Example #1
0
    def _csv_list_scheduled_jobs(self):
        self.logger.info('Health : Listing scheduled jobs')
        file_tasks = self.output_dir + '_tasks.csv'
        with open(file_tasks, 'wb') as tasks_logs:
            proc = subprocess.Popen(["schtasks.exe", '/query', '/fo', 'CSV'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
            res = proc.communicate()
            res = get_terminal_decoded_string(res[0])
            # clean and write the command output
            write_to_output('"TASK_NAME","NEXT_SCHEDULE","STATUS"\r\n', tasks_logs, self.logger)
            column_names = None
            for line in res.split('\r\n'):
                if line == "":
                    continue
                if line[0] != '"':
                    continue
                if not column_names:
                    column_names = line
                    continue
                elif column_names == line:
                    continue
                write_to_output(line+"\r\n", tasks_logs, self.logger)

        self.logger.info('Health : Listing scheduled jobs')
        with open(file_tasks, "r") as fr, open(self.output_dir + "_scheduled_jobs.csv", 'wb') as fw:
            csv_writer = get_csv_writer(fw)
            write_to_csv(["COMPUTER_NAME", "TYPE", "JOB_NAME", "TIME", "STATE"], csv_writer)
            for l in fr.readlines():
                l = l.decode('utf8')
                if l.find('\\') > 0:
                    l = l[:-1].replace('"', '')  # remove the end of line
                    arr_write = [self.computer_name, 'scheduled_jobs'] + l.split(',')
                    write_to_csv(arr_write, csv_writer)
        self.logger.info('Health : Listing scheduled jobs')
        record_sha256_logs(self.output_dir + '_scheduled_jobs.csv', self.output_dir + '_sha256.log')
    def _json_list_scheduled_jobs(self):
        self.logger.info('Health : Listing scheduled jobs')
        if self.destination == 'local':

            file_tasks = os.path.join(self.output_dir , '%s_tasks.json' % self.computer_name)
            with open(file_tasks, 'wb') as tasks_logs:
                json_writer = get_json_writer(tasks_logs)
                proc = subprocess.Popen(["schtasks.exe", '/query', '/fo', 'CSV'], stdout=subprocess.PIPE,
                                        stderr=subprocess.PIPE)
                res = proc.communicate()
                res = get_terminal_decoded_string(res[0])
                # clean and write the command output
                header= ["COMPUTER_NAME", "TYPE",'TASK_NAME','NEXT_SCHEDULE',"STATUS"]
                column_names = None
                for line in res.split('\r\n'):
                    if line == "":
                        continue
                    if line[0] != '"':
                        continue
                    if not column_names:
                        column_names = line
                        continue
                    elif column_names == line:

                        continue
                    write_to_json(header, [self.computer_name, 'Scheduled Jobs'].extends(line.split(',')), json_writer)
    def _json_list_scheduled_jobs(self):
        self.logger.info('Health : Listing scheduled jobs')
        if self.destination == 'local':

            file_tasks = os.path.join(self.output_dir,
                                      '%s_tasks.json' % self.computer_name)
            with open(file_tasks, 'wb') as tasks_logs:
                json_writer = get_json_writer(tasks_logs)
                proc = subprocess.Popen(
                    ["schtasks.exe", '/query', '/fo', 'CSV'],
                    stdout=subprocess.PIPE,
                    stderr=subprocess.PIPE)
                res = proc.communicate()
                res = get_terminal_decoded_string(res[0])
                # clean and write the command output
                header = [
                    "COMPUTER_NAME", "TYPE", 'TASK_NAME', 'NEXT_SCHEDULE',
                    "STATUS"
                ]
                column_names = None
                for line in res.split('\r\n'):
                    if line == "":
                        continue
                    if line[0] != '"':
                        continue
                    if not column_names:
                        column_names = line
                        continue
                    elif column_names == line:

                        continue
                    write_to_json(header,
                                  [self.computer_name,
                                   'Scheduled Jobs'].extends(line.split(',')),
                                  json_writer)
Example #4
0
 def _list_arp_table(self):
     cmd = "arp -a"
     p = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
     output, errors = p.communicate()
     output = get_terminal_decoded_string(output)
     item = output.split("\n")
     for i in item:
         yield i
 def _list_at_scheduled_jobs(self):
     proc = subprocess.Popen('at', stdout=subprocess.PIPE)
     res = proc.communicate()
     res = get_terminal_decoded_string(res[0])
     for line in res.splitlines()[1:]:
         line = re.compile(' {2,}').split(line, 4)
         if len(line) is 5:
             yield line
Example #6
0
 def _list_network_adapters(self):
     net = self.wmi.Win32_NetworkAdapter()
     for n in net:
         netcard = n.Caption
         IPv4 = ''
         IPv6 = ''
         DHCP_server = ''
         DNS_server = ''
         adapter_type = ''
         nbtstat_value = ''
         if n.AdapterTypeID:
             adapter_type = NETWORK_ADAPTATER[int(n.AdapterTypeID)]
         net_enabled = n.NetEnabled
         mac_address = n.MACAddress
         description = n.Description
         physical_adapter = unicode(n.PhysicalAdapter)
         product_name = n.ProductName
         speed = n.Speed
         database_path = ''
         if net_enabled:
             nic = self.wmi.Win32_NetworkAdapterConfiguration(
                 MACAddress=mac_address)
             for nc in nic:
                 database_path = nc.DatabasePath
                 if nc.IPAddress:
                     try:
                         IPv4 = nc.IPAddress[0]
                         IPv6 = nc.IPAddress[1]
                     except IndexError as e:
                         self.logger.error('Error to catch IP Address %s ' %
                                           str(nc.IPAddress))
                 if IPv4:
                     nbtstat = 'nbtstat -A ' + IPv4
                     p = subprocess.Popen(nbtstat,
                                          shell=True,
                                          stdout=subprocess.PIPE,
                                          stderr=subprocess.PIPE)
                     output, errors = p.communicate()
                     # output=utils.decode_output_cmd(output)
                     output = get_terminal_decoded_string(output)
                     nbtstat_value = output.split('\r\n')
                     nbtstat_value = ' '.join(
                         [n.replace('\n', '') for n in nbtstat_value])
                 if nc.DNSServerSearchOrder:
                     DNS_server = nc.DNSServerSearchOrder[0]
                 if nc.DHCPEnabled:
                     if nc.DHCPServer:
                         DHCP_server = nc.DHCPServer
         yield netcard, adapter_type, description, mac_address, product_name, physical_adapter, product_name, speed, \
               IPv4, IPv6, DHCP_server, DNS_server, database_path, nbtstat_value
 def _list_scheduled_jobs(self):
     proc = subprocess.Popen(["schtasks.exe", '/query', '/fo', 'CSV'],
                             stdout=subprocess.PIPE,
                             stderr=subprocess.PIPE)
     res = proc.communicate()
     res = get_terminal_decoded_string(res[0])
     column_names = None
     for line in res.splitlines():
         if line == "":
             continue
         if line[0] != '"':
             continue
         if column_names is None:
             column_names = line
             continue
         elif column_names == line:
             continue
         yield line
 def _list_network_adapters(self):
     net = self.wmi.Win32_NetworkAdapter()
     for n in net:
         netcard = n.Caption
         IPv4 = ''
         IPv6 = ''
         DHCP_server = ''
         DNS_server = ''
         adapter_type = ''
         nbtstat_value = ''
         if n.AdapterTypeID:
             adapter_type = NETWORK_ADAPTATER[int(n.AdapterTypeID)]
         net_enabled = n.NetEnabled
         mac_address = n.MACAddress
         description = n.Description
         physical_adapter = unicode(n.PhysicalAdapter)
         product_name = n.ProductName
         speed = n.Speed
         database_path = ''
         if net_enabled:
             nic = self.wmi.Win32_NetworkAdapterConfiguration(MACAddress=mac_address)
             for nc in nic:
                 database_path = nc.DatabasePath
                 if nc.IPAddress:
                     try:
                         IPv4 = nc.IPAddress[0]
                         IPv6 = nc.IPAddress[1]
                     except IndexError as e:
                         self.logger.error('Error to catch IP Address %s ' % str(nc.IPAddress))
                 if IPv4:
                     nbtstat = 'nbtstat -A ' + IPv4
                     p = subprocess.Popen(nbtstat, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
                     output, errors = p.communicate()
                     # output=utils.decode_output_cmd(output)
                     output = get_terminal_decoded_string(output)
                     nbtstat_value = output.split('\r\n')
                     nbtstat_value = ' '.join([n.replace('\n', '') for n in nbtstat_value])
                 if nc.DNSServerSearchOrder:
                     DNS_server = nc.DNSServerSearchOrder[0]
                 if nc.DHCPEnabled:
                     if nc.DHCPServer:
                         DHCP_server = nc.DHCPServer
         yield netcard, adapter_type, description, mac_address, product_name, physical_adapter, product_name, speed, \
               IPv4, IPv6, DHCP_server, DNS_server, database_path, nbtstat_value