2018-05-04 11:53:29 +00:00
#!/usr/bin/env python3
2016-12-09 07:46:37 +00:00
# -*-coding:UTF-8 -*
'''
Flask global variables shared accross modules
'''
2018-04-17 14:06:32 +00:00
import configparser
2016-12-09 07:46:37 +00:00
import redis
import os
2019-06-20 08:56:31 +00:00
import re
2018-06-14 14:51:06 +00:00
import sys
2016-12-09 07:46:37 +00:00
# FLASK #
app = None
# CONFIG #
configfile = os . path . join ( os . environ [ ' AIL_BIN ' ] , ' packages/config.cfg ' )
if not os . path . exists ( configfile ) :
raise Exception ( ' Unable to find the configuration file. \
Did you set environment variables ? \
Or activate the virtualenv . ' )
2018-04-17 14:06:32 +00:00
cfg = configparser . ConfigParser ( )
2016-12-09 07:46:37 +00:00
cfg . read ( configfile )
# REDIS #
r_serv = redis . StrictRedis (
host = cfg . get ( " Redis_Queues " , " host " ) ,
port = cfg . getint ( " Redis_Queues " , " port " ) ,
2018-05-04 11:53:29 +00:00
db = cfg . getint ( " Redis_Queues " , " db " ) ,
decode_responses = True )
2016-12-09 07:46:37 +00:00
2019-01-29 11:00:14 +00:00
r_cache = redis . StrictRedis (
host = cfg . get ( " Redis_Cache " , " host " ) ,
port = cfg . getint ( " Redis_Cache " , " port " ) ,
db = cfg . getint ( " Redis_Cache " , " db " ) ,
decode_responses = True )
2016-12-09 07:46:37 +00:00
r_serv_log = redis . StrictRedis (
host = cfg . get ( " Redis_Log " , " host " ) ,
port = cfg . getint ( " Redis_Log " , " port " ) ,
2018-05-04 11:53:29 +00:00
db = cfg . getint ( " Redis_Log " , " db " ) ,
decode_responses = True )
2016-12-09 07:46:37 +00:00
2018-06-05 14:58:04 +00:00
r_serv_log_submit = redis . StrictRedis (
host = cfg . get ( " Redis_Log_submit " , " host " ) ,
port = cfg . getint ( " Redis_Log_submit " , " port " ) ,
db = cfg . getint ( " Redis_Log_submit " , " db " ) ,
decode_responses = True )
2016-12-09 07:46:37 +00:00
r_serv_charts = redis . StrictRedis (
2018-05-07 12:50:40 +00:00
host = cfg . get ( " ARDB_Trending " , " host " ) ,
port = cfg . getint ( " ARDB_Trending " , " port " ) ,
db = cfg . getint ( " ARDB_Trending " , " db " ) ,
2018-05-04 11:53:29 +00:00
decode_responses = True )
2016-12-09 07:46:37 +00:00
r_serv_sentiment = redis . StrictRedis (
2018-05-07 12:50:40 +00:00
host = cfg . get ( " ARDB_Sentiment " , " host " ) ,
port = cfg . getint ( " ARDB_Sentiment " , " port " ) ,
db = cfg . getint ( " ARDB_Sentiment " , " db " ) ,
2018-05-04 11:53:29 +00:00
decode_responses = True )
2016-12-09 07:46:37 +00:00
r_serv_term = redis . StrictRedis (
2018-05-07 12:50:40 +00:00
host = cfg . get ( " ARDB_TermFreq " , " host " ) ,
port = cfg . getint ( " ARDB_TermFreq " , " port " ) ,
db = cfg . getint ( " ARDB_TermFreq " , " db " ) ,
2018-05-04 11:53:29 +00:00
decode_responses = True )
2016-12-09 07:46:37 +00:00
2017-07-18 14:57:15 +00:00
r_serv_cred = redis . StrictRedis (
2018-05-07 12:50:40 +00:00
host = cfg . get ( " ARDB_TermCred " , " host " ) ,
