예제 #1
0
 /**
  * Execute the console command.
  *
  * @return bool
  */
 public function handle()
 {
     Log::info(get_class($this) . ': ' . 'Being called upon to receive an incoming e-mail');
     // Read from stdin (should be piped from cat or MDA)
     $fd = fopen('php://stdin', 'r');
     $rawEmail = '';
     while (!feof($fd)) {
         $rawEmail .= fread($fd, 1024);
     }
     fclose($fd);
     /*
      * save evidence onto disk
      */
     $evidence = new EvidenceSave();
     $evidenceData = $rawEmail;
     $evidenceFile = $evidence->save($evidenceData);
     if (!$evidenceFile) {
         Log::error(get_class($this) . ': ' . 'Error returned while asking to write evidence file, cannot continue');
         $this->exception($rawEmail);
     }
     if ($this->option('noqueue') == true) {
         // In debug mode we don't queue the job
         Log::debug(get_class($this) . ': ' . 'Queuing disabled. Directly handling message file: ' . $evidenceFile);
         $processer = new EmailProcess($evidenceFile);
         $processer->handle();
     } else {
         Log::info(get_class($this) . ': ' . 'Pushing incoming email into queue file: ' . $evidenceFile);
         $this->dispatch(new EmailProcess($evidenceFile));
     }
     Log::info(get_class($this) . ': ' . 'Successfully received the incoming e-mail');
     return true;
 }
예제 #2
0
 /**
  * Execute the command.
  *
  * @return bool
  */
 public function handle()
 {
     Log::info(get_class($this) . ': ' . 'Queued worker is starting the collector: ' . $this->collector);
     $collector = collectorFactory::create($this->collector);
     if (!$collector) {
         Log::error("The requested collector {$this->collector} could not be started check logs for PID:" . getmypid());
         $this->exception();
         return;
     }
     $collectorResult = $collector->parse();
     if ($collectorResult['errorStatus'] == true) {
         Log::error("The requested collector {$this->collector} returned an error. check logs for PID:" . getmypid());
         $this->exception();
         return;
     }
     /*
      * save evidence onto disk
      */
     $evidence = new EvidenceSave();
     $evidenceData = json_encode(['collectorName' => $this->collector, 'collectorData' => $collectorResult]);
     $evidenceFile = $evidence->save($evidenceData);
     if (!$evidenceFile) {
         Log::error(get_class($this) . ': ' . 'Error returned while asking to write evidence file, cannot continue');
         $this->exception();
         return;
     }
     /*
      * build evidence model, but wait with saving it
      **/
     $evidence = new Evidence();
     $evidence->filename = $evidenceFile;
     $evidence->sender = 'abuse@localhost';
     $evidence->subject = "CLI Collector {$this->collector}";
     /*
      * Call IncidentsProcess to validate, store evidence and save incidents
      */
     $incidentsProcess = new IncidentsProcess($collectorResult['data'], $evidence);
     // Only continue if not empty, empty set is acceptable (exit OK)
     if (!$incidentsProcess->notEmpty()) {
         return;
     }
     // Validate the data set
     if (!$incidentsProcess->validate()) {
         $this->exception();
         return;
     }
     // Write the data set to database
     if (!$incidentsProcess->save()) {
         $this->exception();
         return;
     }
     Log::info(get_class($this) . ': ' . 'Queued worker has ended the processing of collector: ' . $this->collector);
 }
예제 #3
0
 /**
  * @param $ticket
  * @param $account
  */
 private function replayTicket($ticket, $account)
 {
     // Create the ticket as usual
     $newTicket = $this->createTicket($ticket, $account);
     // Now this is the little magic, we need to calculate the offset and make sure that the first
     // and lastseen moments exactly match and the increments between those events are within that
     // same timeframe, but NOT duplicate.
     $firstSeen = (int) $ticket->FirstSeen;
     $lastSeen = (int) $ticket->LastSeen;
     $elapsed = $lastSeen - $firstSeen;
     $step = (int) round($elapsed / $ticket->ReportCount);
     $offset = ['first' => $firstSeen, 'last' => $lastSeen, 'elapsed' => $elapsed, 'step' => $step];
     for ($counter = 0; $counter <= $ticket->ReportCount; $counter++) {
         $offset[$counter] = $firstSeen + $counter * $step;
     }
     // Make sure we end at the right point in time
     end($offset);
     $key = key($offset);
     $offset[$key] = $lastSeen;
     // Now recreate all the events
     for ($counter = 0; $counter <= $ticket->ReportCount; $counter++) {
         // Build new evidence file and write the evidence into the archive
         $evidence = new EvidenceSave();
         $evidenceData = ['createdBy' => '*****@*****.**', 'receivedOn' => time(), 'submittedData' => json_decode(json_encode($ticket), true), 'attachments' => []];
         if (!empty($attachment)) {
             $evidenceData['attachments'][0] = $attachment;
         }
         $evidenceFile = $evidence->save(json_encode($evidenceData));
         // Save the file reference into the database
         $evidenceSave = new Evidence();
         $evidenceSave->filename = $evidenceFile;
         $evidenceSave->sender = '*****@*****.**';
         $evidenceSave->subject = 'Migrated evidence with a little magic';
         $evidenceSave->save();
         // Write the event
         $newEvent = new Event();
         $newEvent->evidence_id = $evidenceSave->id;
         $newEvent->information = $ticket->Information;
         $newEvent->source = $ticket->Source;
         $newEvent->ticket_id = $newTicket->id;
         $newEvent->timestamp = $offset[$counter];
         // Validate the model before saving
         $validator = Validator::make(json_decode(json_encode($newEvent), true), Event::createRules());
         if ($validator->fails()) {
             $this->error('DevError: Internal validation failed when saving the Event object ' . implode(' ', $validator->messages()->all()));
             $this->exception();
         }
         $newEvent->save();
     }
 }
예제 #4
0
 /**
  * Build the evidence object as its required to save incidents.
  *
  * @param $incident object AbuseIO\Models\Incident
  * @param $file string File
  */
 protected function setEvidenceFile($incident, $file)
 {
     $evidence = new EvidenceSave();
     $evidenceData = ['createdBy' => trim(posix_getpwuid(posix_geteuid())['name']) . ' (CLI)', 'receivedOn' => time(), 'submittedData' => $incident->toArray(), 'attachments' => []];
     // Add the file to evidence object if it was given
     if ($file !== null) {
         // Build evidence with added file
         if (!is_file($file)) {
             $this->error('File does not exist: ' . $file);
             die;
         }
         $attachment = ['filename' => basename($file), 'size' => filesize($file), 'contentType' => mime_content_type($file), 'data' => file_get_contents($file)];
         $evidenceData['attachments'][] = $attachment;
     }
     $this->evidenceFile = $evidence->save(json_encode($evidenceData));
 }
예제 #5
0
 /**
  * Store a newly created ticket in storage.
  *
  * @param TicketFormRequest $ticket
  *
  * @return \Illuminate\Http\Response
  */
 public function store(TicketFormRequest $ticket)
 {
     /*
      * If there was a file attached then we add this to the evidence as attachment
      */
     $attachment = [];
     $uploadedFile = Input::file('evidenceFile');
     if (!empty($uploadedFile) && is_object($uploadedFile) && $uploadedFile->getError() === 0 && is_file($uploadedFile->getPathname())) {
         $attachment = ['filename' => $uploadedFile->getClientOriginalName(), 'size' => $uploadedFile->getSize(), 'contentType' => $uploadedFile->getMimeType(), 'data' => file_get_contents($uploadedFile->getPathname())];
     }
     /*
      * Grab the form and build a incident model from it. The form should be having all the fields except
      * the form token. We don't need to validate the data as the formRequest already to care of this and
      * IncidentsSave will do another validation on this.
      */
     $incident = new Incident();
     foreach ($ticket->all() as $key => $value) {
         if ($key != '_token') {
             $incident->{$key} = $value;
         }
     }
     /*
      * Incident process required all incidents to be wrapped in an array.
      */
     $incidents = [0 => $incident];
     /*
      * Save the evidence as its required to save events
      */
     $evidence = new EvidenceSave();
     $evidenceData = ['createdBy' => trim($this->auth_user->fullName()) . ' (' . $this->auth_user->email . ')', 'receivedOn' => time(), 'submittedData' => $ticket->all(), 'attachments' => []];
     if (!empty($attachment)) {
         $evidenceData['attachments'][0] = $attachment;
     }
     $evidenceFile = $evidence->save(json_encode($evidenceData));
     if (!$evidenceFile) {
         Log::error(get_class($this) . ': ' . 'Error returned while asking to write evidence file, cannot continue');
         $this->exception();
     }
     $evidence = new Evidence();
     $evidence->filename = $evidenceFile;
     $evidence->sender = $this->auth_user->email;
     $evidence->subject = 'AbuseDesk Created Incident';
     /*
      * Call IncidentsProcess to validate, store evidence and save incidents
      */
     $incidentsProcess = new IncidentsProcess($incidents, $evidence);
     // Validate the data set
     $validated = $incidentsProcess->validate();
     if (!$validated) {
         return Redirect::back()->with('message', "Failed to validate incident model {$validated}");
     }
     // Write the data set to database
     if (!$incidentsProcess->save()) {
         return Redirect::back()->with('message', 'Failed to write to database');
     }
     return Redirect::route('admin.tickets.index')->with('message', 'A new incident has been created. Depending on the aggregator result a new ' . 'ticket will be created or existing ticket updated');
 }