def rpc_hook(args):
args['output'] = config.SETTINGS['MALWARE_DEST']
args['input'] = args['sample_path']
args = utils.pull_file(args)
if args['results']['pull_file']:
args = launch_pin(args)
else:
args['results']['pin_tool.rpc_hook'] = [ False, 'Failed to pull sample' ]
return args
def pull_remote(self, file_id):
"""
Grabs a file from the remote host and writes its contents to a
temporary file. Returns temp file path and file hash (from remote).
"""
request = parse.dumps({'ACTION': 'PULL-FILE',
'ID': file_id})
self._send(request + '\n')
file_name = os.tmpnam() + '.mp3'
digest = utils.pull_file(file_name, self._socket)
return file_name, digest
def push_command(self, command, session):
cursor = self._conn.cursor()
if command['TYPE'] == 'NEW':
cursor.execute('INSERT INTO files (received) VALUES (?)',
[time.time()])
sid = cursor.lastrowid
resp = parse.dumps({'ACTION': 'HSUP',
'ID': sid,
'DONE': 0})
logging.debug('CONT -> %s' % resp)
self._send(resp + '\n')
file_path = os.path.join(
utils.read_settings(self._conn, 'storage_dir')['storage_dir'],
'%d.mp3' % sid)
digest = utils.pull_file(file_path, self._socket)
our_digest = utils.hash_file(open(file_path, 'rb')).digest()
if our_digest != digest:
cursor.execute('DELETE FROM files WHERE id=?', [sid])
resp = {'ACTION': 'ERROR',
'REASON': 'Hash mismatch, record revoked, retransmit'}
self._conn.commit()
return resp, session
cursor.execute('UPDATE files SET path=?, hash=? WHERE id=?',
[file_path, digest.encode('hex'), sid])
self._conn.commit()
resp = {'ACTION': 'HSUP',
'DONE': 1}
return resp, session
elif command['TYPE'] == 'DELETE':
sid = int(command['ID'])
cursor.execute(
'INSERT INTO deleted (file_id, del_time) VALUES (?, ?)',
[sid, time.time()])
cursor.execute('DELETE FROM files WHERE id=?', [sid])
resp = {'ACTION': 'HSUP',
'DONE': 1}
return resp, session
else:
resp = {'ACTION': 'ERROR',
'REASON': 'Unknown PUSH type: %s' % command['TYPE']}
return resp, session