fixed flare-capa, flare-floss and GUI Buttons (#2598)

ClaudioWayne · web-flow · commit 18244a9c04c5 · 2025-05-25T04:57:28.000+02:00
* fixed flare-capa, flare-floss and GUI Buttons

* unintended character removed
diff --git a/lib/cuckoo/common/integrations/floss.py b/lib/cuckoo/common/integrations/floss.py
@@ -8,7 +8,7 @@
 from lib.cuckoo.common.constants import CUCKOO_ROOT
 from lib.cuckoo.common.path_utils import path_exists
 
-processing_cfg = Config("processing")
+integrations_conf = Config("integrations")
 
 HAVE_FLOSS = False
 try:
@@ -38,7 +38,7 @@ def run(self):
         if not HAVE_FLOSS:
             return
 
-        if processing_cfg.floss.on_demand and not self.on_demand:
+        if integrations_conf.floss.on_demand and not self.on_demand:
             return
 
         results = {}
@@ -58,17 +58,17 @@ def run(self):
             else:
                 fileformat = "pe"
 
-            min_length = processing_cfg.floss.min_length
+            min_length = integrations_conf.floss.min_length
             fm.set_log_config(fm.DebugLevel.NONE, True)
             tmpres = {}
             results = {}
 
-            if processing_cfg.floss.static_strings:
+            if integrations_conf.floss.static_strings:
                 with open(self.file_path, "rb") as f:
                     with contextlib.closing(mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)) as buf:
                         tmpres["static_strings"] = list(extract_ascii_unicode_strings(buf, min_length))
 
-            sigspath = fm.get_signatures(Path(os.path.join(CUCKOO_ROOT, processing_cfg.floss.sigs_path)))
+            sigspath = fm.get_signatures(Path(os.path.join(CUCKOO_ROOT, integrations_conf.floss.sigs_path)))
             vw = fm.load_vw(Path(self.file_path), fileformat, sigspath, False)
 
             try:
@@ -84,7 +84,7 @@ def run(self):
                 True,
             )
 
-            if processing_cfg.floss.stack_strings:
+            if integrations_conf.floss.stack_strings:
                 selected_functions = fm.get_functions_without_tightloops(decoding_function_features)
                 tmpres["stack_strings"] = fm.extract_stackstrings(
                     vw,
@@ -94,7 +94,7 @@ def run(self):
                     disable_progress=True,
                 )
 
-            if processing_cfg.floss.tight_strings:
+            if integrations_conf.floss.tight_strings:
                 tightloop_functions = fm.get_functions_with_tightloops(decoding_function_features)
                 tmpres["tight_strings"] = fm.extract_tightstrings(
                     vw,
@@ -104,7 +104,7 @@ def run(self):
                     disable_progress=True,
                 )
 
-            if processing_cfg.floss.decoded_strings:
+            if integrations_conf.floss.decoded_strings:
                 top_functions = fm.get_top_functions(decoding_function_features, 20)
                 fvas_to_emulate = fm.get_function_fvas(top_functions)
                 fvas_tight_functions = fm.get_tight_function_fvas(decoding_function_features)
diff --git a/pyproject.toml b/pyproject.toml
@@ -33,7 +33,7 @@ SFlock2 = {version = ">=0.3.66", extras = ["shellcode","linux"]}
 # volatility3 = "2.11.0"
 # XLMMacroDeobfuscator = "0.2.7"
 pyzipper = "0.3.6"
-flare-capa = "9.0.0"
+flare-capa = "9.1.0"
 
 Cython = "3.0.11"
 Django = ">=4.2.18"
diff --git a/web/analysis/views.py b/web/analysis/views.py
@@ -126,7 +126,7 @@
 # Used for displaying enabled config options in Django UI
 enabledconf = {}
 on_demand_conf = {}
-for cfile in ("reporting", "processing", "auxiliary", "web", "distributed"):
+for cfile in ("integrations", "reporting", "processing", "auxiliary", "web", "distributed"):
     curconf = Config(cfile)
     confdata = curconf.get_config()
     for item in confdata:
@@ -2487,11 +2487,11 @@ def statistics_data(request, days=7):
 
 on_demand_config_mapper = {
     "bingraph": reporting_cfg,
-    "flare_capa": processing_cfg,
+    "flare_capa": integrations_cfg,
     "vba2graph": processing_cfg,
     "xlsdeobf": processing_cfg,
     "strings": processing_cfg,
-    "floss": processing_cfg,
+    "floss": integrations_cfg,
 }
 
