assemblyline 4.7.5.dev9__tar.gz → 4.7.5.dev13__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (179) hide show
  1. {assemblyline-4.7.5.dev9/assemblyline.egg-info → assemblyline-4.7.5.dev13}/PKG-INFO +1 -1
  2. assemblyline-4.7.5.dev13/assemblyline/VERSION +1 -0
  3. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/bundling.py +21 -6
  4. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/path.py +17 -2
  5. assemblyline-4.7.5.dev13/assemblyline/common/safe_archive.py +100 -0
  6. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/__init__.py +10 -0
  7. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13/assemblyline.egg-info}/PKG-INFO +1 -1
  8. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline.egg-info/SOURCES.txt +1 -0
  9. assemblyline-4.7.5.dev9/assemblyline/VERSION +0 -1
  10. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/LICENCE.md +0 -0
  11. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/MANIFEST.in +0 -0
  12. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/README.md +0 -0
  13. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/__init__.py +0 -0
  14. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/cachestore/__init__.py +0 -0
  15. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/__init__.py +0 -0
  16. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/archiving.py +0 -0
  17. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/attack_map.py +0 -0
  18. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/backupmanager.py +0 -0
  19. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/banner.py +0 -0
  20. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/caching.py +0 -0
  21. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/chunk.py +0 -0
  22. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/classification.py +0 -0
  23. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/classification.yml +0 -0
  24. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/cleanup_filestore.py +0 -0
  25. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/codec.py +0 -0
  26. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/comms.py +0 -0
  27. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/constants.py +0 -0
  28. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/custom.magic +0 -0
  29. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/custom.yara +0 -0
  30. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/dict_utils.py +0 -0
  31. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/digests.py +0 -0
  32. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/dispatcher.py +0 -0
  33. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/entropy.py +0 -0
  34. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/exceptions.py +0 -0
  35. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/file.py +0 -0
  36. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/forge.py +0 -0
  37. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/heuristics.py +0 -0
  38. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/hexdump.py +0 -0
  39. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/identify.py +0 -0
  40. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/identify_defaults.py +0 -0
  41. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/importing.py +0 -0
  42. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/iprange.py +0 -0
  43. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/isotime.py +0 -0
  44. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/log.py +0 -0
  45. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/logformat.py +0 -0
  46. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/lucene.lark +0 -0
  47. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/memory_zip.py +0 -0
  48. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/metrics.py +0 -0
  49. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/net.py +0 -0
  50. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/net_static.py +0 -0
  51. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/null.py +0 -0
  52. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/postprocess.py +0 -0
  53. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/random_user.py +0 -0
  54. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/security.py +0 -0
  55. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/signaturing.py +0 -0
  56. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/str_utils.py +0 -0
  57. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/tag_safelist.yml +0 -0
  58. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/tagging.py +0 -0
  59. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/threading.py +0 -0
  60. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/uid.py +0 -0
  61. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/version.py +0 -0
  62. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datasource/__init__.py +0 -0
  63. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datasource/al.py +0 -0
  64. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datasource/alert.py +0 -0
  65. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datasource/common.py +0 -0
  66. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/__init__.py +0 -0
  67. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/bulk.py +0 -0
  68. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/collection.py +0 -0
  69. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/exceptions.py +0 -0
  70. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/helper.py +0 -0
  71. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/store.py +0 -0
  72. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/support/__init__.py +0 -0
  73. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/support/build.py +0 -0
  74. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/datastore/support/schemas.py +0 -0
  75. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/__init__.py +0 -0
  76. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/__init__.py +0 -0
  77. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/azure.py +0 -0
  78. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/base.py +0 -0
  79. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/ftp.py +0 -0
  80. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/http.py +0 -0
  81. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/local.py +0 -0
  82. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/s3.py +0 -0
  83. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/filestore/transport/sftp.py +0 -0
  84. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/__init__.py +0 -0
  85. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/base.py +0 -0
  86. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/common.py +0 -0
  87. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/__init__.py +0 -0
  88. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/alert.py +0 -0
  89. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/alerter_heartbeat.py +0 -0
  90. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/archive_heartbeat.py +0 -0
  91. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/changes.py +0 -0
  92. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/dispatcher_heartbeat.py +0 -0
  93. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/dispatching.py +0 -0
  94. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/elastic_heartbeat.py +0 -0
  95. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/expiry_heartbeat.py +0 -0
  96. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/ingest_heartbeat.py +0 -0
