Permalink
Browse files

now the home dir is completely customizable

several fixes
  • Loading branch information...
m4rco- committed May 7, 2013
1 parent 006635a commit 80407431f98c438e0f5156a196ff077775e0222e
Showing with 92 additions and 47 deletions.
  1. +17 −4 bin/dorothy_start
  2. +8 −4 bin/dorothy_stop
  3. +3 −3 lib/doroParser.rb
  4. +10 −8 lib/dorothy2.rb
  5. +47 −28 lib/dorothy2/do-init.rb
  6. +7 −0 lib/dorothy2/do-logger.rb
  7. 0 var/log/dorothy.log
View
@@ -89,14 +89,20 @@ if Util.exists?(conf)
exit(0)
end
-sfile = DoroSettings.env[:home] + '/etc/sources.yml'
-sboxfile = DoroSettings.env[:home] + '/etc/sandboxes.yml'
-
#Logging
logout = (daemon ? DoroSettings.env[:logfile] : STDOUT)
LOGGER = DoroLogger.new(logout, DoroSettings.env[:logage])
LOGGER.sev_threshold = DoroSettings.env[:loglevel]
+home = DoroSettings.env[:home]
+#check homefolder
+unless Util.exists?(home)
+ DoroConfig.init_home(home)
+end
+
+sfile = home + '/etc/sources.yml'
+sboxfile = home + '/etc/sandboxes.yml'
+
#INIT DB Connector
begin
db = Insertdb.new
@@ -128,14 +134,21 @@ end
if Util.exists?(sfile)
sources = YAML.load_file(sfile)
+ #check if all the source directories exist
+ sources.keys.each do |s|
+ unless Util.exists?("#{sources[s]["localdir"]}")
+ LOGGER.warn "INIT", "Warning, the source's localdir #{s} doesn't exist yet, I'm going to create it"
+ Dir.mkdir("#{sources[s]["localdir"]}")
+ end
+ end
else
puts "[WARNING]".red + " A source file doesn't exist, please crate one in the /etc folder"
exit(0)
end
unless Util.exists?(sboxfile)
puts "[WARNING]".red + " There is no sandbox configured yet. Please do it now"
- DoroConfig.create_sandbox
+ DoroConfig.create_sandbox(sboxfile)
DoroConfig.init_sandbox(sboxfile)
end
View
@@ -8,16 +8,20 @@
require 'rubygems'
require 'trollop'
-require 'dorothy2'
+#require 'dorothy2'
-#load '../lib/dorothy2.rb'
+load '../lib/dorothy2.rb'
include Dorothy
+conf = "#{File.expand_path("~")}/.dorothy.yml"
+DoroSettings.load!(conf)
#Logging
-LOGGER = DoroLogger.new(LOGFILE, LOGAGE)
-LOGGER.sev_threshold = LOGLEVEL
+
+LOGGER = DoroLogger.new(DoroSettings.env[:logfile], DoroSettings.env[:logage])
+LOGGER.sev_threshold = DoroSettings.env[:loglevel]
+
Dorothy.stop
View
@@ -441,10 +441,10 @@ def self.start(daemon)
LOGGER_PARSER.info "Dorothy", "Started".yellow
if daemon
- check_pid_file PIDFILE_PARSER
+ check_pid_file DoroSettings.env[:pidfile]
puts "[DoroParser]".yellow + " Going in backround with pid #{Process.pid}"
Process.daemon
- create_pid_file PIDFILE_PARSER
+ create_pid_file DoroSettings.env[:pidfile]
LOGGER_PARSER.info "DoroParser", "Going in backround with pid #{Process.pid}"
end
@@ -497,7 +497,7 @@ def create_pid_file file
# and shutdown cleanly.
def self.stop
LOGGER_PARSER.info "DoroParser", "Shutting down.."
- pid_file = PIDFILE_PARSER
+ pid_file = DoroSettings.env[:pidfile]
if pid_file and File.exist? pid_file
pid = Integer(File.read(pid_file))
Process.kill -15, -pid
View
@@ -64,7 +64,9 @@ def check_support(bin)
true
else
LOGGER.warn("SANDBOX", "File #{bin.filename} actually not supported, skipping\n" + " Filtype: #{bin.type}") # if VERBOSE
- FileUtils.cp(bin.binpath,File.dirname(bin.binpath) + "/not_supported") #mv?
+ dir_not_supported = File.dirname(bin.binpath) + "/not_supported"
+ Dir.mkdir(dir_not_supported) unless Dir.exists?(dir_not_supported)
+ FileUtils.cp(bin.binpath,dir_not_supported) #mv?
