mirror of https://github.com/CIRCL/AIL-framework
Merge branch 'master' into crawler_manager
commit
2c0ee71845
|
@ -221,7 +221,7 @@ def get_git_upper_tags_remote(current_tag, is_fork):
|
||||||
|
|
||||||
# add tag with last commit
|
# add tag with last commit
|
||||||
if float(tag_val) >= float(current_tag_val):
|
if float(tag_val) >= float(current_tag_val):
|
||||||
dict_tags_commit[tag_val] = commit
|
dict_tags_commit[tag] = commit
|
||||||
list_upper_tags = [('v{}'.format(key), dict_tags_commit[key]) for key in dict_tags_commit]
|
list_upper_tags = [('v{}'.format(key), dict_tags_commit[key]) for key in dict_tags_commit]
|
||||||
# force update order
|
# force update order
|
||||||
list_upper_tags.sort()
|
list_upper_tags.sort()
|
||||||
|
|
|
@ -41,7 +41,7 @@ def get_email_subject(tracker_uuid):
|
||||||
return 'AIL framework: {}'.format(tracker_description)
|
return 'AIL framework: {}'.format(tracker_description)
|
||||||
|
|
||||||
def get_tracker_last_updated_by_type(tracker_type):
|
def get_tracker_last_updated_by_type(tracker_type):
|
||||||
epoch_update = r_serv_tracker.get('tracker:refresh:{}'.format(term_type))
|
epoch_update = r_serv_tracker.get('tracker:refresh:{}'.format(tracker_type))
|
||||||
if not epoch_update:
|
if not epoch_update:
|
||||||
epoch_update = 0
|
epoch_update = 0
|
||||||
return float(epoch_update)
|
return float(epoch_update)
|
||||||
|
@ -123,6 +123,20 @@ def save_yara_rule(yara_rule_type, yara_rule, tracker_uuid=None):
|
||||||
if yara_rule_type == 'yara_default':
|
if yara_rule_type == 'yara_default':
|
||||||
filename = os.path.join('ail-yara-rules', 'rules', yara_rule)
|
filename = os.path.join('ail-yara-rules', 'rules', yara_rule)
|
||||||
return filename
|
return filename
|
||||||
|
|
||||||
|
def get_yara_rule_content(yara_rule):
|
||||||
|
yara_dir = get_yara_rules_dir()
|
||||||
|
filename = os.path.join(yara_dir, yara_rule)
|
||||||
|
filename = os.path.realpath(filename)
|
||||||
|
|
||||||
|
# incorrect filename
|
||||||
|
if not os.path.commonprefix([filename, yara_dir]) == yara_dir:
|
||||||
|
return '' # # TODO: throw exception
|
||||||
|
|
||||||
|
with open(filename, 'r') as f:
|
||||||
|
rule_content = f.read()
|
||||||
|
return rule_content
|
||||||
|
|
||||||
##-- YARA --##
|
##-- YARA --##
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -77,8 +77,6 @@ if __name__ == "__main__":
|
||||||
if yara_match:
|
if yara_match:
|
||||||
print(f'{item_id}: {yara_match}')
|
print(f'{item_id}: {yara_match}')
|
||||||
|
|
||||||
time.sleep(30)
|
|
||||||
|
|
||||||
else:
|
else:
|
||||||
time.sleep(5)
|
time.sleep(5)
|
||||||
|
|
||||||
|
|
|
@ -118,6 +118,7 @@ $AIL_HOME/doc/generate_modules_data_flow_graph.sh
|
||||||
pushd ${AIL_HOME}
|
pushd ${AIL_HOME}
|
||||||
# shallow clone
|
# shallow clone
|
||||||
git fetch --depth=500 --tags --prune
|
git fetch --depth=500 --tags --prune
|
||||||
|
git fetch --unshallow
|
||||||
git describe --abbrev=0 --tags | tr -d '\n' > ${AIL_HOME}/update/current_version
|
git describe --abbrev=0 --tags | tr -d '\n' > ${AIL_HOME}/update/current_version
|
||||||
echo "AIL current version:"
|
echo "AIL current version:"
|
||||||
git describe --abbrev=0 --tags
|
git describe --abbrev=0 --tags
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
FROM ubuntu:16.04
|
FROM ubuntu:18.04
|
||||||
|
ARG tz_buildtime=Europe/Rome
|
||||||
|
ENV TZ=$tz_buildtime
|
||||||
|
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
|
||||||
|
|
||||||
# Make sure that all updates are in place
|
# Make sure that all updates are in place
|
||||||
RUN apt-get clean && apt-get update -y && apt-get upgrade -y \
|
RUN apt-get clean && apt-get update -y && apt-get upgrade -y \
|
||||||
|
@ -19,12 +22,6 @@ WORKDIR /opt/AIL
|
||||||
RUN ./installing_deps.sh
|
RUN ./installing_deps.sh
|
||||||
WORKDIR /opt/AIL
|
WORKDIR /opt/AIL
|
||||||
|
|
||||||
# Installing Web dependencies,
|
|
||||||
# remove all the parts below if you dont need the Web UI
|
|
||||||
WORKDIR /opt/AIL/var/www
|
|
||||||
RUN ./update_thirdparty.sh
|
|
||||||
WORKDIR /opt/AIL
|
|
||||||
|
|
||||||
# Default to UTF-8 file.encoding
|
# Default to UTF-8 file.encoding
|
||||||
ENV LANG C.UTF-8
|
ENV LANG C.UTF-8
|
||||||
ENV AIL_HOME /opt/AIL
|
ENV AIL_HOME /opt/AIL
|
||||||
|
@ -38,7 +35,6 @@ ENV PATH ${AIL_VENV}/bin:${AIL_HOME}:${AIL_REDIS}:${AIL_ARDB}:${AIL_BIN}:${AIL_F
|
||||||
|
|
||||||
RUN ./pystemon/install.sh
|
RUN ./pystemon/install.sh
|
||||||
RUN pip install -r /opt/pystemon/requirements.txt
|
RUN pip install -r /opt/pystemon/requirements.txt
|
||||||
RUN pip install -r /opt/AIL/crawler_requirements.txt
|
|
||||||
|
|
||||||
COPY docker_start.sh /docker_start.sh
|
COPY docker_start.sh /docker_start.sh
|
||||||
ENTRYPOINT ["/bin/bash", "docker_start.sh"]
|
ENTRYPOINT ["/bin/bash", "docker_start.sh"]
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
Docker Quick Start (Ubuntu 16.04 LTS)
|
Docker Quick Start (Ubuntu 18.04 LTS)
|
||||||
------------
|
------------
|
||||||
|
|
||||||
:warning:
|
:warning:
|
||||||
|
@ -19,7 +19,10 @@ curl https://get.docker.com | /bin/bash
|
||||||
```bash
|
```bash
|
||||||
git clone https://github.com/CIRCL/AIL-framework.git
|
git clone https://github.com/CIRCL/AIL-framework.git
|
||||||
cd AIL-framework
|
cd AIL-framework
|
||||||
docker build -t ail-framework .
|
cp -r ./other_installers/docker/Dockerfile ./other_installers/docker/docker_start.sh ./other_installers/docker/pystemon ./
|
||||||
|
cp ./configs/update.cfg.sample ./configs/update.cfg
|
||||||
|
vim/nano ./configs/update.cfg (set auto_update to False)
|
||||||
|
docker build --build-arg tz_buildtime=YOUR_GEO_AREA/YOUR_CITY -t ail-framework .
|
||||||
```
|
```
|
||||||
3. To start AIL on port 7000, type the following command below:
|
3. To start AIL on port 7000, type the following command below:
|
||||||
```
|
```
|
||||||
|
|
|
@ -13,6 +13,7 @@ signalListener() {
|
||||||
source ./AILENV/bin/activate
|
source ./AILENV/bin/activate
|
||||||
cd bin
|
cd bin
|
||||||
./LAUNCH.sh -l
|
./LAUNCH.sh -l
|
||||||
|
./LAUNCH.sh -c
|
||||||
./LAUNCH.sh -f
|
./LAUNCH.sh -f
|
||||||
|
|
||||||
signalListener tail -f /dev/null $@
|
signalListener tail -f /dev/null $@
|
||||||
|
|
|
@ -23,6 +23,10 @@ bash ${AIL_BIN}/LAUNCH.sh -ldbv &
|
||||||
wait
|
wait
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
|
# SUBMODULES #
|
||||||
|
git submodule init
|
||||||
|
git submodule update
|
||||||
|
|
||||||
echo -e $GREEN"Installing YARA ..."$DEFAULT
|
echo -e $GREEN"Installing YARA ..."$DEFAULT
|
||||||
pip3 install yara-python
|
pip3 install yara-python
|
||||||
bash ${AIL_BIN}/LAUNCH.sh -t
|
bash ${AIL_BIN}/LAUNCH.sh -t
|
||||||
|
|
|
@ -153,6 +153,11 @@ def show_tracker():
|
||||||
|
|
||||||
tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True)
|
tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True)
|
||||||
|
|
||||||
|
if tracker_metadata['type'] == 'yara':
|
||||||
|
yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term'])
|
||||||
|
else:
|
||||||
|
yara_rule_content = None
|
||||||
|
|
||||||
if date_from:
|
if date_from:
|
||||||
res = Term.parse_get_tracker_term_item({'uuid': term_uuid, 'date_from': date_from, 'date_to': date_to}, user_id)
|
res = Term.parse_get_tracker_term_item({'uuid': term_uuid, 'date_from': date_from, 'date_to': date_to}, user_id)
|
||||||
if res[1] !=200:
|
if res[1] !=200:
|
||||||
|
@ -165,7 +170,9 @@ def show_tracker():
|
||||||
tracker_metadata['date_from'] = ''
|
tracker_metadata['date_from'] = ''
|
||||||
tracker_metadata['date_to'] = ''
|
tracker_metadata['date_to'] = ''
|
||||||
|
|
||||||
return render_template("showTracker.html", tracker_metadata=tracker_metadata, bootstrap_label=bootstrap_label)
|
return render_template("showTracker.html", tracker_metadata=tracker_metadata,
|
||||||
|
yara_rule_content=yara_rule_content,
|
||||||
|
bootstrap_label=bootstrap_label)
|
||||||
|
|
||||||
@hunter.route("/tracker/update_tracker_description", methods=['POST'])
|
@hunter.route("/tracker/update_tracker_description", methods=['POST'])
|
||||||
@login_required
|
@login_required
|
||||||
|
|
|
@ -175,6 +175,11 @@
|
||||||
<button class='btn btn-danger'><i class="fas fa-trash-alt"></i>
|
<button class='btn btn-danger'><i class="fas fa-trash-alt"></i>
|
||||||
</button>
|
</button>
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
|
{%if yara_rule_content%}
|
||||||
|
<p class="my-0"></br></br><pre class="border bg-light">{{ yara_rule_content }}</pre></p>
|
||||||
|
{%endif%}
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
@ -93,7 +93,7 @@ wget -q https://raw.githubusercontent.com/flot/flot/958e5fd43c6dff4bab3e1fd5cb61
|
||||||
wget -q http://omnipotent.net/jquery.sparkline/2.1.2/jquery.sparkline.min.js -O ./static/js/jquery.sparkline.min.js
|
wget -q http://omnipotent.net/jquery.sparkline/2.1.2/jquery.sparkline.min.js -O ./static/js/jquery.sparkline.min.js
|
||||||
wget -q http://canvasjs.com/fdm/chart/ -O temp/canvasjs.zip
|
wget -q http://canvasjs.com/fdm/chart/ -O temp/canvasjs.zip
|
||||||
unzip -qq temp/canvasjs.zip -d temp/
|
unzip -qq temp/canvasjs.zip -d temp/
|
||||||
mv temp/canvasjs-2.3.2/Chart\ 2.3.2\ GA\ -\ Stable/jquery.canvasjs.min.js ./static/js/jquery.canvasjs.min.js
|
mv temp/Chart\ 2.3.2\ GA\ -\ Stable/jquery.canvasjs.min.js ./static/js/jquery.canvasjs.min.js
|
||||||
|
|
||||||
wget -q https://jqueryui.com/resources/download/jquery-ui-1.12.1.zip -O temp/jquery-ui.zip
|
wget -q https://jqueryui.com/resources/download/jquery-ui-1.12.1.zip -O temp/jquery-ui.zip
|
||||||
unzip -qq temp/jquery-ui.zip -d temp/
|
unzip -qq temp/jquery-ui.zip -d temp/
|
||||||
|
|
Loading…
Reference in New Issue