|
@@ -20,12 +20,15 @@ import java.io.FileWriter;
|
|
import java.math.BigInteger;
|
|
import java.math.BigInteger;
|
|
import java.security.MessageDigest;
|
|
import java.security.MessageDigest;
|
|
import java.security.NoSuchAlgorithmException;
|
|
import java.security.NoSuchAlgorithmException;
|
|
|
|
+import java.util.Set;
|
|
|
|
|
|
import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
|
|
import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
|
|
import de.tudarmstadt.informatik.hostage.logging.MessageRecord;
|
|
import de.tudarmstadt.informatik.hostage.logging.MessageRecord;
|
|
import de.tudarmstadt.informatik.hostage.protocol.SMB;
|
|
import de.tudarmstadt.informatik.hostage.protocol.SMB;
|
|
import de.tudarmstadt.informatik.hostage.ui.activity.MainActivity;
|
|
import de.tudarmstadt.informatik.hostage.ui.activity.MainActivity;
|
|
import de.tudarmstadt.informatik.hostage.ui.fragment.FileAlertDialogFragment;
|
|
import de.tudarmstadt.informatik.hostage.ui.fragment.FileAlertDialogFragment;
|
|
|
|
+import virustotalapi.ReportScan;
|
|
|
|
+import virustotalapi.VirusTotal;
|
|
|
|
|
|
/**
|
|
/**
|
|
* HostageV3
|
|
* HostageV3
|
|
@@ -39,15 +42,20 @@ import de.tudarmstadt.informatik.hostage.ui.fragment.FileAlertDialogFragment;
|
|
*/
|
|
*/
|
|
public class PseudoJavaFileDiskDriver extends JavaFileDiskDriver {
|
|
public class PseudoJavaFileDiskDriver extends JavaFileDiskDriver {
|
|
|
|
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+
|
|
private static class PseudoJavaNetworkFile extends JavaNetworkFile {
|
|
private static class PseudoJavaNetworkFile extends JavaNetworkFile {
|
|
protected final SMB SMB;
|
|
protected final SMB SMB;
|
|
private final SrvSession sess;
|
|
private final SrvSession sess;
|
|
boolean wasWrittenTo = false;
|
|
boolean wasWrittenTo = false;
|
|
|
|
+ private final FileInject fileInject;
|
|
|
|
|
|
- public PseudoJavaNetworkFile(File file, String netPath, SMB SMB, SrvSession sess) {
|
|
|
|
|
|
+ public PseudoJavaNetworkFile(File file, String netPath, SMB SMB, SrvSession sess, FileInject fileInject) {
|
|
super(file, netPath);
|
|
super(file, netPath);
|
|
this.SMB = SMB;
|
|
this.SMB = SMB;
|
|
this.sess = sess;
|
|
this.sess = sess;
|
|
|
|
+ this.fileInject = fileInject;
|
|
}
|
|
}
|
|
|
|
|
|
Context context = null;
|
|
Context context = null;
|
|
@@ -60,6 +68,7 @@ public class PseudoJavaFileDiskDriver extends JavaFileDiskDriver {
|
|
public void closeFile() throws java.io.IOException {
|
|
public void closeFile() throws java.io.IOException {
|
|
super.closeFile();
|
|
super.closeFile();
|
|
if(wasWrittenTo){
|
|
if(wasWrittenTo){
|
|
|
|
+ HelperUtils.setIsFileInjected(true);
|
|
try {
|
|
try {
|
|
MessageDigest digest = MessageDigest.getInstance("SHA256");
|
|
MessageDigest digest = MessageDigest.getInstance("SHA256");
|
|
FileInputStream fis = new FileInputStream(m_file);
|
|
FileInputStream fis = new FileInputStream(m_file);
|
|
@@ -73,16 +82,38 @@ public class PseudoJavaFileDiskDriver extends JavaFileDiskDriver {
|
|
byte[] hash = digest.digest();
|
|
byte[] hash = digest.digest();
|
|
String checksum = new BigInteger(1, hash).toString(16);
|
|
String checksum = new BigInteger(1, hash).toString(16);
|
|
|
|
|
|
- String message = "File received: " + m_file.getName() + "\n\nCHECKSUM:\n" + checksum;
