Permalink
Browse files

Bugfix bolts names

  • Loading branch information...
1 parent 959d3aa commit f5015f75d09d17bd2fd6bc550bcc9fdc04f9964e @fedelemantuano fedelemantuano committed Sep 23, 2016
Showing with 32 additions and 30 deletions.
  1. +2 −0 config.json
  2. +17 −17 src/bolts/json_maker.py
  3. +11 −11 src/bolts/phishing.py
  4. +2 −2 topologies/spamscope_debug.py
View
@@ -16,6 +16,8 @@
"backup_count": 10,
"level": "info"
},
+ "use_virtualenv": false,
+ "use_ssh_for_nimbus": false,
"virtualenv_root": ""
}
}
@@ -32,12 +32,12 @@ def initialize(self, stormconf, context):
self.mails = {}
self.input_bolts = set(
[
- "tokenizer-bolt",
- "phishing-bolt",
- "attachments-bolt",
- "forms-bolt",
- "urls_handler_body-bolt",
- "urls_handler_attachments-bolt",
+ "tokenizer",
+ "phishing",
+ "attachments",
+ "forms",
+ "urls-handler-body",
+ "urls-handler-attachments",
]
)
@@ -46,38 +46,38 @@ def initialize(self, stormconf, context):
def _compose_output(self, greedy_data):
# Tokenizer
- mail = json.loads(greedy_data['tokenizer-bolt'][1])
+ mail = json.loads(greedy_data['tokenizer'][1])
# Phishing
- phishing_score = greedy_data['phishing-bolt'][2]
- mail['with_phishing'] = greedy_data['phishing-bolt'][1]
+ phishing_score = greedy_data['phishing'][2]
+ mail['with_phishing'] = greedy_data['phishing'][1]
mail['phishing_score'] = phishing_score
if phishing_score:
self._phishing_bitmap.score = phishing_score
- mail['targets'] = json.loads(greedy_data['phishing-bolt'][3])
+ mail['targets'] = json.loads(greedy_data['phishing'][3])
mail['phishing_score_expanded'] = \
self._phishing_bitmap.score_properties
# Forms
- mail['with_forms'] = greedy_data['forms-bolt'][1]
+ mail['with_forms'] = greedy_data['forms'][1]
# Attachments
- mail['with_attachments'] = greedy_data['attachments-bolt'][1]
+ mail['with_attachments'] = greedy_data['attachments'][1]
if mail['with_attachments']:
mail['attachments'] = json.loads(
- greedy_data['attachments-bolt'][2]
+ greedy_data['attachments'][2]
)
# Urls in body
- mail['with_urls_body'] = greedy_data['urls_handler_body-bolt'][1]
+ mail['with_urls_body'] = greedy_data['urls-handler-body'][1]
if mail['with_urls_body']:
# Change urls format to fix Elasticsearch issue with dot '.'
reformat_urls = []
urls = json.loads(
- greedy_data['urls_handler_body-bolt'][2])
+ greedy_data['urls-handler-body'][2])
for v in urls.values():
reformat_urls.extend(v)
@@ -86,13 +86,13 @@ def _compose_output(self, greedy_data):
# Urls in attachments
mail['with_urls_attachments'] = \
- greedy_data['urls_handler_attachments-bolt'][1]
+ greedy_data['urls-handler-attachments'][1]
if mail['with_urls_attachments']:
# Change urls format to fix Elasticsearch issue with dot '.'
reformat_urls = []
urls = json.loads(
- greedy_data['urls_handler_attachments-bolt'][2]
+ greedy_data['urls-handler-attachments'][2]
)
for v in urls.values():
View
@@ -38,10 +38,10 @@ def initialize(self, stormconf, context):
# Input bolts for Phishing bolt
self.input_bolts = set(
[
- "tokenizer-bolt",
- "attachments-bolt",
- "urls_handler_body-bolt",
- "urls_handler_attachments-bolt",
+ "tokenizer",
+ "attachments",
+ "urls-handler-body",
+ "urls-handler-attachments",
]
)
@@ -113,33 +113,33 @@ def _search_phishing(self, greedy_data):
targets = set()
# Get Tokenizer
- mail = json.loads(greedy_data['tokenizer-bolt'][1])
+ mail = json.loads(greedy_data['tokenizer'][1])
body = mail.get('body')
subject = mail.get('subject')
from_ = mail.get('from')
# Get Urls in body
- with_urls_body = greedy_data['urls_handler_body-bolt'][1]
+ with_urls_body = greedy_data['urls-handler-body'][1]
urls = None
if with_urls_body:
urls = json.loads(
- greedy_data['urls_handler_body-bolt'][2]
+ greedy_data['urls-handler-body'][2]
)
# Get Urls attachments
- with_urls_attachments = greedy_data['urls_handler_attachments-bolt'][1]
+ with_urls_attachments = greedy_data['urls-handler-attachments'][1]
urls_attachments = None
if with_urls_attachments:
urls_attachments = json.loads(
- greedy_data['urls_handler_attachments-bolt'][2]
+ greedy_data['urls-handler-attachments'][2]
)
# Get Attachments
- with_attachments = greedy_data['attachments-bolt'][1]
+ with_attachments = greedy_data['attachments'][1]
attachments = None
if with_attachments:
attachments = json.loads(
- greedy_data['attachments-bolt'][2]
+ greedy_data['attachments'][2]
)
# Check body
@@ -12,7 +12,7 @@
from bolts.tokenizer import Tokenizer
from bolts.urls_handler_attachments import UrlsHandlerAttachments
from bolts.urls_handler_body import UrlsHandlerBody
-from spout.files_mails import FilesMailSpout
+from spouts.files_mails import FilesMailSpout
class OutputDebugTopology(Topology):
@@ -33,7 +33,7 @@ class OutputDebugTopology(Topology):
name="urls-handler-body",
inputs={tokenizer: Grouping.fields('sha256_random')})
- urls_attachments = UrlsHandlerAttachments(
+ urls_attachments = UrlsHandlerAttachments.spec(
name="urls-handler-attachments",
inputs={attachments: Grouping.fields('sha256_random')})

0 comments on commit f5015f7

Please sign in to comment.