dorothy2 1.2.0 → 2.0.0

data/test/tc_dorothy_full.rb

@@ -4,6 +4,9 @@ require 'dorothy2'          #comment for testing/developmnet
 
 #load '../lib/dorothy2.rb'
 
+
+#Those tests have not been ported to the latest version of dorothy2. They wont work. #TODO: fix this
+
 include Dorothy
 
 LOGGER = DoroLogger.new(STDOUT, "weekly")

metadata

@@ -1,85 +1,85 @@
 --- !ruby/object:Gem::Specification
 name: dorothy2
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 2.0.0
 platform: ruby
 authors:
 - marco riccardi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-12-01 00:00:00.000000000 Z
+date: 2014-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-scp
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.0.4
+        version: 1.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.0.4
+        version: 1.1.2
 - !ruby/object:Gem::Dependency
   name: net-ssh
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 2.2.1
+        version: 2.7.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 2.2.1
+        version: 2.7.0
 - !ruby/object:Gem::Dependency
   name: trollop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.16.2
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.16.2
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rest-client
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: 1.6.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: 1.6.7
 - !ruby/object:Gem::Dependency
-  name: mime-types
+  name: mail
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: 2.5.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: 2.5.4
 - !ruby/object:Gem::Dependency
   name: colored
   requirement: !ruby/object:Gem::Requirement
@@ -95,125 +95,220 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.2'
 - !ruby/object:Gem::Dependency
-  name: ruby-pg
+  name: pg
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.7.9.2008.01.28
+        version: 0.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.7.9.2008.01.28
+        version: 0.8.0
 - !ruby/object:Gem::Dependency
-  name: virustotal
+  name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 1.5.11
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 1.5.11
 - !ruby/object:Gem::Dependency
-  name: nokogiri
+  name: uirusu
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.5.10
+        version: 0.0.6
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.5.10
+        version: 0.0.6
 - !ruby/object:Gem::Dependency
   name: rbvmomi
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+- !ruby/object:Gem::Dependency
+  name: ruby-filemagic
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.6
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.6
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.6
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.6
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.0.beta1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.0.beta1
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.4.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.4.4
+- !ruby/object:Gem::Dependency
+  name: sinatra-activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
       - !ruby/object:Gem::Version
         version: 1.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
         version: 1.3.0
 - !ruby/object:Gem::Dependency
-  name: ruby-filemagic
+  name: sinatra-contrib
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 0.4.2
+        version: 1.4.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.4.2
+- !ruby/object:Gem::Dependency
+  name: namespace
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 0.4.2
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: net-dns
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
         version: 0.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
         version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: geoip
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.3.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.3.5
 - !ruby/object:Gem::Dependency
-  name: tmail
+  name: whois
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.2.7.1
+        version: 3.5.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.2.7.1
+        version: 3.5.3
 description: A malware/botnet analysis framework written in Ruby.
 email:
 - marco.riccardi@honeynet.it
 executables:
-- dorothy_start
-- dorothy_stop
-- dparser_start
-- dparser_stop
+- dorothy2
 extensions: []
 extra_rdoc_files:
 - README.md
@@ -224,18 +319,13 @@ files:
 - LICENSE
 - README.md
 - Rakefile
-- TODO
 - UPDATE
-- bin/dorothy_start
-- bin/dorothy_stop
-- bin/dparser_start
-- bin/dparser_stop
+- bin/dorothy2
 - dorothy2.gemspec
 - etc/ddl/dorothive.ddl
-- etc/dorothy copy.yml.example
-- etc/extensions.yml
 - etc/sandboxes.yml.example
 - etc/sources.yml.example
+- lib/doroGUI.rb
 - lib/doroParser.rb
 - lib/dorothy2.rb
 - lib/dorothy2/BFM.rb
@@ -276,23 +366,33 @@ files:
 - lib/mu/xtractr/test/tc_xtractr.rb
 - lib/mu/xtractr/test/test.rb
 - lib/mu/xtractr/views.rb
+- lib/www/public/reset.css
+- lib/www/public/style.css
+- lib/www/views/analyses.erb
+- lib/www/views/email.erb
+- lib/www/views/flows.erb
+- lib/www/views/layout.erb
+- lib/www/views/profile.erb
+- lib/www/views/queue.erb
+- lib/www/views/resume.erb
+- lib/www/views/resume.erb~
+- lib/www/views/samples.erb
+- lib/www/views/upload.erb
 - share/img/Dorothy-Basic.pdf
 - share/img/Setup-Advanced.pdf
 - share/img/The_big_picture.pdf
-- share/update-dorothive.sql
 - test/tc_dorothy_full.rb
-- var/log/parser.log
 homepage: https://github.com/m4rco-/dorothy2
 licenses: []
 metadata: {}
-post_install_message: ! '\n WARING: If you are upgrating from a previous version,
-  read the UPDATE file!\n'
+post_install_message: ! '\n\n\n \t\t WARING: If you are upgrating from a previous
+  version, read the UPDATE file! \t\t\n\n\n'
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ~>
     - !ruby/object:Gem::Version
       version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
@@ -302,10 +402,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.1.10
+rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
 summary: More info at http://www.honeynet.it
 test_files:
 - test/tc_dorothy_full.rb
-has_rdoc: 

data/TODO

@@ -1,27 +0,0 @@
-##############
-#DOROTHY-TODO#
-##############
-
--PORT TO Ruby 2.0
--WGUI
-
-#IMPROVE INSTALLATION PROCESS
--Include pcapr-local installation 80%
-
--ADD args from command line for recreating the baseline
-
-
--BINARY STATIC ANALYSIS
--ANALYZE SYSTEM CHANGES 50%
-	-ListFileInGuest -> Create Files/Folder Baseline.
-
--MANAGE SIG-INT WHILE MULTITHREAD 
--INTERACTIVE CONSOLE 90%
--ADD VNC CLIENT SPAWN IN MANUAL MODE
-
--REVIEW DOROTHIVE (binary fullpath?)
-
--ADD EMAIL AS SOURCETYPE (use ruby mail gem for retrieving the emails, and parse them)
-
--REPORT PLUGIN
- -REPORT - MAEC