Merge pull request #8 from viyatb/mythic_file_api

[mythic] Add a function to get uploaded file details by name

Author: its-a-feature

mythic/mythic.py

@@ -1597,6 +1597,29 @@ async def get_all_uploaded_files(
             break
 
 
+async def get_latest_uploaded_file_by_name(
+        mythic: mythic_classes.Mythic, custom_return_attributes: str = None, filename: str = None,
+) -> dict:
+    """
+    Execute a query to get metadata about the uploaded file by name.
+    To download the contents of a file, use the `download_file` function with the agent_file_id.
+    The default set of attributes returned in the dictionary can be found at graphql_queries.file_data_fragment.
+    If you want to use your own `custom_return_attributes` string to identify what information you want back, you have to include the `id` field, everything else is optional.
+    """
+    file_query = f"""
+    query uploaded_file_by_name($filename: String!){{
+        filemeta(where: {{is_screenshot: {{_eq: false}}, is_download_from_agent: {{_eq: false}}, is_payload: {{_eq: false}}, deleted: {{_eq: false}}, filename_utf8: {{_eq: $filename}}}}, order_by: {{id: desc}}, limit: 1){{
+            {custom_return_attributes if custom_return_attributes is not None else '...file_data_fragment'}
+        }}
+    }}
+    {graphql_queries.file_data_fragment if custom_return_attributes is None else ''}
+    """
+    output = await mythic_utilities.graphql_post(
+        mythic=mythic, query=file_query,
+    )
+    return output["filemeta"][0] if output["filemeta"] else {}
+
+
 async def update_file_comment(
         mythic: mythic_classes.Mythic, file_uuid: str, comment: str
 ) -> dict: