mirror of https://github.com/CIRCL/AIL-framework
parent
56e670077a
commit
a5a4de0965
|
@ -12,9 +12,12 @@ import datetime
|
||||||
|
|
||||||
from flask import escape
|
from flask import escape
|
||||||
|
|
||||||
|
sys.path.append(os.path.join(os.environ['AIL_BIN'], 'packages/'))
|
||||||
|
import Date
|
||||||
|
|
||||||
sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib/'))
|
sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib/'))
|
||||||
import ConfigLoader
|
import ConfigLoader
|
||||||
#import item_basic
|
import item_basic
|
||||||
|
|
||||||
config_loader = ConfigLoader.ConfigLoader()
|
config_loader = ConfigLoader.ConfigLoader()
|
||||||
r_serv_db = config_loader.get_redis_conn("ARDB_DB")
|
r_serv_db = config_loader.get_redis_conn("ARDB_DB")
|
||||||
|
@ -103,7 +106,7 @@ def get_tracker_last_seen(tracker_uuid):
|
||||||
else:
|
else:
|
||||||
return None
|
return None
|
||||||
|
|
||||||
def get_tracker_metedata(tracker_uuid, user_id=False, description=False, level=False, tags=False, mails=False, sparkline=False):
|
def get_tracker_metedata(tracker_uuid, user_id=False, description=False, level=False, tags=False, mails=False, sources=True, sparkline=False):
|
||||||
dict_uuid = {}
|
dict_uuid = {}
|
||||||
dict_uuid['tracker'] = get_tracker_by_uuid(tracker_uuid)
|
dict_uuid['tracker'] = get_tracker_by_uuid(tracker_uuid)
|
||||||
dict_uuid['type'] = get_tracker_type(tracker_uuid)
|
dict_uuid['type'] = get_tracker_type(tracker_uuid)
|
||||||
|
@ -117,6 +120,8 @@ def get_tracker_metedata(tracker_uuid, user_id=False, description=False, level=F
|
||||||
dict_uuid['level'] = get_tracker_level(tracker_uuid)
|
dict_uuid['level'] = get_tracker_level(tracker_uuid)
|
||||||
if mails:
|
if mails:
|
||||||
dict_uuid['mails'] = get_tracker_mails(tracker_uuid)
|
dict_uuid['mails'] = get_tracker_mails(tracker_uuid)
|
||||||
|
if sources:
|
||||||
|
dict_uuid['sources'] = get_tracker_uuid_sources(tracker_uuid)
|
||||||
if tags:
|
if tags:
|
||||||
dict_uuid['tags'] = get_tracker_tags(tracker_uuid)
|
dict_uuid['tags'] = get_tracker_tags(tracker_uuid)
|
||||||
if sparkline:
|
if sparkline:
|
||||||
|
@ -318,18 +323,23 @@ def create_tracker(tracker, tracker_type, user_id, level, tags, mails, descripti
|
||||||
r_serv_tracker.sadd('global:tracker', tracker_uuid)
|
r_serv_tracker.sadd('global:tracker', tracker_uuid)
|
||||||
r_serv_tracker.sadd('global:tracker:{}'.format(tracker_type), tracker_uuid)
|
r_serv_tracker.sadd('global:tracker:{}'.format(tracker_type), tracker_uuid)
|
||||||
|
|
||||||
|
if edit_tracker:
|
||||||
|
r_serv_tracker.delete(f'tracker:tags:{tracker_uuid}')
|
||||||
|
r_serv_tracker.delete(f'tracker:mail:{tracker_uuid}')
|
||||||
|
r_serv_tracker.delete(f'tracker:sources:{tracker_uuid}')
|
||||||
|
|
||||||
# create tracker tags list
|
# create tracker tags list
|
||||||
for tag in tags:
|
for tag in tags:
|
||||||
r_serv_tracker.sadd('tracker:tags:{}'.format(tracker_uuid), escape(tag) )
|
r_serv_tracker.sadd(f'tracker:tags:{tracker_uuid}', escape(tag))
|
||||||
|
|
||||||
# create tracker tags mail notification list
|
# create tracker tags mail notification list
|
||||||
for mail in mails:
|
for mail in mails:
|
||||||
r_serv_tracker.sadd('tracker:mail:{}'.format(tracker_uuid), escape(mail) )
|
r_serv_tracker.sadd(f'tracker:mail:{tracker_uuid}', escape(mail))
|
||||||
|
|
||||||
# create tracker sources filter
|
# create tracker sources filter
|
||||||
for source in sources:
|
for source in sources:
