Merge pull request #52 from carbonblack/develop

Release version 1.0a2

Author: avanbrunt-cb

README.md

@@ -4,7 +4,7 @@
 
 #### \*\*Disclaimer: This is an ALPHA release\*\*
 
-**Latest Version:** 1.0a1
+**Latest Version:** 1.0a2
 <br>
 **Release Date:** 05/11/2020
 
@@ -32,6 +32,9 @@ The Carbon Black Cloud Binary Toolkit is design to work on Python 3.6 and above.
 
 All requirements are installed as part of `pip install` or if you're planning on pushing changes to the Carbon Black Cloud Binary Toolkit, the following can be used after cloning the repo `pip install requirements.txt`
 
+### Carbon Black Cloud
+* Enterprise EDR
+
 ### Python Packages
 * argparse
 * cbapi
@@ -41,8 +44,17 @@ All requirements are installed as part of `pip install` or if you're planning on
 * schema
 * yara-python
 
-### Carbon Black Cloud
-* Enterprise EDR
+#### Note:
+
+* **Windows** users will need to have [Microsoft Visual C++ 14.0 Build Tools](https://visualstudio.microsoft.com/visual-cpp-build-tools) installed in order to compile yara-python.
+
+* **Linux** users will need to have the python developer package installed in order to compile yara-python. If you receive compile errors, make sure you are on the latest gcc compiler version
+
+Linux Distribution | Command
+---- | ----
+Amazon Linux/Centos/RHEL | `yum install python3-devel`
+Ubuntu | `apt-get install python3-dev`
+OpenSUSE/SUSE | `zypper install python3-devel`
 
 ## Getting Started
 

VERSION

@@ -1 +1 @@
-1.0a1
+1.0a2

requirements.txt

@@ -1,5 +1,4 @@
 # Package dependencies
-argparse
 cbapi
 python-dateutil
 pyyaml

setup.py

@@ -11,7 +11,6 @@ def read(fname):
 
 
 install_reqs = [
-    "argparse",
     "cbapi",
     "python-dateutil",
     "pyyaml",

src/cbc_binary_toolkit/cli_input.py

@@ -46,10 +46,11 @@ def read_csv(file):
         with file as csvfile:
             file_data = csv.reader(csvfile)
             for row in file_data:
-                hash = row[0]
-                if len(hash) != 64:
-                    raise AssertionError(f'Hash should be 64 chars, instead is {len(hash)} chars: {hash}')
-                hashes.append(str(hash))
+                if len(row) > 0:
+                    hash_val = row[0]
+                    if len(hash_val) != 64:
+                        raise AssertionError(f'Hash should be 64 chars, instead is {len(hash_val)} chars: {hash_val}')
+                    hashes.append(str(hash_val))
         if not hashes:
             raise AssertionError(f'There are no hashes in File {file.name}')
 

src/cbc_binary_toolkit_examples/tools/analysis_util.py

@@ -64,7 +64,7 @@ def __init__(self, default_install):
                                   choices=["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"],
                                   help="The base log level (default {0})".format(DEFAULT_LOG_LEVEL))
 
-        commands = self._parser.add_subparsers(help="Binary analysis commands", dest="command_name", required=True)
+        commands = self._parser.add_subparsers(help="Binary analysis commands", dest="command_name")
 
         # Analyze command parser
         analyze_command = commands.add_parser("analyze", help="Analyze a list of hashes by command line or file")
@@ -240,6 +240,14 @@ def main(self, cmdline_args):
 
         log.debug("Started: {}".format(datetime.now()))
 
+        if args.command_name is None:
+            print(
+                "usage: cbc-binary-analysis [-h] [-c CONFIG]\n"
+                "                           [-ll {DEBUG,INFO,WARNING,ERROR,CRITICAL}]\n"
+                "                           {analyze,restart,clear} ...\n"
+                "cbc-binary-analysis: error: the following arguments are required: command_name")
+            return
+
         try:
             if self.config is None:
                 if args.config != self.default_install:

src/tests/component/input_fixtures/basic/csv_answer

@@ -148,7 +148,7 @@ wcsnjsehflpjkhcaetuwpsxwspbzeurpegvggkecpfhlvhmsjyvhgmkbylxpladx
 xcekwgwjyuqmuoekobzxxxtmoevibdiqtbcmphoyucizjasovwsslprnyxyjysfn
 cbpfomylbygbpuczssqywhlwahiwlddawakthsaiozcnohbgspqticvetotbmuau
 dnsjltirypganyjdqnwghozhoogksltscstimfmshuwfclrdebevvthdpmoycjsz
-ifzykmuobvqifmhpwunktihgqfptgvjxdwjjokoidwhukovlfrxvaiunisgdilhæ
+ifzykmuobvqifmhpwunktihgqfptgvjxdwjjokoidwhukovlfrxvaiunisgdilha
 hltoyinfnvzeciiyxihdspriggsfofoaypaqzhcwvwlpslauhugcvkkivbhzewlj
 ohmwkeuyaufdwutklzusfxflsqtagyxipoeywdzhkbfofscgoqgtymrmdupfvima
 eywgkykymqxnzxdauhacnrbfmprehwetrquwawtqdlxhjdsxblijojgaedunecrh

src/tests/component/input_fixtures/basic/csv_input

@@ -148,7 +148,7 @@ wcsnjsehflpjkhcaetuwpsxwspbzeurpegvggkecpfhlvhmsjyvhgmkbylxpladx
 xcekwgwjyuqmuoekobzxxxtmoevibdiqtbcmphoyucizjasovwsslprnyxyjysfn
 cbpfomylbygbpuczssqywhlwahiwlddawakthsaiozcnohbgspqticvetotbmuau
 dnsjltirypganyjdqnwghozhoogksltscstimfmshuwfclrdebevvthdpmoycjsz
-ifzykmuobvqifmhpwunktihgqfptgvjxdwjjokoidwhukovlfrxvaiunisgdilhæ
+ifzykmuobvqifmhpwunktihgqfptgvjxdwjjokoidwhukovlfrxvaiunisgdilha
 hltoyinfnvzeciiyxihdspriggsfofoaypaqzhcwvwlpslauhugcvkkivbhzewlj
 ohmwkeuyaufdwutklzusfxflsqtagyxipoeywdzhkbfofscgoqgtymrmdupfvima
 eywgkykymqxnzxdauhacnrbfmprehwetrquwawtqdlxhjdsxblijojgaedunecrh

src/tests/component/input_fixtures/basic/csv_input_with_blank_lines

@@ -0,0 +1 @@
+

src/tests/component/input_fixtures/basic/csv_input_wrong_hashlength

@@ -14,6 +14,7 @@
 """File paths for testing purposes"""
 
 BASIC_INPUT_FILE = 'input_fixtures/basic/csv_input'
+BLANK_LINES_CSV_INPUT_FILE = 'input_fixtures/basic/csv_input_with_blank_lines'
 LARGE_INPUT_FILE = 'input_fixtures/large/csv_input'
 BASIC_JSON_INPUT_FILE = 'input_fixtures/basic/json_input'
 LARGE_JSON_INPUT_FILE = 'input_fixtures/large/json_input'
@@ -31,5 +32,6 @@
 
 DOES_NOT_EXIST_FILE = 'input_fixtures/not_a_real_path'
 EMPTY_CSV = 'input_fixtures/basic/empty_csv'
+ONE_BLANK_LINE_CSV = 'input_fixtures/basic/one_blank_line_csv'
 WRONG_KEY_JSON = 'input_fixtures/basic/json_input_wrong_key'
 EMPTY_HASHES_DICT_JSON = 'input_fixtures/basic/json_input_empty_hashes_dict'

src/tests/component/input_fixtures/basic/one_blank_line_csv

@@ -31,9 +31,11 @@
     LARGE_JSON_ANSWER_PATH,
     BASIC_JSON_WRONG_HASHLEN,
     BASIC_JSON_MALFORMED_FILE,
+    BLANK_LINES_CSV_INPUT_FILE,
     BASIC_INPUT_CSV_WRONG_HASHLEN,
     DOES_NOT_EXIST_FILE,
     EMPTY_CSV,
+    ONE_BLANK_LINE_CSV,
     # WRONG_KEY_JSON,
     EMPTY_HASHES_DICT_JSON
 )
@@ -50,7 +52,8 @@ class TestInputFunctions():
     """Unit tests for input.py functions"""
     @pytest.mark.parametrize("input_file_path, answer_file_path", [
         (BASIC_INPUT_FILE, BASIC_INPUT_ANSWER_PATH),
-        (LARGE_INPUT_FILE, LARGE_INPUT_ANSWER_PATH)
+        (LARGE_INPUT_FILE, LARGE_INPUT_ANSWER_PATH),
+        (BLANK_LINES_CSV_INPUT_FILE, BASIC_INPUT_ANSWER_PATH)
     ])
     def test_csv(self, input_file_path: str, answer_file_path: List[Dict]):
         """Unit testing read_csv function"""
@@ -75,7 +78,8 @@ def test_json(self, input_file_path: str, answer_file_path: List[Dict]):
             "Hash should be 64 chars, instead is 63 chars: "
             "qqtrqoetfdomjjqnyatgmmbomhtnzqchzqzhxggmxqzgoabcnzysikrmunjgrup"),
         (OSError, DOES_NOT_EXIST_FILE, f"[Errno 2] No such file or directory: '{attach_path(DOES_NOT_EXIST_FILE)}'"),
-        (AssertionError, EMPTY_CSV, f'There are no hashes in File {attach_path(EMPTY_CSV)}')
+        (AssertionError, EMPTY_CSV, f'There are no hashes in File {attach_path(EMPTY_CSV)}'),
+        (AssertionError, ONE_BLANK_LINE_CSV, f'There are no hashes in File {attach_path(ONE_BLANK_LINE_CSV)}')
     ])
     def test_csv_exceptions(self, error, input_file_path: str, msg: str):
         """Unit testing read_csv function exceptions"""