mirror of https://github.com/CIRCL/AIL-framework
chg: [tracker yara] show rule content
parent
0c466c5130
commit
b7d37e81d4
|
@ -123,6 +123,20 @@ def save_yara_rule(yara_rule_type, yara_rule, tracker_uuid=None):
|
|||
if yara_rule_type == 'yara_default':
|
||||
filename = os.path.join('ail-yara-rules', 'rules', yara_rule)
|
||||
return filename
|
||||
|
||||
def get_yara_rule_content(yara_rule):
|
||||
yara_dir = get_yara_rules_dir()
|
||||
filename = os.path.join(yara_dir, yara_rule)
|
||||
filename = os.path.realpath(filename)
|
||||
|
||||
# incorrect filename
|
||||
if not os.path.commonprefix([filename, yara_dir]) == yara_dir:
|
||||
return '' # # TODO: throw exception
|
||||
|
||||
with open(filename, 'r') as f:
|
||||
rule_content = f.read()
|
||||
return rule_content
|
||||
|
||||
##-- YARA --##
|
||||
|
||||
|
||||
|
|
|
@ -153,6 +153,11 @@ def show_tracker():
|
|||
|
||||
tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True)
|
||||
|
||||
if tracker_metadata['type'] == 'yara':
|
||||
yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term'])
|
||||
else:
|
||||
yara_rule_content = None
|
||||
|
||||
if date_from:
|
||||
res = Term.parse_get_tracker_term_item({'uuid': term_uuid, 'date_from': date_from, 'date_to': date_to}, user_id)
|
||||
if res[1] !=200:
|
||||
|
@ -165,7 +170,9 @@ def show_tracker():
|
|||
tracker_metadata['date_from'] = ''
|
||||
tracker_metadata['date_to'] = ''
|
||||
|
||||
return render_template("showTracker.html", tracker_metadata=tracker_metadata, bootstrap_label=bootstrap_label)
|
||||
return render_template("showTracker.html", tracker_metadata=tracker_metadata,
|
||||
yara_rule_content=yara_rule_content,
|
||||
bootstrap_label=bootstrap_label)
|
||||
|
||||
@hunter.route("/tracker/update_tracker_description", methods=['POST'])
|
||||
@login_required
|
||||
|
|
|
@ -175,6 +175,11 @@
|
|||
<button class='btn btn-danger'><i class="fas fa-trash-alt"></i>
|
||||
</button>
|
||||
</a>
|
||||
|
||||
{%if yara_rule_content%}
|
||||
<p class="my-0"></br></br><pre class="border bg-light">{{ yara_rule_content }}</pre></p>
|
||||
{%endif%}
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
Loading…
Reference in New Issue