FileUtils.rm(bin.binpath) ## mv?
return false
end
@@ -361,11 +363,11 @@ def self.start(source=nil, daemon=nil)
LOGGER.info "Dorothy", "Started".yellow
if daemon
- check_pid_file PIDFILE
+ check_pid_file DoroSettings.env[:pidfile]
puts "[Dorothy]".yellow + " Going in backround with pid #{Process.pid}"
- puts "[Dorothy]".yellow + " Logging on #{LOGFILE}"
+ puts "[Dorothy]".yellow + " Logging on #{DoroSettings.env[:logfile]}"
Process.daemon
- create_pid_file PIDFILE
+ create_pid_file DoroSettings.env[:pidfile]
LOGGER.info "Dorothy", "Going in backround with pid #{Process.pid}"
end
@@ -392,9 +394,9 @@ def self.start(source=nil, daemon=nil)
end
else # no sources specified, analyze all of them
while infinite #infinite loop
- SOURCES.each do |sname, sinfo|
- selected_source = Hash[SOURCES.select {|k,v| k == sname}]
- dfm = DorothyFetcher.new(selected_source)
+ sources = YAML.load_file(DoroSettings.env[:home] + '/etc/sources.yml')
+ sources.keys.each do |sname|
+ dfm = DorothyFetcher.new(sources[sname])
start_analysis(dfm.bins, daemon)
end
infinite = daemon #exit if wasn't set
@@ -455,7 +457,7 @@ def create_pid_file file
# and shutdown cleanly.
def self.stop
LOGGER.info "Dorothy", "Shutting down."
- pid_file = PIDFILE
+ pid_file = DoroSettings.env[:pidfile]
if pid_file and File.exist? pid_file
pid = Integer(File.read(pid_file))
Process.kill -15, -pid
View
@@ -8,6 +8,19 @@ module DoroConfig
extend self
+ def init_home(home)
+ puts "INIT".yellow + " Creating Directoy structure in #{home}"
+ Dir.mkdir(home)
+ Dir.mkdir("#{home}/opt")
+ Dir.mkdir("#{home}/opt/bins")
+ Dir.mkdir("#{home}/opt/analyzed")
+ Dir.mkdir("#{home}/etc")
+ Dir.mkdir("#{home}/etc/geo")
+ Dir.mkdir("#{home}/var")
+ Dir.mkdir("#{home}/var/log")
+ puts "INIT".yellow + " Done"
+ end
+
def create
puts "
@@ -27,33 +40,25 @@ def create
conf["virustotal"] = Hash.new
conf["esx"] = Hash.new
- #################################################
- ###SANDBOX
- ################################################
-
- puts "Sandbox configuration settings"
- puts "Insert the time (seconds) that the Sandbox should be run before it's reverted [60]"
- conf["sandbox"]["sleeptime"] = (t = gets.chop).empty? ? 60 : t
-
- puts "Insert the time (seconds) when Dorothy should take the first screenshot [1]"
- conf["sandbox"]["screen1time"] = (t = gets.chop).empty? ? 1 : t
-
- puts "Insert the time (seconds) when Dorothy should take the first screenshot [15]"
- conf["sandbox"]["screen2time"] = (t = gets.chop).empty? ? 15 : t
-
-
################################################
###DOROTHY ENVIRONMENT
################################################
- puts "Dorothy Environment settings"
+ puts "\n######### [" + " Dorothy Environment settings ".red + "] #########"
puts "Please insert the home folder for dorothy [#{HOME}]"
conf["env"]["home"] = (t = gets.chop).empty? ? HOME : t
home = conf["env"]["home"]
+ unless Util.exists?(home)
+ self.init_home(home)
+ end
+
+
+
+
puts "The Dorothy home directory is #{home}"
conf["env"]["pidfile"] = "#{home}/var/dorothy.pid"
@@ -77,7 +82,7 @@ def create
###DOROTHIVE
######################################################
- puts "Please insert the Dorothive (Dorothy DB) information"
+ puts "\n######### [" + " Dorothive (Dorothy DB) settings ".red + "] #########"
puts "DB hostname/IP address [localhost]:"
conf["dorothive"]["dbhost"] = (t = gets.chop).empty? ? "localhost" : t
@@ -98,6 +103,8 @@ def create
###ESX
######################################################
+ puts "######### [" + " ESX Environment settings ".red + "] #########"
+
puts "Please insert the IP address of your ESX server"
conf["esx"]["server"] = gets.chop
@@ -107,15 +114,27 @@ def create
puts "Please insert the ESX password"
conf["esx"]["pass"] = gets.chop
- #puts "Sandbox Configuration" #TODO -> insertdb
+ #################################################
+ ###SANDBOX
+ ################################################