  97. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/metrics.py +0 -0
  98. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/retrohunt_heartbeat.py +0 -0
  99. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/scaler_heartbeat.py +0 -0
  100. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/scaler_status_heartbeat.py +0 -0
  101. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/service_heartbeat.py +0 -0
  102. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/service_timing_heartbeat.py +0 -0
  103. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/submission.py +0 -0
  104. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/task.py +0 -0
  105. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/messages/vacuum_heartbeat.py +0 -0
  106. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/__init__.py +0 -0
  107. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/actions.py +0 -0
  108. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/alert.py +0 -0
  109. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/apikey.py +0 -0
  110. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/badlist.py +0 -0
  111. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/cached_file.py +0 -0
  112. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/config.py +0 -0
  113. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/emptyresult.py +0 -0
  114. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/error.py +0 -0
  115. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/file.py +0 -0
  116. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/filescore.py +0 -0
  117. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/heuristic.py +0 -0
  118. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/__init__.py +0 -0
  119. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/file.py +0 -0
  120. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/filetypes/__init__.py +0 -0
  121. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/filetypes/pe.py +0 -0
  122. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/ontology.py +0 -0
  123. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/__init__.py +0 -0
  124. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/antivirus.py +0 -0
  125. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/http.py +0 -0
  126. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/malware_config.py +0 -0
  127. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/network.py +0 -0
  128. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/process.py +0 -0
  129. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/sandbox.py +0 -0
  130. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/ontology/results/signature.py +0 -0
  131. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/replay.py +0 -0
  132. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/result.py +0 -0
  133. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/retrohunt.py +0 -0
  134. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/safelist.py +0 -0
  135. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/service.py +0 -0
  136. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/service_delta.py +0 -0
  137. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/signature.py +0 -0
  138. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/statistics.py +0 -0
  139. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/submission.py +0 -0
  140. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/submission_summary.py +0 -0
  141. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/submission_tree.py +0 -0
  142. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/tagging.py +0 -0
  143. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/user.py +0 -0
  144. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/user_favorites.py +0 -0
  145. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/user_settings.py +0 -0
  146. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/models/workflow.py +0 -0
  147. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/random_data/__init__.py +0 -0
  148. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/random_data/create_test_data.py +0 -0
  149. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/random_data/sample_rules.yar +0 -0
  150. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/random_data/sample_suricata.rules +0 -0
  151. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/odm/randomizer.py +0 -0
  152. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/py.typed +0 -0
  153. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/__init__.py +0 -0
  154. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/cache.py +0 -0
  155. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/counters.py +0 -0
  156. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/daily_quota_tracker.py +0 -0
  157. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/events.py +0 -0
  158. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/exporting_counter.py +0 -0
  159. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/hash.py +0 -0
  160. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/lock.py +0 -0
  161. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/queues/__init__.py +0 -0
  162. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/queues/comms.py +0 -0
  163. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/queues/multi.py +0 -0
  164. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/queues/named.py +0 -0
  165. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/queues/priority.py +0 -0
  166. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/set.py +0 -0
  167. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/user_quota_tracker.py +0 -0
  168. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/run/__init__.py +0 -0
  169. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/run/cli.py +0 -0
  170. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/run/pubsub_reader.py +0 -0
  171. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/run/suricata_importer.py +0 -0
  172. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/run/yara_importer.py +0 -0
  173. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline.egg-info/dependency_links.txt +0 -0
  174. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline.egg-info/entry_points.txt +0 -0
  175. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline.egg-info/requires.txt +0 -0
  176. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline.egg-info/top_level.txt +0 -0
  177. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/pyproject.toml +0 -0
  178. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/setup.cfg +0 -0
  179. {assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/setup.py +0 -0
{assemblyline-4.7.5.dev9/assemblyline.egg-info → assemblyline-4.7.5.dev13}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: assemblyline
3
- Version: 4.7.5.dev9
3
+ Version: 4.7.5.dev13
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
assemblyline-4.7.5.dev13/assemblyline/VERSION ADDED
@@ -0,0 +1 @@
1
+ 4.7.5.dev13
{assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/bundling.py RENAMED
@@ -1,8 +1,11 @@
1
+ import glob
1
2
  import json
2
3
  import logging
3
4
  import os
5
+ import re
4
6
  import shutil
5
7
  import subprocess
8
+ import tarfile
6
9
  import tempfile
7
10
  import time
8
11
  from copy import copy
@@ -10,6 +13,8 @@ from copy import copy
10
13
  from cart import is_cart, pack_stream, unpack_stream
11
14
 
12
15
  from assemblyline.common import forge
16
+ from assemblyline.common.safe_archive import safe_extract_tar
17
+ from assemblyline.odm.base import SHA256_REGEX
13
18
  from assemblyline.common.classification import InvalidClassification
14
19
  from assemblyline.common.isotime import now_as_iso
15
20
  from assemblyline.common.uid import get_random_id
@@ -27,6 +32,7 @@ MAX_RETRY = 10
27
32
  WORK_DIR = "/tmp/bundling"
28
33
  BUNDLE_MAGIC = b'\x1f\x8b\x08'
29
34
  BUNDLE_TYPE = "archive/bundle/al"
35
+ SHA256_RE = re.compile(SHA256_REGEX)
30
36
 
31
37
  log = logging.getLogger('assemblyline.bundling')
32
38
 
@@ -238,7 +244,11 @@ def create_bundle(sid, working_dir=WORK_DIR, use_alert=False, user_classificatio
238
244
  json.dump(data, fp)
239
245
 
240
246
  # Create the bundle
241
- subprocess.check_call("tar czf %s *" % tgz_file, shell=True, cwd=current_working_dir)
247
+ files = glob.glob(os.path.join(current_working_dir, '*'))
248
+ subprocess.check_call(
249
+ ["tar", "czf", tgz_file] + [os.path.basename(f) for f in files],
250
+ cwd=current_working_dir
251
+ )
242
252
 
243
253
  with open(target_file, 'wb') as oh:
244
254
  with open(tgz_file, 'rb') as ih:
@@ -294,11 +304,11 @@ def import_bundle(
294
304
  else:
295
305
  extracted_path = path
296
306
 
297
- # Extract the bundle
307
+ # Extract the bundle without allowing members to escape the workdir.
298
308
  try:
299
- subprocess.check_call(["tar", "-zxf", extracted_path, "-C", current_working_dir])
300
- except subprocess.CalledProcessError:
301
- raise BundlingException("Bundle decompression failed. Not a valid bundle...")
309
+ safe_extract_tar(extracted_path, current_working_dir)
310
+ except (tarfile.TarError, OSError, ValueError) as e:
311
+ raise BundlingException(f"Bundle decompression failed. Not a valid bundle: {e}")
302
312
 
303
313
  with open(res_file, 'rb') as fh:
304
314
  data = json.load(fh)
@@ -369,6 +379,8 @@ def import_bundle(
369
379
  # Make sure files meet minimum classification and save the files
370
380
  with forge.get_filestore() as filestore:
371
381
  for f, f_data in files['infos'].items():
382
+ if not SHA256_RE.fullmatch(f):
383
+ raise BundlingException(f"Invalid file key in bundle: {f!r}")
372
384
  check_classification(f_data)
373
385
  expiry_ts = f_data.get('expiry_ts', None)
374
386
  if dtl is not None:
@@ -380,8 +392,11 @@ def import_bundle(
380
392
  expiry_ts = now_as_iso(dtl * 24 * 60 * 60)
381
393
  datastore.save_or_freshen_file(f, f_data, expiry_ts, f_data['classification'],
382
394
  cl_engine=Classification)
395
+ src = os.path.realpath(os.path.join(current_working_dir, f))
396
+ if os.path.commonpath([src, current_working_dir]) != current_working_dir:
397
+ raise BundlingException(f"Bundle file path escapes working dir: {f!r}")
383
398
  try:
384
- filestore.upload(os.path.join(current_working_dir, f), f)
399
+ filestore.upload(src, f)
385
400
  except IOError:
386
401
  pass
387
402
 
{assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/common/path.py RENAMED
@@ -1,6 +1,5 @@
1
1
  from __future__ import annotations
2
2
  import os
3
- import string
4
3
  import sys
5
4
  from typing import Optional
6
5
 
@@ -19,8 +18,24 @@ def splitpath(path: str, sep: Optional[str] = None) -> list:
19
18
 
20
19
 
21
20
  def strip_path_inclusion(path: str, base: str) -> str:
21
+ """Verifies that the provided path is safe with the desired base folder destination.
22
+
23
+ If the full path is safe, and no path traversal/inclusion are detected, the full path is
24
+ returned. If the path is not deemed safe, a simple base filename will be return.
25
+ In both case, an os.path.join between the desired folder and what gets return should be
26
+ safe to write to.
27
+
28
+ Args:
29
+ path: The path that needs safety validation.
30
+ base: The desired destination folder.
31
+
32
+ Returns:
33
+ A safe full path, or only the file basename if unsafe.
34
+ """
22
35
  path = path.replace("\\", os.path.sep).replace("/", os.path.sep)
23
- return path if os.path.abspath(os.path.join(base, path)).startswith(base) else os.path.basename(path)
36
+ safe_base = base if base.endswith(os.path.sep) else base + os.path.sep
37
+ resolved = os.path.abspath(os.path.join(base, path))
38
+ return path if (resolved == base.rstrip(os.path.sep) or resolved.startswith(safe_base)) else os.path.basename(path)
24
39
 