|
||||||
# escape source ?
|
# escape source ?
|
||||||
r_serv_tracker.sadd(f'tracker:sources:{tracker_uuid}', escape(source) )
|
r_serv_tracker.sadd(f'tracker:sources:{tracker_uuid}', escape(source))
|
||||||
|
|
||||||
# toggle refresh module tracker list/set
|
# toggle refresh module tracker list/set
|
||||||
r_serv_tracker.set('tracker:refresh:{}'.format(tracker_type), time.time())
|
r_serv_tracker.set('tracker:refresh:{}'.format(tracker_type), time.time())
|
||||||
|
@ -359,7 +369,11 @@ def api_add_tracker(dict_input, user_id):
|
||||||
res = verify_mail_list(mails)
|
res = verify_mail_list(mails)
|
||||||
if res:
|
if res:
|
||||||
return res
|
return res
|
||||||
|
|
||||||
sources = dict_input.get('sources', [])
|
sources = dict_input.get('sources', [])
|
||||||
|
res = item_basic.verify_sources_list(sources)
|
||||||
|
if res:
|
||||||
|
return res
|
||||||
|
|
||||||
## TODO: add dashboard key
|
## TODO: add dashboard key
|
||||||
level = dict_input.get('level', 1)
|
level = dict_input.get('level', 1)
|
||||||
|
|
|
@ -185,7 +185,6 @@ def _get_dir_source_name(directory, source_name=None, l_sources_name=set(), filt
|
||||||
# empty directory
|
# empty directory
|
||||||
if not l_dir:
|
if not l_dir:
|
||||||
return l_sources_name.add(source_name)
|
return l_sources_name.add(source_name)
|
||||||
return l_sources_name
|
|
||||||
else:
|
else:
|
||||||
for src_name in l_dir:
|
for src_name in l_dir:
|
||||||
if len(src_name) == 4:
|
if len(src_name) == 4:
|
||||||
|
@ -201,13 +200,22 @@ def _get_dir_source_name(directory, source_name=None, l_sources_name=set(), filt
|
||||||
# pass
|
# pass
|
||||||
if source_name:
|
if source_name:
|
||||||
src_name = os.path.join(source_name, src_name)
|
src_name = os.path.join(source_name, src_name)
|
||||||
l_sources_name = _get_dir_source_name(directory, source_name=src_name, l_sources_name=l_sources_name)
|
l_sources_name = _get_dir_source_name(directory, source_name=src_name, l_sources_name=l_sources_name, filter_dir=filter_dir)
|
||||||
return l_sources_name
|
return l_sources_name
|
||||||
|
|
||||||
|
|
||||||
def get_all_items_sources():
|
def get_all_items_sources(filter_dir=True, r_list=False):
|
||||||
res = _get_dir_source_name(PASTES_FOLDER)
|
res = _get_dir_source_name(PASTES_FOLDER, filter_dir=filter_dir)
|
||||||
print(res)
|
if r_list:
|
||||||
|
res = list(res)
|
||||||
|
return res
|
||||||
|
|
||||||
|
def verify_sources_list(sources):
|
||||||
|
all_sources = get_all_items_sources()
|
||||||
|
for source in sources:
|
||||||
|
if source not in all_sources:
|
||||||
|
return ({'status': 'error', 'reason': 'Invalid source', 'value': source}, 400)
|
||||||
|
return None
|
||||||
|
|
||||||
##-- --##
|
##-- --##
|
||||||
|
|
||||||
|
|
|
@ -21,6 +21,7 @@ from flask_login import login_required, current_user
|
||||||
sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib'))
|
sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib'))
|
||||||
import Term
|
import Term
|
||||||
import Tracker
|
import Tracker
|
||||||
|
import item_basic
|
||||||
|
|
||||||
# ============ VARIABLES ============
|
# ============ VARIABLES ============
|
||||||
import Flask_config
|
import Flask_config
|
||||||
|
@ -101,6 +102,7 @@ def add_tracked_menu():
|
||||||
level = request.form.get("level", 0)
|
level = request.form.get("level", 0)
|
||||||
tags = request.form.get("tags", [])
|
tags = request.form.get("tags", [])
|
||||||
mails = request.form.get("mails", [])
|
mails = request.form.get("mails", [])
|
||||||
|
sources = request.form.get("sources", [])
|
||||||
|
|
||||||
# YARA #
|
# YARA #
|
||||||
if tracker_type == 'yara':
|
if tracker_type == 'yara':
|
||||||
|
@ -121,20 +123,29 @@ def add_tracked_menu():
|
||||||
mails = mails.split()
|
mails = mails.split()
|
||||||
if tags:
|
if tags:
|
||||||
tags = tags.split()
|
tags = tags.split()
|
||||||
|
if sources:
|
||||||
|
sources = json.loads(sources)
|
||||||
|
|
||||||
input_dict = {"tracker": tracker, "type": tracker_type, "nb_words": nb_words, "tags": tags, "mails": mails, "level": level, "description": description}
|
input_dict = {"tracker": tracker, "type": tracker_type, "nb_words": nb_words,
|
||||||
|
"tags": tags, "mails": mails, "sources": sources,
|
||||||
|
"level": level, "description": description}
|
||||||
user_id = current_user.get_id()
|
user_id = current_user.get_id()
|
||||||
# edit tracker
|
# edit tracker
|
||||||
if tracker_uuid:
|
if tracker_uuid:
|
||||||
input_dict['uuid'] = tracker_uuid
|
input_dict['uuid'] = tracker_uuid
|
||||||
res = Tracker.api_add_tracker(input_dict, user_id)
|
res = Tracker.api_add_tracker(input_dict, user_id)
|
||||||
if res[1] == 200:
|
if res[1] == 200:
|
||||||
|
if 'uuid' in res[0]:
|
||||||
|
return redirect(url_for('hunter.show_tracker', uuid=res[0]['uuid']))
|
||||||
|
else:
|
||||||
return redirect(url_for('hunter.tracked_menu'))
|
return redirect(url_for('hunter.tracked_menu'))
|
||||||
else:
|
else:
|
||||||
## TODO: use modal
|
## TODO: use modal
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
else:
|
else:
|
||||||
return render_template("edit_tracker.html", all_yara_files=Tracker.get_all_default_yara_files())
|
return render_template("edit_tracker.html",
|
||||||
|
all_sources=item_basic.get_all_items_sources(r_list=True),
|
||||||
|
all_yara_files=Tracker.get_all_default_yara_files())
|
||||||
|
|
||||||
@hunter.route("/tracker/edit", methods=['GET', 'POST'])
|
@hunter.route("/tracker/edit", methods=['GET', 'POST'])
|
||||||
@login_required
|
@login_required
|
||||||
|
@ -147,7 +158,7 @@ def edit_tracked_menu():
|
||||||
if res: # invalid access
|
if res: # invalid access
|
||||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||||
|
|
||||||
dict_tracker = Tracker.get_tracker_metedata(tracker_uuid, user_id=True, level=True, description=True, tags=True, mails=True)
|
dict_tracker = Tracker.get_tracker_metedata(tracker_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sources=True)
|
||||||
dict_tracker['tags'] = ' '.join(dict_tracker['tags'])
|
dict_tracker['tags'] = ' '.join(dict_tracker['tags'])
|
||||||
dict_tracker['mails'] = ' '.join(dict_tracker['mails'])
|
dict_tracker['mails'] = ' '.join(dict_tracker['mails'])
|
||||||
|
|
||||||
|
@ -164,6 +175,7 @@ def edit_tracked_menu():
|
||||||
dict_tracker['content'] = Tracker.get_yara_rule_content(dict_tracker['tracker'])
|
dict_tracker['content'] = Tracker.get_yara_rule_content(dict_tracker['tracker'])
|
||||||
|
|
||||||
return render_template("edit_tracker.html", dict_tracker=dict_tracker,
|
return render_template("edit_tracker.html", dict_tracker=dict_tracker,
|
||||||
|
all_sources=item_basic.get_all_items_sources(r_list=True),
|
||||||
all_yara_files=Tracker.get_all_default_yara_files())
|
all_yara_files=Tracker.get_all_default_yara_files())
|
||||||
|
|
||||||
## TO EDIT
|
## TO EDIT
|
||||||
|
@ -193,7 +205,7 @@ def show_tracker():
|
||||||
if date_to:
|
if date_to:
|
||||||
date_to = date_to.replace('-', '')
|
date_to = date_to.replace('-', '')
|
||||||
|
|
||||||
tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True)
|
