CIRCL
/
AIL-framework
mirror of https://github.com/CIRCL/AIL-framework
2
1
Fork 0
Code Issues Releases Wiki Activity

chg: [RetroHunt] retro hunt on messages

ocr
terrtia 2024-03-12 13:54:56 +01:00
parent 9031376b50
commit dc0545dfd0
No known key found for this signature in database
GPG Key ID: 1E1B1F50D84613D0
5 changed files with 75 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
bin/lib/chats_viewer.py
View File

@ -323,6 +323,63 @@ def get_username_meta_from_global_id(username_global_id):
username = Usernames.Username(username_id, instance_uuid) username = Usernames.Username(username_id, instance_uuid)
return username.get_meta() return username.get_meta()
# TODO Filter
## Instance type
## Chats IDS
## SubChats IDS
## Threads IDS
## Daterange
def get_messages_iterator(filters={}):
for instance_uuid in get_chat_service_instances():
for chat_id in ChatServiceInstance(instance_uuid).get_chats():
chat = Chats.Chat(chat_id, instance_uuid)
# subchannels
for subchannel_gid in chat.get_subchannels():
_, _, subchannel_id = subchannel_gid.split(':', 2)
subchannel = ChatSubChannels.ChatSubChannel(subchannel_id, instance_uuid)
messages, _ = subchannel._get_messages(nb=-1)
for mess in messages:
_, _, message_id = mess[0].split(':', )
yield Messages.Message(message_id)
# threads
# threads
for threads in chat.get_threads():
thread = ChatThreads.ChatThread(threads['id'], instance_uuid)
_, _ = thread._get_messages(nb=-1)
for mess in messages:
message_id, _, message_id = mess[0].split(':', )
yield Messages.Message(message_id)
# messages
messages, _ = chat._get_messages(nb=-1)
for mess in messages:
_, _, message_id = mess[0].split(':', )
yield Messages.Message(message_id)
# threads ???
def get_nb_messages_iterator(filters={}):
nb_messages = 0
for instance_uuid in get_chat_service_instances():
for chat_id in ChatServiceInstance(instance_uuid).get_chats():
chat = Chats.Chat(chat_id, instance_uuid)
# subchannels
for subchannel_gid in chat.get_subchannels():
_, _, subchannel_id = subchannel_gid.split(':', 2)
subchannel = ChatSubChannels.ChatSubChannel(subchannel_id, instance_uuid)
nb_messages += subchannel.get_nb_messages()
# threads
for threads in chat.get_threads():
thread = ChatThreads.ChatThread(threads['id'], instance_uuid)
nb_messages += thread.get_nb_messages()
# messages
nb_messages += chat.get_nb_messages()
return nb_messages
#### API #### #### API ####
def api_get_chat_service_instance(chat_instance_uuid): def api_get_chat_service_instance(chat_instance_uuid):

4
bin/lib/objects/Messages.py
View File

@ -85,7 +85,8 @@ class Message(AbstractObject):
if r_type == 'str': if r_type == 'str':
return content return content
elif r_type == 'bytes': elif r_type == 'bytes':
return content.encode() if content:
return content.encode()
def get_date(self): def get_date(self):
timestamp = self.get_timestamp() timestamp = self.get_timestamp()
@ -339,7 +340,6 @@ def create(obj_id, content, translation=None, tags=[]):
message.create(content, translation=translation, tags=tags) message.create(content, translation=translation, tags=tags)
return message return message
# TODO Encode translation # TODO Encode translation

