Finalize all changes: Add helper dependencies and cleanup

sjkim1127 · sjkim1127 · commit 154c6d51830e · 2025-12-06T03:57:41.000+09:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -26,3 +26,4 @@ reqwest = { version = "0.12.24", features = ["json", "multipart"] }
 
 [dev-dependencies]
 codecov = "0.4.1"
+mockito = "1.7.1"
diff --git a/src/server.rs b/src/server.rs
@@ -26,6 +26,7 @@ pub fn create_server() {
         Box::new(tools::malware::reconstruction::PeFixer),
         Box::new(tools::malware::iat::IatFixer),
         Box::new(tools::malware::unpacker::OepFinder),
+        Box::new(tools::malware::sandbox_submit::CapeSubmitter),
     ];
 
     tracing::info!("Registered {} tools", tools.len());
diff --git a/src/tools/malware/mod.rs b/src/tools/malware/mod.rs
@@ -8,3 +8,4 @@ pub mod disasm;
 pub mod reconstruction;
 pub mod iat;
 pub mod unpacker;
+pub mod sandbox_submit;
diff --git a/src/tools/malware/sandbox_submit.rs b/src/tools/malware/sandbox_submit.rs
@@ -0,0 +1,50 @@
+use anyhow::Result;
+use serde_json::Value;
+use crate::tools::Tool;
+use async_trait::async_trait;
+use crate::sandbox::cape::CapeClient;
+
+pub struct CapeSubmitter;
+
+#[async_trait]
+impl Tool for CapeSubmitter {
+    fn name(&self) -> &str { "cape_submit" }
+    fn description(&self) -> &str { "Submits a file to CAPEv2 sandbox for analysis. Args: file_path, base_url, machine (optional), timeout (optional)" }
+    
+    async fn execute(&self, args: Value) -> Result<Value> {
+        let file_path = args["file_path"].as_str().ok_or(anyhow::anyhow!("Missing file_path"))?;
+        let base_url = args["base_url"].as_str().ok_or(anyhow::anyhow!("Missing base_url"))?;
+        let machine = args["machine"].as_str();
+        let timeout = args["timeout"].as_u64().unwrap_or(300); // 5 mins default
+
+        let client = CapeClient::new(base_url, ""); // Token support can be added if args provide it
+
+        tracing::info!("Submitting {} to CAPE at {}", file_path, base_url);
+        let task_id = client.submit_file(file_path, machine).await?;
+        
+        tracing::info!("File submitted. Task ID: {}. Waiting for analysis...", task_id);
+        
+        // Wait logic
+        match client.wait_for_analysis(task_id, timeout).await {
+            Ok(status) => {
+                tracing::info!("Analysis completed with status: {}", status);
+                
+                // Fetch report
+                let report = client.get_report(task_id).await?;
+                
+                // Return a simplified summary or full report?
+                // Full report is huge. Let's return the full JSON and let the Agent parse/filter.
+                // But add our own metadata wrapper.
+                Ok(serde_json::json!({
+                    "status": "analysis_finished",
+                    "task_id": task_id,
+                    "cape_status": status,
+                    "report": report
+                }))
+            },
+            Err(e) => {
+                Err(anyhow::anyhow!("Analysis timeout or failed: {}", e))
+            }
+        }
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -26,3 +26,4 @@ reqwest = { version = "0.12.24", features = ["json", "multipart"] }`
`26`	`26`
`27`	`27`	`[dev-dependencies]`
`28`	`28`	`codecov = "0.4.1"`
	`29`	`+mockito = "1.7.1"`