25
40
 
26
41
  ASCII_NUMBERS = list(range(48, 58))
assemblyline-4.7.5.dev13/assemblyline/common/safe_archive.py ADDED
@@ -0,0 +1,100 @@
1
+ """
2
+ Safe extraction helpers for tar and zip archives.
3
+
4
+ Centralises the path-traversal hardening. All Assemblyline components
5
+ that extract archives whose contents are not fully trusted should use
6
+ these helpers instead of calling
7
+ `TarFile.extractall` / `ZipFile.extractall` directly.
8
+ """
9
+ import os
10
+ import tarfile
11
+ import zipfile
12
+ from typing import Iterator, Optional, Union
13
+
14
+
15
+ class UnsafeArchiveMember(Exception):
16
+ """Raised when an archive member would escape the destination directory."""
17
+
18
+
19
+ def _is_within(path: str, base: str) -> bool:
20
+ real = os.path.realpath(path)
21
+ return real == base or os.path.commonpath([real, base]) == base
22
+
23
+
24
+ def safe_tar_members(tar: tarfile.TarFile, dest: str) -> Iterator[tarfile.TarInfo]:
25
+ """Yield only members that resolve under *dest* and are not links that escape it.
26
+
27
+ This is the fallback used when running on a Python without PEP 706
28
+ (`tarfile.data_filter`, backported to 3.8.17 / 3.9.17 / 3.10.12 / 3.11.4).
29
+ """
30
+ base = os.path.realpath(dest)
31
+ for member in tar.getmembers():
32
+ member_path = os.path.join(base, member.name)
33
+ if not _is_within(member_path, base):
34
+ continue
35
+ if member.issym() or member.islnk():
36
+ link_target = os.path.join(base, os.path.dirname(member.name), member.linkname)
37
+ if not _is_within(link_target, base):
38
+ continue
39
+ yield member
40
+
41
+
42
+ def safe_extract_tar(tar: Union[str, tarfile.TarFile], dest: str) -> None:
43
+ """Extract *tar* into *dest* without allowing members to escape *dest*.
44
+
45
+ Prefers PEP 706's `filter='data'` (rejects absolute paths, ``..`` escapes,
46
+ symlinks and hardlinks, device nodes, and strips set[ug]id bits). On older
47
+ interpreters falls back to :func:`safe_tar_members`, which silently drops
48
+ offending members instead of raising.
49
+ """
50
+ owns = isinstance(tar, str)
51
+ tf = tarfile.open(tar) if owns else tar
52
+ try:
53
+ if hasattr(tarfile, "data_filter"):
54
+ tf.extractall(dest, filter="data")
55
+ else:
56
+ tf.extractall(dest, members=list(safe_tar_members(tf, dest)))
57
+ finally:
58
+ if owns:
59
+ tf.close()
60
+
61
+
62
+ def safe_extract_zip(
63
+ zf: Union[str, zipfile.ZipFile],
64
+ dest: str,
65
+ *,
66
+ pwd: Optional[bytes] = None,
67
+ on_unsafe: str = "raise",
68
+ ) -> None:
69
+ """Extract *zf* into *dest* without allowing members to escape *dest*.
70
+
71
+ ``ZipFile.extractall`` already strips leading ``/`` and ``..`` components
72
+ from member names, but it does **not** defend against the destination
73
+ containing pre-existing symlinks (e.g. when re-extracting over a directory
74
+ a previous archive populated). This helper validates each target with
75
+ ``realpath`` before any write occurs.
76
+
77
+ :param on_unsafe: ``"raise"`` (default) to raise :class:`UnsafeArchiveMember`
78
+ on the first offending entry, or ``"skip"`` to silently drop it.
79
+ """
80
+ if on_unsafe not in ("raise", "skip"):
81
+ raise ValueError("on_unsafe must be 'raise' or 'skip'")
82
+
83
+ owns = isinstance(zf, str)
84
+ zfile = zipfile.ZipFile(zf, "r") if owns else zf
85
+ try:
86
+ base = os.path.realpath(dest)
87
+ safe = []
88
+ for info in zfile.infolist():
89
+ target = os.path.join(base, info.filename)
90
+ if not _is_within(target, base):
91
+ if on_unsafe == "raise":
92
+ raise UnsafeArchiveMember(
93
+ f"Path traversal detected in zip member: {info.filename!r}"
94
+ )
95
+ continue
96
+ safe.append(info)
97
+ zfile.extractall(path=dest, members=safe, pwd=pwd)
98
+ finally:
99
+ if owns:
100
+ zfile.close()
{assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline/remote/datatypes/__init__.py RENAMED
@@ -30,6 +30,16 @@ def now_as_iso():
30
30
  return ''.join((s, 'Z'))
31
31
 
32
32
 
33
+ def validate_reply_queue_name(name: str, prefix=None, suffix=None) -> bool:
34
+ if prefix:
35
+ if not name.startswith(prefix + '-'):
36
+ return False
37
+ if suffix:
38
+ if not name.endswith('-' + str(suffix)):
39
+ return False
40
+ return True
41
+
42
+
33
43
  def reply_queue_name(prefix=None, suffix=None):
34
44
  if prefix:
35
45
  components = [prefix]
{assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13/assemblyline.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: assemblyline
3
- Version: 4.7.5.dev9
3
+ Version: 4.7.5.dev13
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
{assemblyline-4.7.5.dev9 → assemblyline-4.7.5.dev13}/assemblyline.egg-info/SOURCES.txt RENAMED
@@ -55,6 +55,7 @@ assemblyline/common/null.py
55
55
  assemblyline/common/path.py
56
56
  assemblyline/common/postprocess.py
57
57
  assemblyline/common/random_user.py
58
+ assemblyline/common/safe_archive.py
58
59
  assemblyline/common/security.py
59
60
  assemblyline/common/signaturing.py
60
61
  assemblyline/common/str_utils.py
assemblyline-4.7.5.dev9/assemblyline/VERSION DELETED
@@ -1 +0,0 @@
1
- 4.7.5.dev9