当前位置: 首页>>代码示例>>Python>>正文


Python __sessions__.is_attached_misp函数代码示例

本文整理汇总了Python中viper.core.session.__sessions__.is_attached_misp函数的典型用法代码示例。如果您正苦于以下问题:Python is_attached_misp函数的具体用法?Python is_attached_misp怎么用?Python is_attached_misp使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了is_attached_misp函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: misp

    def misp(self, option, verbose=False, submit=False):
        if option == 'download_all':
            for event in self._get_local_events(os.path.join(self.cur_path, 'misp_events')):
                self._download_hashes(MispEvent(event), False)
            return

        if not __sessions__.is_attached_misp():
            return

        if option == 'hashes':
            ehashes, shashes = __sessions__.current.misp_event.get_all_hashes()
            to_scan = sorted(ehashes + shashes, key=len)
            while to_scan:
                h = to_scan.pop()
                response = self.scan(h, verbose)
                if response and not isinstance(response, bool):
                    to_scan = [eh for eh in to_scan if eh not in response]
        elif option == 'download':
            self._download_hashes(__sessions__.current.misp_event, verbose)
        elif option == "ips":
            ips = __sessions__.current.misp_event.get_all_ips()
            for ip in ips:
                self.pdns_ip(ip, verbose)
        elif option == "domains":
            domains = __sessions__.current.misp_event.get_all_domains()
            for d in domains:
                self.pdns_domain(d, verbose)
        elif option == "urls":
            urls = __sessions__.current.misp_event.get_all_urls()
            for u in urls:
                self.url(u, verbose, submit)
开发者ID:chubbymaggie,项目名称:viper,代码行数:31,代码来源:virustotal.py

示例2: _dump

    def _dump(self, event=None):
        event_path = os.path.join(self.cur_path, 'misp_events')
        if not os.path.exists(event_path):
            os.makedirs(event_path)

        if not event:
            to_dump = __sessions__.current.misp_event.event
        elif isinstance(event, MISPEvent):
            to_dump = event
        else:
            to_dump = MISPEvent()
            to_dump.load(event)
        if to_dump.id:
            filename = str(to_dump.id)
        elif (__sessions__.is_attached_misp(True) and
                __sessions__.current.misp_event.current_dump_file):
            filename = __sessions__.current.misp_event.current_dump_file
        else:
            i = 1
            while True:
                filename = 'new_event_{}.json'.format(i)
                if not os.path.exists(os.path.join(event_path, filename)):
                    break
                i += 1

        path = os.path.join(event_path, filename)
        with open(path, 'w') as f:
            f.write(to_dump.to_json())
        self.log('success', '{} stored successfully.'.format(filename.rstrip('.json')))
        return filename
开发者ID:emdel,项目名称:viper,代码行数:30,代码来源:misp.py

示例3: add_file

        def add_file(obj, tags=None):
            if get_sample_path(obj.sha256):
                self.log('warning', "Skip, file \"{0}\" appears to be already stored".format(obj.name))
                return False

            if __sessions__.is_attached_misp(quiet=True):
                if tags is not None:
                    tags += ',misp:{}'.format(__sessions__.current.misp_event.event.id)
                else:
                    tags = 'misp:{}'.format(__sessions__.current.misp_event.event.id)

            # Try to store file object into database.
            status = db.add(obj=obj, tags=tags)
            if status:
                # If succeeds, store also in the local repository.
                # If something fails in the database (for example unicode strings)
                # we don't want to have the binary lying in the repository with no
                # associated database record.
                new_path = store_sample(obj)
                self.log("success", "Stored file \"{0}\" to {1}".format(obj.name, new_path))

            else:
                return False

            # Delete the file if requested to do so.
            if args.delete:
                try:
                    os.unlink(obj.path)
                except Exception as e:
                    self.log('warning', "Failed deleting file: {0}".format(e))

            return True
开发者ID:Rafiot,项目名称:viper,代码行数:32,代码来源:commands.py

示例4: store

 def store(self):
     try:
         event_path = os.path.join(self.cur_path, 'misp_events')
         if not os.path.exists(event_path):
             os.mkdir(event_path)
         if self.args.list:
             header = ['Event ID', 'Title']
             rows = []
             for eid, path, title in self._get_local_events(event_path):
                 rows.append((eid, title))
             self.log('table', dict(header=header, rows=sorted(rows, key=lambda i: (int(i[0])))))
         elif self.args.update:
             for eid, path, title in self._get_local_events(event_path):
                 event = self.misp.get(eid)
                 with open(path, 'w') as f:
                     f.write(json.dumps(event))
                 self.log('success', '{} updated successfully.'.format(eid))
         elif self.args.delete:
             path = os.path.join(event_path, '{}.json'.format(self.args.delete))
             if os.path.exists(path):
                 os.remove(path)
                 self.log('success', '{} removed successfully.'.format(self.args.delete))
             else:
                 self.log('error', '{} does not exists.'.format(self.args.delete))
         elif self.args.open:
             path = os.path.join(event_path, '{}.json'.format(self.args.open))
             if os.path.exists(path):
                 e_json = json.loads(open(path, 'r').read())
                 __sessions__.new(misp_event=MispEvent(e_json))
             else:
                 self.log('error', '{} does not exists.'.format(self.args.open))
         elif __sessions__.is_attached_misp():
             self._dump(__sessions__.current.misp_event.event)
     except IOError as e:
         self.log('error', e.strerror)
开发者ID:GuardianRG,项目名称:viper,代码行数:35,代码来源:misp.py

示例5: _get_eventid

 def _get_eventid(self, quiet=False):
     if vars(self.args).get('event'):
         return self.args.event
     else:
         # Get current event ID if possible
         if not __sessions__.is_attached_misp(quiet):
             return None
         return __sessions__.current.misp_event.event.id
开发者ID:emdel,项目名称:viper,代码行数:8,代码来源:misp.py

示例6: misp

    def misp(self, option):
        if not __sessions__.is_attached_misp():
            return

        if option == 'ips':
            ips = __sessions__.current.misp_event.get_all_ips()
            for ip in ips:
                self.query_ip(ip)
开发者ID:AnyMaster,项目名称:viper,代码行数:8,代码来源:pssl.py

示例7: misp

    def misp(self, option, verbose=False):
        if not __sessions__.is_attached_misp():
            return

        if option == 'ips':
            ips = __sessions__.current.misp_event.get_all_ips()
            for ip in ips:
                self.query(ip, verbose)
        elif option == 'domains':
            domains = __sessions__.current.misp_event.get_all_domains()
            for d in domains:
                self.query(d, verbose)
开发者ID:Rafiot,项目名称:viper,代码行数:12,代码来源:pdns.py

示例8: _display_tmp_files

 def _display_tmp_files(self):
     cureid = None
     if __sessions__.is_attached_misp(True):
         cureid = __sessions__.current.misp_event.event.id
     header = ['Sample ID', 'Current', 'Event ID', 'Filename']
     rows = []
     i = 0
     tmp_samples = self._load_tmp_samples()
     if len(tmp_samples) == 0:
         self.log('warning', 'No temporary samples available.')
         return
     for eid, path, name in tmp_samples:
         if eid == cureid:
             rows.append((i, '*', eid, name))
         else:
             rows.append((i, '', eid, name))
         i += 1
     self.log('table', dict(header=header, rows=rows))
开发者ID:chubbymaggie,项目名称:viper,代码行数:18,代码来源:virustotal.py

示例9: _display_tmp_files

 def _display_tmp_files(self):
     cureid = None
     if __sessions__.is_attached_misp(True):
         cureid = self._get_eventid()
     header = ["Sample ID", "Current", "Event ID", "Filename"]
     rows = []
     i = 0
     tmp_samples = self._load_tmp_samples()
     if len(tmp_samples) == 0:
         self.log("warning", "No temporary samples available.")
         return
     for eid, path, name in tmp_samples:
         if eid == cureid:
             rows.append((i, "*", eid, name))
         else:
             rows.append((i, "", eid, name))
         i += 1
     self.log("table", dict(header=header, rows=rows))
开发者ID:S2R2,项目名称:viper,代码行数:18,代码来源:misp.py

