Configurations

March 29, 2022 ยท View on GitHub

RedDrop can be configured using a multitude of configurations through a specified YAML config file (-c CLI Arugment). The Default configuration, which you can view with the --dump-config CLI Argument, looks like this:

authorization_rules: []
auto_extract_tar: no
auto_process: yes
debug: no
host: 0.0.0.0
port: 80
process_list: []
processor_arguments:
    openssl-aes256-pbkdf2:
        password: EncryptMe
        iterations: 10000
    b64: {}
    gzip: {}
    hex: {}
gunicorn:
    defaults:
        bind: 0.0.0.0:80
        workers: <Dependent on Your CPUs>
tags: []
failure_response: Failed
success_response: Received
log_format_template:
    initial_request: '[{{ c("blue", time.strftime("%m/%d/%y %H:%M:%S")) }}] {{ c("yellow", src) }} {{ c("grey", method) }} {{ c("green", "/" + path) }}'
    data_received: '[{{ c("blue", ", ".join(process)) }}]-> {{ c("green", field) }}

        {{processedValue if processedValue else originalValue}}


        '
    file_uploaded: '[{{ c("bold", c("red", "FILE UPLOAD")) }}][{{ c("blue", ", ".join(process)) }}] {% if autoExtracted %}{{c("yellow", "Extracted Archive")}}{% endif %} => {{ c("green", fileDir + "/" + fileName) }}

        '
log_encryption_password: no
upload_dir: uploads
process_list_header: Process

A description of each option is as follows:

OptionDescription
authorization_rulesThe Authorization Rules to use. A list of dictionaries in the format: {'key': '<Request Key>', 'rule': '<Regular Expression>'}
auto_extract_tarAutomatically extract uploaded TAR files.
This software uses a small function to check if any tar members have insecure filenames before extraction
auto_processAutomatically attempt to identify and process payloads, rather than through the process_list
debugEnable Flask's Debugger
hostThe Host to bind to
portThe Port to bind to on the host
process_listThe modules, in processing order, to use for processing payloads
processor_argumentsThis is where you can ovveride the parameters specified in Processor Modules, as Processors are populated, so are the parameters they specify in the --dump-config option.
gunicornOptions passed to the Gunicorn Production Web Server, see the settings documentation for all options
tagsSpecify tags to be applied to data captured during the runtime session. Be sure to remove tags between different sessions if you do not want them to be applied to new data. Sessions which have tags applied to them will save files in the configured upload_dir in a new directory named by joining tags with a - character
failure_responseThe response to send to clients on a failed request. This is a Jinja Template
success_responseThe response to send to clients on a successful request. This is a Jinja Template
log_format_templateThese are how messages are displayed in the console, each child item in the default configuration can be changed to display data in a way that suits you best.
initial_request is displayed first, see the options avaialble for display in app.py.
data_received is displayed when a request parameter is received and for each subsequent parameter in each request. See the return dict in request_processing.py for display fields.
file_uploaded is displayed when a file is uploaded. See the return dict in file_processing.py for display fields.
log_encryption_passwordWhether to log the specified encryption password to the log files in cleartext
upload_dirThe directory to store uploaded files to
process_list_headerThe Header field which allows a client to specify the process_list using a comma separated value