def testAlertEmailIsSentWhenClientKilledDuringHunt(self):
    """Test that client killed messages are handled correctly for hunts."""
    self.email_messages = []

    def SendEmail(address, sender, title, message, **_):
      self.email_messages.append(dict(address=address,
                                      sender=sender,
                                      title=title,
                                      message=message))

    with hunts.GRRHunt.StartHunt(hunt_name="GenericHunt",
                                 flow_runner_args=flow_runner.FlowRunnerArgs(
                                     flow_name="FlowWithOneClientRequest"),
                                 client_rate=0,
                                 crash_alert_email="*****@*****.**",
                                 token=self.token) as hunt:
      hunt.Run()
      hunt.StartClients(hunt.session_id, self.client_id)

    with utils.Stubber(email_alerts.EMAIL_ALERTER, "SendEmail", SendEmail):
      client = test_lib.CrashClientMock(self.client_id, self.token)
      test_lib.TestHuntHelper(client, [self.client_id],
                              token=self.token,
                              check_flow_errors=False)

    self.assertEqual(len(self.email_messages), 2)
    self.assertListEqual(
        [self.email_messages[0]["address"], self.email_messages[1]["address"]],
        ["*****@*****.**", config_lib.CONFIG["Monitoring.alert_email"]])
Exemple #2
0
    def Run(self):
        client_ids = self.SetupClients(10)
        client_mock = test_lib.SampleHuntMock()

        with test_lib.FakeTime(42):
            with self.CreateHunt(description="the hunt") as hunt_obj:
                hunt_obj.Run()

        time_offset = 0
        for client_id in client_ids:
            with test_lib.FakeTime(45 + time_offset):
                self.AssignTasksToClients([client_id])
                test_lib.TestHuntHelper(client_mock, [client_id], False,
                                        self.token)
                time_offset += 10

        replace = {hunt_obj.urn.Basename(): "H:123456"}
        self.Check("GetHuntClientCompletionStats",
                   args=hunt_plugin.ApiGetHuntClientCompletionStatsArgs(
                       hunt_id=hunt_obj.urn.Basename()),
                   replace=replace)
        self.Check("GetHuntClientCompletionStats",
                   args=hunt_plugin.ApiGetHuntClientCompletionStatsArgs(
                       hunt_id=hunt_obj.urn.Basename(), size=4),
                   replace=replace)
        self.Check("GetHuntClientCompletionStats",
                   args=hunt_plugin.ApiGetHuntClientCompletionStatsArgs(
                       hunt_id=hunt_obj.urn.Basename(), size=1000),
                   replace=replace)
Exemple #3
0
    def setUp(self):
        super(ApiGetHuntFileHandlerTest, self).setUp()

        self.handler = hunt_plugin.ApiGetHuntFileHandler()

        self.file_path = os.path.join(self.base_path, "test.plist")
        self.hunt = hunts.GRRHunt.StartHunt(
            hunt_name="GenericHunt",
            flow_runner_args=flow_runner.FlowRunnerArgs(
                flow_name=file_finder.FileFinder.__name__),
            flow_args=file_finder.FileFinderArgs(
                paths=[self.file_path],
                action=file_finder.FileFinderAction(action_type="DOWNLOAD"),
            ),
            client_rate=0,
            token=self.token)
        self.hunt.Run()

        self.results_urn = self.hunt.state.context.results_collection_urn
        self.aff4_file_path = rdfvalue.RDFURN("os").Add(self.file_path)

        self.client_id = self.SetupClients(1)[0]
        self.AssignTasksToClients(client_ids=[self.client_id])
        action_mock = action_mocks.ActionMock("TransferBuffer", "StatFile",
                                              "HashFile", "HashBuffer")
        test_lib.TestHuntHelper(action_mock, [self.client_id],
                                token=self.token)
Exemple #4
0
    def testShowsFilesAndAllowsDownloadWhenCSVExportIsUsed(self):
        with self.ACLChecksDisabled():
            self.client_ids = self.SetupClients(10)

            # Create hunt.
            self.CreateSampleHunt(output_plugins=[
                output_plugin.OutputPluginDescriptor(
                    plugin_name=csv_plugin.CSVOutputPlugin.__name__)
            ])

            # Actually run created hunt.
            client_mock = test_lib.SampleHuntMock()
            test_lib.TestHuntHelper(client_mock, self.client_ids, False,
                                    self.token)

            # Make sure results are processed.
            flow_urn = flow.GRRFlow.StartFlow(
                flow_name=process_results.ProcessHuntResultCollectionsCronFlow.
                __name__,
                token=self.token)
            for _ in test_lib.TestFlowHelper(flow_urn, token=self.token):
                pass

        self.Open("/#main=ManageHunts")
        self.Click("css=td:contains('GenericHunt')")

        # Click the Results tab.
        self.Click("css=li[heading=Results]")
        self.WaitUntil(self.IsTextPresent, "Following files were written")

        # Check that displayed file can be downloaded.
        self.Click("css=a:contains('ExportedFile.csv')")
        self.WaitUntil(self.FileWasDownloaded)
Exemple #5
0
  def testBrokenHunt(self):
    """This tests the behavior when a hunt raises an exception."""

    # Set up 10 clients.
    client_ids = self.SetupClients(10)

    with hunts.GRRHunt.StartHunt(
        hunt_name="BrokenSampleHunt",
        regex_rules=[rdf_foreman.ForemanAttributeRegex(
            attribute_name="GRR client",
            attribute_regex="GRR")],
        client_rate=0,
        token=self.token) as hunt:

      hunt.GetRunner().Start()

    foreman = aff4.FACTORY.Open("aff4:/foreman", mode="rw", token=self.token)
    for client_id in client_ids:
      foreman.AssignTasksToClient(client_id)

    # Run the hunt.
    client_mock = test_lib.SampleHuntMock()
    test_lib.TestHuntHelper(client_mock, client_ids, False, self.token)

    hunt_obj = aff4.FACTORY.Open(hunt.session_id, mode="rw",
                                 age=aff4.ALL_TIMES, token=self.token)

    started, finished, errors = hunt_obj.GetClientsCounts()
    self.assertEqual(started, 10)
    # There should be errors for the five clients where the hunt raised.
    self.assertEqual(errors, 5)
    # All of the clients that have the file should still finish eventually.
    self.assertEqual(finished, 5)
    def RunHunt(self, plugin_name, plugin_args):
        with hunts.GRRHunt.StartHunt(
                hunt_name="GenericHunt",
                flow_runner_args=rdfvalue.FlowRunnerArgs(flow_name="GetFile"),
                flow_args=rdfvalue.GetFileArgs(pathspec=rdfvalue.PathSpec(
                    path="/tmp/evil.txt",
                    pathtype=rdfvalue.PathSpec.PathType.OS)),
                regex_rules=[
                    rdfvalue.ForemanAttributeRegex(attribute_name="GRR client",
                                                   attribute_regex="GRR")
                ],
                output_plugins=[
                    rdfvalue.OutputPlugin(plugin_name=plugin_name,
                                          plugin_args=plugin_args)
                ],
                client_rate=0,
                token=self.token) as hunt:
            hunt.Run()

            hunt.StartClients(hunt.session_id, self.client_ids)

            # Run the hunt.
            client_mock = test_lib.SampleHuntMock()
            test_lib.TestHuntHelper(client_mock, self.client_ids, False,
                                    self.token)

            # Stop the hunt now.
            hunt.GetRunner().Stop()

        # Run cron flow that executes actual output plugins
        for _ in test_lib.TestFlowHelper("ProcessHuntResultsCronFlow",
                                         token=self.token):
            pass

        return hunt.urn
Exemple #7
0
  def testProcessing(self):
    """This tests running the hunt on some clients."""

