comment(addr, value)
SampleController.add_idaaction(sample.id, act)
# Functions: just push the list
app.logger.info("Storing actions")
if len(functions) > 0:
sc.add_multiple_functions(sample, functions)
# global machoc match
app.logger.info("Matching actions")
sc.match_by_machoc80(sample)
app.logger.debug(self.tmessage + "END - TIME %i" %
(int(time.time()) - self.tstart))
return True