tracker_metadata = Tracker.get_tracker_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sources=True, sparkline=True)
|
||||||
|
|
||||||
if tracker_metadata['type'] == 'yara':
|
if tracker_metadata['type'] == 'yara':
|
||||||
yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term'])
|
yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term'])
|
||||||
|
@ -212,6 +224,8 @@ def show_tracker():
|
||||||
tracker_metadata['date_from'] = ''
|
tracker_metadata['date_from'] = ''
|
||||||
tracker_metadata['date_to'] = ''
|
tracker_metadata['date_to'] = ''
|
||||||
|
|
||||||
|
tracker_metadata['sources'] = sorted(tracker_metadata['sources'])
|
||||||
|
|
||||||
return render_template("showTracker.html", tracker_metadata=tracker_metadata,
|
return render_template("showTracker.html", tracker_metadata=tracker_metadata,
|
||||||
yara_rule_content=yara_rule_content,
|
yara_rule_content=yara_rule_content,
|
||||||
bootstrap_label=bootstrap_label)
|
bootstrap_label=bootstrap_label)
|
||||||
|
|
|
@ -8,11 +8,13 @@
|
||||||
<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
|
<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
|
||||||
<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
|
<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
|
||||||
<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet">
|
<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet">
|
||||||
|
<link href="{{ url_for('static', filename='css/tags.css') }}" rel="stylesheet">
|
||||||
|
|
||||||
<!-- JS -->
|
<!-- JS -->
|
||||||
<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
|
<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
|
||||||
<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
|
<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
|
||||||
<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
|
<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
|
||||||
|
<script src="{{ url_for('static', filename='js/tags.js') }}"></script>
|
||||||
|
|
||||||
</head>
|
</head>
|
||||||
|
|
||||||
|
@ -58,6 +60,8 @@
|
||||||
</div>
|
</div>
|
||||||
<input id="description" name="description" class="form-control" placeholder="Tracker Description (optional)" type="text" {%if dict_tracker%}{%if dict_tracker['description']%}value="{{dict_tracker['description']}}"{%endif%}{%endif%}>
|
<input id="description" name="description" class="form-control" placeholder="Tracker Description (optional)" type="text" {%if dict_tracker%}{%if dict_tracker['description']%}value="{{dict_tracker['description']}}"{%endif%}{%endif%}>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<input id="sources" style="width:100%;" type="text" name="sources" placeholder="Sources to track (ALL IF EMPTY)" autocomplete="off">
|
||||||
</div>
|
</div>
|
||||||
<div class="col-12 col-xl-3">
|
<div class="col-12 col-xl-3">
|
||||||
<div class="custom-control custom-switch mt-1">
|
<div class="custom-control custom-switch mt-1">
|
||||||
|
@ -135,10 +139,10 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
|
var ltags;
|
||||||
var chart = {};
|
var chart = {};
|
||||||
$(document).ready(function(){
|
$(document).ready(function(){
|
||||||
$("#page-Tracker").addClass("active");
|
$("#page-Tracker").addClass("active");
|
||||||
|
@ -148,6 +152,15 @@ $(document).ready(function(){
|
||||||
$("#nb_word").hide();
|
$("#nb_word").hide();
|
||||||
$("#yara_rule").hide();
|
$("#yara_rule").hide();
|
||||||
|
|
||||||
|
sources = $('#sources').tagSuggest({
|
||||||
|
data: {{all_sources|safe}},
|
||||||
|
