chg: [yara trackers UI] add yara trackers, show default yara rule

2024-11-23 06:37:15 +00:00 · 2020-09-03 16:33:10 +02:00 · 2020-09-03 16:33:10 +02:00 · d55c8221ad
commit d55c8221ad
parent 55ab603f27
3 changed files with 47 additions and 11 deletions
--- a/bin/lib/Tracker.py
+++ b/bin/lib/Tracker.py
@ -139,6 +139,22 @@ def get_yara_rule_content(yara_rule):
        rule_content = f.read()
    return rule_content
 def api_get_default_rule_content(default_yara_rule):
    yara_dir = get_yara_rules_default_dir()
    filename = os.path.join(yara_dir, default_yara_rule)
    filename = os.path.realpath(filename)
    # incorrect filename
    if not os.path.commonprefix([filename, yara_dir]) == yara_dir:
        return ({'status': 'error', 'reason': 'file transversal detected'}, 400)
    if not os.path.isfile(filename):
        return ({'status': 'error', 'reason': 'yara rule not found'}, 400)
    with open(filename, 'r') as f:
        rule_content = f.read()
    return ({'rule_name': default_yara_rule, 'content': rule_content}, 200)
 ##-- YARA --##
--- a/var/www/modules/hunter/Flask_hunter.py
+++ b/var/www/modules/hunter/Flask_hunter.py
@ -254,12 +254,13 @@ def get_json_tracker_stats():
        res = Term.get_list_tracked_term_stats_by_day([tracker_uuid])
    return jsonify(res)
-# @hunter.route("/tracker/get_all_default_yara_rules_by_type", methods=['GET'])
+@hunter.route("/tracker/yara/default_rule/content", methods=['GET'])
-# @login_required
+@login_required
-# @login_read_only
+@login_read_only
-# def get_all_default_yara_rules_by_type():
+def get_default_yara_rule_content():
-#     yara_types = request.args.get('yara_types')
+    default_yara_rule = request.args.get('rule_name')
-#     get_all_default_yara_rules_by_types(yara_types)
+    res = Tracker.api_get_default_rule_content(default_yara_rule)
    return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
 # ========= REGISTRATION =========
 app.register_blueprint(hunter, url_prefix=baseUrl)
--- a/var/www/modules/hunter/templates/Add_tracker.html
+++ b/var/www/modules/hunter/templates/Add_tracker.html
@ -89,10 +89,10 @@
 									</div>
-									<div class="" id="yara_rule">
+									<div class="mb-2" id="yara_rule">
 										<div class="" id="yara_default_rules">
-											<select class="custom-select w-100 mb-3" name="yara_default_rule">
+											<select class="custom-select w-100 mb-3" name="yara_default_rule" onchange="get_default_rule_content(this);">
 											  <option selected>Select a default rule</option>
 												{% for yara_types in all_yara_files %}
 													{% for yara_file in all_yara_files[yara_types] %}
@ -100,12 +100,17 @@
 													{% endfor %}
 												{% endfor %}
 											</select>
 											<pre class="border bg-light" id="default_yara_rule_content"></pre>
 										</div>
-									<div class="row" id="textarea">
+										<hr>
-										<textarea class="form-control mx-3" id="text_input" name="yara_custom_rule" placeholder="Enter your own YARA rule" rows="5"></textarea>
+
 										<div class="row" id="textarea">
 											<textarea class="form-control mx-3" id="text_input" name="yara_custom_rule" placeholder="Enter your own YARA rule" rows="5"></textarea>
 										</div>
 									</div>
 								</div>
 									<br>
 									<button class="btn btn-success mt-2">
@ -183,4 +188,18 @@ function toggle_sidebar(){
 	}
 }
 function get_default_rule_content(selector){
 	var yara_name = selector.value
 	if (yara_name === "Select a default rule") {
 		jQuery("#default_yara_rule_content").text("")
 	} else {
 		$.getJSON("{{ url_for('hunter.get_default_yara_rule_content') }}?rule_name=" + yara_name,
 			function(data) {
 				jQuery("#default_yara_rule_content").text(data['content'])
 		});
 	}
 }
 </script>