diff options
| author | mo khan <mo@mokhan.ca> | 2015-02-06 15:56:53 -0700 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2015-02-06 15:56:53 -0700 |
| commit | da5be7628a1942e033e091e38cc7687ecb346b90 (patch) | |
| tree | b4a4cf59d5c65a2c76778f024884255a6e7eccdb /lib/fake_agent.rb | |
| parent | 21bb135528716b669e3eb0128498b79cdb3f7073 (diff) | |
extract methods for file query url and event url.
Diffstat (limited to 'lib/fake_agent.rb')
| -rw-r--r-- | lib/fake_agent.rb | 36 |
1 files changed, 12 insertions, 24 deletions
diff --git a/lib/fake_agent.rb b/lib/fake_agent.rb index 4252ed1..ff618ac 100644 --- a/lib/fake_agent.rb +++ b/lib/fake_agent.rb @@ -1,6 +1,7 @@ require 'socket' class FakeAgent + include PacketFu attr_reader :id, :endpoint def initialize(id, endpoint) @@ -39,23 +40,6 @@ class FakeAgent end end - def nfm_scan(interface) - capture = PCAPRUB::Pcap.open_live(interface, 65535, true, 0) - #capture.setfilter('icmp') - #capture.setfilter('tcp and dst port 80') - capture.setfilter('port 80') - puts 'running...' - capture.each_packet do |packet| - puts "++++" - puts Time.at(packet.time) - puts "micro => #{packet.microsec}" - puts packet.inspect - #puts packet.data - end - capture.close - end - include PacketFu - def sniff(interface) capture = Capture.new(iface: interface, start: true) capture.stream.each do |p| @@ -72,22 +56,19 @@ class FakeAgent def publish_event(event, files) files.each do |file| - fingerprint = fingerprint_for(file) - url = "#{endpoint}/agents/#{id}/events/" body = { event: { agent_id: id, name: event, data: { - fingerprint: fingerprint, + fingerprint: fingerprint_for(file), path: file, hostname: Socket.gethostname, ip_addresses: ip_addresses, } } } - puts [url, body].inspect - Typhoeus.post(url, body: body) + Typhoeus.post(event_url, body: body) end rescue => e puts "#{e.message} #{e.backtrace.join(' ')}" @@ -106,7 +87,6 @@ class FakeAgent def disposition_for(file) fingerprint = fingerprint_for(file) - url = "#{endpoint}/agents/#{id}/files/#{fingerprint_for(file)}" body = { name: 'lookup', data: { @@ -114,6 +94,14 @@ class FakeAgent path: File.expand_path(file) } } - JSON.parse(Typhoeus.get(url, body: body).body)["state"] + JSON.parse(Typhoeus.get(file_query_url(fingerprint), body: body).body)["state"] + end + + def file_query_url(fingerprint) + "#{endpoint}/agents/#{id}/files/#{fingerprint}" + end + + def event_url + "#{endpoint}/agents/#{id}/events/" end end |