mirror of https://github.com/CIRCL/AIL-framework
Merge branch 'master' into misp_modules
commit
1573f5e495
|
@ -54,7 +54,7 @@ def get_object_metadata(object_type, correlation_id, type_id=None):
|
||||||
elif object_type == 'paste':
|
elif object_type == 'paste':
|
||||||
return Item.get_item({"id": correlation_id, "date": True, "tags": True})[0]
|
return Item.get_item({"id": correlation_id, "date": True, "tags": True})[0]
|
||||||
elif object_type == 'decoded':
|
elif object_type == 'decoded':
|
||||||
return Decoded.get_decoded_metadata(correlation_id, nb_seen=True, size=True)
|
return Decoded.get_decoded_metadata(correlation_id, nb_seen=True, size=True, file_type=True)
|
||||||
elif object_type == 'pgp':
|
elif object_type == 'pgp':
|
||||||
return Pgp.pgp.get_metadata(type_id, correlation_id)
|
return Pgp.pgp.get_metadata(type_id, correlation_id)
|
||||||
elif object_type == 'cryptocurrency':
|
elif object_type == 'cryptocurrency':
|
||||||
|
|
|
@ -42,7 +42,7 @@ def nb_decoded_item_size(sha1_string):
|
||||||
def exist_decoded(sha1_string):
|
def exist_decoded(sha1_string):
|
||||||
return r_serv_metadata.exists('metadata_hash:{}'.format(sha1_string))
|
return r_serv_metadata.exists('metadata_hash:{}'.format(sha1_string))
|
||||||
|
|
||||||
def get_decoded_metadata(sha1_string, nb_seen=False, size=False):
|
def get_decoded_metadata(sha1_string, nb_seen=False, size=False, file_type=False):
|
||||||
metadata_dict = {}
|
metadata_dict = {}
|
||||||
metadata_dict['first_seen'] = r_serv_metadata.hget('metadata_hash:{}'.format(sha1_string), 'first_seen')
|
metadata_dict['first_seen'] = r_serv_metadata.hget('metadata_hash:{}'.format(sha1_string), 'first_seen')
|
||||||
metadata_dict['last_seen'] = r_serv_metadata.hget('metadata_hash:{}'.format(sha1_string), 'last_seen')
|
metadata_dict['last_seen'] = r_serv_metadata.hget('metadata_hash:{}'.format(sha1_string), 'last_seen')
|
||||||
|
@ -50,6 +50,8 @@ def get_decoded_metadata(sha1_string, nb_seen=False, size=False):
|
||||||
metadata_dict['nb_seen'] = nb_decoded_seen_in_item(sha1_string)
|
metadata_dict['nb_seen'] = nb_decoded_seen_in_item(sha1_string)
|
||||||
if size:
|
if size:
|
||||||
metadata_dict['size'] = nb_decoded_item_size(sha1_string)
|
metadata_dict['size'] = nb_decoded_item_size(sha1_string)
|
||||||
|
if file_type:
|
||||||
|
metadata_dict['file_type'] = get_decoded_item_type(sha1_string)
|
||||||
return metadata_dict
|
return metadata_dict
|
||||||
|
|
||||||
def get_list_nb_previous_hash(sha1_string, num_day):
|
def get_list_nb_previous_hash(sha1_string, num_day):
|
||||||
|
|
|
@ -22,7 +22,7 @@ class Correlation(object):
|
||||||
self.all_correlation_types = all_correlation_types
|
self.all_correlation_types = all_correlation_types
|
||||||
|
|
||||||
def _exist_corelation_field(self, correlation_type, field_name, item_type='paste'):
|
def _exist_corelation_field(self, correlation_type, field_name, item_type='paste'):
|
||||||
if type=='paste':
|
if item_type=='paste':
|
||||||
return r_serv_metadata.exists('set_{}_{}:{}'.format(self.correlation_name, correlation_type, field_name))
|
return r_serv_metadata.exists('set_{}_{}:{}'.format(self.correlation_name, correlation_type, field_name))
|
||||||
else:
|
else:
|
||||||
