def get_backup_user_emulation(self):
gen_user = GenericUserEmulation(vm_object=self.vm_object,
remote_mount_path=self.rpath)
user_emulation = [
"$(which find) {}/*".format(self.rpath),
"$(which ls) -lah {}/*".format(self.rpath),
"$(touch) {}".format(os.path.join(self.rpath, "TOUCHED")),
"$(mkdir) -p {}/a/b/c".format(self.rpath),
"$(which dd) if=/dev/urandom of={} bs={} count={}".format(
os.path.join(self.rpath, "DATA"), 1 << 20,
random.randint(1, 5)),
"$(which mknod) {}".format(os.path.join(self.rpath, "NODDED")),
"$(which echo) APPENDED >> {}".format(
os.path.join(self.rpath, "ECHOED")),
]
random.shuffle(user_emulation)
for entry in [
"$(which ln) {} {}".format(os.path.join(self.rpath, "DATA"),
"HARDLINK"),
"$(which ln) -s {} {}".format(os.path.join(self.rpath, "DATA"),
"SOFTLINK"),
"$(which readlink) {}".format(
os.path.join(
self.rpath,
get_random_list_entry(["SOFTLINK", "HARDLINK"]))),
"$(which chmod) {} {}".format(gen_user.get_random_chmod_mode(),
os.path.join(self.rpath,
"DATA")),
"$(which rm) -rf {}/*".format(self.rpath),
]:
user_emulation.append(entry)
return user_emulation
def get_netbsd_backup_user_emulation(self):
gen_user = GenericUserEmulation(vm_object=self.vm_object,
remote_mount_path=self.rpath)
netbsd_user_emulation = [
"/usr/bin/find {}/*".format(self.rpath),
"/bin/ls -lah {}/*".format(self.rpath),
"/usr/bin/touch {}".format(os.path.join(self.rpath, "TOUCHED")),
"/bin/mkdir -p {}/a/b/c".format(self.rpath),
"/bin/dd if=/dev/urandom of={} bs={} count={}".format(
os.path.join(self.rpath, "DATA"), 1 << 20,
random.randint(1, 5)),
"/sbin/mknod {}".format(os.path.join(self.rpath, "NODDED")),
"/bin/echo APPENDED >> {}".format(
os.path.join(self.rpath, "ECHOED")),
]
random.shuffle(netbsd_user_emulation)
for entry in [
"/bin/ln {} {}".format(os.path.join(self.rpath, "DATA"),
"HARDLINK"),
"/bin/ln -s {} {}".format(os.path.join(self.rpath, "DATA"),
"SOFTLINK"),
"/usr/bin/readlink {}".format(
os.path.join(
self.rpath,
get_random_list_entry(["SOFTLINK", "HARDLINK"]))),
"/bin/chmod {} {}".format(gen_user.get_random_chmod_mode(),
os.path.join(self.rpath, "DATA")),
"/bin/rm -rf {}/*".format(self.rpath),
]:
netbsd_user_emulation.append(entry)
return netbsd_user_emulation
def dynamic_resolving_of_cp_and_mv_command(self, cmd, syscall_log):
try:
gen_user = GenericUserEmulation(vm_object=self.vm_object, remote_mount_path=self.rmount)
_file, _dir = self._get_two_distinct_list_elements(
gen_user.get_files_of_mounted_file_system(param="files"), gen_user.get_files_of_mounted_file_system(param="dir"),
)
cmd = cmd.format(_file, _dir)
except (AttributeError, TypeError):
syscall_log.write("[-] {}\n".format(cmd))
return cmd
def set_ubuntu_user_emulation(self):
try:
gen_user = GenericUserEmulation(vm_object=self.vm_object, remote_mount_path=self.rapth)
res = gen_user.get_files_of_mounted_file_system("files")
if any("Traceback" in pos for pos in res):
user_emulation_command_list = self._failed_trav_user_emul()
else:
user_emulation_command_list = self.prepare_ubuntu_user_emulation()
except AttributeError:
user_emulation_command_list = self._failed_trav_user_emul()
return user_emulation_command_list
def prepare_ubuntu_user_emulation(self):
gen_user = GenericUserEmulation(vm_object=self.vm_object, remote_mount_path=self.rapth)
users, groups = gen_user.get_users_and_groups_of_target_os()
# chflags_modes = ['arch', 'nodump', 'opaque', 'sappnd', 'schg', 'snapshot',
# 'sunlnk', 'uappnd', 'uarch', 'uchg', 'hidden']
ubuntu_user_emulation = [
"/usr/bin/find {}/*".format(self.rapth), # yes
"/bin/ls -lah {}/*".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # yes
"/usr/bin/touch {}".format(
os.path.join(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")), "TOUCHED",)
), # no
"/bin/mkdir -p {}/a/b/c".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # no
"/bin/dd if=/dev/urandom of={} bs={} count={}".format(
os.path.join(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")), "DATA",),
1 << 20,
random.randint(1, 5),
), # yes
"/bin/ln {} {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
os.path.join(self.rapth, "HARDLINK"),
), # no
"/bin/ln -s {} {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
os.path.join(self.rapth, "SOFTLINK"),
), # no
"/usr/bin/file {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))), # yes
"/bin/readlink {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="link"))), # yes