    # Set up 10 clients.
    client_ids = self.SetupClients(10)

    with hunts.GRRHunt.StartHunt(
        hunt_name="SampleHunt",
        regex_rules=[rdf_foreman.ForemanAttributeRegex(
            attribute_name="GRR client",
            attribute_regex="GRR")],
        client_rate=0,
        token=self.token) as hunt:

      hunt.GetRunner().Start()

    foreman = aff4.FACTORY.Open("aff4:/foreman", mode="rw", token=self.token)
    for client_id in client_ids:
      foreman.AssignTasksToClient(client_id)

    # Run the hunt.
    client_mock = test_lib.SampleHuntMock()
    test_lib.TestHuntHelper(client_mock, client_ids, False, self.token)

    hunt_obj = aff4.FACTORY.Open(
        hunt.session_id, mode="r", age=aff4.ALL_TIMES,
        aff4_type=hunts.SampleHunt, token=self.token)

    started, finished, _ = hunt_obj.GetClientsCounts()
    self.assertEqual(started, 10)
    self.assertEqual(finished, 10)
Exemple #8
0
  def testHangingClients(self):
    """This tests if the hunt completes when some clients hang or raise."""
    # Set up 10 clients.
    client_ids = self.SetupClients(10)

    with hunts.GRRHunt.StartHunt(
        hunt_name="SampleHunt",
        regex_rules=[rdf_foreman.ForemanAttributeRegex(
            attribute_name="GRR client",
            attribute_regex="GRR")],
        client_rate=0,
        token=self.token) as hunt:

      hunt.GetRunner().Start()

    foreman = aff4.FACTORY.Open("aff4:/foreman", mode="rw", token=self.token)
    for client_id in client_ids:
      foreman.AssignTasksToClient(client_id)

    client_mock = test_lib.SampleHuntMock()
    # Just pass 8 clients to run, the other two went offline.
    test_lib.TestHuntHelper(client_mock, client_ids[1:9], False, self.token)

    hunt_obj = aff4.FACTORY.Open(hunt.session_id, mode="rw",
                                 age=aff4.ALL_TIMES, token=self.token)

    started, finished, _ = hunt_obj.GetClientsCounts()
    # We started the hunt on 10 clients.
    self.assertEqual(started, 10)
    # But only 8 should have finished.
    self.assertEqual(finished, 8)
Exemple #9
0
    def setUp(self):
        super(ApiGetHuntFileHandlerTest, self).setUp()

        self.handler = hunt_plugin.ApiGetHuntFileHandler()

        self.file_path = os.path.join(self.base_path, "test.plist")
        self.hunt = hunts.GRRHunt.StartHunt(
            hunt_name="GenericHunt",
            flow_runner_args=rdf_flows.FlowRunnerArgs(
                flow_name=file_finder.FileFinder.__name__),
            flow_args=rdf_file_finder.FileFinderArgs(
                paths=[self.file_path],
                action=rdf_file_finder.FileFinderAction(
                    action_type="DOWNLOAD"),
            ),
            client_rate=0,
            token=self.token)
        self.hunt.Run()

        self.results_urn = self.hunt.results_collection_urn
        self.aff4_file_path = "fs/os/%s" % self.file_path

        self.client_id = self.SetupClients(1)[0]
        self.AssignTasksToClients(client_ids=[self.client_id])
        action_mock = action_mocks.FileFinderClientMock()
        test_lib.TestHuntHelper(action_mock, [self.client_id],
                                token=self.token)
Exemple #10
0
  def testStartClients(self):
    with hunts.GRRHunt.StartHunt(
        hunt_name="SampleHunt", client_rate=0, token=self.token) as hunt:

      with hunt.GetRunner() as runner:
        runner.Start()

        client = aff4.FACTORY.Open(self.client_id, token=self.token,
                                   age=aff4.ALL_TIMES)

        flows = list(client.GetValuesForAttribute(client.Schema.FLOW))

        self.assertEqual(flows, [])

        hunts.GRRHunt.StartClients(hunt.session_id, [self.client_id])

    test_lib.TestHuntHelper(None, [self.client_id], False, self.token)

    client = aff4.FACTORY.Open(self.client_id, token=self.token,
                               age=aff4.ALL_TIMES)

    flows = list(client.GetValuesForAttribute(client.Schema.FLOW))

    # One flow should have been started.
    self.assertEqual(len(flows), 1)
Exemple #11
0
  def testShowsFilesAndAllowsDownloadWhenCSVExportIsUsed(self):
    with self.ACLChecksDisabled():
      self.client_ids = self.SetupClients(10)

      # Create hunt.
      self.CreateSampleHunt(output_plugins=[
          rdfvalue.OutputPlugin(plugin_name="CSVOutputPlugin")])