示例10: download

    def download(self, filehash, open_session=True, force_eid=None, verbose=True):
        # FIXME: private and intel API are inconsistent to save a file.
        samples_path = os.path.join(self.cur_path, 'vt_samples')
        if __sessions__.is_attached_misp(True):
            samples_path = os.path.join(samples_path, __sessions__.current.misp_event.event.id)
        elif force_eid:
            samples_path = os.path.join(samples_path, force_eid)

        if not os.path.exists(samples_path):
            os.makedirs(samples_path)

        filename = os.path.join(samples_path, filehash)
        if os.path.exists(filename):
            self.log('info', '{} has already been downloaded.'.format(filehash))
            return

        if cfg.virustotal.virustotal_has_private_key:
            response = self.vt.get_file(filehash)
            if not self._has_fail(response):
                with open(filename, 'w') as f:
                    f.write(response)
            else:
                return

        elif cfg.virustotal.virustotal_has_intel_key:
            response = self.vt_intel.get_file(filehash, samples_path)
            if self._has_fail(response):
                return
        else:
            self.log('error', 'This command requires virustotal private ot intelligence API key')
            return

        if open_session:
            return __sessions__.new(filename)
        self.log('success', 'Successfully downloaded {}'.format(filehash))
        if verbose:
            self._display_tmp_files()
开发者ID:chubbymaggie,项目名称:viper,代码行数:37,代码来源:virustotal.py

示例11: run

    def run(self):
        super(MISP, self).run()

        if self.args is None:
            return

        if not HAVE_PYMISP:
            self.log('error', "Missing dependency, install pymisp (`pip install pymisp`)")
            return

        self.offline_mode = False
        if self.args.on:
            self.offline_mode = False
            if __sessions__.is_attached_misp(True):
                __sessions__.current.misp_event.off = False
        elif self.args.off or (__sessions__.is_attached_misp(True) and
                               __sessions__.current.misp_event.off):
            self.offline_mode = True
            if __sessions__.is_attached_misp(True):
                __sessions__.current.misp_event.off = True

        self.url = self.args.url
        if self.url is None:
            self.url = cfg.misp.misp_url
        if self.url is None:
            self.log('error', "This command requires the URL of the MISP instance you want to query.")
            return

        self.key = self.args.key
        if self.key is None:
            self.key = cfg.misp.misp_key
        if self.key is None:
            self.log('error', "This command requires a MISP private API key.")
            return

        if not self.args.verify:
            verify = False
        else:
            verify = cfg.misp.tls_verify

        # Capture default distribution and sharing group settings. Backwards compatability and empty string check
        self.distribution = cfg.misp.get("misp_distribution", None)
        self.distribution = None if self.distribution == "" else self.distribution
        if type(self.distribution) not in (type(None), int):
            self.distribution = None
            self.log('info', "The distribution stored in viper config is not an integer, setting to None")

        self.sharinggroup = cfg.misp.get("misp_sharinggroup", None)
        self.sharinggroup = None if self.sharinggroup == "" else self.sharinggroup
        if type(self.sharinggroup) not in (type(None), int):
            self.sharinggroup = None
            self.log('info', "The sharing group stored in viper config is not an integer, setting to None")

        if not self.offline_mode:
            try:
                self.misp = PyMISP(self.url, self.key, ssl=verify, proxies=cfg.misp.proxies, cert=cfg.misp.cert)
            except PyMISPError as e:
                self.log('error', e.message)
                return

        # Require an open MISP session
        if self.args.subname in ['add_hashes', 'add', 'show', 'publish'] and not __sessions__.is_attached_misp():
            return

        # Require an open file session
        if self.args.subname in ['upload'] and not __sessions__.is_attached_file():
            return

        try:
            if self.args.subname == 'upload':
                self.upload()
            elif self.args.subname == 'search':
                self.searchall()
            elif self.args.subname == 'download':
                self.download()
            elif self.args.subname == 'check_hashes':
                self.check_hashes()
            elif self.args.subname == 'yara':
                self.yara()
            elif self.args.subname == 'pull':
                self.pull()
            elif self.args.subname == 'create_event':
                self.create_event()
            elif self.args.subname == 'add':
                self.add()
            elif self.args.subname == 'add_hashes':
                self.add_hashes()
            elif self.args.subname == 'show':
                self.show()
            elif self.args.subname == 'open':
                self.open_samples()
            elif self.args.subname == 'publish':
                self.publish()
            elif self.args.subname == 'version':
                self.version()
            elif self.args.subname == 'store':
                self.store()
            elif self.args.subname == 'tag':
                self.tag()
            elif self.args.subname == 'galaxies':
#.........这里部分代码省略.........
开发者ID:emdel,项目名称:viper,代码行数:101,代码来源:misp.py