+ puts "\n######### [" + " Sandbox configuration settings ".red + "] #########"
+ puts "Insert the time (seconds) that the Sandbox should be run before it's reverted [60]"
+ conf["sandbox"]["sleeptime"] = (t = gets.chop).empty? ? 60 : t
+
+ puts "Insert the time (seconds) when Dorothy should take the first screenshot [1]"
+ conf["sandbox"]["screen1time"] = (t = gets.chop).empty? ? 1 : t
+
+ puts "Insert the time (seconds) when Dorothy should take the first screenshot [15]"
+ conf["sandbox"]["screen2time"] = (t = gets.chop).empty? ? 15 : t
######################################################
###NAM
######################################################
- puts "Network Analysis Module (NAM) configuration"
+ puts "\n######### [" + " Network Analysis Module (NAM) configuration ".red + "] #########"
+
puts "Please insert the information of the host that you will use for sniffing the Sandbox traffic"
puts "IP Addres:"
conf["nam"]["host"] = gets.chop
@@ -133,18 +152,21 @@ def create
###VIRUS TOTAL
######################################################
- puts "In order to retrieve Virus signatures, Dorothy needs to contact VirusTotal, please enter your VT API key here, if you don't have one yet, go here: "
+ puts "\n######### [" + " Virus Total API ".red + "] #########"
+
+ puts "In order to retrieve Virus signatures, Dorothy needs to contact VirusTotal,\n please enter your VT API key here, if you don't have one yet, go here (or press enter):\nhttps://www.virustotal.com/en/#dlg-join "
conf["virustotal"]["vtapikey"] = gets.chop
- puts "Configuration finished"
+ puts "\n######### [" + " Configuration finished ".yellow + "] #########"
puts "Confirm? [y]"
t = gets.chop
if t.empty? || t == "y" || t == "yes"
File.open("#{File.expand_path("~")}/.dorothy.yml", 'w+') {|f| f.write(conf.to_yaml) }
FileUtils.ln_s("#{File.expand_path("~")}/.dorothy.yml", "#{home}/etc/dorothy.yml")
correct = true
- puts "Configuration file has been saved in ~/.dorothy.conf and a symlink has been created in\n#{home}/etc/dorothy.yml for an easier edit. You can either modify such file directly.\nNow you can restart dorothy, enjoy!"
+ puts "Configuration file has been saved in ~/.dorothy.conf and a symlink has been created in\n#{home}/etc/dorothy.yml for an easier edit. You can either modify such file directly."
+ puts "\n######### [" + " Now you can restart dorothy, enjoy! ".yellow + "] #########"
else
puts "Please reinsert the info"
correct = false
@@ -154,7 +176,7 @@ def create
end
- def create_sandbox
+ def create_sandbox(sboxfile)
correct = false
@@ -216,10 +238,9 @@ def create_sandbox
puts t
if t.empty? || t == "y" || t == "yes"
- home = File.expand_path("..",Dir.pwd)
- File.open("#{home}/etc/sandboxes.yml", 'w+') {|f| f.write(conf.to_yaml) }
+ File.open(sboxfile, 'w+') {|f| f.write(conf.to_yaml) }
correct = true
- puts "Configuration file has been saved in #{home}/etc/sandboxes.yml\nYou can either modify such file directly. Enjoy!"
+ puts "Configuration file has been saved in #{sboxfile}\nYou can either modify such file directly. Enjoy!"
else
puts "Please reinsert the info"
correct = false
@@ -228,8 +249,6 @@ def create_sandbox
end
end
-
-
#This method will populate the dorothive table sandboxes
def init_sandbox(file="../etc/sandboxes.yml")
conf = YAML.load_file(file)
@@ -6,6 +6,13 @@ module Dorothy
#The original Logger has a little bug that prevent me to add the progname while using warn,error,etc methods
class DoroLogger < Logger
def initialize(logdev, shift_age = 0, shift_size = 1048576)
+
+ if logdev != STDOUT
+ unless Util.exists? logdev
+ FileUtils.touch(logdev)
+ end
+ end
+
super(logdev, shift_age, shift_size)
@formatter = proc do |severity, datetime, progname, msg|
"[#{datetime.strftime('%d/%m/%Y %H:%M:%S')}] #{severity =~ /ERROR|FATAL/ ? severity.red : severity} [#{progname.yellow}] #{msg}\n"
View
No changes.

0 comments on commit 8040743

Please sign in to comment.