      # Actually run created hunt.
      client_mock = test_lib.SampleHuntMock()
      test_lib.TestHuntHelper(client_mock, self.client_ids, False, self.token)

      # Make sure results are processed.
      flow_urn = flow.GRRFlow.StartFlow(flow_name="ProcessHuntResultsCronFlow",
                                        token=self.token)
      for _ in test_lib.TestFlowHelper(flow_urn, token=self.token):
        pass

    self.Open("/#main=ManageHunts")
    self.Click("css=td:contains('GenericHunt')")

    # Click the Results tab.
    self.Click("css=a[renderer=HuntResultsRenderer]")
    self.WaitUntil(self.IsTextPresent,
                   "CSV output plugin writes to following files")

    # Check that displayed file can be downloaded.
    self.Click("css=.csv-output-note a:contains('ExportedFile.csv')")
    self.WaitUntil(self.FileWasDownloaded)
Exemple #12
0
  def testShowsNotificationWhenArchiveGenerationIsDone(self):
    with self.ACLChecksDisabled():
      hunt = self.CreateSampleHunt(
          path=os.path.join(self.base_path, "test.plist"))

      action_mock = action_mocks.ActionMock(
          "TransferBuffer", "StatFile", "HashFile", "HashBuffer")
      test_lib.TestHuntHelper(action_mock, self.client_ids, False,
                              self.token)
      self.GrantHuntApproval(hunt.urn)

    self.Open("/")
    self.Click("css=a[grrtarget=ManageHunts]")
    self.Click("css=td:contains('GenericHunt')")
    self.Click("css=li[heading=Results]")
    self.Click("css=button.DownloadButton")
    self.WaitUntil(self.IsTextPresent, "Generation has started")

    self.Click("css=#notification_button")
    self.WaitUntil(self.IsTextPresent, "has granted you access")
    self.WaitUntilNot(self.IsTextPresent, "ready for download")
    self.Click("css=button:contains('Close')")

    with self.ACLChecksDisabled():
      flows_dir = aff4.FACTORY.Open("aff4:/flows")
      flows = list(flows_dir.OpenChildren())
      export_flows = [
          f for f in flows
          if f.__class__.__name__ == "ExportCollectionFilesAsArchive"]
      export_flow_urn = export_flows[0].urn
      for _ in test_lib.TestFlowHelper(export_flow_urn, token=self.token):
        pass

    self.Click("css=#notification_button")
    self.Click("css=tr:contains('ready for download')")
Exemple #13
0
    def testHuntNotifications(self):
        """This tests the Hunt notification event."""
        TestHuntListener.received_events = []

        # Set up 10 clients.
        client_ids = self.SetupClients(10)

        with hunts.GRRHunt.StartHunt(hunt_name="BrokenSampleHunt",
                                     regex_rules=[
                                         rdfvalue.ForemanAttributeRegex(
                                             attribute_name="GRR client",
                                             attribute_regex="GRR")
                                     ],
                                     client_rate=0,
                                     notification_event="TestHuntDone",
                                     token=self.token) as hunt:

            hunt.GetRunner().Start()

        foreman = aff4.FACTORY.Open("aff4:/foreman",
                                    mode="rw",
                                    token=self.token)
        for client_id in client_ids:
            foreman.AssignTasksToClient(client_id)

        # Run the hunt.
        client_mock = test_lib.SampleHuntMock()
        test_lib.TestHuntHelper(client_mock,
                                client_ids,
                                check_flow_errors=False,
                                token=self.token)

        self.assertEqual(len(TestHuntListener.received_events), 5)
Exemple #14
0
    def testClientsTabShowsCompletedAndOutstandingClients(self):
        with self.ACLChecksDisabled():
            # Create some clients and a hunt to view.
            self.CreateSampleHunt()

        # Run the hunt on half the clients.
        finished_client_ids = self.client_ids[5:]
        outstanding_client_ids = self.client_ids[:5]

        client_mock = test_lib.SampleHuntMock()
        test_lib.TestHuntHelper(client_mock, finished_client_ids, False,
                                self.token)

        self.Open("/#main=ManageHunts")
        self.Click("css=td:contains('GenericHunt')")
        self.Click("css=li[heading=Clients]")

        self.Click("css=label[name=ShowCompletedClients]")
        for client_id in finished_client_ids:
            self.WaitUntilContains(client_id.Basename(), self.GetText,
                                   "css=.tab-content")

        self.Click("css=label[name=ShowOutstandingClients]")
        for client_id in outstanding_client_ids:
            self.WaitUntilContains(client_id.Basename(), self.GetText,
                                   "css=.tab-content")
Exemple #15
0
    def testClientLimit(self):
        """This tests that we can limit hunts to a number of clients."""

        # Set up 10 clients.
        client_ids = self.SetupClients(10)
        with hunts.GRRHunt.StartHunt(hunt_name="SampleHunt",
                                     client_limit=5,
                                     regex_rules=[
                                         rdfvalue.ForemanAttributeRegex(
                                             attribute_name="GRR client",
                                             attribute_regex="GRR")
                                     ],
                                     client_rate=0,
                                     token=self.token) as hunt:
            hunt.Run()

        foreman = aff4.FACTORY.Open("aff4:/foreman",
                                    mode="rw",
                                    token=self.token)
        for client_id in client_ids:
            foreman.AssignTasksToClient(client_id)

        # Run the hunt.
        client_mock = test_lib.SampleHuntMock()
        test_lib.TestHuntHelper(client_mock, client_ids, False, self.token)

        hunt_obj = aff4.FACTORY.Open(hunt.urn,
                                     mode="rw",
                                     age=aff4.ALL_TIMES,
                                     token=self.token)

        started, finished, _ = hunt_obj.GetClientsCounts()
        # We limited here to 5 clients.
        self.assertEqual(started, 5)
        self.assertEqual(finished, 5)
Exemple #16
0
 def RunHunt(self, client_ids=None, iteration_limit=None, **mock_kwargs):
     client_mock = test_lib.SampleHuntMock(**mock_kwargs)
     test_lib.TestHuntHelper(client_mock,
                             client_ids or self.client_ids,
                             check_flow_errors=False,
                             iteration_limit=iteration_limit,
                             token=self.token)
Exemple #17
0
  def testCreatorPropagation(self):
    self.CreateAdminUser("adminuser")
    admin_token = access_control.ACLToken(username="******",
                                          reason="testing")
    # Start a flow that requires admin privileges in the hunt. The
    # parameters are not valid so the flow will error out but it's
    # enough to check if the flow was actually run (i.e., it passed
    # the label test).
    with hunts.GRRHunt.StartHunt(
        hunt_name="GenericHunt",
        flow_runner_args=rdfvalue.FlowRunnerArgs(flow_name="UpdateClient"),
        flow_args=rdfvalue.UpdateClientArgs(),
        regex_rules=[
            rdfvalue.ForemanAttributeRegex(attribute_name="GRR client",
                                           attribute_regex="GRR"),
        ],
        client_rate=0, token=admin_token) as hunt:
      hunt.Run()

    self.CreateUser("nonadmin")
    nonadmin_token = access_control.ACLToken(username="******",
                                             reason="testing")
    self.AssignTasksToClients()

    client_mock = test_lib.SampleHuntMock()
    test_lib.TestHuntHelper(client_mock, self.client_ids, False,
                            nonadmin_token)

    errors = list(hunt.GetClientsErrors())
    # Make sure there are errors...
    self.assertTrue(errors)
    # but they are not UnauthorizedAccess.
    for e in errors:
      self.assertTrue("UnauthorizedAccess" not in e.backtrace)
Exemple #18
0
  def _CreateHuntWithDownloadedFile(self):
    with self.ACLChecksDisabled():
      hunt = self.CreateSampleHunt(
          path=os.path.join(self.base_path, "test.plist"), client_count=1)

      action_mock = action_mocks.FileFinderClientMock()
      test_lib.TestHuntHelper(action_mock, self.client_ids, False, self.token)

      return hunt
Exemple #19
0
  def SetupHuntDetailView(self, failrate=2):
    """Create some clients and a hunt to view."""
    with self.CreateSampleHunt() as hunt:
      hunt.LogClientError(self.client_ids[1], "Client Error 1",
                          traceback.format_exc())

