Ejemplo n.º 1
0
def close_instance():
    try:
        logging.debug("closing instance")
        backend = command.context["backend"]
        build.uninstall(backend)
    except:
        logging.exception("Cannot close instance")
Ejemplo n.º 2
0
def on_init(protocol, args):
    """ server side """
    from AVMaster import vm_manager

    vm, mq = protocol.vm, protocol.mq
    cmd = "c:\\python27\\python.exe"

    if args:
        redis = args
    else:
        redis = config.redis

    arg = [
        "C:\\AVTest\\AVAgent\\av_agent.py", "-m", vm, "-s", mq.session, "-d",
        redis
    ]
    ret = vm_manager.execute(vm, "executeCmd", cmd, arg, 40, True, True)

    #logging.debug("execution: %s" % ret)
    python = None

    for i in range(5):
        time.sleep(10)
        processes = vm_manager.execute(vm, "list_processes")
        if not processes:
            logging.debug("%s: null list_processes" % vm)
            continue
        python = [p for p in processes if "python" in p['cmd_line']]
        logging.debug("processes python: %s" % python)
        if python:
            return True

    if not python:
        logging.error("Error executing command av_agent on %s" % vm)
    return False
Ejemplo n.º 3
0
    def create_user_machine(self):
        logging.debug("create_user_machine")
        privs = [
            'ADMIN', 'ADMIN_USERS', 'ADMIN_OPERATIONS', 'ADMIN_TARGETS', 'ADMIN_AUDIT',
            'ADMIN_LICENSE', 'SYS', 'SYS_FRONTEND', 'SYS_BACKEND', 'SYS_BACKUP',
            'SYS_INJECTORS', 'SYS_CONNECTORS', 'TECH',
            'TECH_FACTORIES', 'TECH_BUILD', 'TECH_CONFIG', 'TECH_EXEC', 'TECH_UPLOAD',
            'TECH_IMPORT', 'TECH_NI_RULES', 'VIEW', 'VIEW_ALERTS', 'VIEW_FILESYSTEM',
            'VIEW_EDIT', 'VIEW_DELETE', 'VIEW_EXPORT', 'VIEW_PROFILES']
        user_name = "avmonitor_%s_%s" % (self.prefix, self.hostname)
        connection.user = user_name

        user_exists = False
        try:
            with connection() as c:
                logging.debug("LOGIN SUCCESS")
                user_exists = True
        except:
            pass

        if not user_exists:
            connection.user = "******"
            with connection() as c:
                ret = c.operation(connection.operation)
                op_id, group_id = ret
                c.user_create(user_name, connection.passwd, privs, group_id)
        connection.user = user_name
        return True
Ejemplo n.º 4
0
def on_answer(vm, success, answer):
    from AVMaster import vm_manager

    #assert command.context, "Null context"

    logging.debug("CROP answer: %s|%s" % (success, answer))
    # answer = [1,5,7]

    if answer and isinstance(answer, list):

        logging.warn("We have to PULL images: %s" % answer)
        dir = "%s/crop" % logger.logdir

        for iter in answer:
            try:
                src = "%s/%s.png" % (config.basedir_crop, iter)
                #name = src.split('/')[-1]
                dst_dir = "%s/%s" %(dir, vm)
                if not os.path.exists(dst_dir):
                    os.makedirs(dst_dir)
                dst = "%s/%s.png" % (dst_dir, iter)

                src = src.replace('/','\\')
                logging.debug("PULL: %s -> %s" % (src, dst))
                vm_manager.execute(vm, "copyFileFromGuest", src ,dst)
            except:
                logging.exception("Cannot get image %s" % src)
Ejemplo n.º 5
0
def add_plan_result(proj_id, plan_id, config, run_name, test_case, result, elapsed = 0, comment="avg"):
    logging.debug("adding plan result: %s, %s, %s, %s, %s" % (config, run_name, test_case, result, comment))
    statuses = get_statuses()

    results = dict([ (s['name'],s['id']) for s in statuses])

    plan = search_plan(proj_id, plan_id)

    entries = plan["entries"]
    for entry in entries:
        runs = entry["runs"]
        for r in runs:
            if r["name"] != run_name:
                continue
            #logging.debug("run: %s" % r)

            if r["config"] != config:
                continue

            for t in get_tests(r["id"]):
                if test_case in t["title"]:
                    logging.debug("adding result for test: %s" % t["id"])
                    #results = get_results(t["id"])
                    #logging.debug("results: %s" % results )
                    add_result(t["id"], results[result], comment, elapsed)
                    return r["id"]
    logging.error("cannot find correct test case")
Ejemplo n.º 6
0
def mail_summary(mail_recipients, mail_server = "mail.hackingteam.com"):

    logging.info("sending mail to %s" % mail_recipients)
    # Import smtplib for the actual sending function
    import smtplib

