mirror of https://github.com/CIRCL/AIL-framework
Merge branch 'master' into crawler_manager
commit
2c0ee71845
|
@ -221,7 +221,7 @@ def get_git_upper_tags_remote(current_tag, is_fork):
|
|||
|
||||
# add tag with last commit
|
||||
if float(tag_val) >= float(current_tag_val):
|
||||
dict_tags_commit[tag_val] = commit
|
||||
dict_tags_commit[tag] = commit
|
||||
list_upper_tags = [('v{}'.format(key), dict_tags_commit[key]) for key in dict_tags_commit]
|
||||
# force update order
|
||||
list_upper_tags.sort()
|
||||
|
|
|
@ -41,7 +41,7 @@ def get_email_subject(tracker_uuid):
|
|||
return 'AIL framework: {}'.format(tracker_description)
|
||||
|
||||
def get_tracker_last_updated_by_type(tracker_type):
|
||||
epoch_update = r_serv_tracker.get('tracker:refresh:{}'.format(term_type))
|
||||
epoch_update = r_serv_tracker.get('tracker:refresh:{}'.format(tracker_type))
|
||||
if not epoch_update:
|
||||
epoch_update = 0
|
||||
return float(epoch_update)
|
||||
|
@ -123,6 +123,20 @@ def save_yara_rule(yara_rule_type, yara_rule, tracker_uuid=None):
|
|||
if yara_rule_type == 'yara_default':
|
||||
filename = os.path.join('ail-yara-rules', 'rules', yara_rule)
|
||||
return filename
|
||||
|
||||
def get_yara_rule_content(yara_rule):
|
||||
yara_dir = get_yara_rules_dir()
|
||||
filename = os.path.join(yara_dir, yara_rule)
|
||||
filename = os.path.realpath(filename)
|
||||
|
||||
# incorrect filename
|
||||
if not os.path.commonprefix([filename, yara_dir]) == yara_dir:
|
||||
return '' # # TODO: throw exception
|
||||
|
||||
with open(filename, 'r') as f:
|
||||
rule_content = f.read()
|
||||
return rule_content
|
||||
|
||||
##-- YARA --##
|
||||
|
||||
|
||||
|
|
|
@ -77,8 +77,6 @@ if __name__ == "__main__":
|
|||
if yara_match:
|
||||
print(f'{item_id}: {yara_match}')
|
||||
|
||||
time.sleep(30)
|
||||
|
||||
else:
|
||||
time.sleep(5)
|
||||
|
||||
|
|
|
@ -118,6 +118,7 @@ $AIL_HOME/doc/generate_modules_data_flow_graph.sh
|
|||
pushd ${AIL_HOME}
|
||||
# shallow clone
|
||||
git fetch --depth=500 --tags --prune
|
||||
git fetch --unshallow
|
||||
git describe --abbrev=0 --tags | tr -d '\n' > ${AIL_HOME}/update/current_version
|
||||
echo "AIL current version:"
|
||||
git describe --abbrev=0 --tags
|
||||
|
|
|
@ -1,4 +1,7 @@
|
|||
FROM ubuntu:16.04
|
||||
FROM ubuntu:18.04
|
||||
ARG tz_buildtime=Europe/Rome
|
||||
ENV TZ=$tz_buildtime
|
||||
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
|
||||
|
||||
# Make sure that all updates are in place
|
||||
RUN apt-get clean && apt-get update -y && apt-get upgrade -y \
|
||||
|
@ -19,12 +22,6 @@ WORKDIR /opt/AIL
|
|||
RUN ./installing_deps.sh
|
||||
WORKDIR /opt/AIL
|
||||
|
||||
# Installing Web dependencies,
|
||||
# remove all the parts below if you dont need the Web UI
|
||||
WORKDIR /opt/AIL/var/www
|
||||
RUN ./update_thirdparty.sh
|
||||
WORKDIR /opt/AIL
|
||||
|
||||
# Default to UTF-8 file.encoding
|
||||
ENV LANG C.UTF-8
|
||||
ENV AIL_HOME /opt/AIL
|
||||
|
@ -38,7 +35,6 @@ ENV PATH ${AIL_VENV}/bin:${AIL_HOME}:${AIL_REDIS}:${AIL_ARDB}:${AIL_BIN}:${AIL_F
|
|||
|
||||
RUN ./pystemon/install.sh
|
||||
RUN pip install -r /opt/pystemon/requirements.txt
|
||||
RUN pip install -r /opt/AIL/crawler_requirements.txt
|
||||
|
||||
COPY docker_start.sh /docker_start.sh
|
||||
ENTRYPOINT ["/bin/bash", "docker_start.sh"]
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Docker Quick Start (Ubuntu 16.04 LTS)
|
||||
Docker Quick Start (Ubuntu 18.04 LTS)
|
||||
------------
|
||||
|
||||
:warning:
|
||||
|
@ -19,7 +19,10 @@ curl https://get.docker.com | /bin/bash
|
|||
```bash
|
||||
git clone https://github.com/CIRCL/AIL-framework.git
|
||||
cd AIL-framework
|
||||
docker build -t ail-framework .
|
||||
cp -r ./other_installers/docker/Dockerfile ./other_installers/docker/docker_start.sh ./other_installers/docker/pystemon ./
|
||||
cp ./configs/update.cfg.sample ./configs/update.cfg
|
||||
vim/nano ./configs/update.cfg (set auto_update to False)
|
||||
docker build --build-arg tz_buildtime=YOUR_GEO_AREA/YOUR_CITY -t ail-framework .
|
||||
```
|
||||
3. To start AIL on port 7000, type the following command below:
|
||||
```
|
||||
|
|
|
@ -13,6 +13,7 @@ signalListener() {
|
|||
source ./AILENV/bin/activate
|
||||
cd bin
|
||||
./LAUNCH.sh -l
|
||||
./LAUNCH.sh -c
|
||||
./LAUNCH.sh -f
|
||||
|
||||
signalListener tail -f /dev/null $@
|
||||
|
|
|
@ -23,6 +23,10 @@ bash ${AIL_BIN}/LAUNCH.sh -ldbv &
|
|||
wait
|
||||
echo ""
|
||||
|
||||
# SUBMODULES #
|
||||
git submodule init
|
||||
git submodule update
|
||||
|
||||
echo -e $GREEN"Installing YARA ..."$DEFAULT
|
||||
pip3 install yara-python
|
||||
bash ${AIL_BIN}/LAUNCH.sh -t
|
||||
|
|
|
@ -153,6 +153,11 @@ def show_tracker():
|
|||
|
||||
tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True)
|
||||
|
||||
if tracker_metadata['type'] == 'yara':
|
||||
yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term'])
|
||||
else:
|
||||
yara_rule_content = None
|
||||
|
||||
if date_from:
|
||||
res = Term.parse_get_tracker_term_item({'uuid': term_uuid, 'date_from': date_from, 'date_to': date_to}, user_id)
|
||||
if res[1] !=200:
|
||||
|
@ -165,7 +170,9 @@ def show_tracker():
|
|||
tracker_metadata['date_from'] = ''
|
||||
tracker_metadata['date_to'] = ''
|
||||
|
||||
return render_template("showTracker.html", tracker_metadata=tracker_metadata, bootstrap_label=bootstrap_label)
|
||||
return render_template("showTracker.html", tracker_metadata=tracker_metadata,
|
||||
yara_rule_content=yara_rule_content,
|
||||
bootstrap_label=bootstrap_label)
|
||||
|
||||
@hunter.route("/tracker/update_tracker_description", methods=['POST'])
|
||||
@login_required
|
||||
|
|
|
@ -175,6 +175,11 @@
|
|||
<button class='btn btn-danger'><i class="fas fa-trash-alt"></i>
|
||||
</button>
|
||||
</a>
|
||||
|
||||
{%if yara_rule_content%}
|
||||
<p class="my-0"></br></br><pre class="border bg-light">{{ yara_rule_content }}</pre></p>
|
||||
{%endif%}
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -93,7 +93,7 @@ wget -q https://raw.githubusercontent.com/flot/flot/958e5fd43c6dff4bab3e1fd5cb61
|
|||
wget -q http://omnipotent.net/jquery.sparkline/2.1.2/jquery.sparkline.min.js -O ./static/js/jquery.sparkline.min.js
|
||||
wget -q http://canvasjs.com/fdm/chart/ -O temp/canvasjs.zip
|
||||
unzip -qq temp/canvasjs.zip -d temp/
|
||||
mv temp/canvasjs-2.3.2/Chart\ 2.3.2\ GA\ -\ Stable/jquery.canvasjs.min.js ./static/js/jquery.canvasjs.min.js
|
||||
mv temp/Chart\ 2.3.2\ GA\ -\ Stable/jquery.canvasjs.min.js ./static/js/jquery.canvasjs.min.js
|
||||
|
||||
wget -q https://jqueryui.com/resources/download/jquery-ui-1.12.1.zip -O temp/jquery-ui.zip
|
||||
unzip -qq temp/jquery-ui.zip -d temp/
|
||||
|
|
Loading…
Reference in New Issue