    # Run the hunt.
    client_mock = test_lib.SampleHuntMock(failrate=failrate)
    test_lib.TestHuntHelper(client_mock, self.client_ids, False, self.token)
Exemple #20
0
    def testHuntExpiration(self):
        """This tests that hunts with a client limit terminate correctly."""
        with test_lib.FakeTime(1000):
            with hunts.GRRHunt.StartHunt(
                    hunt_name="GenericHunt",
                    flow_runner_args=flow_runner.FlowRunnerArgs(
                        flow_name="GetFile"),
                    flow_args=transfer.GetFileArgs(pathspec=rdf_paths.PathSpec(
                        path="/tmp/evil.txt",
                        pathtype=rdf_paths.PathSpec.PathType.OS)),
                    regex_rules=[
                        rdf_foreman.ForemanAttributeRegex(
                            attribute_name="GRR client", attribute_regex="GRR")
                    ],
                    client_limit=5,
                    expiry_time=rdfvalue.Duration("1000s"),
                    token=self.token) as hunt:
                hunt.Run()

            # Pretend to be the foreman now and dish out hunting jobs to all the
            # clients (Note we have 10 clients here).
            foreman = aff4.FACTORY.Open("aff4:/foreman",
                                        mode="rw",
                                        token=self.token)
            for client_id in self.client_ids:
                foreman.AssignTasksToClient(client_id)

            hunt_obj = aff4.FACTORY.Open(hunt.session_id,
                                         age=aff4.ALL_TIMES,
                                         token=self.token)

            self.assertEqual(hunt_obj.Get(hunt_obj.Schema.STATE), "STARTED")

            # Now advance the time such that the hunt expires.
            time.time = lambda: 5000

            # Run the hunt.
            client_mock = test_lib.SampleHuntMock()
            test_lib.TestHuntHelper(client_mock,
                                    self.client_ids,
                                    check_flow_errors=False,
                                    token=self.token)

            # No client should be processed since the hunt is expired.
            started, finished, errors = hunt_obj.GetClientsCounts()
            self.assertEqual(started, 0)
            self.assertEqual(finished, 0)
            self.assertEqual(errors, 0)

            hunt_obj = aff4.FACTORY.Open(hunt.session_id,
                                         age=aff4.ALL_TIMES,
                                         token=self.token)

            # Hunts are automatically stopped when they expire.
            self.assertEqual(hunt_obj.Get(hunt_obj.Schema.STATE), "COMPLETED")
Exemple #21
0
  def _CreateHuntWithDownloadedFile(self):
    with self.ACLChecksDisabled():
      hunt = self.CreateSampleHunt(
          path=os.path.join(self.base_path, "test.plist"),
          client_count=1)

      action_mock = action_mocks.ActionMock("TransferBuffer", "StatFile",
                                            "HashFile", "HashBuffer")
      test_lib.TestHuntHelper(action_mock, self.client_ids, False, self.token)

      return hunt
Exemple #22
0
    def testHuntTermination(self):
        """This tests that hunts with a client limit terminate correctly."""
        with test_lib.FakeTime(1000, increment=1e-6):
            with hunts.GRRHunt.StartHunt(
                    hunt_name="GenericHunt",
                    flow_runner_args=rdfvalue.FlowRunnerArgs(
                        flow_name="GetFile"),
                    flow_args=rdfvalue.GetFileArgs(pathspec=rdfvalue.PathSpec(
                        path="/tmp/evil.txt",
                        pathtype=rdfvalue.PathSpec.PathType.OS)),
                    regex_rules=[
                        rdfvalue.ForemanAttributeRegex(
                            attribute_name="GRR client", attribute_regex="GRR")
                    ],
                    client_limit=5,
                    client_rate=0,
                    expiry_time=rdfvalue.Duration("1000s"),
                    token=self.token) as hunt:
                hunt.Run()

            # Pretend to be the foreman now and dish out hunting jobs to all the
            # clients (Note we have 10 clients here).
            foreman = aff4.FACTORY.Open("aff4:/foreman",
                                        mode="rw",
                                        token=self.token)
            for client_id in self.client_ids:
                foreman.AssignTasksToClient(client_id)