return r_serv_metadata.exists('set_domain_{}_{}:{}'.format(self.correlation_name, correlation_type, field_name))
|
return r_serv_metadata.exists('set_domain_{}_{}:{}'.format(self.correlation_name, correlation_type, field_name))
|
||||||
|
|
|
@ -132,7 +132,7 @@
|
||||||
{% for b64 in l_64 %}
|
{% for b64 in l_64 %}
|
||||||
<tr>
|
<tr>
|
||||||
<td><i class="fas {{ b64[0] }}"></i> {{ b64[1] }}</td>
|
<td><i class="fas {{ b64[0] }}"></i> {{ b64[1] }}</td>
|
||||||
<td><a target="_blank" href="{{ url_for('hashDecoded.showHash') }}?hash={{ b64[2] }}">{{ b64[2] }}</a> ({{ b64[4] }})</td>
|
<td><a target="_blank" href="{{ url_for('correlation.show_correlation') }}?object_type=decoded&correlation_id={{ b64[2] }}&correlation_objects=paste"</a> {{b64[2]}} ({{ b64[4] }})</td>
|
||||||
</tr>
|
</tr>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</tbody>
|
</tbody>
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
<text x="13" y="13" text-anchor="middle" dominant-baseline="central" class="graph_node_icon {{ dict_object["metadata_card"]["icon"]["icon_class"] }}" font-size="16px">{{ dict_object["metadata_card"]["icon"]["icon_text"] }}</text>
|
<text x="13" y="13" text-anchor="middle" dominant-baseline="central" class="graph_node_icon {{ dict_object["metadata_card"]["icon"]["icon_class"] }}" font-size="16px">{{ dict_object["metadata_card"]["icon"]["icon_text"] }}</text>
|
||||||
</g>
|
</g>
|
||||||
</svg>
|
</svg>
|
||||||
{{ dict_object["metadata"]["type_id"] }}
|
{{ dict_object["metadata"]["file_type"] }}
|
||||||
</td>
|
</td>
|
||||||
<td>{{ dict_object["metadata"]['first_seen'] }}</td>
|
<td>{{ dict_object["metadata"]['first_seen'] }}</td>
|
||||||
<td>{{ dict_object["metadata"]['last_seen'] }}</td>
|
<td>{{ dict_object["metadata"]['last_seen'] }}</td>
|
||||||
|
|
|
@ -98,15 +98,17 @@
|
||||||
Last Origin: <a class="badge" target="_blank" href="{{ url_for('showsavedpastes.showsavedpaste', paste=dict_domain['origin_item']) }}" />{{ dict_domain['origin_item'] }}</a>
|
Last Origin: <a class="badge" target="_blank" href="{{ url_for('showsavedpastes.showsavedpaste', paste=dict_domain['origin_item']) }}" />{{ dict_domain['origin_item'] }}</a>
|
||||||
{%endif%}
|
{%endif%}
|
||||||
|
|
||||||
{% if dict_domain['correlation_nb'] > 0 %}
|
{% if 'correlation_nb' in dict_domain %}
|
||||||
<hr>
|
{% if dict_domain["correlation_nb"] > 0 %}
|
||||||
<div class="mt-2">
|
<hr>
|
||||||
<a href="{{ url_for('correlation.show_correlation')}}?object_type=domain&correlation_id={{ dict_domain['domain'] }}&correlation_objects=domain" target="_blank" style="font-size: 15px">
|
<div class="mt-2">
|
||||||
<button class="btn btn-info"><i class="fas fa-search"></i> Show Domain Correlations
|
<a href="{{ url_for('correlation.show_correlation')}}?object_type=domain&correlation_id={{ dict_domain['domain'] }}&correlation_objects=domain" target="_blank" style="font-size: 15px">
|
||||||
<div class="badge badge-warning">{{dict_domain['correlation_nb']}}</div>
|
<button class="btn btn-info"><i class="fas fa-search"></i> Show Domain Correlations
|
||||||
</button>
|
<div class="badge badge-warning">{{dict_domain['correlation_nb']}}</div>
|
||||||
</a>
|
</button>
|
||||||
</div>
|
</a>
|
||||||
|
</div>
|
||||||
|
{%endif%}
|
||||||
{%endif%}
|
{%endif%}
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in New Issue