示例12: run

    def run(self):
        super(VirusTotal, self).run()
        if self.args is None:
            return

        if not HAVE_VT:
            self.log('error', "Missing dependency, install virustotal-api (`pip install virustotal-api`)")
            return

        to_search = None
        path_to_submit = None
        if self.args.misp:
            self.misp(self.args.misp, self.args.verbose, self.args.submit)
        elif self.args.ip:
            self.pdns_ip(self.args.ip, self.args.verbose)
        elif self.args.domain:
            self.pdns_domain(self.args.domain, self.args.verbose)
        elif self.args.url:
            self.url(self.args.url, self.args.verbose, self.args.submit)
        elif self.args.download_list:
            self._display_tmp_files()
        elif self.args.download_open is not None:
            tmp_samples = self._load_tmp_samples()
            try:
                eid, path, name = tmp_samples[self.args.download_open]
                if eid:
                    if __sessions__.is_attached_misp(quiet=True):
                        if __sessions__.current.misp_event.event.id != int(eid):
                            self.log('warning', 'You opened a sample related to a MISP event different than the one you are currently connected to: {}.'.format(eid))
                        else:
                            self.log('success', 'You opened a sample related to the current MISP event.')
                    else:
                        self.log('warning', 'This samples is linked to the MISP event {eid}. You may want to run misp pull {eid}'.format(eid=eid))
                return __sessions__.new(path)
            except IndexError:
                self.log('error', 'Invalid id, please use virustotal -dl.')
        elif self.args.download_open_name is not None:
            tmp_samples = self._load_tmp_samples()
            try:
                for tmp_sample in tmp_samples:
                    eid, path, name = tmp_sample
                    if name == self.args.download_open_name:
                        if eid:
                            if __sessions__.is_attached_misp(quiet=True):
                                if __sessions__.current.misp_event.event.id != int(eid):
                                    self.log('warning', 'You opened a sample related to a MISP event different than the one you are currently connected to: {}.'.format(eid))
                                else:
                                    self.log('success', 'You opened a sample related to the current MISP event.')
                            else:
                                self.log('warning', 'This samples is linked to the MISP event {eid}. You may want to run misp pull {eid}'.format(eid=eid))
                        return __sessions__.new(path)
            except IndexError:
                self.log('error', 'Invalid id, please use virustotal -dl.')
        elif self.args.download_delete is not None:
            if self.args.download_delete == 'all':
                samples_path = os.path.join(self.cur_path, 'vt_samples')
                if os.path.exists(samples_path):
                    shutil.rmtree(samples_path)
                    self.log('success', 'Successfully removed {}'.format(samples_path))
                else:
                    self.log('error', '{} does not exists'.format(samples_path))
            else:
                tmp_samples = self._load_tmp_samples()
                try:
                    eid, path, name = tmp_samples[int(self.args.download_delete)]
                    os.remove(path)
                    self.log('success', 'Successfully removed {}'.format(path))
                except:
                    self.log('error', 'Invalid id, please use virustotal -dl.')
        elif self.args.search:
            to_search = self.args.search
        elif __sessions__.is_attached_file():
            to_search = __sessions__.current.file.md5

        if self.args.submit and __sessions__.is_attached_file():
            path_to_submit = __sessions__.current.file.path

        if to_search:
            self.scan(to_search, self.args.verbose, self.args.submit, path_to_submit)
            if self.args.download:
                self.download(to_search, self.args.verbose)

            if self.args.comment:
                response = self.vt.put_comments(to_search, ' '.join(self.args.comment))
                if not self._has_fail(response):
                    self.log('info', ("{}: {}".format(bold("VirusTotal message"), response['results']['verbose_msg'])))
开发者ID:chubbymaggie,项目名称:viper,代码行数:86,代码来源:virustotal.py

