Skip to content
This repository has been archived by the owner on Apr 26, 2021. It is now read-only.

Submit sample via email #568

Closed
wants to merge 1 commit into from
Closed

Submit sample via email #568

wants to merge 1 commit into from

Conversation

kcchu
Copy link

@kcchu kcchu commented Jun 7, 2015

  • Utility functions to extract attachments from MIME and RFC 2822-based
    message.
  • New API endpoint in api.py. The API accepts raw email text in either
    request body or form data (compatible with mailgun)

- Utility functions to extract attachments from MIME and RFC 2822-based
  message.
- New API endpoint in api.py. The API accepts raw email text in either
  request body or form data (compatible with mailgun)
brad-sp added a commit to brad-sp/cuckoo-modified that referenced this pull request Jul 6, 2015
@jbremer
Copy link
Member

jbremer commented Jul 17, 2015

I like the integration with emails, but what happens when you have an email with multiple attachments?

@kcchu
Copy link
Author

kcchu commented Aug 3, 2015

@jbremer Currently, multiple samples in an email will be submitted for analysis individually. Also, if the email contains attachments in RFC 2822-like format (e.g. a copy of email source code), it will parse the attachment and submit any attachment inside the attachment. It allows people to submit samples that they received via email using "Forward as Attachment" function in their email client. The raw email source (headers, email body, etc) is not used at this moment, but it could be saved for further analysis as well.

@jekil
Copy link
Member

jekil commented Feb 12, 2016

I like this PR.

jbremer added a commit to hatching/sflock that referenced this pull request Sep 4, 2016
This commit adds support and a unittest for [1]. The advantage being
that we don't need special support for emails in the Cuckoo API or the
Cuckoo Web Interface, but rather can use the to-be standard submission
interface.

[1]: cuckoosandbox/cuckoo#568
@jbremer
Copy link
Member

jbremer commented Sep 4, 2016

Little bit late to the party, but this functionality has now been included in https://github.com/jbremer/sflock, and will be incorporated in the Cuckoo API and Cuckoo Web Interface in a commit nearby.
Therefore going to close this issue now. Thanks again for the contribution, and sorry for the much belated reaction ;-)

@jbremer jbremer closed this Sep 4, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants