def write(self, address, data):
"""
Write to physical memory
@param addr: Address to start writing to
@param data: Data to be written to memory
@return: True/False
"""
if not self._connect():
logger.error("No VM connected.")
return False
logger.debug("Sending memory write request to hypervisor.")
# Construct our request
req = KvmMemRequest()
req.type = self.CMD_TYPE.WRITE
req.address = address
req.length = len(data)
req.data = data
try:
# Send our request
self.SOCK.send(`req`)
# Get our response
status = self.SOCK.recv(1)
except:
logger.error("Failed to write to memory sensor")
self._disconnect()
return None
# What is our status as reported by the hypervisor?
if status == '\x00':
logger.error("Error in memory ready, reported by guest. (%s)" %
self.vm_name)
return False
return True
def write(self, address, data):
"""
Write to physical memory
@param addr: Address to start writing to
@param data: Data to be written to memory
@return: True/False
"""
if not self._connect():
logger.error("No VM connected.")
return False
logger.debug("Sending memory write request to hypervisor.")
# Construct our request
req = KvmMemRequest()
req.type = self.CMD_TYPE.WRITE
req.address = address
req.length = len(data)
req.data = data
try:
# Send our request
self.SOCK.send( ` req `)
# Get our response
status = self.SOCK.recv(1)
except:
logger.error("Failed to write to memory sensor")
self._disconnect()
return None
# What is our status as reported by the hypervisor?
if status == '\x00':
logger.error("Error in memory ready, reported by guest. (%s)" %
self.vm_name)
return False
return True
def _read_from_sensor(self, address, read_len):
"""
Read physical memory
@param address: Address to start reading from
@param read_len: How much memory to read
@TODO: Fix KVM bug that doesn't allow reading the first page of memory!
"""
# BUGFIX: Some bizarre stuff was happenin the volatility NativeType
read_len = int(read_len)
logger.debug(
"Sending memory read request to hypervisor. (0x%016X, %d)" %
(address, read_len))
if read_len < 1:
logger.error("Read length must be >= 1")
# Construct our request
req = KvmMemRequest()
req.type = self.CMD_TYPE.READ
req.address = address
req.length = read_len
# Try RETRIES time to read from the guest system
read = ""
for retry in range(3):
if not self._connect():
logger.error("No VM connected.")
return None
read = ""
try:
self.SOCK.settimeout(1)
# Send our request
self.SOCK.send(repr(req))
# Get our response
while len(read) < read_len + 1:
logger.debug("Reading %d bytes... (%d read)" %
(read_len, len(read)))
read += self.SOCK.recv(read_len + 1 - len(read))
# Optimization if all of the bits are 1
if len(read) == 1 and read == "\xff":
read = ("\xff" * read_len) + "\x01"
self.SOCK.settimeout(None)
except:
logger.error("Failed to read from sensor. [0x%016X, %d] "
"(Attempt %d/%d)" %
(address, read_len, retry, self.RETRIES))
import traceback
traceback.print_exc()
self._disconnect()
logger.debug("Read %d bytes" % len(read))
# Did we get all of our data?
if len(read) != read_len + 1:
logger.error(
"Could not read memory from sensor. (Addr: %016X, Len: %d, %s)"
% (address, read_len, self.vm_name))
logger.error("Got %d bytes, expected %d" % (len(read), read_len))
return None
# extract portions of our resposne
status = read[-1]
data = read[:-1]
# What is our status as reported by the hypervisor?
if status == 0:
logger.error(
"Error in memory read, reported by guest. (Addr: %016X, Len: %d, %s)"
% (address, read_len, self.vm_name))
return None
return data
def _read_from_sensor(self, address, read_len):
"""
Read physical memory
@param address: Address to start reading from
@param read_len: How much memory to read
@TODO: Fix KVM bug that doesn't allow reading the first page of memory!
"""
# BUGFIX: Some bizarre stuff was happenin the volatility NativeType
read_len = int(read_len)
logger.debug(
"Sending memory read request to hypervisor. (0x%016X, %d)" % (
address,
read_len))
if read_len < 1:
logger.error("Read length must be >= 1")
# Construct our request
req = KvmMemRequest()
req.type = self.CMD_TYPE.READ
req.address = address
req.length = read_len
# Try RETRIES time to read from the guest system
read = ""
for retry in range(3):
if not self._connect():
logger.error("No VM connected.")
return None
read = ""
try:
self.SOCK.settimeout(1)
# Send our request
self.SOCK.send(repr(req))
# Get our response
while len(read) < read_len+1:
logger.debug("Reading %d bytes... (%d read)" % (read_len,
len(read)))
read += self.SOCK.recv(read_len + 1 - len(read))
# Optimization if all of the bits are 1
if len(read) == 1 and read == "\xff":
read = ("\xff" * read_len) + "\x01"
self.SOCK.settimeout(None)
except:
logger.error("Failed to read from sensor. [0x%016X, %d] "
"(Attempt %d/%d)" % (
address,
read_len,
retry,
self.RETRIES))
import traceback
traceback.print_exc()
self._disconnect()
logger.debug("Read %d bytes" % len(read))
# Did we get all of our data?
if len(read) != read_len + 1:
logger.error(
"Could not read memory from sensor. (Addr: %016X, Len: %d, %s)" % (
address,
read_len,
self.vm_name))
logger.error("Got %d bytes, expected %d" % (len(read), read_len))
return None
# extract portions of our resposne
status = read[-1]
data = read[:-1]
# What is our status as reported by the hypervisor?
if status == 0:
logger.error(
"Error in memory read, reported by guest. (Addr: %016X, Len: %d, %s)" % (
address,
read_len,
self.vm_name))
return None
return data
