adjusted migrations, doc_info and others

intelowlproject · Aug 29, 2024 · d7f84ee · d7f84ee
1 parent f37555c
commit d7f84ee
Show file tree

Hide file tree

Showing 5 changed files with 60 additions and 18 deletions.
diff --git a/api_app/analyzers_manager/file_analyzers/artifacts.py b/api_app/analyzers_manager/file_analyzers/artifacts.py
@@ -13,23 +13,15 @@ class Artifacts(FileAnalyzer, DockerBasedAnalyzer):
     # interval between http request polling
     poll_distance: int = 2
     # http request polling max number of tries
-    max_tries: int = 10
-    artifacts_report: bool = False
-    artifacts_analysis: bool = True
+    max_tries: int = 30
 
     def update(self) -> bool:
         pass
 
     def run(self):
-        if self.artifacts_report and self.artifacts_analysis:
-            raise AnalyzerRunException(
-                "You can't run both report and analysis at the same time"
-            )
         binary = self.read_file_bytes()
         fname = str(self.filename).replace("/", "_").replace(" ", "_")
-        args = [f"@{fname}"]
-        if self.artifacts_report:
-            args.append("--report")
+        args = [f"@{fname}", "-a", "-r"]
         req_data = {"args": args}
         req_files = {fname: binary}
         logger.info(

diff --git a/api_app/analyzers_manager/file_analyzers/doc_info.py b/api_app/analyzers_manager/file_analyzers/doc_info.py
@@ -141,6 +141,20 @@ def run(self):
             if self.file_mimetype != MimeTypes.ONE_NOTE.value:
                 results["msodde"] = self.analyze_msodde()
 
+        except CannotDecryptException as e:
+            logger.info(e)
+        except Exception as e:
+            error_message = (
+                f"job_id {self.job_id} doc info extraction failed. Error: {e}"
+            )
+            logger.warning(error_message, stack_info=True)
+            self.report.errors.append(error_message)
+            self.report.save()
+        finally:
+            if self.vbaparser:
+                self.vbaparser.close()
+
+        try:
             if self.file_mimetype in [
                 MimeTypes.WORD1.value,
                 MimeTypes.WORD2.value,
@@ -154,19 +168,13 @@ def run(self):
             results["uris"].extend(self.get_external_relationships())
             results["uris"].extend(self.extract_urls_from_IOCs())
             results["uris"] = list(set(results["uris"]))  # make it uniq
-
-        except CannotDecryptException as e:
-            logger.info(e)
         except Exception as e:
             error_message = (
-                f"job_id {self.job_id} doc info extraction failed. Error: {e}"
+                f"job_id {self.job_id} special extractions failed. Error: {e}"
             )
             logger.warning(error_message, stack_info=True)
             self.report.errors.append(error_message)
             self.report.save()
-        finally:
-            if self.vbaparser:
-                self.vbaparser.close()
 
         return results
 

diff --git a/api_app/analyzers_manager/file_analyzers/droidlysis.py b/api_app/analyzers_manager/file_analyzers/droidlysis.py
@@ -12,7 +12,7 @@ class DroidLysis(FileAnalyzer, DockerBasedAnalyzer):
     # interval between http request polling
     poll_distance: int = 2
     # http request polling max number of tries
-    max_tries: int = 10
+    max_tries: int = 30
 
     def update(self) -> bool:
         pass

diff --git a/...nalyzers_manager/migrations/0120_alter_analyzerconfig_not_supported_filetypes_and_more.py b/...nalyzers_manager/migrations/0120_alter_analyzerconfig_not_supported_filetypes_and_more.py
@@ -82,6 +82,10 @@ class Migration(migrations.Migration):
                         ("application/json", "Json"),
                         ("application/x-executable", "Executable"),
                         ("application/x-ms-shortcut", "Lnk"),
+                        ("text/x-java", "Java2"),
+                        ("text/x-kotlin", "Kotlin"),
+                        ("text/x-swift", "Swift"),
+                        ("text/x-objective-c", "Objective C"),
                     ],
                     max_length=90,
                 ),
@@ -161,6 +165,10 @@ class Migration(migrations.Migration):
                         ("application/json", "Json"),
                         ("application/x-executable", "Executable"),
                         ("application/x-ms-shortcut", "Lnk"),
+                        ("text/x-java", "Java2"),
+                        ("text/x-kotlin", "Kotlin"),
+                        ("text/x-swift", "Swift"),
+                        ("text/x-objective-c", "Objective C"),
                     ],
                     max_length=90,
                 ),

diff --git a/api_app/analyzers_manager/migrations/0122.alter_soft_time_limit.py b/api_app/analyzers_manager/migrations/0122.alter_soft_time_limit.py
@@ -0,0 +1,34 @@
+from django.db import migrations
+
+
+def migrate(apps, schema_editor):
+    AnalyzerConfig = apps.get_model("analyzers_manager", "AnalyzerConfig")
+    plugin_name = "Droidlysis"
+
+    try:
+        plugin = AnalyzerConfig.objects.get(name=plugin_name)
+        plugin.soft_time_limit = 60
+        plugin.save()
+    except AnalyzerConfig.DoesNotExist:
+        pass
+
+
+def reverse_migrate(apps, schema_editor):
+    AnalyzerConfig = apps.get_model("analyzers_manager", "AnalyzerConfig")
+    plugin_name = "Droidlysis"
+
+    try:
+        plugin = AnalyzerConfig.objects.get(name=plugin_name)
+        plugin.soft_time_limit = 20
+        plugin.save()
+    except AnalyzerConfig.DoesNotExist:
+        pass
+
+
+class Migration(migrations.Migration):
+    atomic = False
+
+    dependencies = [
+        ("analyzers_manager", "0121_analyzer_config_lnk_info"),
+    ]
+    operations = [migrations.RunPython(migrate, reverse_migrate)]