Skip to content
Snippets Groups Projects
Commit e326bf87 authored by Martin Cerny's avatar Martin Cerny
Browse files

MC 20221102 Changed authentication method to use APIKEY,

certificates are not supported any more.
parent 026f24f0
No related branches found
No related tags found
No related merge requests found
{ {
"period": 3600, "period": 3600,
"url": "https://n6beta.cert.pl/report/inside.sjson", "url": "https://n6beta.cert.pl/report/inside.sjson",
"cert_file": "./n6-cert.pem", "client_name": "org.example.test",
"key_file": "./n6.key",
"use_test": "True", "use_test": "True",
"output_dir": "output" "output_dir": "output",
"headers": {"Authorization": "Bearer APIKEY"}
} }
...@@ -16,9 +16,7 @@ conf_def = conf.cfg_root(( ...@@ -16,9 +16,7 @@ conf_def = conf.cfg_root((
conf.cfg_item("url", str, default="https://n6beta.cert.pl/report/inside.sjson"), conf.cfg_item("url", str, default="https://n6beta.cert.pl/report/inside.sjson"),
conf.cfg_item("period", default=3600), conf.cfg_item("period", default=3600),
conf.cfg_item("url_file", str, default="./url-time.txt"), conf.cfg_item("url_file", str, default="./url-time.txt"),
conf.cfg_item("cert_file", str, default="./n6-cert.pem"), conf.cfg_item("headers", default=None),
conf.cfg_item("key_file", str, default="./n6.key"),
conf.cfg_item("ca_paths", str, default=("./RapidSSLRSACA2018.crt", )),
conf.cfg_item("output_file", default="output.log"), conf.cfg_item("output_file", default="output.log"),
conf.cfg_item("output_dir", str, default="output"), conf.cfg_item("output_dir", str, default="output"),
conf.cfg_item("client_name", str, default="org.example.test"), conf.cfg_item("client_name", str, default="org.example.test"),
...@@ -162,15 +160,15 @@ def split_lines_new_json(data): ...@@ -162,15 +160,15 @@ def split_lines_new_json(data):
r = (json.loads(line.strip()) for line in data["body"].split("\n") if line) r = (json.loads(line.strip()) for line in data["body"].split("\n") if line)
return (line for line in r if status_ok(line)) return (line for line in r if status_ok(line))
def address(addr_list, idea, direction="Source"): def address(addr_list, idea, direction):
if (direction in idea): if (direction in idea):
ip4 = [] ip4 = []
ip6 = [] ip6 = []
for i in addr_list: for i in addr_list:
if "ip" in i: if "ip" in i:
ip4 += [i["ip"],] ip4 += [i["ip"].replace("x", "0"),]
if "ipv6" in i: if "ipv6" in i:
ip6 += [i["ipv6"],] ip6 += [i["ipv6"].replace("x", "0"),]
if ip4: if ip4:
idea[direction][0]["IP4"] = ip4 idea[direction][0]["IP4"] = ip4
if ip6: if ip6:
...@@ -180,9 +178,9 @@ def address(addr_list, idea, direction="Source"): ...@@ -180,9 +178,9 @@ def address(addr_list, idea, direction="Source"):
ip6 = [] ip6 = []
for i in addr_list: for i in addr_list:
if "ip" in i: if "ip" in i:
ip4 += [i["ip"],] ip4 += [i["ip"].replace("x", "0"),]
if "ipv6" in i: if "ipv6" in i:
ip6 += [i["ipv6"],] ip6 += [i["ipv6"].replace("x", "0"),]
if ip4: if ip4:
idea[direction] = [{"IP4": ip4}] idea[direction] = [{"IP4": ip4}]
if ip6: if ip6:
...@@ -288,6 +286,25 @@ def server_exploit(sjson, idea): ...@@ -288,6 +286,25 @@ def server_exploit(sjson, idea):
else: else:
source["Proto"] = ["tcp",] source["Proto"] = ["tcp",]
idea = address(sjson["address"], idea, "Source") idea = address(sjson["address"], idea, "Source")
if "sport" in sjson:
idea["Source"][0]["Port"] = [sjson["sport"],]
with setn(idea, "Target") as target_list:
with appendn(target_list) as target:
if "proto" in sjson:
target["Proto"] = [sjson["proto"],]
if "adip" in sjson:
idea = address([{'ip': sjson["adip"]}], idea, "Target")
if "dport" in sjson:
idea["Target"][0]["Port"] = [sjson["dport"],]
idea["Target"][0]["Anonymised"] = True
else:
if "dip" in sjson:
idea = address([{'ip': sjson["dip"]}], idea, "Target")
if "dport" in sjson:
idea["Target"][0]["Port"] = [sjson["dport"],]
return (idea) return (idea)
def other(sjson, idea): def other(sjson, idea):
...@@ -513,9 +530,7 @@ def main(): ...@@ -513,9 +530,7 @@ def main():
esc=train.esc, http=http_man, period=cfg.period, url=cfg.url, esc=train.esc, http=http_man, period=cfg.period, url=cfg.url,
header_set=itemsetter("headers"), status_set=itemsetter("status"), header_set=itemsetter("headers"), status_set=itemsetter("status"),
reason_set=itemsetter("reason"), body_set=itemsetter("body"), reason_set=itemsetter("reason"), body_set=itemsetter("body"),
ssl_context=http.get_ssl_context(cert_file=cfg.cert_file, key_file=cfg.key_file)) headers=cfg.headers, ssl_context=http.get_ssl_context())
# ssl_context=http.get_ssl_context(cert_file=cfg.cert_file, key_file=cfg.key_file, ca_paths=cfg.ca_paths))
line_split = twist.Unwind(train, item_get=split_lines_new_json, item_set=itemsetter("line")) line_split = twist.Unwind(train, item_get=split_lines_new_json, item_set=itemsetter("line"))
idea = MakeIdea(client_name=cfg.client_name, test=cfg.use_test) idea = MakeIdea(client_name=cfg.client_name, test=cfg.use_test)
marshall = text.JSONMarshall(data_get=itemgetter("idea"), str_set=itemsetter("output")) marshall = text.JSONMarshall(data_get=itemgetter("idea"), str_set=itemsetter("output"))
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment