Exemple #1
0
def get_file_info(system, path, verbose=False):
    fullpath = get_fullpath(system, path)
    if fullpath == IO_ERROR:
        return IO_ERROR

    result = {}
    if system.startswith('/'):  # local or sub
        if can_read(system, path):
            # TODO platform-specific
            stats = os.stat(fullpath)
            stm = stats.st_mode
            result['type'] = get_file_type_char(stat.S_IFMT(stm))
            result['permissions'] = '%o' % (stat.S_IMODE(stm))
            result['UID'] = stats[stat.ST_UID]
            result['GID'] = stats[stat.ST_GID]
            result['ATIME'] = stats[stat.ST_ATIME]
            result['MTIME'] = stats[stat.ST_MTIME]
            result['CTIME'] = stats[
                stat.ST_CTIME]  # actually mtime on UNIX, TODO
        else:
            if verbose:
                log.info('File \'%s\' is not accessible.' % (fullpath))
            result['type'] = None
            result['permissions'] = None
            result['UID'] = None
            result['GID'] = None
            result['ATIME'] = None
            result['MTIME'] = None
            result['CTIME'] = None
        return result

    else:  # SSH/FTP/TFTP/HTTP
        # TODO NOT IMPLEMENTED
        return IO_ERROR
Exemple #2
0
def exit_program(signal, frame):
    if signal == -1:  # immediate termination due to -h or bad parameter
        lib.scheduler.stop()
        sys.exit(0)

    log.attachline()
    log.info('Terminating all connections...')
    for c in lib.connections:
        for con in c.connectors[::-1]:
            con.close()  # for Paramiko, TODO for every type?

    log.info('Killing all the threads...')

    # stop the scheduler (will stop all threads)
    lib.scheduler.stop()
    # wait for scheduler termination
    while lib.scheduler.is_alive():
        time.sleep(0.1)
    log.info('Cleaning databases...')
    lib.db['dict'].clean()
    lib.db['vuln'].clean()
    lib.db['checksum'].clean()
    # disconnect from databases
    log.info('Disconnecting from databases...')
    for db in lib.db.values():
        if db:
            db.close()
    log.info('%s out.' % lib.appname)
    sys.exit(0 if signal is None else 1)
Exemple #3
0
def main():
    global_parameters['UUID'] = get_local_uuid()
    lib.active_session = db['analysis'].get_last_session()
    if lib.active_session is None:
        # Cannot get any session ID =>
        # analysis.db is not accessible =>
        # 'install script has not been executed'
        log.err('Cannot get session ID. Did you run correct installation script?')
        exit_program(-1, None)
        
    db['analysis'].create_session(lib.active_session)
    log.info('Currently working with session #%d.' % lib.active_session)
    # check if already admin
    if is_admin():
        log.ok('Administrator privileges already granted on \'%s\'.' % (global_parameters['ACTIVEROOT']), dbnote=DBNOTE_UNIQUE)
    # if input from file, load commands into queue
    if args.input_file is not None:
        if os.access(args.input_file[0], os.R_OK):
            with open(args.input_file[0], 'r') as f:
                lib.commands = [x if x not in QUIT_STRINGS else 'force_exit' for x in f.read().splitlines()]
                lib.from_input_file = True
        else:
            log.err('Input file cannot be read!')

    # run all input commands
    while len(lib.commands) > 0:
        c = lib.commands[0]
        del lib.commands[0]
        if lib.from_input_file:
            log.prompt()            # print prompt
            log.attachline(c)       # print command
        execute_command(c)          # run the command

    lib.from_input_file = False
        
    # main loop
    while True:
        # input from stdin, piped or redirected
        log.prompt()
        if lib.python_version[0] == '2':
            func = raw_input
        elif lib.python_version[0] == '3':
            func = input
        else:
            log.err('Undefined python version (%s).' % lib.python_version)
            break
        # add command into queue
        #lib.commands.append(func())
        try:
            execute_command(func())
        except EOFError as e: # Ctrl+D => exit
            exit_program(None, None)
Exemple #4
0
    def run(self):
        while not self.terminate:  # quit program not requested
            self.lock.acquire()
            todel = []

            # BACKGROUND JOBS
            for x in self.jobs:  # pinpoint dead background jobs
                s = self.jobs[x]
                if not s.job.is_alive():
                    todel.append(x)

            for x in todel:  # remove them
                s = self.jobs[x]
                end = time.time()
                log.info('Background job %d (%s) has terminated (%s).' %
                         (x, s.name, log.show_time(end - s.start)))
                del self.jobs[x]

            # USER THREADS
            todel = []
            for t in self.user_threads:  # pinpoint dead user threads
                if not t.is_alive():
                    todel.append(t)

            for t in todel:  # remove them
                self.user_threads.remove(t)

