From 216db5d387c0075d4cc920df65a69c55ac5e8de9 Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Sun, 14 Apr 2024 16:16:31 +0000
Subject: [PATCH] Sandbox Process Creation

---
 analysis/classes/zeekengine.py |  5 +++--
 assets/requirements.txt        | 37 ++++++++++++++++++----------------
 2 files changed, 23 insertions(+), 19 deletions(-)

diff --git a/analysis/classes/zeekengine.py b/analysis/classes/zeekengine.py
index 8acde70..1aa2338 100644
--- a/analysis/classes/zeekengine.py
+++ b/analysis/classes/zeekengine.py
@@ -13,6 +13,7 @@ import os
 import re
 import sys
 import whois
+from security import safe_command
 
 
 class ZeekEngine(object):
@@ -445,9 +446,9 @@ class ZeekEngine(object):
         """
             Start zeek and check the logs.
         """
-        sp.Popen("cd {} && /opt/zeek/bin/zeek -Cr capture.pcap protocols/ssl/validate-certs".format(
+        safe_command.run(sp.Popen, "cd {} && /opt/zeek/bin/zeek -Cr capture.pcap protocols/ssl/validate-certs".format(
             self.working_dir), shell=False).wait()
-        sp.Popen("cd {} && mv *.log assets/".format(self.working_dir),
+        safe_command.run(sp.Popen, "cd {} && mv *.log assets/".format(self.working_dir),
                  shell=False).wait()
         self.fill_dns(self.working_dir + "/assets/")
         self.netflow_check(self.working_dir + "/assets/")
diff --git a/assets/requirements.txt b/assets/requirements.txt
index 1c4ec22..c3b9c75 100644
--- a/assets/requirements.txt
+++ b/assets/requirements.txt
@@ -1,17 +1,20 @@
-pymisp==2.4.165.1
-sqlalchemy==1.4.48
-ipwhois==1.2.0
-netaddr==0.8.0
-flask==1.1.2
-flask_httpauth==4.8.0
-pyjwt==1.7.1
-psutil==5.8.0
-pydig==0.4.0
-pyudev==0.24.0
-pyyaml==5.3.1
-wifi==0.3.8
-qrcode==7.3.1
-netifaces==0.11.0
-weasyprint==59.0
-python-whois==0.8.0
-six==1.16.0
+pymisp==2.4.165.1
+sqlalchemy==1.4.48
+ipwhois==1.2.0
+netaddr==0.8.0
+flask==1.1.2
+flask_httpauth==4.8.0
+pyjwt==1.7.1
+psutil==5.8.0
+pydig==0.4.0
+pyudev==0.24.0
+pyyaml==5.3.1
+wifi==0.3.8
+qrcode==7.3.1
+netifaces==0.11.0
+weasyprint==59.0
+python-whois==0.8.0
+six==1.16.0
+security==1.2.1 \
+    --hash=sha256:4ca5f8cfc6b836e2192a84bb5a28b72c17f3cd1abbfe3281f917394c6e6c9238
+    --hash=sha256:0a9dc7b457330e6d0f92bdae3603fecb85394beefad0fd3b5058758a58781ded