Package modules :: Package reporting :: Module mattermost
[hide private]
[frames] | no frames]

Source Code for Module modules.reporting.mattermost

 1  # Copyright (C) 2010-2013 Claudio Guarnieri. 
 2  # Copyright (C) 2014-2016 Cuckoo Foundation. 
 3  # This file is part of Cuckoo Sandbox - http://www.cuckoosandbox.org 
 4  # See the file 'docs/LICENSE' for copying permission. 
 5   
 6  import json 
 7  import hashlib 
 8   
 9  try: 
10      import requests 
11      HAVE_REQUESTS = True 
12  except ImportError: 
13      HAVE_REQUESTS = False 
14   
15  from lib.cuckoo.common.abstracts import Report 
16  from lib.cuckoo.common.exceptions import CuckooReportError 
17  from lib.cuckoo.common.exceptions import CuckooOperationalError 
18   
19 -class Mattermost(Report):
20 """Notifies about finished analysis via Mattermost webhook.""" 21
22 - def run(self, results):
23 if not HAVE_REQUESTS: 24 raise CuckooOperationalError( 25 "The Mattermost processing module requires the requests " 26 "library (install with `pip install requests`)" 27 ) 28 29 sigs, urls = [], [] 30 for sig in results.get("signatures", {}): 31 sigs.append(sig.get("name")) 32 if sig.get("name") == "network_http": 33 for http in sig.get("marks"): 34 urls.append(http.get("ioc")) 35 36 post = "Finished analyze ::: [{0}]({1}{0}) ::: ".format( 37 results.get("info").get("id"), 38 self.options.get("myurl") 39 ) 40 41 filename = results.get("target").get("file").get("name") 42 if self.options.get("hash-filename"): 43 filename = hashlib.sha256(filename).hexdigest() 44 45 post += "File : {0} ::: Score : **{1}** ::: ".format( 46 filename, results.get("info").get("score") 47 ) 48 49 if self.options.get("show-virustotal"): 50 post += "**VT : {0} / {1}**\n".format( 51 results.get("virustotal").get("positives"), 52 results.get("virustotal").get("total"), 53 ) 54 55 if self.options.get("show-signatures"): 56 post += "**Signatures** ::: {0} \n".format(" : ".join(sigs)) 57 58 if self.options.get("show-urls"): 59 post += "**URLS**\n`{0}`".format( 60 "\n".join(urls).replace(".", "[.]") 61 ) 62 63 data = { 64 "username": self.options.get("username"), 65 "text": post, 66 } 67 68 headers = {"Content-Type": "application/json"} 69 70 try: 71 requests.post( 72 self.options.get("url"), 73 headers=headers, 74 data=json.dumps(data) 75 ) 76 except Exception as e: 77 raise CuckooReportError( 78 "Failed posting message to Mattermost: %s" % e 79 )
80