Skip to content
Browse files

fixed the init script

fixed the dependencies (nokogiri in particular..)
  • Loading branch information...
1 parent 0a0364a commit ffab90ee7b8caebf8f2e18905898592cf12ba15d @m4rco- committed Jul 1, 2013
Showing with 21 additions and 15 deletions.
  1. +9 −2 README.md
  2. +1 −1 bin/dorothy_start
  3. +1 −0 dorothy2.gemspec
  4. +9 −11 lib/dorothy2/do-init.rb
  5. +1 −1 lib/dorothy2/version.rb
View
11 README.md
@@ -227,15 +227,19 @@ The first time you execute Dorothy, it will ask you to fill those information in
--infoflow, -i: Print the analysis flow
--source, -s <s>: Choose a source (from the ones defined in etc/sources.yml)
--daemon, -d: Stay in the background, by constantly pooling datasources
- --SandboxUpdate, -S: Update Dorothive with the new Sandbox file
- --DorothiveInit, -D: (RE)Install the Dorothy Database (Dorothive)
+ --SandboxUpdate, -S: Update Dorothive with the new Sandbox file
+ --DorothiveInit, -D: (RE)Install the Dorothy Database (Dorothive)
--help, -h: Show this message
>Example
>
$dorothy_start -v -s malwarefolder
+After the execution, if everything went fine, you will find the analysis output (screens/pcap/bin) into the analysis folder that you have configured e.g. dorothy/opt/analyzed/[:digit:]/
+Other information will be stored into Dorothive.
+If executed in daemon mode, Dorothy2 will poll the datasources every X seconds (where X is defined by the "dtimeout:" field in the configuration file) looking for new binaries.
+
### DoroParser usage:
$dparser_start [options]
@@ -250,6 +254,9 @@ The first time you execute Dorothy, it will ask you to fill those information in
$dparser_start -d start
$dparser_stop
+
+After the execution, if everything went fine, doroParser will store all the donwloaded files into the binary's analysis folder e.g. dorothy/opt/analyzed/[:digit:]/downloads
+Other information -i.e. Network data- will be stored into Dorothive.
If executed in daemon mode, DoroParser will poll the database every X seconds (where X is defined by the "dtimeout:" field in the configuration file) looking for new pcaps that has been inserted.
###6. Debugging problems
View
2 bin/dorothy_start
@@ -116,7 +116,7 @@ rescue => e
if e.inspect =~ /exist/
puts "WARNING".yellow + " The database doesn't exist yet. Press Enter to load the ddl into the DB"
gets
- Util.init_db(true)
+ Util.init_db(DoroSettings.dorothive[:ddl])
exit(0)
else
puts "ERROR".red + " Can't connect to the database"
View
1 dorothy2.gemspec
@@ -23,6 +23,7 @@ Gem::Specification.new do |gem|
gem.add_dependency(%q<colored>, [">= 1.2"])
gem.add_dependency(%q<ruby-pg>, [">= 0.7.9.2008.01.28"])
gem.add_dependency(%q<virustotal>, [">= 2.0.0"])
+ gem.add_dependency(%q<nokogiri>, ["~= 1.5.10"])
gem.add_dependency(%q<rbvmomi>, [">= 1.3.0"])
gem.add_dependency(%q<ruby-filemagic>, [">= 0.4.2"])
#for dparser
View
20 lib/dorothy2/do-init.rb
@@ -10,7 +10,7 @@ module DoroConfig
def init_home(home)
puts "INIT".yellow + " Creating Directoy structure in #{home}"
- Dir.mkdir(home)
+ Dir.mkdir(home) unless Util.exists?("#{home}")
unless Util.exists?("#{home}/opt")
Dir.mkdir("#{home}/opt")
Dir.mkdir("#{home}/opt/bins")
@@ -45,6 +45,7 @@ def create
conf["nam"] = Hash.new
conf["virustotal"] = Hash.new
conf["esx"] = Hash.new
+ conf["pcapr"] = Hash.new
################################################
@@ -58,18 +59,15 @@ def create
home = conf["env"]["home"]
- unless Util.exists?(home)
- self.init_home(home)
- end
-
+ self.init_home(home)
puts "The Dorothy home directory is #{home}"
conf["env"]["pidfile"] = "#{home}/var/dorothy.pid"
conf["env"]["pidfile_parser"] = "#{home}/var/doroParser.pid"
- conf["env"]["analysis_dir"] = "#{home}/opt/analyzed" # TODO if doesn't exist, create it. -> Dir.mkdir("mynewdir")
+ conf["env"]["analysis_dir"] = "#{home}/opt/analyzed"
conf["env"]["geoip"] = "#{home}/etc/geo/GeoLiteCity.dat"
conf["env"]["geoasn"] = "#{home}/etc/geo/GeoIPASNum.dat"
@@ -93,8 +91,8 @@ def create
puts "DB Name [dorothive]:"
conf["dorothive"]["dbname"] = (t = gets.chop).empty? ? "dorothive" : t
- puts "DB Username [dorothy]:"
- conf["dorothive"]["dbuser"] = (t = gets.chop).empty? ? "dorothy" : t
+ puts "DB Username [postgres]:"
+ conf["dorothive"]["dbuser"] = (t = gets.chop).empty? ? "postgres" : t
puts "DB Password"
conf["dorothive"]["dbpass"] = gets.chop
@@ -148,12 +146,12 @@ def create
puts "Username [dorothy] :"
conf["nam"]["user"] = (t = gets.chop).empty? ? "dorothy" : t
- puts "SSH Port [22] :"
- conf["nam"]["port"] = (t = gets.chop).empty? ? 22 : t
-
puts "Password:"
conf["nam"]["pass"] = gets.chop
+ puts "SSH Port [22] :"
+ conf["nam"]["port"] = (t = gets.chop).empty? ? 22 : t
+
puts "Folder where to store PCAP files [~/pcaps]"
conf["nam"]["pcaphome"] = (t = gets.chop).empty? ? "~/pcaps" : t
View
2 lib/dorothy2/version.rb
@@ -1,3 +1,3 @@
module Dorothy2
- VERSION = "0.0.3"
+ VERSION = "1.0.0"
end

0 comments on commit ffab90e

Please sign in to comment.
Something went wrong with that request. Please try again.