Merge pull request #91 from Jack28/cuckoo-api-authtoken

Add support for Cuckoo API Authentication Bearer Token
scVENUS · Aug 6, 2019 · bf5f7a7 · bf5f7a7
2 parents 401c6e8 + cc97a55
commit bf5f7a7
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 3 deletions.
diff --git a/peekaboo.conf.sample b/peekaboo.conf.sample
@@ -79,6 +79,10 @@
 # api mode
 #url              :    http://127.0.0.1:8090
 #poll_interval    :    5
+# From version 2.0.7 cuckoo API has authentication support.
+# New installations create a bearer token by default and require it but upgraded
+# installations don't automatically get one.
+#api_token        :    <empty>
 
 [cluster]
 # if multiple instances are to run in parallel and avoid concurrent analysis of

diff --git a/peekaboo/config.py b/peekaboo/config.py
@@ -298,6 +298,7 @@ def __init__(self, config_file=None, log_level=None):
         self.ruleset_config = '/opt/peekaboo/etc/ruleset.conf'
         self.cuckoo_mode = "api"
         self.cuckoo_url = 'http://127.0.0.1:8090'
+        self.cuckoo_api_token = ''
         self.cuckoo_poll_interval = 5
         self.cuckoo_storage = '/var/lib/peekaboo/.cuckoo/storage'
         self.cuckoo_exec = '/opt/cuckoo/bin/cuckoo'
@@ -330,6 +331,7 @@ def __init__(self, config_file=None, log_level=None):
             'ruleset_config': ['ruleset', 'config'],
             'cuckoo_mode': ['cuckoo', 'mode'],
             'cuckoo_url': ['cuckoo', 'url'],
+            'cuckoo_api_token': ['cuckoo', 'api_token'],
             'cuckoo_poll_interval': ['cuckoo', 'poll_interval'],
             'cuckoo_storage': ['cuckoo', 'storage_path'],
             'cuckoo_exec': ['cuckoo', 'exec'],

diff --git a/peekaboo/daemon.py b/peekaboo/daemon.py
@@ -351,6 +351,7 @@ def run():
     # otherwise it's the new API method and default
     else:
         cuckoo = CuckooApi(job_queue, config.cuckoo_url,
+                           config.cuckoo_api_token,
                            config.cuckoo_poll_interval)
 
     sig_handler = SignalHandler()

diff --git a/peekaboo/toolbox/cuckoo.py b/peekaboo/toolbox/cuckoo.py
@@ -268,10 +268,11 @@ def is_retry(self, method, status_code, has_retry_after=False):
 
 class CuckooApi(Cuckoo):
     """ Interfaces with a Cuckoo installation via its REST API. """
-    def __init__(self, job_queue, url="http://localhost:8090", poll_interval=5,
+    def __init__(self, job_queue, url="http://localhost:8090", api_token="", poll_interval=5,
                  retries=5, backoff=0.5):
         super().__init__(job_queue)
         self.url = url
+        self.api_token = api_token
         self.poll_interval = poll_interval
 
         # urrlib3 backoff formula:
@@ -305,9 +306,10 @@ def __init__(self, job_queue, url="http://localhost:8090", poll_interval=5,
     def __get(self, path):
         request_url = "%s/%s" % (self.url, path)
         logger.debug("Getting %s", request_url)
+        headers = {"Authorization": "Bearer %s" % self.api_token}
 
         try:
-            response = self.session.get(request_url)
+            response = self.session.get(request_url, headers=headers)
         # all requests exceptions are derived from RequestsException, including
         # RetryError, TooManyRedirects and Timeout
         except requests.exceptions.RequestException as error:
@@ -336,10 +338,11 @@ def submit(self, sample):
         files = {"file": (filename, open(path, 'rb'))}
         logger.debug("Creating Cuckoo task with content from %s and "
                      "filename %s", path, filename)
+        headers = {"Authorization": "Bearer %s" % self.api_token}
 
         try:
             response = self.session.post(
-                "%s/tasks/create/file" % self.url, files=files)
+                "%s/tasks/create/file" % self.url, headers=headers, files=files)
         except requests.exceptions.RequestException as error:
             raise CuckooSubmitFailedException(
                 'Error creating Cuckoo task: %s' % error)