diff --git a/bin/lib/Tracker.py b/bin/lib/Tracker.py index 44221474..6907d42e 100755 --- a/bin/lib/Tracker.py +++ b/bin/lib/Tracker.py @@ -12,9 +12,12 @@ import datetime from flask import escape +sys.path.append(os.path.join(os.environ['AIL_BIN'], 'packages/')) +import Date + sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib/')) import ConfigLoader -#import item_basic +import item_basic config_loader = ConfigLoader.ConfigLoader() r_serv_db = config_loader.get_redis_conn("ARDB_DB") @@ -103,7 +106,7 @@ def get_tracker_last_seen(tracker_uuid): else: return None -def get_tracker_metedata(tracker_uuid, user_id=False, description=False, level=False, tags=False, mails=False, sparkline=False): +def get_tracker_metedata(tracker_uuid, user_id=False, description=False, level=False, tags=False, mails=False, sources=True, sparkline=False): dict_uuid = {} dict_uuid['tracker'] = get_tracker_by_uuid(tracker_uuid) dict_uuid['type'] = get_tracker_type(tracker_uuid) @@ -117,6 +120,8 @@ def get_tracker_metedata(tracker_uuid, user_id=False, description=False, level=F dict_uuid['level'] = get_tracker_level(tracker_uuid) if mails: dict_uuid['mails'] = get_tracker_mails(tracker_uuid) + if sources: + dict_uuid['sources'] = get_tracker_uuid_sources(tracker_uuid) if tags: dict_uuid['tags'] = get_tracker_tags(tracker_uuid) if sparkline: @@ -318,18 +323,23 @@ def create_tracker(tracker, tracker_type, user_id, level, tags, mails, descripti r_serv_tracker.sadd('global:tracker', tracker_uuid) r_serv_tracker.sadd('global:tracker:{}'.format(tracker_type), tracker_uuid) + if edit_tracker: + r_serv_tracker.delete(f'tracker:tags:{tracker_uuid}') + r_serv_tracker.delete(f'tracker:mail:{tracker_uuid}') + r_serv_tracker.delete(f'tracker:sources:{tracker_uuid}') + # create tracker tags list for tag in tags: - r_serv_tracker.sadd('tracker:tags:{}'.format(tracker_uuid), escape(tag) ) + r_serv_tracker.sadd(f'tracker:tags:{tracker_uuid}', escape(tag)) # create tracker tags mail notification list for mail in mails: - r_serv_tracker.sadd('tracker:mail:{}'.format(tracker_uuid), escape(mail) ) + r_serv_tracker.sadd(f'tracker:mail:{tracker_uuid}', escape(mail)) # create tracker sources filter for source in sources: # escape source ? - r_serv_tracker.sadd(f'tracker:sources:{tracker_uuid}', escape(source) ) + r_serv_tracker.sadd(f'tracker:sources:{tracker_uuid}', escape(source)) # toggle refresh module tracker list/set r_serv_tracker.set('tracker:refresh:{}'.format(tracker_type), time.time()) @@ -359,7 +369,11 @@ def api_add_tracker(dict_input, user_id): res = verify_mail_list(mails) if res: return res + sources = dict_input.get('sources', []) + res = item_basic.verify_sources_list(sources) + if res: + return res ## TODO: add dashboard key level = dict_input.get('level', 1) diff --git a/bin/lib/item_basic.py b/bin/lib/item_basic.py index e9145117..5991c70d 100755 --- a/bin/lib/item_basic.py +++ b/bin/lib/item_basic.py @@ -185,7 +185,6 @@ def _get_dir_source_name(directory, source_name=None, l_sources_name=set(), filt # empty directory if not l_dir: return l_sources_name.add(source_name) - return l_sources_name else: for src_name in l_dir: if len(src_name) == 4: @@ -201,13 +200,22 @@ def _get_dir_source_name(directory, source_name=None, l_sources_name=set(), filt # pass if source_name: src_name = os.path.join(source_name, src_name) - l_sources_name = _get_dir_source_name(directory, source_name=src_name, l_sources_name=l_sources_name) + l_sources_name = _get_dir_source_name(directory, source_name=src_name, l_sources_name=l_sources_name, filter_dir=filter_dir) return l_sources_name -def get_all_items_sources(): - res = _get_dir_source_name(PASTES_FOLDER) - print(res) +def get_all_items_sources(filter_dir=True, r_list=False): + res = _get_dir_source_name(PASTES_FOLDER, filter_dir=filter_dir) + if r_list: + res = list(res) + return res + +def verify_sources_list(sources): + all_sources = get_all_items_sources() + for source