Commits

György Kohut committed c4270cd

feed virustotal (send to new_binary) from AttackHandler

Comments (0)

Files changed (3)

 # destinations
 create-jmsdest --desttype topic new_attack
 create-jmsdest --desttype topic new_binary
+create-jmsdest --desttype topic new_binary_stored
 create-jmsdest --desttype topic new_ip
 create-jms-resource --restype javax.jms.Topic --property Name=new_attack jms/new_attack
 create-jms-resource --restype javax.jms.Topic --property Name=new_binary jms/new_binary
+create-jms-resource --restype javax.jms.Topic --property Name=new_binary_stored jms/new_binary_stored
 create-jms-resource --restype javax.jms.Topic --property Name=new_ip jms/new_ip
 # connection factory
 create-jms-resource --restype javax.jms.ConnectionFactory jms/ConnectionFactory

src/main/java/org/honeynet/hbbackend/hpfeeds/AttackHandler.java

 	
 	@Resource(mappedName="jms/new_attack")
 	private Topic jms_new_attack;
+	@Resource(mappedName="jms/new_binary")
+	private Topic jms_new_binary;
 	@Resource(mappedName="jms/new_ip")
 	private Topic jms_new_ip;
 
 			prod.close();
 			log.debug("sending msg to new_attack | id={}", Long.toString(attackId));
 			
+			// new_binary
+			if (binaryNew) {
+				prod = sess.createProducer(jms_new_binary);
+				jmsMsg = sess.createTextMessage();
+				jmsMsg.setLongProperty("id", binaryId);
+				jmsMsg.setStringProperty("md5", attack.md5);
+				prod.send(jmsMsg);
+				prod.close();
+				log.debug("sending msg to new_binary | id={} md5={}", binaryId, attack.md5);
+			}
+			
 			// new_ip
 			if (sourceIpNew) { //TODO target ip too?
 				prod = sess.createProducer(jms_new_ip);

src/main/java/org/honeynet/hbbackend/hpfeeds/BinaryHandler.java

 	@Resource(mappedName="jms/ConnectionFactory")
 	private ConnectionFactory jmsConnectionFactory;
 	
-	@Resource(mappedName="jms/new_binary")
-	private Topic jms_new_binary;
+	@Resource(mappedName="jms/new_binary_stored")
+	private Topic jms_new_binary_stored;
 	
 	@Resource(mappedName="xadisk/ConnectionFactory")
 	private XADiskConnectionFactory xaDiskConnectionFactory;
 					MessageProducer prod;
 					Message jmsMsg;
 					
-					prod = sess.createProducer(jms_new_binary);
-					jmsMsg = sess.createMessage();
+					prod = sess.createProducer(jms_new_binary_stored);
+					jmsMsg = sess.createTextMessage();
 					jmsMsg.setLongProperty("id", binaryId);
 					jmsMsg.setStringProperty("md5", md5);
 					prod.send(jmsMsg);
 					prod.close();
-					log.debug("sending msg to new_binary | id={} md5={}", binaryId, md5);
+					log.debug("sending msg to new_binary_stored | id={} md5={}", binaryId, md5);
 					
 					log.debug("binary submission complete | ident={} id={} md5={} size={}", new Object[]{ ident, binaryId, md5, binarySize });
 					return;