def __init__(self):
"""
"""
self.memory = None
self.tunnel = None
self.shell = None
self.remote_addr = None
self.remote_port = None
self.tunnel_addr = "127.0.0.1"
self.tunnel_port = None
self.shell = RemoteShell()
self.commands = Commands
self.tunnel = SSHTunnel()
def __init__(self):
"""
"""
self.memory = None
self.tunnel = None
self.shell = None
self.remote_addr = None
self.remote_port = None
self.tunnel_addr = "127.0.0.1"
self.tunnel_port = None
self.shell = RemoteShell()
self.commands = Commands
self.tunnel = SSHTunnel()
self.net_parser = parser.ProcNetTcpParser()
def __init__(self):
"""
"""
self.memory = None
self.tunnel = None
self.shell = None
self.remote_addr = None
self.remote_port = None
self.tunnel_addr = "127.0.0.1"
self.tunnel_port = None
self.shell = RemoteShell()
self.commands = Commands
self.tunnel = SSHTunnel()
def __init__(self):
"""
"""
self.memory = None
self.tunnel = None
self.shell = None
self.remote_addr = None
self.remote_port = None
self.tunnel_addr = "127.0.0.1"
self.tunnel_port = None
self.shell = RemoteShell()
self.commands = Commands
self.tunnel = SSHTunnel()
self.net_parser = parser.ProcNetTcpParser()
class Host():
def __init__(self):
"""
"""
self.memory = None
self.tunnel = None
self.shell = None
self.remote_addr = None
self.remote_port = None
self.tunnel_addr = "127.0.0.1"
self.tunnel_port = None
self.shell = RemoteShell()
self.commands = Commands
self.tunnel = SSHTunnel()
def connect(self, username, password, key, address, port):
"""
Connect ssh tunnel and shell executor to remote host
:type username: str
:param username: username for authentication
:type password: str
:param password: password for authentication, may be used to unlock rsa key
:type key: str
:param key: path to rsa key for authentication
:type address: str
:param address: address for remote host
:type port: int
:param port: ssh port for remote host
"""
if port is None:
self.remote_port = 22
else:
self.remote_port = port
auth = Auth(username=username, password=password, key=key)
self.tunnel.connect(auth, address, self.remote_port)
self.shell.connect(auth, address, self.remote_port)
self.remote_addr = address
def start_tunnel(self, local_port, remote_address, remote_port):
"""
Start ssh forward tunnel
:type local_port: int
:param local_port: local port binding for ssh tunnel
:type remote_address: str
:param remote_address: remote tunnel endpoint bind address
:type remote_port: int
:param remote_port: remote tunnel endpoint bind port
"""
self.tunnel.start(local_port, remote_address, remote_port)
self.tunnel_port = local_port
def mem_size(self):
"""
Returns the memory size in bytes of the remote host
"""
result = self.shell.execute(self.commands.mem_size.value)
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
return int(stdout)
def kernel_version(self):
"""
Returns the kernel kernel version of the remote host
"""
result = self.shell.execute(self.commands.kernel_version.value)
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
return stdout
def wait_for_lime(self, listen_port, listen_address="0.0.0.0",
max_tries=20, wait=1):
"""
Wait for lime to load unless max_retries is exceeded
:type listen_port: int
:param listen_port: port LiME is listening for connections on
:type listen_address: str
:param listen_address: address LiME is listening for connections on
:type max_tries: int
:param max_tries: maximum number of checks that LiME has loaded
:type wait: int
:param wait: time to wait between checks
"""
tries = 0
pattern = self.commands.lime_pattern.value.format(listen_address,
listen_port)
lime_loaded = False
while tries < max_tries and lime_loaded is False:
lime_loaded = self.check_for_lime(pattern, listen_port)
tries = tries + 1
time.sleep(wait)
return lime_loaded
def check_for_lime(self, pattern, listen_port):
"""
Check to see if LiME has loaded on the remote system
:type pattern: str
:param pattern: pattern to check output against
:type listen_port: int
:param listen_port: port LiME is listening for connections on
"""
check = self.commands.lime_check.value.format(listen_port)
result = self.shell.execute(check)
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
if pattern in stdout:
return True
else:
return False
def upload_module(self, local_path=None, remote_path="/tmp/lime.ko"):
"""
Upload LiME kernel module to remote host
:type local_path: str
:param local_path: local path to lime kernel module
:type remote_path: str
:param remote_path: remote path to upload lime kernel module
"""
if local_path is None:
raise FileNotFoundFoundError(local_path)
self.shell.upload_file(local_path, remote_path)
def load_lime(self, remote_path, listen_port, dump_format='lime'):
"""
Load LiME kernel module from remote filesystem
:type remote_path: str
:param remote_path: path to LiME kernel module on remote host
:type listen_port: int
:param listen_port: port LiME uses to listen to remote connections
:type dump_format: str
:param dump_format: LiME memory dump file format
"""
load_command = self.commands.load_lime.value.format(remote_path,
listen_port,
dump_format)
self.shell.execute_async(load_command)
def unload_lime(self):
"""
Remove LiME kernel module from remote host
"""
self.shell.execute(self.commands.unload_lime.value)
def capture_memory(self, destination, filename, bucket, progressbar):
"""
"""
mem_size = self.mem_size()
mem = Memory(self.remote_addr, mem_size, progressbar=progressbar)
mem.capture(self.tunnel_addr, self.tunnel_port, destination=destination,
filename=filename, bucket=bucket)
# TODO: move this to RemoteShell?
# TODO: eventually hook this in to our logger
# TODO: doc string
def log_async_result(self, future):
"""
"""
result = future.result()
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
print(stdout)
print(stderr)
def cleanup(self):
"""
Release resources used by supporting classes
"""
try:
self.unload_lime()
except AttributeError as ex:
pass
self.tunnel.cleanup()
self.shell.cleanup()
def test_remote_shell():
rs = RemoteShell()
assert isinstance(rs.ssh, SSHClient)
class Host():
def __init__(self):
"""
"""
self.memory = None
self.tunnel = None
self.shell = None
self.remote_addr = None
self.remote_port = None
self.tunnel_addr = "127.0.0.1"
self.tunnel_port = None
self.shell = RemoteShell()
self.commands = Commands
self.tunnel = SSHTunnel()
def connect(self, username, password, key, address, port):
"""
Connect ssh tunnel and shell executor to remote host
:type username: str
:param username: username for authentication
:type password: str
:param password: password for authentication, may be used to unlock rsa key
:type key: str
:param key: path to rsa key for authentication
:type address: str
:param address: address for remote host
:type port: int
:param port: ssh port for remote host
"""
if port is None:
self.remote_port = 22
else:
self.remote_port = port
auth = Auth(username=username, password=password, key=key)
self.tunnel.connect(auth, address, self.remote_port)
self.shell.connect(auth, address, self.remote_port)
self.remote_addr = address
def start_tunnel(self, local_port, remote_address, remote_port):
"""
Start ssh forward tunnel
:type local_port: int
:param local_port: local port binding for ssh tunnel
:type remote_address: str
:param remote_address: remote tunnel endpoint bind address
:type remote_port: int
:param remote_port: remote tunnel endpoint bind port
"""
self.tunnel.start(local_port, remote_address, remote_port)
self.tunnel_port = local_port
def mem_size(self):
"""
Returns the memory size in bytes of the remote host
"""
result = self.shell.execute(self.commands.mem_size.value)
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
return int(stdout)
def kernel_version(self):
"""
Returns the kernel kernel version of the remote host
"""
result = self.shell.execute(self.commands.kernel_version.value)
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
return stdout
def wait_for_lime(self, listen_port, listen_address="0.0.0.0",
max_tries=20, wait=1):
"""
Wait for lime to load unless max_retries is exceeded
:type listen_port: int
:param listen_port: port LiME is listening for connections on
:type listen_address: str
:param listen_address: address LiME is listening for connections on
:type max_tries: int
:param max_tries: maximum number of checks that LiME has loaded
:type wait: int
:param wait: time to wait between checks
"""
tries = 0
pattern = self.commands.lime_pattern.value.format(listen_address,
listen_port)
lime_loaded = False
while tries < max_tries and lime_loaded is False:
lime_loaded = self.check_for_lime(pattern, listen_port)
tries = tries + 1
time.sleep(wait)
return lime_loaded
def check_for_lime(self, pattern, listen_port):
"""
Check to see if LiME has loaded on the remote system
:type pattern: str
:param pattern: pattern to check output against
:type listen_port: int
:param listen_port: port LiME is listening for connections on
"""
check = self.commands.lime_check.value.format(listen_port)
result = self.shell.execute(check)
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
if pattern in stdout:
return True
else:
return False
def upload_module(self, local_path=None, remote_path="/tmp/lime.ko"):
"""
Upload LiME kernel module to remote host
:type local_path: str
:param local_path: local path to lime kernel module
:type remote_path: str
:param remote_path: remote path to upload lime kernel module
"""
if local_path is None:
raise FileNotFoundFoundError(local_path)
self.shell.upload_file(local_path, remote_path)
def load_lime(self, remote_path, listen_port, dump_format='lime'):
"""
Load LiME kernel module from remote filesystem
:type remote_path: str
:param remote_path: path to LiME kernel module on remote host
:type listen_port: int
:param listen_port: port LiME uses to listen to remote connections
:type dump_format: str
:param dump_format: LiME memory dump file format
"""
load_command = self.commands.load_lime.value.format(remote_path,
listen_port,
dump_format)
self.shell.execute_async(load_command)
def unload_lime(self):
"""
Remove LiME kernel module from remote host
"""
self.shell.execute(self.commands.unload_lime.value)
def capture_memory(self, destination, filename, bucket, progressbar):
"""
"""
mem_size = self.mem_size()
mem = Memory(self.remote_addr, mem_size, progressbar=progressbar)
mem.capture(self.tunnel_addr, self.tunnel_port, destination=destination,
filename=filename, bucket=bucket)
# TODO: move this to RemoteShell?
# TODO: eventually hook this in to our logger
# TODO: doc string
def log_async_result(self, future):
"""
"""
result = future.result()
stdout = self.shell.decode(result['stdout'])
stderr = self.shell.decode(result['stderr'])
print(stdout)
print(stderr)
def cleanup(self):
"""
Release resources used by supporting classes
"""
try:
self.unload_lime()
except AttributeError as ex:
pass
self.tunnel.cleanup()
self.shell.cleanup()