New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Submit sample via email #568

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
3 participants
@kcchu

kcchu commented Jun 7, 2015

  • Utility functions to extract attachments from MIME and RFC 2822-based
    message.
  • New API endpoint in api.py. The API accepts raw email text in either
    request body or form data (compatible with mailgun)
Submit sample via email
- Utility functions to extract attachments from MIME and RFC 2822-based
  message.
- New API endpoint in api.py. The API accepts raw email text in either
  request body or form data (compatible with mailgun)

brad-accuvant added a commit to brad-accuvant/cuckoo-modified that referenced this pull request Jul 6, 2015

@jbremer

This comment has been minimized.

Show comment
Hide comment
@jbremer

jbremer Jul 17, 2015

Member

I like the integration with emails, but what happens when you have an email with multiple attachments?

Member

jbremer commented Jul 17, 2015

I like the integration with emails, but what happens when you have an email with multiple attachments?

@kcchu

This comment has been minimized.

Show comment
Hide comment
@kcchu

kcchu Aug 3, 2015

@jbremer Currently, multiple samples in an email will be submitted for analysis individually. Also, if the email contains attachments in RFC 2822-like format (e.g. a copy of email source code), it will parse the attachment and submit any attachment inside the attachment. It allows people to submit samples that they received via email using "Forward as Attachment" function in their email client. The raw email source (headers, email body, etc) is not used at this moment, but it could be saved for further analysis as well.

kcchu commented Aug 3, 2015

@jbremer Currently, multiple samples in an email will be submitted for analysis individually. Also, if the email contains attachments in RFC 2822-like format (e.g. a copy of email source code), it will parse the attachment and submit any attachment inside the attachment. It allows people to submit samples that they received via email using "Forward as Attachment" function in their email client. The raw email source (headers, email body, etc) is not used at this moment, but it could be saved for further analysis as well.

@jekil

This comment has been minimized.

Show comment
Hide comment
@jekil

jekil Feb 12, 2016

Member

I like this PR.

Member

jekil commented Feb 12, 2016

I like this PR.

jbremer added a commit to jbremer/sflock that referenced this pull request Sep 4, 2016

correctly handle nested eml emails (thanks edwincheese)
This commit adds support and a unittest for [1]. The advantage being
that we don't need special support for emails in the Cuckoo API or the
Cuckoo Web Interface, but rather can use the to-be standard submission
interface.

[1]: cuckoosandbox/cuckoo#568
@jbremer

This comment has been minimized.

Show comment
Hide comment
@jbremer

jbremer Sep 4, 2016

Member

Little bit late to the party, but this functionality has now been included in https://github.com/jbremer/sflock, and will be incorporated in the Cuckoo API and Cuckoo Web Interface in a commit nearby.
Therefore going to close this issue now. Thanks again for the contribution, and sorry for the much belated reaction ;-)

Member

jbremer commented Sep 4, 2016

Little bit late to the party, but this functionality has now been included in https://github.com/jbremer/sflock, and will be incorporated in the Cuckoo API and Cuckoo Web Interface in a commit nearby.
Therefore going to close this issue now. Thanks again for the contribution, and sorry for the much belated reaction ;-)

@jbremer jbremer closed this Sep 4, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment