我想制作一个Android应用程序,该应用程序: 1.使用Volley HTTP Post将apk文件发送到Web服务 2. Web服务将文件发送到另一个服务(TheHive Cortex),以对其进行安全性分析 3. Cortex对Web服务的回答 4. Android应用程序从Web服务获取结果
问题是,即使Web服务接收到数据且Cortex正常工作,我也无法在Android应用程序上接收结果。
关于Web服务和分析器没有问题:当接收到文件时它们可以很好地工作。但是,该应用程序崩溃了,无法接收结果。 结果以JSON格式显示。
Android应用程序MainActivity:
public class MainActivity extends AppCompatActivity {
Button button1;
Intent intent;
TextView text;
private static final int READ_REQUEST_CODE = 42;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
button1 = findViewById(R.id.button1);
text = findViewById(R.id.text);
button1.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
intent = new Intent(Intent.ACTION_OPEN_DOCUMENT);
intent.setType("application/vnd.android.package-archive");
startActivityForResult(intent, READ_REQUEST_CODE);
}
});
}
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
if (requestCode == READ_REQUEST_CODE && resultCode == Activity.RESULT_OK) {
Uri uri = null;
uri = data.getData();
try
{
final String conv = readTextFromUri(uri); //encoding function
//text.setText(conv);
String url = "http://192.168.1.10:5000";
StringRequest postRequest = new StringRequest(Request.Method.POST, url,
new Response.Listener<String>()
{
@Override
public void onResponse(String response) {
// response
//text.setText("Response is: "+ response.substring(0,500));
Log.v("Martina", "Risposta = " + response);
}
},
new Response.ErrorListener()
{
@Override
public void onErrorResponse(VolleyError error) {
// error
//text.setText(error.toString());
Log.v("Martina", error.getMessage());
}
}
) {
@Override
protected Map<String, String> getParams()
{
Map<String, String> params = new HashMap<String, String>();
params.put("conv", conv);
return params;
}
};
Volley.newRequestQueue(this).add(postRequest);
}
catch (IOException e)
{
Log.v("Martina", e.getMessage());
}
}
}}
Python Web服务(我使用过Flask):
UPLOAD_FOLDER = './apk'
ALLOWED_EXTENSIONS = set(['txt', 'apk'])
app = Flask(__name__)
app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
@app.route('/', methods=['GET','POST'])
def call_cortex():
if request.method == 'POST':
fileb64 = request.form.get('conv')
#converti fileb64 in file e invia questo file a cortex
filename = 'test.apk'
with open(os.path.join(app.config['UPLOAD_FOLDER'], filename), 'wb') as f:
f.write(base64.b64decode(fileb64))
###FUNZIONA###
fileapk = os.path.join(app.config['UPLOAD_FOLDER'], filename)
results = analyze(fileapk)
os.remove(fileapk)
return results
else:
return 'Errore!'
def analyze(apk):
api = Api('http://127.0.0.1:9001', 'RjjWFkldGkRyw7lTV5px9Qe7gKlU4V1i')
analyzers = api.analyzers.find_all({}, range='all')
job1 = api.analyzers.run_by_name('Virusshare_2_0', {
'data': apk,
'dataType': 'file',
'tlp': 1
}, force=1)
res1 = json.dumps(job1.json(), indent=2)
job2 = api.analyzers.run_by_name('HybridAnalysis_GetReport_1_0', {
'data': apk,
'dataType': 'file',
'tlp': 1
}, force=1)
res2 = json.dumps(job2.json(), indent=2)
###Aspetta la fine del job VirusShare###
time.sleep(60)
query = Eq('status', 'Success')
jobs = api.jobs.find_all(query, range='0-2', sort='-updatedAt')
hybrid = None
virus = None
for job in jobs:
report = api.jobs.get_report(job.id).report
if report['summary']['taxonomies'][0]['namespace'] == 'HybridAnalysis':
hybrid = report['summary']['taxonomies'][0]
if report['summary']['taxonomies'][0]['namespace'] == 'Virusshare':
virus = report['summary']['taxonomies'][0]
return {
'virus': {
'value': virus['value'],
'level': virus['level']
},
'hybrid': {
'value': hybrid['value'],
'level': hybrid['level']
}
}
我知道Cortex需要几秒钟才能完成分析,所以我想知道问题是否在等待结果,如果是,我该如何解决。
谢谢
答案 0 :(得分:0)
您可以使用TheHiveHooks进行此操作。
TheHiveHooks使用网络钩子从TheHive接收事件。
有一个名为CaseArtifactJobUpdate的事件,用于监视分析人员的工作。
这样,您可以确定作业已完成。