|
|
|
|
|
|
+ StringBuilder sb = new StringBuilder();
|
|
|
|
+
|
|
|
|
+ VirusTotal VT = new VirusTotal("111c226204f5de7228563bbca91c5860e4965fbe936307dffa8f2f2d575ff292"); // Your Virus Total API Key
|
|
|
|
+
|
|
|
|
+ Set<ReportScan> Report = VT.ReportScan(checksum); //The SHA256 file
|
|
|
|
+
|
|
|
|
+ for (ReportScan report : Report) {
|
|
|
|
+
|
|
|
|
+ if (report.getDetected().contentEquals("true")){
|
|
|
|
+
|
|
|
|
+ if (report.getVendor().contentEquals("McAfee")||report.getVendor().contentEquals("Microsoft"))
|
|
|
|
+
|
|
|
|
+ {
|
|
|
|
+ sb.append("\n\nVendor: " + report.getVendor() + " \nDetected: " + report.getDetected() + " \nMalware Name: " + report.getMalwarename());
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ }
|
|
|
|
+ String message = "File received: " + m_file.getName() + "\n\nCHECKSUM:\n" + checksum+sb.toString();
|
|
|
|
+ fileInject.log(MessageRecord.TYPE.RECEIVE, message, 445, sess.getRemoteAddress(), 445);
|
|
|
|
|
|
HelperUtils.setFileName(m_file.getName());
|
|
HelperUtils.setFileName(m_file.getName());
|
|
HelperUtils.setFilePath(m_file.getPath());
|
|
HelperUtils.setFilePath(m_file.getPath());
|
|
- HelperUtils.setFileMD5(checksum);
|
|
|
|
|
|
+ HelperUtils.setFileSHA256(checksum);
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+ // System.out.print(m_file.getName());
|
|
|
|
+ // displayAlert();
|
|
|
|
+
|
|
|
|
+ // SMB.log(MessageRecord.TYPE.RECEIVE, message, 445, sess.getRemoteAddress(), 445);
|
|
|
|
|
|
- System.out.print(m_file.getName());
|
|
|
|
- displayAlert();
|
|
|
|
|
|
|
|
- SMB.log(MessageRecord.TYPE.RECEIVE, message, 445, sess.getRemoteAddress(), 445);
|
|
|
|
} catch (NoSuchAlgorithmException e) {
|
|
} catch (NoSuchAlgorithmException e) {
|
|
e.printStackTrace();
|
|
e.printStackTrace();
|
|
}
|
|
}
|
|
@@ -106,9 +137,11 @@ public class PseudoJavaFileDiskDriver extends JavaFileDiskDriver {
|
|
}
|
|
}
|
|
|
|
|
|
private final SMB SMB;
|
|
private final SMB SMB;
|
|
|
|
+ private final FileInject fileInject;
|
|
|
|
|
|
- public PseudoJavaFileDiskDriver(SMB SMB) {
|
|
|
|
|
|
+ public PseudoJavaFileDiskDriver(SMB SMB, FileInject fileInject) {
|
|
this.SMB = SMB;
|
|
this.SMB = SMB;
|
|
|
|
+ this.fileInject = fileInject;
|
|
}
|
|
}
|
|
|
|
|
|
public NetworkFile createFile(SrvSession sess, TreeConnection tree, FileOpenParams params)
|
|
public NetworkFile createFile(SrvSession sess, TreeConnection tree, FileOpenParams params)
|
|
@@ -133,7 +166,7 @@ public class PseudoJavaFileDiskDriver extends JavaFileDiskDriver {
|
|
|
|
|
|
// Create a Java network file
|
|
// Create a Java network file
|
|
file = new File(fname);
|
|
file = new File(fname);
|
|
- PseudoJavaNetworkFile netFile = new PseudoJavaNetworkFile(file, params.getPath(), SMB, sess);
|
|
|
|
|
|
+ PseudoJavaNetworkFile netFile = new PseudoJavaNetworkFile(file, params.getPath(), SMB, sess, fileInject);
|
|
netFile.setGrantedAccess(NetworkFile.READWRITE);
|
|
netFile.setGrantedAccess(NetworkFile.READWRITE);
|
|
netFile.setFullName(params.getPath());
|
|
netFile.setFullName(params.getPath());
|
|
|
|
|
|
@@ -156,4 +189,8 @@ public class PseudoJavaFileDiskDriver extends JavaFileDiskDriver {
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+
|
|
}
|
|
}
|