AIL/ail-framework
7
0
Fork 0
mirror of https://github.com/ail-project/ail-framework.git synced 2024-11-30 01:37:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

chg: [tracker yara] show rule content

Browse source
This commit is contained in:
Terrtia 2020-08-19 11:37:51 +02:00
parent 0c466c5130
commit b7d37e81d4
No known key found for this signature in database
GPG key ID: 1E1B1F50D84613D0
3 changed files with 27 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
bin/lib/Tracker.py
View file

@ -123,6 +123,20 @@ def save_yara_rule(yara_rule_type, yara_rule, tracker_uuid=None):
if yara_rule_type == 'yara_default': if yara_rule_type == 'yara_default':
filename = os.path.join('ail-yara-rules', 'rules', yara_rule) filename = os.path.join('ail-yara-rules', 'rules', yara_rule)
return filename return filename
def get_yara_rule_content(yara_rule):
yara_dir = get_yara_rules_dir()
filename = os.path.join(yara_dir, yara_rule)
filename = os.path.realpath(filename)
# incorrect filename
if not os.path.commonprefix([filename, yara_dir]) == yara_dir:
return '' # # TODO: throw exception
with open(filename, 'r') as f:
rule_content = f.read()
return rule_content
##-- YARA --## ##-- YARA --##

9
var/www/modules/hunter/Flask_hunter.py
View file

@ -153,6 +153,11 @@ def show_tracker():
tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True) tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True)
if tracker_metadata['type'] == 'yara':
yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term'])
else:
yara_rule_content = None
if date_from: if date_from:
res = Term.parse_get_tracker_term_item({'uuid': term_uuid, 'date_from': date_from, 'date_to': date_to}, user_id) res = Term.parse_get_tracker_term_item({'uuid': term_uuid, 'date_from': date_from, 'date_to': date_to}, user_id)
if res[1] !=200: if res[1] !=200:
@ -165,7 +170,9 @@ def show_tracker():
tracker_metadata['date_from'] = '' tracker_metadata['date_from'] = ''
tracker_metadata['date_to'] = '' tracker_metadata['date_to'] = ''
return render_template("showTracker.html", tracker_metadata=tracker_metadata, bootstrap_label=bootstrap_label) return render_template("showTracker.html", tracker_metadata=tracker_metadata,
yara_rule_content=yara_rule_content,
bootstrap_label=bootstrap_label)
@hunter.route("/tracker/update_tracker_description", methods=['POST']) @hunter.route("/tracker/update_tracker_description", methods=['POST'])
@login_required @login_required

5
var/www/modules/hunter/templates/showTracker.html
View file

@ -175,6 +175,11 @@
<button class='btn btn-danger'><i class="fas fa-trash-alt"></i> <button class='btn btn-danger'><i class="fas fa-trash-alt"></i>
</button> </button>
</a> </a>
{%if yara_rule_content%}
<p class="my-0"></br></br><pre class="border bg-light">{{ yara_rule_content }}</pre></p>
{%endif%}
</div> </div>
</div> </div>