    # Import the email modules we'll need
    from email.mime.text import MIMEText

    report = Report()
    # Open a plain text file for reading.  For this example, assume that
    # the text file contains only ASCII characters.

    sum = summary()
    # Create a text/plain message
    for recipient in mail_recipients:
        msg = MIMEText(sum)
        # me == the sender's email address
        # you == the recipient's email address
        hostname = helper.get_hostname()

        msg['Subject'] = '%s@%s: %s' % (report.name, hostname, report.timestamp)
        msg['From'] = "*****@*****.**"
        msg['To'] = recipient

        logging.debug("    msg to: %s" % msg['To'])
        # Send the message via our own SMTP server, but don't include the
        # envelope header.
        s = smtplib.SMTP(mail_server)
        s.sendmail(msg['From'], [msg['To']], msg.as_string())
        s.quit()
Ejemplo n.º 7
0
def execute(vm, protocol, args):
    """ server side """
    from AVMaster import vm_manager

    #logging.debug("    CS Execute")
    assert vm, "null vm"
    tick = 15
    if args:
        assert isinstance(args, int), "you must specify an int for timeout."

        timeout = args
        off = False


        logging.debug("%s, shutting down with timeout %s." % (vm,timeout))

        vm_manager.execute(vm, "executeCmd","C:/Windows/System32/shutdown.exe",["/s", "/t", "30"], timeout, False, True)

        for i in range(0, timeout, tick):
            sleep(tick)
            if vm_manager.execute(vm, "is_powered_off"):
                return True, "Stopped VM"


    logging.info("Forcing shutdown")
    ret = vm_manager.execute(vm, "shutdown")

    logging.debug("%s, shutdown returns: %s" % (vm, ret))

    for i in range(10):
        if vm_manager.execute(vm, "is_powered_off"):
            return True, "Stopped VM"
        sleep(tick)

    return False, "Cannot stop VM"
Ejemplo n.º 8
0
    def __init__(self, vm, redis='localhost', session=None):
        self.vm = vm
        self.host = redis
        self.session = session
        command.init()
        shutil.rmtree('build', ignore_errors=True)
        if os.path.exists(config.basedir_crop):
            shutil.rmtree(config.basedir_crop)

        if 'logging' not in locals():

            from AVCommon.logger import logging
            locals()['logging']=logging

        logging.debug("vm: %s host: %s session: %s" % (self.vm, self.host, session))

        command.context["report"] = self.report

        # TODO
        # load default.yaml as a default SET command.
        f = open("AVAgent/default.yaml")
        y = yaml.load(f)
        for k,v in y.items():
            command.context[k] = v
        logging.debug("command.context size: %s" % len(command.context))
Ejemplo n.º 9
0
def execute(vm, protocol, args):
    from AVMaster import vm_manager

    """ server side """
    #logging.debug("    CS Execute")
    assert vm, "null vm"


    for i in range (30):
        if vm_manager.execute(vm, "is_powered_off"):
            return True, "%s VM is stopped" % vm
        else:
            logging.debug("%s, not yet powered off" % vm)
            time.sleep(30)

    ret = vm_manager.execute(vm, "shutdown")
    if not ret:
        return False, "Not Stopped VM %s" % ret

    for i in range (10):
        if vm_manager.execute(vm, "is_powered_off"):
            return True, "%s VM is stopped" % vm
        else:
            logging.debug("%s, not yet powered off" % vm)
            time.sleep(30)

    return False, "%s VM isn't stopped" % vm
Ejemplo n.º 10
0
def add_result(result):
    global results, report_send
    logging.debug(result)
    results.append(result)
    if report_send:
        logging.debug("report_send")
        report_send(result)
Ejemplo n.º 11
0
def execute(vm, args):
    """ client side, returns (bool,*) """
    logging.debug("    CS Execute")
    assert vm, "null vm"

    ret = eval(args)
    return True, ret
Ejemplo n.º 12
0
 def _upgrade(self, instance_id, force_soldier = False):
     with connection() as c:
         ret = c.instance_upgrade(instance_id, force_soldier)
         logging.debug("DBG _upgrade: %s" % ret)
         info = c.instance_info(instance_id)
         logging.debug("DBG info['level']: %s" % info['level'])
         return ret
Ejemplo n.º 13
0
def convert_processes(procs):
    processes = []
    if not procs:
        return None

    lines = procs.split("\n")
    if not lines:
        return None

    for l in lines[1:]:
        proc = {}
        tokens = l.split(", ", 2)
        for t in tokens:
            try:
                k,v = t.split("=", 1)
                if k == "cmd":
                    k = "name"
                proc[k] = v
            except:
                pass
        if proc:
            processes.append(proc)

    if config.verbose:
        logging.debug("processes: %s" % processes)
    return processes
Ejemplo n.º 14
0
def close_instance():
    try:
        logging.debug("closing instance")
        backend = command.context["backend"]
        build.uninstall(backend)
    except:
        logging.exception("Cannot close instance")
Ejemplo n.º 15
0
def execute(vm, protocol, args):
    logging.debug("    CS Execute: args %s" % args)

    assert protocol
    assert protocol.procedure

    if not args:
        protocol.on_error = "DISABLED"
        return True, "Procedure disabled"

    week   = ['sunday',
              'monday',
              'tuesday',
              'wednesday',
              'thursday',
              'friday',
              'saturday']

    today = datetime.datetime.today().weekday()
    today_week = week[today + 1]

    if isinstance(args, list):
        for d in args:
            assert d.lower() in week
        if not today_week in args:
            protocol.on_error = "DISABLED"
            return True, "Today not allowed"

    return True, args
Ejemplo n.º 16
0
def notest_ProtocolEval():
    host = "localhost"
    mq = MQStar(host)
    mq.clean()
    c = "client1"
    mq.add_client(c)

    commands = [
        "BEGIN", ("EVAL_SERVER", "dir()"), ("EVAL_SERVER", "locals()"),
        ("EVAL_SERVER", "__import__('os').getcwd()"), ("END", None, None)
    ]
    procedure = Procedure("PROC", commands)

    p = Protocol(mq, c, procedure)

    while p.send_next_command():
        logging.debug("sent command")

    exit = False
    while not exit:
        rec = mq.receive_server(blocking=True, timeout=10)
        if rec is not None:
            logging.debug("- SERVER RECEIVED %s %s" % (rec, type(rec)))
            c, msg = rec
            answer = p.receive_answer(c, msg)
            logging.debug("- SERVER RECEIVED ANSWER: ", answer.success)
            if answer.name == "END" or not answer.success:
                logging.debug("- SERVER RECEIVE END")
                #if answer.success:
            a = """('client1', ('EVAL_SERVER', True, {'self': <Command_EVAL_SERVER.Command_EVAL_SERVER object at 0x10931f810>, 'args': 'locals()'}))"""  #   p.send_next_command()

        else:
            logging.debug("- SERVER RECEIVED empty")
            exit = True
Ejemplo n.º 17
0
 def takeScreenshot(self, vmx, out_img):
     if config.verbose:
         logging.debug("[%s] Taking screenshot.\n" % vmx)
     if config.verbose:
         logging.debug("CALLING FUNCTIONS WITH out img %s, u: %s, p: %s.\n" % (out_img, vmx.user, vmx.passwd))
     self._run_cmd(vmx, "captureScreen", [out_img], [vmx.user, vmx.passwd])
     return os.path.exists(out_img)
Ejemplo n.º 18
0
    def test_formatter(selfs):

        from AVCommon import logger
        logger.init()
        from AVCommon.logger import logging
        globals()['logging']=logging

        formatter = logging.Formatter('%(asctime)s -%(levelname)s- %(filename)s:%(lineno)s   %(message)s')
        stdout_handler = logging.StreamHandler(sys.stdout)
        stdout_handler.setFormatter(formatter)
        logger = logging.getLogger('')
        logger.addHandler(stdout_handler)
        logger.setLevel(logging.DEBUG)

        logging.debug('A debug message')
        logging.info('Some information')
        logging.warning('A shot across the bows')


        logging.debug('A debug message')
        logging.info('Some information')

        logging.warning('A shot across the bows')

        logging_child.ClassName("calling a child")
Ejemplo n.º 19
0
def on_init(protocol, args):
    """ server side """
    from AVMaster import vm_manager

    vm, mq = protocol.vm, protocol.mq
    cmd = "c:\\python27\\python.exe"

    if args:
        redis = args
    else:
        redis = config.redis

    arg = ["C:\\AVTest\\AVAgent\\av_agent.py", "-m", vm, "-s", mq.session, "-d", redis]
    ret = vm_manager.execute(vm, "executeCmd", cmd, arg, 40, True, True)

    #logging.debug("execution: %s" % ret)
    python = None

    for i in range(5):
        time.sleep(10)
        processes = vm_manager.execute(vm, "list_processes")
        if not processes:
            logging.debug("%s: null list_processes" % vm)
            continue
        python = [ p for p in processes if "python" in p['cmd_line'] ]
        logging.debug("processes python: %s" % python)
        if python:
            return True

    if not python:
        logging.error("Error executing command av_agent on %s" % vm)
    return False
Ejemplo n.º 20
0
    def serialize(self):
        logging.debug("serialize result: %s" % self.result)

        serialized = pickle.dumps(( self.name, self.success, self.args, self.result, self.vm, self.side, self.timestamp ),
                                  pickle.HIGHEST_PROTOCOL)
        #logging.debug("pickle.dumps(%s)" % serialized)
        return base64.b64encode(serialized)
Ejemplo n.º 21
0
    def infos(self, target_id, instance_id, filter_type=None, filter_value=None):
        """ Get info of given agent and target
        @param target
        @param agent
        @param type (if None all types should be returned)

        date: '24h' 'week' 'month' 'now'
        dr e da sono per il :date
        gli altri sono per il :from :to
        dr -> date received, da -> date acquired

        """
        logging.debug("info: %s,%s,%s,%s" %(target_id, instance_id, filter_type, filter_value))
        if filter_type and filter_value:
            f = {filter_type: filter_value, "target": target_id, "agent": instance_id, 'date':'dr'}
        else:
            f = {"target": target_id, "agent": instance_id, 'date':'dr'}

        filter = urllib2.quote(json.dumps(f))
        link = 'https://%s/evidence/info?filter=%s' % (self.host, filter)

        resp = self._get_response(link, self.cookie)
        result = json.loads(resp)
        logging.debug("results: " % result)
        return result
Ejemplo n.º 22
0
    def update_conf(self, conf_file, factory):
        """ Update sync configuration
        @param configuration file
        @param factory id
        @return True/False
        """
        try:
            base = 'https://%s' % self.host

            faclink = '%s/factory' % base
            resp = self._get_response(faclink, self.cookie)
            facts = json.loads(resp)
            for fact in facts:
                if fact["ident"] == factory:
                    fct = fact
                    break
            if not fct:
                return False
                # logging.debug(fct)
            addlink = '%s/agent/add_config' % base
            f = open(conf_file, 'r')
            cnf = f.read()
            data = {'_id': fct["_id"], 'config': cnf}
            # logging.debug(data)
            resp = self._post_response(addlink, self.cookie, json.dumps(data))

            return True
        except Exception as e:
            logging.debug("DBG trace %s" % traceback.format_exc())
            logging.error(e)
            return False
Ejemplo n.º 23
0
def execute(vm, protocol, level):
    """ client side, returns (bool,*) """
    logging.debug("    VM_ALL")

    assert vm, "null vm"
    assert command.context is not None

    # vm_first = "avast,avast32,avg,avg32,avira,kis,kis14,kis32,mcafee,norton,panda,comodo,eset,msessential".split(',')
    vm_first = "avast,avast32,avg,avg32,avira,kis,kis14,kis32,mcafee,norton,comodo81,eset,eset7,msessential,panda".split(
        ","
    )
    vm_second = "drweb,360cn5,adaware,ahnlab,bitdef,fsecure,gdata,iobit32,vba32,fortinet,mbytes,norman,risint,trendm,zoneal,clamav".split(
        ","
    )
    vm_ignored = ""

    if level and level.lower() == "important":
        vm_all = vm_first
    elif level and level.lower() == "irrilevant":
        vm_all = vm_second
    else:
        vm_all = vm_first + vm_second
    assert isinstance(vm_all, list), "VM expects a list"

    command.context["VM"] = vm_all

    logging.debug("vm_all items: %s" % (vm_all))
    return True, vm_all
Ejemplo n.º 24
0
def unserialize(message):
    data = base64.b64decode(message)

    name, success, args, result, vm, side, timestamp = pickle.loads(data)
    if config.verbose:
        logging.debug("unserialized: (%s,%s,%s,%s,%s,%s)" % (name, success, args, str(result)[:50], vm, timestamp))
    return _factory(name, success, args, result, vm, timestamp)
Ejemplo n.º 25
0
def execute(vm, args):
    """ client side, returns (bool,*) """
    logging.debug("    STOP_AGENT")
    assert vm, "null vm"

    #TODO: stops a AVAgent on vm
    return True, "AGENT STOPPED"
Ejemplo n.º 26
0
 def __enter__(self):
     self.server = VIServer()
     self.server.connect(self.sdk_host, self.sdk_user, self.sdk_passwd)
     if config.verbose:
         logging.debug("connected to vSphere")
     vm = self.server.get_vm_by_path(self.vm_path)
     return vm
Ejemplo n.º 27
0
def mail_summary(mail_recipients, mail_server="mail.hackingteam.com"):

    logging.info("sending mail to %s" % mail_recipients)
    # Import smtplib for the actual sending function
    import smtplib

    # Import the email modules we'll need
    from email.mime.text import MIMEText

    report = Report()
    # Open a plain text file for reading.  For this example, assume that
    # the text file contains only ASCII characters.

    sum = summary()
    # Create a text/plain message
    for recipient in mail_recipients:
        msg = MIMEText(sum)
        # me == the sender's email address
        # you == the recipient's email address
        hostname = helper.get_hostname()

        msg['Subject'] = '%s@%s: %s' % (report.name, hostname,
                                        report.timestamp)
        msg['From'] = "*****@*****.**"
        msg['To'] = recipient

        logging.debug("    msg to: %s" % msg['To'])
        # Send the message via our own SMTP server, but don't include the
        # envelope header.
        s = smtplib.SMTP(mail_server)
        s.sendmail(msg['From'], [msg['To']], msg.as_string())
        s.quit()
Ejemplo n.º 28
0
 def __exit__(self, type, value, traceback):
     try:
         self.server.disconnect()
         if config.verbose:
             logging.debug("disconnected from vSphere")
     except VIException as e:
         logging.debug("Problem in disconnection. Fault is: %s" % e.fault)
         pass
Ejemplo n.º 29
0
 def instance_level(self, instance_id):
     params = {'_id': instance_id}
     try:
         info = self.instance_info(instance_id)
         logging.debug("info: %s" %(info))
         return info["level"]
     except:
         return False
Ejemplo n.º 30
0
 def instances_by_name(self, name):
     """ gets the instances id of an operation, matching the ident """
     logging.debug("looking for instances with target: %s" % name)
     agents = self._call_get('agent')
     #logging.debug("agents: %s" % agents)
     #pp.pprint(agents)
     ret = [op for op in agents if name in op['name'] and op['_kind'] == 'agent']
     return ret
Ejemplo n.º 31
0
 def instances_by_target_id(self, target_id):
     """ gets the instances id of an operation, matching the ident """
     logging.debug("lookin for instances with target: %s" % target_id)
     agents = self._call_get('agent')
     #logging.debug("agents: %s" % agents)
     #pp.pprint(agents)
     ret = [op for op in agents if target_id in op['path'] and op['_kind'] == 'agent']
     return ret
Ejemplo n.º 32
0
def check_blacklist(blacklist=None):
    with connection() as client:
        logging.debug("connected")
        blacklist_server = client.blacklist()
        logging.info("blacklist from server: %s" % blacklist_server)
        if blacklist:
            logging.info("blacklist from conf: %s" % blacklist)
        report_send("+ BLACKLIST: %s" % blacklist_server)
Ejemplo n.º 33
0
 def check_file(filename):
     try:
         with open(filename):
             logging.debug("DBG %s saved" % filename)
             return True
     except IOError:
         logging.debug("DBG failed saving %s" % appname)
         return False
Ejemplo n.º 34
0
def finish():
    logging.debug("report finish")
    #dump_yaml()

    logging.debug("context: %s" % command.context)
    mail_recipients = command.context.get("mail_recipients", [])
    if mail_recipients:
        mail_summary(mail_recipients)
Ejemplo n.º 35
0
    def start(self, p):
        logging.debug("- START: %s" % p.vm)
        self.mq.clean(p)
        r = p.send_next_command()
        c = p.last_command

        report.sent(p.vm, c)
        logging.info("- SENT: %s" % c)