            # Run the hunt.
            client_mock = test_lib.SampleHuntMock()
            test_lib.TestHuntHelper(client_mock,
                                    self.client_ids,
                                    check_flow_errors=False,
                                    token=self.token)

            hunt_obj = aff4.FACTORY.Open(hunt.session_id,
                                         age=aff4.ALL_TIMES,
                                         token=self.token)

            started, finished, errors = hunt_obj.GetClientsCounts()
            self.assertEqual(started, 5)
            self.assertEqual(finished, 5)
            self.assertEqual(errors, 2)

            hunt_obj = aff4.FACTORY.Open(hunt.session_id,
                                         age=aff4.ALL_TIMES,
                                         token=self.token)

            # Hunts are automatically paused when they reach the client limit.
            self.assertEqual(hunt_obj.Get(hunt_obj.Schema.STATE), "PAUSED")
  def testMBRHunt(self):
    with hunts.GRRHunt.StartHunt(hunt_name="MBRHunt", length=3333,
                                 client_limit=1,
                                 token=self.token) as hunt:
      hunt.Run()
      hunt.StartClients(hunt.session_id, [self.client_id])

    # Run the hunt.
    client_mock = self.MBRHuntMock()
    test_lib.TestHuntHelper(client_mock, self.client_ids, False, self.token)

    mbr = aff4.FACTORY.Open(rdfvalue.RDFURN(self.client_id).Add("mbr"),
                            token=self.token)
    data = mbr.read(100000)
    self.assertEqual(len(data), 3333)
Exemple #24
0
    def setUp(self):
        super(ApiGetExportedHuntResultsHandlerTest, self).setUp()

        self.handler = hunt_plugin.ApiGetExportedHuntResultsHandler()

        self.hunt = hunts.GRRHunt.StartHunt(
            hunt_name=standard.GenericHunt.__name__,
            flow_runner_args=rdf_flows.FlowRunnerArgs(
                flow_name=DummyFlowWithSingleReply.__name__),
            client_rate=0,
            token=self.token)
        self.hunt.Run()

        client_ids = self.SetupClients(5)
        self.AssignTasksToClients(client_ids=client_ids)
        client_mock = test_lib.SampleHuntMock()
        test_lib.TestHuntHelper(client_mock, client_ids, token=self.token)
Exemple #25
0
  def SetupTestHuntView(self):
    # Create some clients and a hunt to view.
    with self.CreateSampleHunt() as hunt:
      hunt.Log("TestLogLine")

      # Log an error just with some random traceback.
      hunt.LogClientError(self.client_ids[1], "Client Error 1",
                          traceback.format_exc())

    # Run the hunt.
    client_mock = test_lib.SampleHuntMock()

    test_lib.TestHuntHelper(client_mock, self.client_ids, False, self.token)

    hunt = aff4.FACTORY.Open(hunt.urn, token=self.token)
    all_count, _, _ = hunt.GetClientsCounts()
    self.assertEqual(all_count, 10)
Exemple #26
0
    def testPausingAndRestartingDoesNotStartHuntTwiceOnTheSameClient(self):
        """This tests if the hunt completes when some clients hang or raise."""
        client_ids = self.SetupClients(10)

        client_rule_set = rdf_foreman.ForemanClientRuleSet(rules=[
            rdf_foreman.ForemanClientRule(
                rule_type=rdf_foreman.ForemanClientRule.Type.REGEX,
                regex=rdf_foreman.ForemanRegexClientRule(
                    attribute_name="GRR client", attribute_regex="GRR"))
        ])

        with hunts.GRRHunt.StartHunt(hunt_name="SampleHunt",
                                     client_rule_set=client_rule_set,
                                     client_rate=0,
                                     token=self.token) as hunt:

            hunt.GetRunner().Start()

            hunt_id = hunt.urn

        foreman = aff4.FACTORY.Open("aff4:/foreman",
                                    mode="rw",
                                    token=self.token)
        for client_id in client_ids:
            num_tasks = foreman.AssignTasksToClient(client_id)
            self.assertEqual(num_tasks, 1)

        client_mock = test_lib.SampleHuntMock()
        test_lib.TestHuntHelper(client_mock, client_ids, False, self.token)

