updates

m00zh33 · Jul 28, 2018 · c87b081 · c87b081
1 parent 939ef00
commit c87b081
Show file tree

Hide file tree

Showing 348 changed files with 6,162 additions and 18,524 deletions.
diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/commands/elk.go b/commands/elk.go
@@ -2,23 +2,35 @@ package commands
 
 import (
 	log "github.com/Sirupsen/logrus"
-	"github.com/maliceio/malice/malice/database/elasticsearch"
+	"github.com/maliceio/go-plugin-utils/database/elasticsearch"
+	"github.com/maliceio/malice/config"
+	"github.com/maliceio/malice/malice/database"
 	"github.com/maliceio/malice/malice/docker/client"
+	"github.com/maliceio/malice/malice/docker/client/container"
 	"github.com/maliceio/malice/malice/ui"
+	"github.com/pkg/errors"
 )
 
 func cmdELK(logs bool) error {
 
 	docker := client.NewDockerClient()
 
-	_, err := elasticsearch.Start(docker, logs)
-	if err != nil {
-		log.Error(err)
+	if _, running, _ := container.Running(docker, config.Conf.DB.Name); !running {
+		err := database.Start(docker, elasticsearch.Database{Host: config.Conf.DB.Server}, logs)
+		if err != nil {
+			return errors.Wrap(err, "failed to start to database")
+		}
+	} else {
+		log.Warnf("container %s is already running", config.Conf.DB.Name)
 	}
 
-	_, err = ui.Start(docker, logs)
-	if err != nil {
-		log.Error(err)
+	if _, running, _ := container.Running(docker, config.Conf.UI.Name); !running {
+		_, err := ui.Start(docker, logs)
+		if err != nil {
+			return errors.Wrap(err, "failed to start to UI")
+		}
+	} else {
+		log.Warnf("container %s is already running", config.Conf.UI.Name)
 	}
 
 	return nil

diff --git a/commands/lookup.go b/commands/lookup.go
@@ -4,38 +4,36 @@ import (
 	"fmt"
 
 	log "github.com/Sirupsen/logrus"
+	"github.com/maliceio/go-plugin-utils/database/elasticsearch"
 	"github.com/maliceio/malice/config"
-	"github.com/maliceio/malice/malice/database/elasticsearch"
-	db "github.com/maliceio/malice/malice/database/elasticsearch"
+	"github.com/maliceio/malice/malice/database"
 	"github.com/maliceio/malice/malice/docker/client"
 	"github.com/maliceio/malice/malice/docker/client/container"
-	er "github.com/maliceio/malice/malice/errors"
 	"github.com/maliceio/malice/plugins"
 	"github.com/maliceio/malice/utils"
+	"github.com/pkg/errors"
 )
 
 func cmdLookUp(hash string, logs bool) error {
 
 	docker := client.NewDockerClient()
+	es := elasticsearch.Database{
+		Host:  config.Conf.DB.Server,
+		Index: "malice",
+		Type:  "samples",
+	}
 
-	// Check that ElasticSearch is running
+	// Check that database is running
 	if _, running, _ := container.Running(docker, config.Conf.DB.Name); !running {
-		log.Error("Elasticsearch is NOT running, starting now...")
-		_, err := elasticsearch.Start(docker, false)
-		er.CheckError(err)
+		log.Error("database is NOT running, starting now...")
+		err := database.Start(docker, es, logs)
+		if err != nil {
+			return errors.Wrap(err, "failed to start to database")
+		}
+		// Initialize the malice database
+		es.Init()
 	}
 
-	// Setup ElasticSearch
-	dbInfo, err := container.Inspect(docker, config.Conf.DB.Name)
-	er.CheckError(err)
-	log.WithFields(log.Fields{
-		"ip":      dbInfo.NetworkSettings.IPAddress,
-		"network": dbInfo.HostConfig.NetworkMode,
-		"image":   dbInfo.Config.Image,
-	}).Debug("Elasticsearch is running.")
-
-	db.InitElasticSearch(dbInfo.NetworkSettings.IPAddress)
-
 	if plugins.InstalledPluginsCheck(docker) {
 		log.Debug("All enabled plugins are installed.")
 	} else {
@@ -49,7 +47,10 @@ func cmdLookUp(hash string, logs bool) error {
 
 	/////////////////////////////
 	// Write hash to the Database
-	resp := db.WriteHashToDatabase(hash)
+	resp, err := es.StoreHash(hash)
+	if err != nil {
+		return errors.Wrap(err, "cmd lookup failed to store hash")
+	}
 
 	plugins.RunIntelPlugins(docker, hash, resp.Id, true)