devicehub-django/evidence/parse.py

134 lines
4 KiB
Python
Raw Normal View History

2024-07-11 15:40:45 +00:00
import json
import hashlib
2024-10-25 15:36:13 +00:00
import logging
2024-07-01 10:17:23 +00:00
2024-09-18 16:01:46 +00:00
from dmidecode import DMIParse
2024-10-21 16:39:31 +00:00
from json_repair import repair_json
2024-11-07 16:09:22 +00:00
from evidence.parse_details import get_lshw_child
from evidence.models import Annotation
from evidence.xapian import index
2024-10-25 15:36:13 +00:00
from utils.constants import CHASSIS_DH
2024-11-07 16:09:22 +00:00
logger = logging.getLogger(__name__)
2024-10-25 15:36:13 +00:00
2024-09-23 11:44:04 +00:00
def get_mac(lshw):
2024-09-25 17:04:29 +00:00
try:
2024-10-25 15:36:13 +00:00
if type(lshw) is dict:
hw = lshw
else:
hw = json.loads(lshw)
2024-10-21 16:39:31 +00:00
except json.decoder.JSONDecodeError:
hw = json.loads(repair_json(lshw))
2024-10-25 15:36:13 +00:00
2024-11-07 16:09:22 +00:00
networks = []
get_lshw_child(hw, networks, 'network')
2024-09-23 12:30:47 +00:00
2024-11-07 16:09:22 +00:00
nets_sorted = sorted(networks, key=lambda x: x['businfo'])
2024-09-23 12:30:47 +00:00
# This funcion get the network card integrated in motherboard
# integrate = [x for x in nets if "pci@0000:00:" in x.get('businfo', '')]
2024-09-23 11:44:04 +00:00
2024-09-23 12:30:47 +00:00
if nets_sorted:
2024-11-07 16:09:22 +00:00
mac = nets_sorted[0]['serial']
logger.debug("The snapshot has the following MAC: %s" , mac)
return mac
2024-09-20 16:05:29 +00:00
2024-07-11 15:40:45 +00:00
class Build:
2024-07-31 11:28:46 +00:00
def __init__(self, evidence_json, user, check=False):
2024-07-26 15:59:34 +00:00
self.json = evidence_json
2024-07-18 15:21:22 +00:00
self.uuid = self.json['uuid']
2024-07-11 15:40:45 +00:00
self.user = user
self.hid = None
2024-07-31 11:28:46 +00:00
self.generate_chids()
if check:
return
2024-07-11 15:40:45 +00:00
2024-07-15 14:23:14 +00:00
self.index()
2024-07-18 15:21:22 +00:00
self.create_annotations()
2024-07-11 15:40:45 +00:00
2024-07-15 14:23:14 +00:00
def index(self):
snap = json.dumps(self.json)
index(self.user.institution, self.uuid, snap)
2024-07-15 14:23:14 +00:00
2024-07-31 11:28:46 +00:00
def generate_chids(self):
self.algorithms = {
'hidalgo1': self.get_hid_14(),
}
2024-07-15 14:23:14 +00:00
def get_hid_14(self):
if self.json.get("software") == "workbench-script":
2024-09-18 16:01:46 +00:00
hid = self.get_hid(self.json)
else:
device = self.json['device']
manufacturer = device.get("manufacturer", '')
model = device.get("model", '')
chassis = device.get("chassis", '')
serial_number = device.get("serialNumber", '')
sku = device.get("sku", '')
hid = f"{manufacturer}{model}{chassis}{serial_number}{sku}"
2024-10-25 15:36:13 +00:00
2024-07-15 14:23:14 +00:00
return hashlib.sha3_256(hid.encode()).hexdigest()
2024-07-18 15:21:22 +00:00
def create_annotations(self):
2024-10-25 15:36:13 +00:00
annotation = Annotation.objects.filter(
uuid=self.uuid,
owner=self.user.institution,
type=Annotation.Type.SYSTEM,
)
if annotation:
txt = "Warning: Snapshot {} exist as annotation !!".format(self.uuid)
logger.exception(txt)
return
2024-07-18 15:21:22 +00:00
2024-07-31 11:28:46 +00:00
for k, v in self.algorithms.items():
2024-07-18 15:21:22 +00:00
Annotation.objects.create(
uuid=self.uuid,
2024-09-18 16:01:46 +00:00
owner=self.user.institution,
user=self.user,
2024-07-18 15:21:22 +00:00
type=Annotation.Type.SYSTEM,
key=k,
value=v
)
2024-09-18 16:01:46 +00:00
def get_chassis_dh(self):
chassis = self.get_chassis()
lower_type = chassis.lower()
for k, v in CHASSIS_DH.items():
if lower_type in v:
return k
return self.default
def get_sku(self):
return self.dmi.get("System")[0].get("SKU Number", "n/a").strip()
2024-10-25 15:36:13 +00:00
2024-09-18 16:01:46 +00:00
def get_chassis(self):
return self.dmi.get("Chassis")[0].get("Type", '_virtual')
def get_hid(self, snapshot):
dmidecode_raw = snapshot["data"]["dmidecode"]
self.dmi = DMIParse(dmidecode_raw)
manufacturer = self.dmi.manufacturer().strip()
model = self.dmi.model().strip()
chassis = self.get_chassis_dh()
serial_number = self.dmi.serial_number()
sku = self.get_sku()
2024-09-23 12:14:30 +00:00
if not snapshot["data"].get('lshw'):
return f"{manufacturer}{model}{chassis}{serial_number}{sku}"
2024-10-25 15:36:13 +00:00
2024-09-23 12:14:30 +00:00
lshw = snapshot["data"]["lshw"]
# mac = get_mac2(hwinfo_raw) or ""
mac = get_mac(lshw) or ""
2024-09-20 16:22:27 +00:00
if not mac:
print(f"WARNING: Could not retrieve MAC address in snapshot {snapshot['uuid']}" )
# TODO generate system annotation for that snapshot
2024-09-20 17:48:53 +00:00
else:
print(f"{manufacturer}{model}{chassis}{serial_number}{sku}{mac}")
2024-09-18 16:01:46 +00:00
2024-09-20 16:05:29 +00:00
return f"{manufacturer}{model}{chassis}{serial_number}{sku}{mac}"