updating databnase to handle yara rules
This commit is contained in:
jakani24
@@ -42,7 +42,7 @@ function sort_hashes($inputFile, $excluded) {
|
|||||||
}
|
}
|
||||||
function download_files($excluded){
|
function download_files($excluded){
|
||||||
//download from virusshare
|
//download from virusshare
|
||||||
/*$file_count=485;
|
$file_count=485;
|
||||||
for($i=0;$i<$file_count;$i++){
|
for($i=0;$i<$file_count;$i++){
|
||||||
$fileNumber = sprintf('%05d', $i);
|
$fileNumber = sprintf('%05d', $i);
|
||||||
$url="https://virusshare.com/hashfiles/VirusShare_$fileNumber.md5";
|
$url="https://virusshare.com/hashfiles/VirusShare_$fileNumber.md5";
|
||||||
@@ -58,7 +58,7 @@ function download_files($excluded){
|
|||||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||||
$fileContents = curl_exec($ch);
|
$fileContents = curl_exec($ch);
|
||||||
file_put_contents("/var/www/html/database_srv/buf.md5", $fileContents);
|
file_put_contents("/var/www/html/database_srv/buf.md5", $fileContents);
|
||||||
sort_hashes("/var/www/html/database_srv/buf.md5", $excluded);*/
|
sort_hashes("/var/www/html/database_srv/buf.md5", $excluded);
|
||||||
//download yara rules
|
//download yara rules
|
||||||
$url="https://jakach.duckdns.org/cyberhex/yara/yara.zip";
|
$url="https://jakach.duckdns.org/cyberhex/yara/yara.zip";
|
||||||
$ch = curl_init($url);
|
$ch = curl_init($url);
|
||||||
@@ -154,7 +154,7 @@ $files = glob($directory . '/*');
|
|||||||
foreach ($files as $file) {
|
foreach ($files as $file) {
|
||||||
// Check if the file is a regular file (not a directory)
|
// Check if the file is a regular file (not a directory)
|
||||||
if (is_file($file)) {
|
if (is_file($file)) {
|
||||||
//unlink($file);
|
unlink($file);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
set_time_limit(0);
|
set_time_limit(0);
|
||||||
|
|||||||
@@ -225,11 +225,58 @@ async function add_item(db,element_id1,field1,element_id2,field2){ //we have two
|
|||||||
</div>
|
</div>
|
||||||
<div id="yara" style="display:none">
|
<div id="yara" style="display:none">
|
||||||
<h4>Yara Rules (for deepscans)</h4>
|
<h4>Yara Rules (for deepscans)</h4>
|
||||||
<?php
|
|
||||||
//upload new yara rules here
|
|
||||||
?>
|
|
||||||
<?php
|
<?php
|
||||||
//list the yara rules that we have
|
//list the yara rules that we have
|
||||||
|
$page_size = 50;
|
||||||
|
$current_page = isset($_GET['page']) ? intval($_GET['page']) : 1;
|
||||||
|
$offset = ($current_page - 1) * $page_size;
|
||||||
|
|
||||||
|
$yara_files[]=list_yar_files("/var/www/html/database_srv/");
|
||||||
|
$total_entries=count($yara_files);
|
||||||
|
// Calculate total pages
|
||||||
|
$total_pages = ceil($total_entries / $page_size);
|
||||||
|
|
||||||
|
//if page=1, get yara files 0-50, page=2: 51-100 etc
|
||||||
|
|
||||||
|
|
||||||
|
// Display log entries
|
||||||
|
echo '<table class="table" style="overflow-x:auto">';
|
||||||
|
echo '<thead>';
|
||||||
|
echo '<tr>';
|
||||||
|
echo '<th>Entry id</th><th>Name</th><th>Download Rule</th><th>Delete Rule</th>';
|
||||||
|
echo '</tr>';
|
||||||
|
echo '</thead>';
|
||||||
|
echo '<tbody>';
|
||||||
|
|
||||||
|
|
||||||
|
$start=$offset*page_size;
|
||||||
|
$stop=$start+page_size;
|
||||||
|
|
||||||
|
for($i=$start;$i<$stop;$i++){
|
||||||
|
if($i<=$total_entries){
|
||||||
|
//write out the file
|
||||||
|
echo '<tr>';
|
||||||
|
echo '<td>' . $i . '</td>';
|
||||||
|
echo '<td>' . basename($yara_files[$i]) . '</td>';
|
||||||
|
echo '<td><a href="view_log.php?delete_yar='.$yara_files[$i].'&page=' . $current_page . '">delete</a></td>';
|
||||||
|
echo '<td><a href="'.str_replace("/var/www/html","",$yara_files[$i]).'" download>Download</a></td>';
|
||||||
|
echo '</tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
echo '</tbody>';
|
||||||
|
echo '</table>';
|
||||||
|
$conn->close();
|
||||||
|
|
||||||
|
// Display pagination links with filter query
|
||||||
|
echo '<nav aria-label="Page navigation">';
|
||||||
|
echo '<ul class="pagination justify-content-center">';
|
||||||
|
for ($i = 1; $i <= $total_pages; $i++) {
|
||||||
|
echo '<li class="page-item ' . ($i == $current_page ? 'active' : '') . '"><a class="page-link" href="view_log.php?page=' . $i . $filter_query . '">' . $i . '</a></li>';
|
||||||
|
}
|
||||||
|
echo '</ul>';
|
||||||
|
echo '</nav>';
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|||||||
@@ -58,4 +58,31 @@ function safe_settings($db){//load settings
|
|||||||
$conn->close();
|
$conn->close();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function list_yara_files($dir) {
|
||||||
|
$yar_files = [];
|
||||||
|
|
||||||
|
// Open the directory
|
||||||
|
if ($handle = opendir($dir)) {
|
||||||
|
// Iterate over each entry in the directory
|
||||||
|
while (false !== ($entry = readdir($handle))) {
|
||||||
|
// Exclude current directory (.) and parent directory (..)
|
||||||
|
if ($entry != "." && $entry != "..") {
|
||||||
|
$path = $dir . '/' . $entry;
|
||||||
|
// If the entry is a directory, call the function recursively
|
||||||
|
if (is_dir($path)) {
|
||||||
|
$yar_files = array_merge($yar_files, list_yar_files($path));
|
||||||
|
}
|
||||||
|
// If the entry is a file and ends with .yar extension, add it to the array
|
||||||
|
elseif (is_file($path) && pathinfo($path, PATHINFO_EXTENSION) === 'yar') {
|
||||||
|
$yar_files[] = $path;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Close the directory handle
|
||||||
|
closedir($handle);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $yar_files;
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
Reference in New Issue
Block a user