port = cfg . getint ( " ARDB_TermCred " , " port " ) ,
db = cfg . getint ( " ARDB_TermCred " , " db " ) ,
2018-05-04 11:53:29 +00:00
decode_responses = True )
2017-07-18 14:57:15 +00:00
2016-12-09 07:46:37 +00:00
r_serv_pasteName = redis . StrictRedis (
host = cfg . get ( " Redis_Paste_Name " , " host " ) ,
port = cfg . getint ( " Redis_Paste_Name " , " port " ) ,
2018-05-04 11:53:29 +00:00
db = cfg . getint ( " Redis_Paste_Name " , " db " ) ,
decode_responses = True )
2016-12-09 07:46:37 +00:00
2018-05-15 21:28:47 +00:00
r_serv_tags = redis . StrictRedis (
host = cfg . get ( " ARDB_Tags " , " host " ) ,
port = cfg . getint ( " ARDB_Tags " , " port " ) ,
db = cfg . getint ( " ARDB_Tags " , " db " ) ,
decode_responses = True )
r_serv_metadata = redis . StrictRedis (
host = cfg . get ( " ARDB_Metadata " , " host " ) ,
port = cfg . getint ( " ARDB_Metadata " , " port " ) ,
db = cfg . getint ( " ARDB_Metadata " , " db " ) ,
decode_responses = True )
2018-06-08 14:49:20 +00:00
r_serv_db = redis . StrictRedis (
host = cfg . get ( " ARDB_DB " , " host " ) ,
port = cfg . getint ( " ARDB_DB " , " port " ) ,
db = cfg . getint ( " ARDB_DB " , " db " ) ,
decode_responses = True )
2018-06-19 13:09:26 +00:00
r_serv_statistics = redis . StrictRedis (
host = cfg . get ( " ARDB_Statistics " , " host " ) ,
port = cfg . getint ( " ARDB_Statistics " , " port " ) ,
db = cfg . getint ( " ARDB_Statistics " , " db " ) ,
decode_responses = True )
2018-08-16 15:24:39 +00:00
r_serv_onion = redis . StrictRedis (
host = cfg . get ( " ARDB_Onion " , " host " ) ,
port = cfg . getint ( " ARDB_Onion " , " port " ) ,
db = cfg . getint ( " ARDB_Onion " , " db " ) ,
decode_responses = True )
2018-06-14 14:51:06 +00:00
sys . path . append ( ' ../../configs/keys ' )
# MISP #
try :
2018-06-19 09:31:30 +00:00
from pymisp import PyMISP
2018-06-14 14:51:06 +00:00
from mispKEYS import misp_url , misp_key , misp_verifycert
pymisp = PyMISP ( misp_url , misp_key , misp_verifycert )
misp_event_url = misp_url + ' /events/view/ '
print ( ' Misp connected ' )
except :
print ( ' Misp not connected ' )
2018-06-15 15:25:43 +00:00
pymisp = False
2018-06-14 14:51:06 +00:00
misp_event_url = ' # '
# The Hive #
try :
2018-06-19 09:31:30 +00:00
from thehive4py . api import TheHiveApi
import thehive4py . exceptions
from theHiveKEYS import the_hive_url , the_hive_key , the_hive_verifycert
2018-06-15 15:25:43 +00:00
if the_hive_url == ' ' :
HiveApi = False
hive_case_url = ' # '
print ( ' The HIVE not connected ' )
else :
2018-06-19 09:31:30 +00:00
HiveApi = TheHiveApi ( the_hive_url , the_hive_key , cert = the_hive_verifycert )
2018-06-15 15:25:43 +00:00
hive_case_url = the_hive_url + ' /index.html#/case/id_here/details '
2018-06-14 14:51:06 +00:00
except :
print ( ' The HIVE not connected ' )
2018-06-15 15:25:43 +00:00
HiveApi = False
2018-06-14 14:51:06 +00:00
hive_case_url = ' # '
2018-06-19 09:43:16 +00:00
if HiveApi != False :
2018-06-19 09:42:06 +00:00
try :
HiveApi . get_alert ( 0 )
print ( ' The Hive connected ' )
except thehive4py . exceptions . AlertException :
HiveApi = False
print ( ' The Hive not connected ' )
2018-06-19 09:31:30 +00:00
2019-07-25 15:26:32 +00:00
#### VARIABLES ####
2018-09-20 08:38:19 +00:00
baseUrl = cfg . get ( " Flask " , " baseurl " )
baseUrl = baseUrl . replace ( ' / ' , ' ' )
if baseUrl != ' ' :
baseUrl = ' / ' + baseUrl
2016-12-09 07:46:37 +00:00
max_preview_char = int ( cfg . get ( " Flask " , " max_preview_char " ) ) # Maximum number of character to display in the tooltip
max_preview_modal = int ( cfg . get ( " Flask " , " max_preview_modal " ) ) # Maximum number of character to display in the modal
2019-03-20 12:25:02 +00:00
max_tags_result = 50
2017-12-12 10:00:26 +00:00
DiffMaxLineLength = int ( cfg . get ( " Flask " , " DiffMaxLineLength " ) ) #Use to display the estimated percentage instead of a raw value
2018-06-01 09:26:45 +00:00
bootstrap_label = [ ' primary ' , ' success ' , ' danger ' , ' warning ' , ' info ' ]
2018-06-08 14:49:20 +00:00
2019-04-24 14:19:35 +00:00
dict_update_description = { ' v1.5 ' : { ' nb_background_update ' : 5 , ' update_warning_message ' : ' An Update is running on the background. Some informations like Tags, screenshot can be ' ,
2019-04-18 08:56:00 +00:00
' update_warning_message_notice_me ' : ' missing from the UI. ' }
}
2018-06-08 14:49:20 +00:00
UPLOAD_FOLDER = os . path . join ( os . environ [ ' AIL_FLASK ' ] , ' submitted ' )
2018-07-26 09:35:54 +00:00
2018-11-21 15:45:25 +00:00
PASTES_FOLDER = os . path . join ( os . environ [ ' AIL_HOME ' ] , cfg . get ( " Directories " , " pastes " ) ) + ' / '
2019-04-24 12:09:04 +00:00
SCREENSHOT_FOLDER = os . path . join ( os . environ [ ' AIL_HOME ' ] , cfg . get ( " Directories " , " crawled_screenshot " ) , ' screenshot ' )
2018-08-16 15:24:39 +00:00
2019-04-16 15:24:59 +00:00
REPO_ORIGIN = ' https://github.com/CIRCL/AIL-framework.git '
2018-07-26 09:35:54 +00:00
max_dashboard_logs = int ( cfg . get ( " Flask " , " max_dashboard_logs " ) )
2018-08-24 08:35:28 +00:00
2019-06-04 12:22:46 +00:00
crawler_enabled = cfg . getboolean ( " Crawler " , " activate_crawler " )
2019-06-24 11:43:16 +00:00
email_regex = r ' [a-zA-Z0-9._ % +-]+@[a-zA-Z0-9.-]+ \ .[a-zA-Z] { 2,6} '
2019-06-20 08:56:31 +00:00
email_regex = re . compile ( email_regex )
2019-07-26 12:28:02 +00:00
IMPORT_MAX_TEXT_SIZE = 900000 # size in bytes
2018-08-24 08:35:28 +00:00
# VT
2018-06-29 08:02:29 +00:00
try :
from virusTotalKEYS import vt_key
if vt_key != ' ' :
vt_auth = vt_key
vt_enabled = True
print ( ' VT submission is enabled ' )
else :
vt_enabled = False
print ( ' VT submission is disabled ' )
except :
vt_auth = { ' apikey ' : cfg . get ( " Flask " , " max_preview_char " ) }
vt_enabled = False
print ( ' VT submission is disabled ' )