"/usr/bin/stat {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # yes
"/bin/cp -R {} {}/COPIED", # no
"/bin/mknod {}".format(
os.path.join(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")), "NODDED",)
), # no
'/bin/tar -jcvf {} "{} {}"'.format(
os.path.join(self.rapth, "archive.bzip2"),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
), # yes
"/bin/chmod {} {}".format(
gen_user.get_random_chmod_mode(), get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
), # no
"/bin/chown {}:{} {}".format(
get_random_list_entry(users),
get_random_list_entry(groups),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
), # no
"/bin/chgrp {} {}".format(
get_random_list_entry(groups), get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
), # no
"/bin/mv {} {}", # no
"/bin/echo APPENDED >> {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file"))
), # no
"chdir {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # no
"/bin/rm -rf {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")[:-1])), # no
"/usr/bin/getfacl {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))), # yes
"/usr/bin/split {} {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")),
),
"/usr/bin/du {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
"/usr/bin/wc {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
"/usr/bin/truncate -s {} {}".format(
random.randint(1, 5), get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
),
"/usr/bin/dirname {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
"/usr/bin/basename {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
]
random.shuffle(ubuntu_user_emulation)
return ubuntu_user_emulation
def prepare_user_emulation(self):
gen_user = GenericUserEmulation(vm_object=self.vm_object,
remote_mount_path=self.rpath)
users, groups = gen_user.get_users_and_groups_of_target_os()
chflags_modes = [
"arch",
"nodump",
"opaque",
"sappnd",
"schg",
"snapshot",
"sunlnk",
"uappnd",
"uarch",
"uchg",
"hidden",
]
user_emulation = [
"$(which find) {}/*".format(self.rpath),
"$(which ls) -lah {}/*".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="dir"))),
"$(which touch) {}".format(
os.path.join(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(
param="dir")),
"TOUCHED",
)),
"$(which mkdir) -p {}/a/b/c".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="dir"))),
"$(which dd) if=/dev/urandom of={} bs={} count={}".format(
os.path.join(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(
param="dir")),
"DATA",
),
1 << 20,
random.randint(1, 5),
),
"$(which ln) {} {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="file")),
os.path.join(self.rpath, "HARDLINK"),
),
"$(which ln) -s {} {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="file")),
os.path.join(self.rpath, "SOFTLINK"),
),
"$(which file) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files"))),
"$(which readlink) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="link"))),
"$(which stat) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="dir"))),
"$(which cp) -R {} {}/COPIED",
"$(which mknod) {}".format(
os.path.join(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(
param="dir")),
"NODDED",
)),
'$(which tar) -jcvf {} "{} {}"'.format(
os.path.join(self.rpath, "archive.bzip2"),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="file")),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="file")),
),
"$(which chmod) {} {}".format(
gen_user.get_random_chmod_mode(),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files")),
),
"$(which chown) {}:{} {}".format(
get_random_list_entry(users),
get_random_list_entry(groups),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files")),
),
"$(which chgrp) {} {}".format(
get_random_list_entry(groups),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files")),
),
"$(which mv) {} {}",
"$(which echo) APPENDED >> {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="file"))),
"$(which chdir) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="dir"))),
"$(which rm) -rf {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(
param="dir")[:-1])),
"$(which chflags) {} {}".format(
get_random_list_entry(chflags_modes),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files")),
),
"$(which getfacl) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files"))),
