def __init__(self, service_type, args): # no crypto for logs self.logxtx = CryptoContext(None) self.xtx = CryptoContext(None) super(CCJob, self).__init__(service_type, args) self.hostname = socket.gethostname() root = skytools.getLogger() root.addHandler(CallbackLogger(self.emit_log)) self.xtx = CryptoContext(self.cf)
def startup(self): super(TaskClient, self).startup() self.cc_url = self.cf.get('cc') self.ioloop = IOLoop.instance() self.xtx = CryptoContext(self.cf) self.ccrq = CCReqStream(self.cc_url, self.xtx, self.ioloop) self.taskmgr = TaskManager(self.ccrq)
def startup(self): """Setup sockets and handlers.""" super(CCServer, self).startup() self.log.info("C&C server version %s starting up..", self.__version__) self.xtx = CryptoContext(self.cf) self.zctx = zmq.Context(self.zmq_nthreads) self.ioloop = IOLoop.instance() self.local_url = self.cf.get('cc-socket') self.cur_role = self.cf.get('cc-role', 'insecure') if self.cur_role == 'insecure': self.log.warning( 'CC is running in insecure mode, please add "cc-role = local" or "cc-role = remote" option to config' ) self.stat_level = self.cf.getint('cc-stats', 1) if self.stat_level < 1: self.log.warning('CC statistics level too low: %d', self.stat_level) # initialize local listen socket s = self.zctx.socket(zmq.XREP) s.setsockopt(zmq.LINGER, self.zmq_linger) s.setsockopt(zmq.HWM, self.zmq_hwm) if self.zmq_rcvbuf > 0: s.setsockopt(zmq.RCVBUF, self.zmq_rcvbuf) if self.zmq_sndbuf > 0: s.setsockopt(zmq.SNDBUF, self.zmq_sndbuf) if self.zmq_tcp_keepalive > 0: if getattr(zmq, 'TCP_KEEPALIVE', -1) > 0: s.setsockopt(zmq.TCP_KEEPALIVE, self.zmq_tcp_keepalive) s.setsockopt(zmq.TCP_KEEPALIVE_INTVL, self.zmq_tcp_keepalive_intvl) s.setsockopt(zmq.TCP_KEEPALIVE_IDLE, self.zmq_tcp_keepalive_idle) s.setsockopt(zmq.TCP_KEEPALIVE_CNT, self.zmq_tcp_keepalive_cnt) else: self.log.info("TCP_KEEPALIVE not available") s.bind(self.local_url) self.local = CCStream(s, self.ioloop, qmaxsize=self.zmq_hwm) self.local.on_recv(self.handle_cc_recv) self.handlers = {} self.routes = {} rcf = skytools.Config('routes', self.cf.filename, ignore_defs=True) for r, hnames in rcf.cf.items('routes'): self.log.info('New route: %s = %s', r, hnames) for hname in [hn.strip() for hn in hnames.split(',')]: h = self.get_handler(hname) self.add_handler(r, h) self.stimer = PeriodicCallback(self.send_stats, 30 * 1000, self.ioloop) self.stimer.start()
def __init__(self, hname, hcf, ccscript): super(JobMgr, self).__init__(hname, hcf, ccscript) self.cc_config = ccscript.args[0] self.local_url = ccscript.local_url self.cc_job_name = ccscript.job_name self.job_args_extra = [] if ccscript.options.quiet: self.job_args_extra.append("-q") if ccscript.options.verbose: self.job_args_extra.extend(["-v"] * ccscript.options.verbose) self.jobs = {} for dname in self.cf.getlist('daemons'): defs = make_job_defaults(ccscript.cf, dname) self.add_job(dname, defs) self.xtx = CryptoContext(None)
def startup(self): """Setup sockets and handlers.""" super(CCServer, self).startup() self.log.info("C&C server version %s starting up..", self.__version__) self.xtx = CryptoContext(self.cf) self.zctx = zmq.Context(self.zmq_nthreads) self.ioloop = IOLoop.instance() self.local_url = self.cf.get('cc-socket') self.cur_role = self.cf.get('cc-role', 'insecure') if self.cur_role == 'insecure': self.log.warning( 'CC is running in insecure mode, please add "cc-role = local" or "cc-role = remote" option to config' ) self.stat_level = self.cf.getint('cc-stats', 1) if self.stat_level < 1: self.log.warning('CC statistics level too low: %d', self.stat_level) self.infofile = self.cf.getfile('infofile', '') self.infofile_level = self.cf.getint('infofile-level', 2) if self.infofile_level >= 3: self.stats_deque_bucket = 5 # seconds self.stats_deque_cursor = int(time.time() / self.stats_deque_bucket) self.stats_timespans = [1 * 60, 5 * 60, 15 * 60] # seconds assert sum([ ts % self.stats_deque_bucket for ts in self.stats_timespans ]) == 0 self.stats_deque_window = max( self.stats_timespans) / self.stats_deque_bucket + 1 self.stats_deque = deque([{} for i in range(self.stats_deque_window)], maxlen=self.stats_deque_window) self.stats_total = {} # initialize local listen socket s = self.zctx.socket(zmq.XREP) s.setsockopt(zmq.LINGER, self.zmq_linger) try: s.setsockopt(zmq.HWM, self.zmq_hwm) except AttributeError: s.set_hwm(self.zmq_hwm) if self.zmq_rcvbuf > 0: s.setsockopt(zmq.RCVBUF, self.zmq_rcvbuf) if self.zmq_sndbuf > 0: s.setsockopt(zmq.SNDBUF, self.zmq_sndbuf) if self.zmq_tcp_keepalive > 0: if getattr(zmq, 'TCP_KEEPALIVE', -1) > 0: s.setsockopt(zmq.TCP_KEEPALIVE, self.zmq_tcp_keepalive) s.setsockopt(zmq.TCP_KEEPALIVE_INTVL, self.zmq_tcp_keepalive_intvl) s.setsockopt(zmq.TCP_KEEPALIVE_IDLE, self.zmq_tcp_keepalive_idle) s.setsockopt(zmq.TCP_KEEPALIVE_CNT, self.zmq_tcp_keepalive_cnt) else: self.log.info("TCP_KEEPALIVE not available") s.bind(self.local_url) self.local = CCStream(s, self.ioloop, qmaxsize=self.zmq_hwm) self.local.on_recv(self.handle_cc_recv) self.handlers = {} self.routes = {} rcf = skytools.Config('routes', self.cf.filename, ignore_defs=True) for r, hnames in rcf.cf.items('routes'): self.log.info('New route: %s = %s', r, hnames) for hname in [hn.strip() for hn in hnames.split(',')]: h = self.get_handler(hname) self.add_handler(r, h) self.stats_period = self.cf.getint('stats-period', 30) self.stimer = PeriodicCallback(self.send_stats, self.stats_period * 1000, self.ioloop) self.stimer.start()