{%if dict_tracker%}{%if dict_tracker['sources']%}value: {{dict_tracker['sources']|safe}},{%endif%}{%endif%}
|
||||||
|
sortOrder: 'name',
|
||||||
|
maxDropHeight: 200,
|
||||||
|
name: 'sources',
|
||||||
|
emptyText: 'Sources to track (ALL IF EMPTY)',
|
||||||
|
});
|
||||||
|
|
||||||
$('#tracker_type').on('change', function() {
|
$('#tracker_type').on('change', function() {
|
||||||
var tracker_type = this.value;
|
var tracker_type = this.value;
|
||||||
if (tracker_type=="word") {
|
if (tracker_type=="word") {
|
||||||
|
|
|
@ -27,7 +27,10 @@
|
||||||
|
|
||||||
<style>
|
<style>
|
||||||
.btn-link {
|
.btn-link {
|
||||||
color: #000000
|
color: #17a2b8
|
||||||
|
}
|
||||||
|
.btn-link:hover {
|
||||||
|
color: blue;
|
||||||
}
|
}
|
||||||
.mouse_pointer{
|
.mouse_pointer{
|
||||||
cursor: pointer;
|
cursor: pointer;
|
||||||
|
@ -48,12 +51,14 @@
|
||||||
|
|
||||||
<div class="card my-3">
|
<div class="card my-3">
|
||||||
<div class="card-header" style="background-color:#d9edf7;font-size: 15px">
|
<div class="card-header" style="background-color:#d9edf7;font-size: 15px">
|
||||||
<h4 class="text-secondary">{{ tracker_metadata['uuid'] }} </h4>
|
<h4 class="text-secondary">
|
||||||
<div class="text-info">
|
|
||||||
{%if tracker_metadata['description']%}
|
{%if tracker_metadata['description']%}
|
||||||
{{ tracker_metadata['description'] }}
|
{{ tracker_metadata['description'] }}
|
||||||
{%endif%}
|
{%endif%}
|
||||||
<span class="btn-link btn-interaction mouse_pointer" title="Edit Tracker description" onclick="edit_description();"><i class="fas fa-pencil-alt" style="color:Red;"></i></span></th>
|
<span class="btn-interaction btn-link h6 mouse_pointer" title="Edit Tracker description" onclick="edit_description();"><i class="fas fa-pencil-alt"></i></span>
|
||||||
|
</h4>
|
||||||
|
<div class="text-info">
|
||||||
|
{{ tracker_metadata['uuid'] }}
|
||||||
</div>
|
</div>
|
||||||
<ul class="list-group mb-2">
|
<ul class="list-group mb-2">
|
||||||
<li class="list-group-item py-0">
|
<li class="list-group-item py-0">
|
||||||
|
@ -111,6 +116,14 @@
|
||||||
<div id="sparkline"></div>
|
<div id="sparkline"></div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<h6>Sources:</h6>
|
||||||
|
{% if tracker_metadata['sources'] %}
|
||||||
|
{% for sources in tracker_metadata['sources'] %}
|
||||||
|
<span class="badge badge-secondary">{{ sources }}</span><br>
|
||||||
|
{% endfor %}
|
||||||
|
{% else %}
|
||||||
|
<span class="badge badge-secondary">All Souces</span><br>
|
||||||
|
{% endif %}
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
|
|
|
@ -33,14 +33,14 @@
|
||||||
</li>
|
</li>
|
||||||
<li class="nav-item">
|
<li class="nav-item">
|
||||||
<a class="nav-link" href="{{url_for('hunter.tracked_menu_regex')}}" id="nav_tracker_regex">
|
<a class="nav-link" href="{{url_for('hunter.tracked_menu_regex')}}" id="nav_tracker_regex">
|
||||||
<i class="fas fa-ruler-vertical"></i>
|
<i class="fas fa-drafting-compass"></i>
|
||||||
<span>Regex</span>
|
<span>Regex</span>
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
<li class="nav-item">
|
<li class="nav-item">
|
||||||
<a class="nav-link" href="{{url_for('hunter.tracked_menu_yara')}}" id="nav_tracker_yara">
|
<a class="nav-link" href="{{url_for('hunter.tracked_menu_yara')}}" id="nav_tracker_yara">
|
||||||
<i class="fas fa-ruler"></i>
|
<span class="bg-danger text-white font-weight-bold" style="font-size: 120%"> { </span>
|
||||||
<span>YARA</span>
|
<span> YARA</span>
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
Loading…
Reference in New Issue