"$(which split) {} {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files")),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="dir")),
),
"$(which du) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files"))),
"$(which wc) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files"))),
"$(which truncate) -s {} {}".format(
random.randint(1, 5),
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="file")),
),
"$(which dirname) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files"))),
"$(which basename) {}".format(
get_random_list_entry(
gen_user.get_files_of_mounted_file_system(param="files"))),
]
# '$(which setfacl) -m {}:{} {}'.format(get_random_list_entry(users),
# gen_user.get_random_chmod_mode(),
# get_random_list_entry(
# gen_user.get_files_of_mounted_file_system(
# param='files')))
# ] needs to be explicitly enabled during mount -o acls
random.shuffle(user_emulation)
return user_emulation
def prepare_freebsd_user_emulation(self):
gen_user = GenericUserEmulation(vm_object=self.vm_object, remote_mount_path=self.rpath)
users, groups = gen_user.get_users_and_groups_of_target_os()
chflags_modes = [
"arch",
"nodump",
"opaque",
"sappnd",
"schg",
"snapshot",
"sunlnk",
"uappnd",
"uarch",
"uchg",
"hidden",
]
# hardcoded path should probably be replaced with "$(which CMD) flags flag_args"
free_bsd_user_emulation = [
"/usr/bin/find {}/*".format(self.rpath), # yes
"/bin/ls -lah {}/*".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # yes
"/usr/bin/touch {}".format(
os.path.join(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")), "TOUCHED",)
), # no
"/bin/mkdir -p {}/a/b/c".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # no
"/bin/dd if=/dev/urandom of={} bs={} count={}".format(
os.path.join(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")), "DATA",),
1 << 20,
random.randint(1, 5),
), # yes
"/bin/ln {} {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
os.path.join(self.rpath, "HARDLINK"),
), # no
"/bin/ln -s {} {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
os.path.join(self.rpath, "SOFTLINK"),
), # no
"/usr/bin/file {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))), # yes
"/usr/bin/readlink {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="link"))), # yes
"/usr/bin/stat {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # yes
"/bin/cp -R {} {}/COPIED", # no
"/sbin/mknod {}".format(
os.path.join(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")), "NODDED",)
), # no
'/usr/bin/tar -jcvf {} "{} {}"'.format(
os.path.join(self.rpath, "archive.bzip2"),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
), # yes
"/bin/chmod {} {}".format(
gen_user.get_random_chmod_mode(), get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
), # no
"/usr/sbin/chown {}:{} {}".format(
get_random_list_entry(users),
get_random_list_entry(groups),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
), # no
"/usr/bin/chgrp {} {}".format(
get_random_list_entry(groups), get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
), # no
"/bin/mv {} {}", # no
"/bin/echo APPENDED >> {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file"))
), # no
"chdir {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir"))), # no
"/bin/rm -rf {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")[:-1])), # no
"/bin/chflags {} {}".format(
get_random_list_entry(chflags_modes),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
), # no
"/bin/getfacl {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))), # yes
"/usr/bin/split {} {}".format(
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files")),
get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="dir")),
),
"/usr/bin/du {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
"/usr/bin/wc {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
"/usr/bin/truncate -s {} {}".format(
random.randint(1, 5), get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="file")),
),
"/usr/bin/dirname {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
"/usr/bin/basename {}".format(get_random_list_entry(gen_user.get_files_of_mounted_file_system(param="files"))),
]
# '/bin/setfacl -m {}:{} {}'.format(get_random_list_entry(users),
# gen_user.get_random_chmod_mode(),
# get_random_list_entry(
# gen_user.get_files_of_mounted_file_system(
# param='files')))
# ] needs to be explicitly enabled during mount -o acls
random.shuffle(free_bsd_user_emulation)
return free_bsd_user_emulation