#937 wip

TheHive-Project · Feb 9, 2021 · 3b0fbf3 · 3b0fbf3
1 parent da49e8c
commit 3b0fbf3
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 5 deletions.
diff --git a/.gitignore b/.gitignore
@@ -19,4 +19,5 @@ share
 analyzers/*/input
 analyzers/*/output
 responders/*/input
-responders/*/output
+responders/*/output
+analyzers/*/cortexutils
diff --git a/analyzers/EmlParser/EmlParser.json b/analyzers/EmlParser/EmlParser.json
@@ -1,6 +1,6 @@
 {
     "name": "EmlParser",
-    "version": "1.2",
+    "version": "1.3",
     "author": "ninsmith",
     "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
     "license": "AGPL-V3",

diff --git a/analyzers/EmlParser/parse.py b/analyzers/EmlParser/parse.py
@@ -139,11 +139,10 @@ def parseEml(filepath, job_directory):
             attachmentSumUp['md5'] = attachment['hash']['md5']
             attachmentSumUp['sha1'] = attachment['hash']['sha1']
             attachmentSumUp['sha256'] = attachment['hash']['sha256']
-            attachmentSumUp['blah'] = "3"
             filepath = os.path.join(job_directory, 'output', attachment.get('filename', ''))
             attachmentSumUp['path'] = filepath
             with open(filepath, 'wb') as f:
-                f.write(attachment['raw'])
+                f.write(base64.b64decode(attachment['raw']))
             f.close()
             result['attachments'].append(attachmentSumUp)
 

diff --git a/analyzers/EmlParser/requirements.txt b/analyzers/EmlParser/requirements.txt
@@ -1,4 +1,4 @@
-cortexutils;python_version>='3.5'
+#cortexutils;python_version>='3.5'
 eml_parser
 python-magic
 iocextract