def collect(self):
apis = []
for plugin_api in self.generate_api():
apis.append(plugin_api)
yield dict(plugin=plugin_api["plugin"],
api=yaml_utils.safe_dump(plugin_api),
raw_api=plugin_api)
if self.plugin_args.output_file:
with open(self.plugin_args.output_file, "wb") as fd:
fd.write(yaml_utils.safe_dump(apis))
def write_manifest(self):
yield dict(Message="Writing manifest file.")
# Now upload the signed manifest to the bucket. Manifest must be
# publicly accessible.
upload_location = self._config.server.manifest_for_server()
yield dict(Message="Writing manifest file to %s" % (
upload_location.to_path()))
upload_location.write_file(self._config.signed_manifest.to_json())
print yaml_utils.safe_dump(self._config.manifest.to_primitive())
def write_config(self):
server_config_filename = os.path.join(
self.config_dir, self.server_config_filename)
if os.access(server_config_filename, os.R_OK):
yield dict(
Message="Server config at %s exists. Remove to regenerate." % (
server_config_filename))
# Load existing server config.
server_config_data = open(server_config_filename, "rb").read()
config = agent.Configuration.from_primitive(
yaml.safe_load(server_config_data), session=self.session)
else:
# Make a new configuration
config = agent.Configuration(session=self.session)
self.session.SetParameter("agent_config_obj", config)
self._build_config(config)
yield dict(Message="Writing server config file %s" %
server_config_filename)
with open(server_config_filename, "wb") as fd:
fd.write(yaml_utils.safe_dump(config.to_primitive()))
# The client gets just the client part of the configuration.
client_config = agent.Configuration(session=self.session)
client_config.client = config.client
client_config.ca_certificate = config.ca_certificate
client_config_filename = os.path.join(
self.config_dir, self.client_config_filename)
yield dict(
Message="Writing client config file %s" % (
client_config_filename))
with open(client_config_filename, "wb") as fd:
fd.write(self.client_config_warning +
yaml_utils.safe_dump(client_config.to_primitive()))
# Now load the server config file to make sure it is validly written.
self.session.SetParameter("agent_configuration", server_config_filename)
self._config = self.session.GetParameter(
"agent_config_obj", cached=False)
if self._config == None:
raise RuntimeError("Unable to parse provided configuration.")
def write_config(self):
parameters = self._get_template_parameters()
# The client config should be completely self contained (i.e. without
# external file references).
self.session.SetParameter("config_search_path", [self.config_dir])
server_config_filename = os.path.join(self.config_dir,
self.server_config_filename)
if os.access(server_config_filename, os.R_OK):
yield dict(
Message="Server config at %s exists. Remove to regenerate." %
(server_config_filename))
# Load existing server config.
server_config_data = open(server_config_filename, "rb").read()
else:
server_config_data = (
self.server_config_template.format(**parameters) +
self.client_config_template.format(**parameters))
yield dict(Message="Writing server config file %s" %
server_config_filename)
with open(server_config_filename, "wb") as fd:
fd.write(server_config_data)
config = agent.Configuration.from_primitive(
yaml.safe_load(server_config_data), session=self.session)
# The client gets the same configuration, except for the server part.
client_config = config.copy()
client_config.server = None
labels = set(self.plugin_args.labels)
labels.update(config.client.labels)
if "All" not in labels:
labels.add("All")
client_config.client.labels = sorted(labels)
client_config_filename = os.path.join(self.config_dir,
self.client_config_filename)
yield dict(Message="Writing client config file %s" %
(client_config_filename))
with open(client_config_filename, "wb") as fd:
fd.write(self.client_config_warning +
yaml_utils.safe_dump(client_config.to_primitive()))
# Now load the server config file.
self.session.SetParameter("agent_configuration",
server_config_filename)
self._config = self.session.GetParameter("agent_config_obj",
cached=False)
if self._config == None:
raise RuntimeError("Unable to parse provided configuration.")
def collect(self):
artifact_profile = self.session.LoadProfile("artifacts")
for artifact in self.plugin_args.artifacts:
definition = artifact_profile.definitions_by_name.get(artifact)
if definition:
yield dict(divider=artifact)
yield dict(Message=yaml_utils.safe_dump(definition))
def write_manifest(self):
yield dict(Message="Writing manifest file.")
manifest = agent.Manifest.from_keywords(
session=self.session,
rekall_session=dict(live="API"),
# When the client starts up we want it to run the startup action and
# store the result in the Startup batch queue.
startup_actions=[
interrogate.StartupAction.from_keywords(
session=self.session,
startup_message=(interrogate.Startup.from_keywords(
session=self.session,
location=self._config.server.flow_ticket_for_client(
"Startup",
path_template="{client_id}",
))))
])
# Now create a signed manifest.
signed_manifest = agent.SignedManifest.from_keywords(
session=self.session,
data=manifest.to_json(),
server_certificate=self._config.server.certificate,
)
signed_manifest.signature = self._config.server.private_key.sign(
signed_manifest.data)
# Now upload the signed manifest to the bucket. Manifest must be
# publicly accessible.
upload_location = self._config.server.manifest_for_server()
yield dict(Message="Writing manifest file to %s" %
(upload_location.to_path()))
upload_location.write_file(signed_manifest.to_json())
print yaml_utils.safe_dump(manifest.to_primitive())
def launch_client(_):
flags, client_number = _
config = yaml.safe_load(open(flags.config).read())
config["client"]["writeback_path"] = "%s/pool_writeback%s.yaml" % (
flags.state_dir, client_number)
config_file_name = "%s/pool_config%s.yaml" % (flags.state_dir,
client_number)
with open(config_file_name, "wb") as fd:
fd.write(yaml_utils.safe_dump(config))
rekall_session = session.Session(agent_configuration=config_file_name)
agent_plugin = agent.RekallAgent(session=rekall_session, )
# This does not exit.
agent_plugin.collect()
def render_json(self, data, renderer):
renderer.table_header([dict(name="Message")], auto_widths=True)
renderer.table_row(yaml_utils.safe_dump(data))