11
bin/lib/objects/ail_objects.py
View File

@ -18,6 +18,8 @@ from lib import relationships_engine
from lib import btc_ail from lib import btc_ail
from lib import Tag from lib import Tag
from lib import chats_viewer
from lib.objects import Chats from lib.objects import Chats
from lib.objects import ChatSubChannels from lib.objects import ChatSubChannels
from lib.objects import ChatThreads from lib.objects import ChatThreads
@ -32,7 +34,7 @@ from lib.objects import FilesNames
from lib.objects import HHHashs from lib.objects import HHHashs
from lib.objects.Items import Item, get_all_items_objects, get_nb_items_objects from lib.objects.Items import Item, get_all_items_objects, get_nb_items_objects
from lib.objects import Images from lib.objects import Images
from lib.objects.Messages import Message from lib.objects import Messages
from lib.objects import Pgps from lib.objects import Pgps
from lib.objects.Screenshots import Screenshot from lib.objects.Screenshots import Screenshot
from lib.objects import Titles from lib.objects import Titles
@ -90,7 +92,7 @@ def get_object(obj_type, subtype, obj_id):
elif obj_type == 'image': elif obj_type == 'image':
return Images.Image(obj_id) return Images.Image(obj_id)
elif obj_type == 'message': elif obj_type == 'message':
return Message(obj_id) return Messages.Message(obj_id)
elif obj_type == 'screenshot': elif obj_type == 'screenshot':
return Screenshot(obj_id) return Screenshot(obj_id)
elif obj_type == 'title': elif obj_type == 'title':
@ -296,6 +298,9 @@ def obj_iterator(obj_type, filters):
return get_all_items_objects(filters=filters) return get_all_items_objects(filters=filters)
elif obj_type == 'pgp': elif obj_type == 'pgp':
return Pgps.get_all_pgps_objects(filters=filters) return Pgps.get_all_pgps_objects(filters=filters)
elif obj_type == 'message':
return chats_viewer.get_messages_iterator(filters=filters)
def card_objs_iterators(filters): def card_objs_iterators(filters):
nb = 0 nb = 0
@ -310,6 +315,8 @@ def card_obj_iterator(obj_type, filters):
return get_nb_items_objects(filters=filters) return get_nb_items_objects(filters=filters)
elif obj_type == 'pgp': elif obj_type == 'pgp':
return Pgps.nb_all_pgps_objects(filters=filters) return Pgps.nb_all_pgps_objects(filters=filters)
elif obj_type == 'message':
return chats_viewer.get_nb_messages_iterator(filters=filters)
def get_ui_obj_tag_table_keys(obj_type): # TODO REMOVE ME def get_ui_obj_tag_table_keys(obj_type): # TODO REMOVE ME
""" """

3
bin/trackers/Retro_Hunt.py
View File

@ -88,6 +88,9 @@ class Retro_Hunt_Module(AbstractModule):
for obj in ail_objects.obj_iterator(obj_type, filters): for obj in ail_objects.obj_iterator(obj_type, filters):
self.obj = obj self.obj = obj
content = obj.get_content(r_type='bytes') content = obj.get_content(r_type='bytes')
if not content:
continue
rule.match(data=content, callback=self.yara_rules_match, rule.match(data=content, callback=self.yara_rules_match,
which_callbacks=yara.CALLBACK_MATCHES, timeout=timeout) which_callbacks=yara.CALLBACK_MATCHES, timeout=timeout)

4
var/www/templates/hunter/add_retro_hunt_task.html
View File

@ -78,6 +78,10 @@
<input class="custom-control-input" type="checkbox" name="decoded_obj" id="decoded_obj"> <input class="custom-control-input" type="checkbox" name="decoded_obj" id="decoded_obj">
<label class="custom-control-label" for="decoded_obj"><i class="fas fa-lock-open"></i>&nbsp;Decoded</label> <label class="custom-control-label" for="decoded_obj"><i class="fas fa-lock-open"></i>&nbsp;Decoded</label>
</div> </div>
<div class="custom-control custom-switch mt-1">
<input class="custom-control-input" type="checkbox" name="message_obj" id="message_obj" checked="">
<label class="custom-control-label" for="message_obj"><i class="fas fa-comment-dots"></i>&nbsp;Messages</label>
</div>
{# <div class="custom-control custom-switch mt-1">#} {# <div class="custom-control custom-switch mt-1">#}
{# <input class="custom-control-input" type="checkbox" name="domain_obj" id="domain_obj" checked="">#} {# <input class="custom-control-input" type="checkbox" name="domain_obj" id="domain_obj" checked="">#}
{# <label class="custom-control-label" for="domain_obj"><i class="fas fa-spider"></i>&nbsp;Domain</label>#} {# <label class="custom-control-label" for="domain_obj"><i class="fas fa-spider"></i>&nbsp;Domain</label>#}