AIL/ail-framework
7
0
Fork 0
mirror of https://github.com/ail-project/ail-framework.git synced 2024-11-23 06:37:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #232 from CIRCL/iban

Browse source 
Add Iban detection
This commit is contained in:
Thirion Aurélien 2018-08-01 08:57:48 +02:00 committed by GitHub
commit f7f4422ff1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 124 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

115
bin/BankAccount.py Executable file
View file

@ -0,0 +1,115 @@
#!/usr/bin/env python3
# -*-coding:UTF-8 -*
"""
The BankAccount Module
======================
It apply IBAN regexes on paste content and warn if above a threshold.
"""
import redis
import time
import re
import string
from itertools import chain
from packages import Paste
from pubsublogger import publisher
from Helper import Process
import signal
class TimeoutException(Exception):
pass
def timeout_handler(signum, frame):
raise TimeoutException
signal.signal(signal.SIGALRM, timeout_handler)
_LETTERS_IBAN = chain(enumerate(string.digits + string.ascii_uppercase),
enumerate(string.ascii_lowercase, 10))
LETTERS_IBAN = {ord(d): str(i) for i, d in _LETTERS_IBAN}
def iban_number(iban):
return (iban[4:] + iban[:4]).translate(LETTERS_IBAN)
def is_valid_iban(iban):
iban_numb = iban_number(iban)
iban_numb_check = iban_number(iban[:2] + '00' + iban[4:])
check_digit = '{:0>2}'.format(98 - (int(iban_numb_check) % 97))
if check_digit == iban[2:4] and int(iban_numb) % 97 == 1:
# valid iban
print('valid iban')
return True
return False
def check_all_iban(l_iban, paste, filename):
nb_valid_iban = 0
for iban in l_iban:
iban = iban[0]+iban[1]+iban[2]
iban = ''.join(e for e in iban if e.isalnum())
#iban = iban.upper()
res = iban_regex_verify.findall(iban)
if res:
print('checking '+iban)
if is_valid_iban(iban):
print('------')
nb_valid_iban = nb_valid_iban + 1
if(nb_valid_iban > 0):
to_print = 'Iban;{};{};{};'.format(paste.p_source, paste.p_date, paste.p_name)
publisher.warning('{}Checked found {} IBAN;{}'.format(
to_print, nb_valid_iban, paste.p_path))
msg = 'infoleak:automatic-detection="iban";{}'.format(filename)
p.populate_set_out(msg, 'Tags')
#Send to duplicate
p.populate_set_out(filename, 'Duplicate')
if __name__ == "__main__":
publisher.port = 6380
publisher.channel = "Script"
config_section = 'BankAccount'
p = Process(config_section)
max_execution_time = p.config.getint("BankAccount", "max_execution_time")
publisher.info("BankAccount started")
message = p.get_from_set()
#iban_regex = re.compile(r'\b[A-Za-z]{2}[0-9]{2}(?:[ ]?[0-9]{4}){4}(?:[ ]?[0-9]{1,2})?\b')
iban_regex = re.compile(r'\b([A-Za-z]{2}[ \-]?[0-9]{2})(?=(?:[ \-]?[A-Za-z0-9]){9,30})((?:[ \-]?[A-Za-z0-9]{3,5}){2,6})([ \-]?[A-Za-z0-9]{1,3})\b')
iban_regex_verify = re.compile(r'^([A-Z]{2})([0-9]{2})([A-Z0-9]{9,30})$')
while True:
message = p.get_from_set()
if message is not None:
filename = message
paste = Paste.Paste(filename)
content = paste.get_p_content()
signal.alarm(max_execution_time)
try:
l_iban = iban_regex.findall(content)
except TimeoutException:
print ("{0} processing timeout".format(paste.p_path))
continue
else:
signal.alarm(0)
if(len(l_iban) > 0):
check_all_iban(l_iban, paste, filename)
else:
publisher.debug("Script BankAccount is Idling 10s")
time.sleep(10)

2
bin/LAUNCH.sh
View file

@ -144,6 +144,8 @@ function launching_scripts {
sleep 0.1 sleep 0.1
screen -S "Script_AIL" -X screen -t "CreditCards" bash -c 'cd '${AIL_BIN}'; ./CreditCards.py; read x' screen -S "Script_AIL" -X screen -t "CreditCards" bash -c 'cd '${AIL_BIN}'; ./CreditCards.py; read x'
sleep 0.1 sleep 0.1
screen -S "Script_AIL" -X screen -t "BankAccount" bash -c 'cd '${AIL_BIN}'; ./BankAccount.py; read x'
sleep 0.1
screen -S "Script_AIL" -X screen -t "Onion" bash -c 'cd '${AIL_BIN}'; ./Onion.py; read x' screen -S "Script_AIL" -X screen -t "Onion" bash -c 'cd '${AIL_BIN}'; ./Onion.py; read x'
sleep 0.1 sleep 0.1
screen -S "Script_AIL" -X screen -t "Mail" bash -c 'cd '${AIL_BIN}'; ./Mail.py; read x' screen -S "Script_AIL" -X screen -t "Mail" bash -c 'cd '${AIL_BIN}'; ./Mail.py; read x'

3
bin/packages/config.cfg.sample
View file

@ -43,6 +43,9 @@ minute_processed_paste = 10
DiffMaxLineLength = 10000 DiffMaxLineLength = 10000
#### Modules #### #### Modules ####
[BankAccount]
max_execution_time = 60
[Categ] [Categ]
#Minimum number of match between the paste and the category file #Minimum number of match between the paste and the category file
matchingThreshold=1 matchingThreshold=1

4
bin/packages/modules.cfg
View file

@ -51,6 +51,10 @@ publish = Redis_CreditCards,Redis_Mail,Redis_Onion,Redis_Web,Redis_Credential,Re
subscribe = Redis_CreditCards subscribe = Redis_CreditCards
publish = Redis_Duplicate,Redis_ModuleStats,Redis_alertHandler,Redis_Tags publish = Redis_Duplicate,Redis_ModuleStats,Redis_alertHandler,Redis_Tags
[BankAccount]
subscribe = Redis_Global
publish = Redis_Duplicate,Redis_Tags
[Mail] [Mail]
subscribe = Redis_Mail subscribe = Redis_Mail
publish = Redis_Duplicate,Redis_ModuleStats,Redis_alertHandler,Redis_Tags publish = Redis_Duplicate,Redis_ModuleStats,Redis_alertHandler,Redis_Tags