in sources: + if source not in all_sources: + return ({'status': 'error', 'reason': 'Invalid source', 'value': source}, 400) + return None ##-- --## diff --git a/var/www/modules/hunter/Flask_hunter.py b/var/www/modules/hunter/Flask_hunter.py index 1ada2914..41d1dff1 100644 --- a/var/www/modules/hunter/Flask_hunter.py +++ b/var/www/modules/hunter/Flask_hunter.py @@ -21,6 +21,7 @@ from flask_login import login_required, current_user sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib')) import Term import Tracker +import item_basic # ============ VARIABLES ============ import Flask_config @@ -101,6 +102,7 @@ def add_tracked_menu(): level = request.form.get("level", 0) tags = request.form.get("tags", []) mails = request.form.get("mails", []) + sources = request.form.get("sources", []) # YARA # if tracker_type == 'yara': @@ -121,20 +123,29 @@ def add_tracked_menu(): mails = mails.split() if tags: tags = tags.split() + if sources: + sources = json.loads(sources) - input_dict = {"tracker": tracker, "type": tracker_type, "nb_words": nb_words, "tags": tags, "mails": mails, "level": level, "description": description} + input_dict = {"tracker": tracker, "type": tracker_type, "nb_words": nb_words, + "tags": tags, "mails": mails, "sources": sources, + "level": level, "description": description} user_id = current_user.get_id() # edit tracker if tracker_uuid: input_dict['uuid'] = tracker_uuid res = Tracker.api_add_tracker(input_dict, user_id) if res[1] == 200: - return redirect(url_for('hunter.tracked_menu')) + if 'uuid' in res[0]: + return redirect(url_for('hunter.show_tracker', uuid=res[0]['uuid'])) + else: + return redirect(url_for('hunter.tracked_menu')) else: ## TODO: use modal return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1] else: - return render_template("edit_tracker.html", all_yara_files=Tracker.get_all_default_yara_files()) + return render_template("edit_tracker.html", + all_sources=item_basic.get_all_items_sources(r_list=True), + all_yara_files=Tracker.get_all_default_yara_files()) @hunter.route("/tracker/edit", methods=['GET', 'POST']) @login_required @@ -147,7 +158,7 @@ def edit_tracked_menu(): if res: # invalid access return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1] - dict_tracker = Tracker.get_tracker_metedata(tracker_uuid, user_id=True, level=True, description=True, tags=True, mails=True) + dict_tracker = Tracker.get_tracker_metedata(tracker_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sources=True) dict_tracker['tags'] = ' '.join(dict_tracker['tags']) dict_tracker['mails'] = ' '.join(dict_tracker['mails']) @@ -164,6 +175,7 @@ def edit_tracked_menu(): dict_tracker['content'] = Tracker.get_yara_rule_content(dict_tracker['tracker']) return render_template("edit_tracker.html", dict_tracker=dict_tracker, + all_sources=item_basic.get_all_items_sources(r_list=True), all_yara_files=Tracker.get_all_default_yara_files()) ## TO EDIT @@ -193,7 +205,7 @@ def show_tracker(): if date_to: date_to = date_to.replace('-', '') - tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True) + tracker_metadata = Tracker.get_tracker_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sources=True, sparkline=True) if tracker_metadata['type'] == 'yara': yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term']) @@ -212,6 +224,8 @@ def show_tracker(): tracker_metadata['date_from'] = '' tracker_metadata['date_to'] = '' + tracker_metadata['sources'] = sorted(tracker_metadata['sources']) + return render_template("showTracker.html", tracker_metadata=tracker_metadata, yara_rule_content=yara_rule_content, bootstrap_label=bootstrap_label) diff --git a/var/www/modules/hunter/templates/edit_tracker.html b/var/www/modules/hunter/templates/edit_tracker.html index 54eb5bcc..1f60177b 100644 --- a/var/www/modules/hunter/templates/edit_tracker.html +++ b/var/www/modules/hunter/templates/edit_tracker.html @@ -8,11 +8,13 @@ + + @@ -58,6 +60,8 @@ + +
@@ -135,10 +139,10 @@
-