示例13: run

    def run(self):
        super(MISP, self).run()
        if self.args is None:
            return

        if not HAVE_PYMISP:
            self.log('error', "Missing dependency, install pymisp (`pip install pymisp`)")
            return

        if self.args.url is None:
            self.url = cfg.misp.misp_url
        else:
            self.url = self.args.url

        if self.args.key is None:
            self.key = cfg.misp.misp_key
        else:
            self.key = self.args.key

        if self.url is None:
            self.log('error', "This command requires the URL of the MISP instance you want to query.")
            return
        if self.key is None:
            self.log('error', "This command requires a MISP private API key.")
            return

        if not self.args.verify:
            verify = False
        else:
            verify = cfg.misp.misp_verify

        try:
            self.misp = PyMISP(self.url, self.key, verify, 'json')
        except PyMISPError as e:
            self.log('error', e.message)
            return

        # Require an open MISP session
        if self.args.subname in ['add', 'show', 'publish'] and not __sessions__.is_attached_misp():
            return

        # Require an open file session
        if self.args.subname in ['upload'] and not __sessions__.is_attached_file():
            return

        try:
            if self.args.subname == 'upload':
                self.upload()
            elif self.args.subname == 'search':
                self.searchall()
            elif self.args.subname == 'download':
                self.download()
            elif self.args.subname == 'check_hashes':
                self.check_hashes()
            elif self.args.subname == 'yara':
                self.yara()
            elif self.args.subname == 'pull':
                self.pull()
            elif self.args.subname == 'create_event':
                self.create_event()
            elif self.args.subname == 'add':
                self.add()
            elif self.args.subname == 'show':
                self.show()
            elif self.args.subname == 'open':
                self.open()
            elif self.args.subname == 'publish':
                self.publish()
            elif self.args.subname == 'version':
                self.version()
            elif self.args.subname == 'store':
                self.store()
            else:
                self.log('error', "No calls defined for this command.")
        except requests.exceptions.HTTPError as e:
            self.log('error', e)
开发者ID:GuardianRG,项目名称:viper,代码行数:76,代码来源:misp.py

示例14: tag

    def tag(self):
        if not HAVE_PYTAX:
            self.log('error', "Missing dependency, install PyTaxonomies (`pip install git+https://github.com/MISP/PyTaxonomies.git`)")
            return

        try:
            taxonomies = Taxonomies(manifest_path=os.path.join(self.local_dir_taxonomies, 'MANIFEST.json'))
        except Exception as e:
            self.log('error', 'Unable to open the taxonomies, please fix the config file ([misp] - misp_taxonomies_directory): {}'.format(e))
            return

        if self.args.list:
            self.log('table', dict(header=['Name', 'Description'], rows=[(title, tax.description)
                                                                         for title, tax in taxonomies.items()]))
        elif self.args.search:
            matches = taxonomies.search(self.args.search)
            if not matches:
                self.log('error', 'No tags matching "{}".'.format(self.args.search))
                return
            self.log('success', 'Tags matching "{}":'.format(self.args.search))
            for t in taxonomies.search(self.args.search):
                self.log('item', t)
        elif self.args.details:
            taxonomy = taxonomies.get(self.args.details)
            if not taxonomy:
                self.log('error', 'No taxonomy called "{}".'.format(self.args.details))
                return
            if taxonomy.description:
                self.log('info', taxonomy.description)
            elif taxonomy.expanded:
                self.log('info', taxonomy.expanded)
            if taxonomy.refs:
                self.log('info', 'References:')
                for r in taxonomy.refs:
                    self.log('item', r)
            if not taxonomy.has_entries():
                header = ['Description', 'Predicate', 'Machinetag']
                rows = []
                for p in taxonomy.predicates.values():
                    rows.append([p.description, p.predicate, taxonomy.make_machinetag(p)])
                self.log('table', dict(header=header, rows=rows))
            else:
                for p in taxonomy.predicates.values():
                    if p.description:
                        self.log('info', p.description)
                    elif p.expanded:
                        self.log('info', p.expanded)
                    else:
                        self.log('info', p.predicate)

                    if not p.entries:
                        self.log('item', taxonomy.make_machinetag(p))
                    else:
                        header = ['Description', 'Predicate', 'Machinetag']
                        rows = []
                        for e in p.entries.values():
                            if e.description:
                                descr = e.description
                            else:
                                descr = e.expanded
                            rows.append([descr, e.value, taxonomy.make_machinetag(p, e)])
                        self.log('table', dict(header=header, rows=rows))
        elif self.args.event:
            if not __sessions__.is_attached_misp():
                return
            try:
                taxonomies.revert_machinetag(self.args.event)
            except:
                self.log('error', 'Not a valid machine tag available in misp-taxonomies: "{}".'.format(self.args.event))
                return
            __sessions__.current.misp_event.event.add_tag(self.args.event)
            self._change_event()
        elif self.args.attribute:
            if not __sessions__.is_attached_misp():
                return
            identifier, tag = self.args.attribute
            try:
                taxonomies.revert_machinetag(tag)
            except:
                self.log('error', 'Not a valid machine tag available in misp-taxonomies: "{}".'.format(tag))
                return
            __sessions__.current.misp_event.event.add_attribute_tag(tag, identifier)
            self._change_event()
开发者ID:cwtaylor,项目名称:viper,代码行数:83,代码来源:misp.py

示例15: store

    def store(self):
        try:
            event_path = os.path.join(self.cur_path, 'misp_events')
            if not os.path.exists(event_path):
                os.mkdir(event_path)
            if self.args.list:
                header = ['Event ID', 'Title']
                rows = []
                for eid, path, title in self._get_local_events(event_path):
                    rows.append((eid, title))
                self.log('table', dict(header=header, rows=sorted(rows, key=lambda i: (int(i[0].split('_')[-1])))))
            elif self.args.update:
                if self.offline_mode:
                    self.log('error', 'Offline mode, cannot update locally stored events.')
                    return
                for eid, path, title in self._get_local_events(event_path):
                    event = self.misp.get(eid)
                    with open(path, 'w') as f:
                        f.write(json.dumps(event))
                    self.log('success', '{} updated successfully.'.format(eid))
            elif self.args.sync:
                if self.offline_mode:
                    self.log('error', 'Offline mode, cannot synchronize locally stored events.')
                    return
                for eid, path, title in self._get_local_events(event_path):
                    __sessions__.close()
                    event = MISPEvent()
                    event.load(path)
                    if 'new_event_' in path:
                        event = self.misp.add_event(json.dumps(event, cls=EncodeUpdate))
                        try:
                            self._dump(event)
                            os.remove(path)
                        except Exception as e:
                            self.log('error', 'Unable to create new event: {}.'.format(e))
                    else:
                        eid = event.id
                        try:
                            event = self.misp.update(event._json())
                        except Exception as e:
                            self.log('error', 'Unable to update event {}: {}.'.format(eid, e))

                    if self._has_error_message(event):
                        return
            elif self.args.delete:
                path = os.path.join(event_path, '{}.json'.format(self.args.delete))
                if os.path.exists(path):
                    os.remove(path)
                    self.log('success', '{} removed successfully.'.format(self.args.delete))
                else:
                    self.log('error', '{} does not exists.'.format(self.args.delete))
            elif self.args.open:
                filename = '{}.json'.format(self.args.open)
                path = os.path.join(event_path, filename)
                if os.path.exists(path):
                    try:
                        with open(path, 'r') as f:
                            e_json = json.load(f)
                        __sessions__.new(misp_event=MispEvent(e_json, self.offline_mode))
                        __sessions__.current.misp_event.current_dump_file = filename
                    except Exception as e:
                        self.log('error', 'Unable to open {}: {}'.format(path, e))
                else:
                    self.log('error', '{} does not exists.'.format(self.args.open))
            elif __sessions__.is_attached_misp():
                self._dump()
        except IOError as e:
            self.log('error', e.strerror)
开发者ID:cwtaylor,项目名称:viper,代码行数:68,代码来源:misp.py


注:本文中的viper.core.session.__sessions__.is_attached_misp函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。