        # Pausing and running hunt: this leads to the fresh rules being written
        # to Foreman.RULES.
        with aff4.FACTORY.Open(hunt_id, mode="rw", token=self.token) as hunt:
            runner = hunt.GetRunner()
            runner.Pause()
            runner.Start()

        # Recreating the foreman so that it updates list of rules.
        foreman = aff4.FACTORY.Open("aff4:/foreman",
                                    mode="rw",
                                    token=self.token)
        for client_id in client_ids:
            num_tasks = foreman.AssignTasksToClient(client_id)
            # No tasks should be assigned as this hunt ran on all the clients
            # before.
            self.assertEqual(num_tasks, 0)
Exemple #27
0
  def SetupTestHuntView(self):
    # Create some clients and a hunt to view.
    with self.CreateSampleHunt() as hunt:
      hunt.LogResult(self.client_ids[2], "Result 1")

      # Log an error just with some random traceback.
      hunt.LogClientError(self.client_ids[1], "Client Error 1",
                          traceback.format_exc())

    # Run the hunt.
    client_mock = test_lib.SampleHuntMock()

    test_lib.TestHuntHelper(client_mock, self.client_ids, False, self.token)

    hunt = aff4.FACTORY.Open(hunt.urn, token=self.token, age=aff4.ALL_TIMES)
    started = hunt.GetValuesForAttribute(hunt.Schema.CLIENTS)
    self.assertEqual(len(set(started)), 10)
Exemple #28
0
  def testShowsResultsTabForIndividualFlowsOnClients(self):
    with self.ACLChecksDisabled():
      # Create and run the hunt.
      self.CreateSampleHunt(stopped=False)
      client_mock = test_lib.SampleHuntMock(failrate=-1)
      test_lib.TestHuntHelper(client_mock, self.client_ids, False, self.token)

      self.GrantClientApproval(self.client_ids[0])

    self.Open("/#c=" + self.client_ids[0].Basename())
    self.Click("css=a:contains('Manage launched flows')")

    self.Click("css=grr-client-flows-list tr:contains('GetFile')")
    self.Click("css=li[heading=Results]")
    # This is to check that no exceptions happened when we tried to display
    # results.
    # TODO(user): Fail *any* test if we get a 500 in the process.
    self.WaitUntilNot(self.IsTextPresent, "Loading...")
Exemple #29
0
  def setUp(self):
    super(ApiGetHuntFilesArchiveHandlerTest, self).setUp()

    self.handler = hunt_plugin.ApiGetHuntFilesArchiveHandler()

    self.hunt = hunts.GRRHunt.StartHunt(
        hunt_name="GenericHunt",
        flow_runner_args=rdf_flows.FlowRunnerArgs(
            flow_name=file_finder.FileFinder.__name__),
        flow_args=file_finder.FileFinderArgs(
            paths=[os.path.join(self.base_path, "test.plist")],
            action=file_finder.FileFinderAction(action_type="DOWNLOAD"),),
        client_rate=0,
        token=self.token)
    self.hunt.Run()

    client_ids = self.SetupClients(10)
    self.AssignTasksToClients(client_ids=client_ids)
    action_mock = action_mocks.FileFinderClientMock()
    test_lib.TestHuntHelper(action_mock, client_ids, token=self.token)
Exemple #30
0
  def Run(self):
    client_ids = self.SetupClients(10)
    client_mock = test_lib.SampleHuntMock()

    with test_lib.FakeTime(42):
      with self.CreateHunt(description="the hunt") as hunt_obj:
        hunt_obj.Run()

    time_offset = 0
    for client_id in client_ids:
      with test_lib.FakeTime(45 + time_offset):
        self.AssignTasksToClients([client_id])
        test_lib.TestHuntHelper(client_mock, [client_id], False, self.token)
        time_offset += 10

    replace = {hunt_obj.urn.Basename(): "H:123456"}
    base_url = ("/api/hunts/%s/client-completion-stats"
                "?strip_type_info=1" % hunt_obj.urn.Basename())
    self.Check("GET", base_url, replace=replace)
    self.Check("GET", base_url + "&size=4", replace=replace)
    self.Check("GET", base_url + "&size=1000", replace=replace)