 
diff --git a/web/templates/analysis/generic/_file_info.html b/web/templates/analysis/generic/_file_info.html
@@ -280,7 +280,7 @@
                     {% if not file.flare_capa and on_demand.flare_capa %}
                         <a class="btn btn-secondary btn-sm" href="{% url "on_demand" "flare_capa" id tab_name file.sha256 %}" role="button" data-bs-toggle="tooltip" title="Generate CAPA findings"><span class="fas fa-cogs"></span> CAPA</a>
                     {% elif file.flare_capa %}
-                        <a class="btn btn-secondary btn-sm" data-toggle="collapse" href="#flare_capa_{{file.sha256}}" role="button" aria-expanded="false" aria-controls="flare_capa_{{file.sha256}}">FLARE CAPA</a>
+                        <a class="btn btn-secondary btn-sm" data-toggle="collapse" href="#flare_capa_{{file.sha256}}" role="button" aria-expanded="false" aria-controls="flare_capa_{{file.sha256}}" data-bs-toggle="tooltip" title="Display CAPA"><span class="fas fa-envelope-open-text"></span> FLARE CAPA</a>
                     {% endif %}
                 {% endif %}
                 {% if config.strings %}
@@ -346,14 +346,18 @@
                 <div class="collapse" id="flare_capa_{{file.sha256}}">
                     <div>
                     <!--Inspired by @snemes trick, code placed in web/views/templateatgs/analysis_tags.py-->
-                    {% if file.flare_capa.CAPABILITY %}
-                        {{file.flare_capa|flare_capa_capability}}
-                    {% endif %}
-                    {% if file.flare_capa.ATTCK %}
-                        {{file.flare_capa|flare_capa_attck}}
-                    {% endif %}
-                    {% if file.flare_capa.MBC %}
-                        {{file.flare_capa|flare_capa_mbc}}
+                    {% if file.flare_capa.CAPABILITY or file.flare_capa.ATTCK or file.flare_capa.MBC %}
+                        {% if file.flare_capa.CAPABILITY %}
+                            {{ file.flare_capa|flare_capa_capability }}
+                        {% endif %}
+                        {% if file.flare_capa.ATTCK %}
+                            {{ file.flare_capa|flare_capa_attck }}
+                        {% endif %}
+                        {% if file.flare_capa.MBC %}
+                            {{ file.flare_capa|flare_capa_mbc }}
+                        {% endif %}
+                    {% else %}
+                        No results
                     {% endif %}
                     </div>
                 </div>
diff --git a/web/templates/analysis/generic/_subfile_info.html b/web/templates/analysis/generic/_subfile_info.html
@@ -275,7 +275,7 @@
                     {% if not sub_file.flare_capa and on_demand.flare_capa %}
                         <a class="btn btn-secondary btn-sm" href="{% url "on_demand" "flare_capa" id tab_name sub_file.sha256 %}" role="button" data-bs-toggle="tooltip" title="Generate CAPA findings"><span class="fas fa-cogs"></span> CAPA</a>
                     {% elif sub_file.flare_capa %}
-                        <a class="btn btn-secondary btn-sm" data-toggle="collapse" href="#flare_capa_{{sub_file.sha256}}" role="button" aria-expanded="false" aria-controls="flare_capa_{{sub_file.sha256}}">FLARE CAPA</a>
+                        <a class="btn btn-secondary btn-sm" data-toggle="collapse" href="#flare_capa_{{sub_file.sha256}}"  data-bs-toggle="tooltip" title="Display CAPA"><span class="fas fa-envelope-open-text"></span> FLARE CAPA</a>
                     {% endif %}
                 {% endif %}
                 {% if config.strings %}
@@ -336,14 +336,18 @@
                 <div class="collapse" id="flare_capa_{{sub_file.sha256}}">
                     <div>
                     <!--Inspired by @snemes trick, code placed in web/views/templateatgs/analysis_tags.py-->
-                    {% if sub_file.flare_capa.CAPABILITY %}
-                        {{sub_file.flare_capa|flare_capa_capability}}
-                    {% endif %}
-                    {% if sub_file.flare_capa.ATTCK %}
-                        {{sub_file.flare_capa|flare_capa_attck}}
-                    {% endif %}
-                    {% if sub_file.flare_capa.MBC %}
-                        {{sub_file.flare_capa|flare_capa_mbc}}
+                    {% if file.flare_capa.CAPABILITY or file.flare_capa.ATTCK or file.flare_capa.MBC %}
+                        {% if file.flare_capa.CAPABILITY %}
+                            {{ file.flare_capa|flare_capa_capability }}
+                        {% endif %}
+                        {% if file.flare_capa.ATTCK %}
+                            {{ file.flare_capa|flare_capa_attck }}
+                        {% endif %}
+                        {% if file.flare_capa.MBC %}
+                            {{ file.flare_capa|flare_capa_mbc }}
+                        {% endif %}
+                    {% else %}
+                        No results
                     {% endif %}
                     </div>
                 </div>
