Merge pull request #444 from intelowlproject/develop

mlodic · web-flow · commit eaa7d67c59c7 · 2025-02-10T17:05:39.000+01:00
1.4.1
diff --git a/docker/.version b/docker/.version
@@ -1 +1 @@
-REACT_APP_GREEDYBEAR_VERSION="1.4.0"
+REACT_APP_GREEDYBEAR_VERSION="1.4.1"
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -1,5 +1,5 @@
 # Stage 1: Frontend 
-FROM node:lts-alpine3.21 as frontend-build
+FROM node:lts-alpine3.21 AS frontend-build
 
 WORKDIR /
 # copy react source code
@@ -15,10 +15,10 @@ RUN PUBLIC_URL=/static/reactapp/ npm run build
 # Stage 2: Backend
 FROM python:3.11.9-alpine3.20
 
-ENV PYTHONUNBUFFERED 1
-ENV DJANGO_SETTINGS_MODULE greedybear.settings
-ENV PYTHONPATH /opt/deploy/greedybear
-ENV LOG_PATH /var/log/greedybear
+ENV PYTHONUNBUFFERED=1
+ENV DJANGO_SETTINGS_MODULE=greedybear.settings
+ENV PYTHONPATH=/opt/deploy/greedybear
+ENV LOG_PATH=/var/log/greedybear
 
 ARG WATCHMAN=false
 
diff --git a/docker/Dockerfile_nginx b/docker/Dockerfile_nginx
@@ -1,7 +1,7 @@
 FROM library/nginx:1.27.3-alpine
 RUN mkdir -p /var/cache/nginx /var/cache/nginx/feeds
 RUN apk update && apk upgrade && apk add bash
-ENV NGINX_LOG_DIR /var/log/nginx
+ENV NGINX_LOG_DIR=/var/log/nginx
 # this is to avoid having these logs redirected to stdout/stderr
 RUN rm $NGINX_LOG_DIR/access.log $NGINX_LOG_DIR/error.log
 RUN touch $NGINX_LOG_DIR/access.log $NGINX_LOG_DIR/error.log
diff --git a/frontend/src/components/feeds/tableColumns.jsx b/frontend/src/components/feeds/tableColumns.jsx
@@ -13,13 +13,13 @@ const feedsTableColumns = [
     maxWidth: 80,
   },
   {
-    Header: "Feed type",
-    accessor: "feed_type",
+    Header: "Value",
+    accessor: "value",
     maxWidth: 60,
   },
   {
-    Header: "Value",
-    accessor: "value",
+    Header: "Feed type",
+    accessor: "feed_type",
     maxWidth: 60,
   },
   {
diff --git a/greedybear/admin.py b/greedybear/admin.py
@@ -5,7 +5,7 @@
 from django.contrib import admin, messages
 from django.db.models import Q
 from django.utils.translation import ngettext
-from greedybear.models import IOC, GeneralHoneypot
+from greedybear.models import IOC, CowrieSession, GeneralHoneypot
 
 logger = logging.getLogger(__name__)
 
@@ -15,6 +15,13 @@
 #     list_display = [field.name for field in Sensors._meta.get_fields()]
 
 
+@admin.register(CowrieSession)
+class CowrieSessionModelAdmin(admin.ModelAdmin):
+    list_display = ["session_id", "start_time", "duration", "login_attempt", "credentials", "command_execution", "interaction_count", "source"]
+    search_fields = ["source"]
+    raw_id_fields = ["source"]
+
+
 @admin.register(IOC)
 class IOCModelAdmin(admin.ModelAdmin):
     list_display = [
@@ -25,13 +32,19 @@ class IOCModelAdmin(admin.ModelAdmin):
         "days_seen",
         "number_of_days_seen",
         "attack_count",
+        "interaction_count",
         "related_urls",
         "scanner",
         "payload_request",
         "log4j",
         "cowrie",
         "general_honeypots",
+        "ip_reputation",
+        "asn",
+        "destination_ports",
+        "login_attempts",
     ]
+    search_fields = ["name"]
     filter_horizontal = ["general_honeypot", "related_ioc"]
 
     def general_honeypots(self, ioc):
diff --git a/greedybear/migrations/0014_auto_20250210_1258.py b/greedybear/migrations/0014_auto_20250210_1258.py
@@ -0,0 +1,21 @@
+# Generated by Django 4.2.15 on 2025-02-10 12:58
+
+from django.db import migrations
+
+
+def removeDdospot(apps, schema_editor):
+    GeneralHoneypot = apps.get_model("greedybear", "GeneralHoneypot")
+    ddospot = GeneralHoneypot.objects.get(name__iexact="Ddospot")
+    IOC = apps.get_model("greedybear", "IOC")
+    # do nothing if Ddospot is in active use
+    if ddospot.active and IOC.objects.filter(general_honeypot=ddospot).exists():
+        return
+    ddospot.delete()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("greedybear", "0013_ioc_greedybear__name_b54897_idx"),
+    ]
+
+    operations = [migrations.RunPython(removeDdospot)]
diff --git a/greedybear/migrations/0015_cowriesession_greedybear__source__a3720f_idx.py b/greedybear/migrations/0015_cowriesession_greedybear__source__a3720f_idx.py
@@ -0,0 +1,17 @@
+# Generated by Django 4.2.17 on 2025-02-10 14:39
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("greedybear", "0014_auto_20250210_1258"),
+    ]
+
+    operations = [
+        migrations.AddIndex(
+            model_name="cowriesession",
+            index=models.Index(fields=["source"], name="greedybear__source__a3720f_idx"),
+        ),
+    ]
diff --git a/greedybear/models.py b/greedybear/models.py
@@ -69,6 +69,11 @@ class CowrieSession(models.Model):
     interaction_count = models.IntegerField(blank=False, null=False, default=0)
     source = models.ForeignKey(IOC, on_delete=models.CASCADE, blank=False, null=False)
 
+    class Meta:
+        indexes = [
+            models.Index(fields=["source"]),
+        ]
+
 
 class Statistics(models.Model):
     source = models.CharField(max_length=15, blank=False)

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-REACT_APP_GREEDYBEAR_VERSION="1.4.0"`
	`1`	`+REACT_APP_GREEDYBEAR_VERSION="1.4.1"`
Original file line number	Diff line number	Diff line change
`@@ -13,13 +13,13 @@ const feedsTableColumns = [`
`13`	`13`	`maxWidth: 80,`
`14`	`14`	`},`
`15`	`15`	`{`
`16`		`- Header: "Feed type",`
`17`		`- accessor: "feed_type",`
	`16`	`+ Header: "Value",`
	`17`	`+ accessor: "value",`
`18`	`18`	`maxWidth: 60,`
`19`	`19`	`},`
`20`	`20`	`{`
`21`		`- Header: "Value",`
`22`		`- accessor: "value",`
	`21`	`+ Header: "Feed type",`
	`22`	`+ accessor: "feed_type",`
`23`	`23`	`maxWidth: 60,`
`24`	`24`	`},`
`25`	`25`	`{`