            # check waiting jobs
            # TODO
            todel = []
            for k, v in self.waitjobs.items():
                if len(set(v.waitfor).intersection(self.jobs.keys())) == 0:
                    # move waitjob to jobs, start it
                    todel.append(k)
                    log.info('Background job %d (%s) is no longer waiting.' %
                             (k, v.name))
                    start = time.time()
                    v.job.start()
                    v.start = start
                    self.jobs[k] = v
            for x in todel:
                del self.waitjobs[x]

            self.lock.release()
            time.sleep(0.25)
Exemple #5
0
	def delete(self, query=''):
		keys = [x for x in query.split(' ') if len(x)>0]
		# delete specified branch
		keys = [x for x in query.split(' ') if len(x)>0]
		self.lock.acquire()
		if len(keys) == 0:
			# delete everything
			self.kb = {}
		else:
			# find node holding branch to delete
			result = self.search(keys, parent=True)
			if result[1]+1<len(keys):
				# not found, not deleting
				pass
			else:
				# delete branch
				del result[0][keys[result[1]]]
				log.info('Entry %s has been deleted.' % ' > '.join(keys[:result[1]+1]))
		self.lock.release()
Exemple #6
0
def main():
    global_parameters['UUID'] = get_local_uuid()
    lib.active_session = db['analysis'].get_last_session()
    db['analysis'].create_session(lib.active_session)
    log.info('Currently working with session #%d.' % lib.active_session)
    # check if already admin
    if is_admin():
        log.ok('Administrator privileges already granted on \'%s\'.' % (global_parameters['ACTIVEROOT']), dbnote=DBNOTE_UNIQUE)
    # if input from file, load commands into queue
    if args.input_file is not None:
        if os.access(args.input_file[0], os.R_OK):
            with open(args.input_file[0], 'r') as f:
                lib.commands = f.read().splitlines()
                lib.from_input_file = True
        else:
            log.err('Input file cannot be read!')

    # run all input commands
    while len(lib.commands) > 0:
        c = lib.commands[0]
        del lib.commands[0]
        if lib.from_input_file:
            log.prompt()            # print prompt
            log.attachline(c)       # print command
        execute_command(c)          # run the command

    lib.from_input_file = False
        
    # main loop
    while True:
        # input from stdin
        log.prompt()
        if lib.python_version[0] == '2':
            func = raw_input
        elif lib.python_version[0] == '3':
            func = input
        else:
            log.err('Undefined python version (%s).' % lib.python_version)
            break
        # add command into queue
        #lib.commands.append(func())
        execute_command(func())
Exemple #7
0
 def delete(self, query=''):
     keys = [x for x in query.split(' ') if len(x) > 0]
     # delete specified branch
     keys = [x for x in query.split(' ') if len(x) > 0]
     self.lock.acquire()
     if len(keys) == 0:
         # delete everything
         self.kb = {}
     else:
         # find node holding branch to delete
         result = self.search(keys, parent=True)
         if result[1] + 1 < len(keys):
             # not found, not deleting
             pass
         else:
             # delete branch
             del result[0][keys[result[1]]]
             log.info('Entry %s has been deleted.' %
                      ' > '.join(keys[:result[1] + 1]))
     self.lock.release()
Exemple #8
0
def load_modules():
    """ Import modules from source/modules/ folder """
    lib.module_objects = []
    lib.modules = {}
    module_names = [x[:-3] for x in os.listdir('source/modules') if x[0]!='_' and x[-3:] == '.py']

    # import/reimport modules
    for m in module_names:
        if 'source.modules.' + m in sys.modules:
            imp.reload(sys.modules['source.modules.' + m]) # TODO deprecated?
        else:
            importlib.import_module('source.modules.' + m)
    
    # initialize modules dictionary
    for v in lib.module_objects:
        if v.name in lib.modules:
            log.warn('Duplicit module %s.' % (v.name))
        lib.modules[v.name] = v 
    
    log.info('%d modules loaded.' % (len(lib.modules)))
Exemple #9
0
    def add(self, name, start, job, timeout=None, waitfor=None):
        if self.terminate:  # in terminating state, do not create anything new
            return None
        # add a new job
        self.lock.acquire()
        jobid = self.newid()  # get lowest unused id
        if waitfor is None:
            self.jobs[jobid] = Job(name, start, job, timeout)
            job.start()
            log.info('Module %s will run in the background with id %d.' %
                     (name, jobid))
        else:
            # what to wait for?
            ids_to_wait_for = []
            for x in waitfor:
                if type(x) == int:
                    ids_to_wait_for.append(x)
                elif type(x) == str:
                    if x.isdigit():
                        ids_to_wait_for.append(int(x))
                    else:
                        matches = search_abbr(x, lib.modules.keys())
                        ids_to_wait_for += [
                            k for k, v in self.jobs.items()
                            if v.name in matches
                        ]
                else:
                    log.warn(
                        'Could not process wait parameter \'%s\', ignoring...'
                        % (x))
                    continue
            ids_to_wait_for = list(set(ids_to_wait_for))
            self.waitjobs[jobid] = Job(name, start, job, timeout,
                                       ids_to_wait_for)
            log.info(
                'Module %s with id %d will be executed after following jobs finish: %s'
                % (name, jobid, ', '.join(map(str, ids_to_wait_for))))

        self.lock.release()
        return jobid
Exemple #10
0
def get_system_type_from_active_root(activeroot, verbose=False, dontprint=''):
    if activeroot == '/':
        return sys.platform
    #
    # check db if the system is known
    #

    # TODO

    #
    # new system - detect it and write into db
    #

    # chroot or similar?
    if activeroot.startswith(('/', 'ssh://')):  # sub or ssh
        # linux should have some folders in / ...
        success = 0
        linux_folders = [
            '/bin', '/boot', '/dev', '/etc', '/home', '/lib', '/media', '/opt',
            '/proc', '/root', '/sbin', '/srv', '/sys', '/tmp', '/usr'
        ]
        for folder in linux_folders:
            if can_read(activeroot, folder):
                success += 1
        linux_score = success / len(linux_folders)

        if verbose:
            if type(dontprint) != str or dontprint == '':
                log.info('Linux score for \'%s\': %f' %
                         (activeroot, linux_score))
            else:
                log.info('Linux score for \'%s\': %f' %
                         (activeroot.partition(dontprint)[2], linux_score))
        if linux_score > 0.3:  # this should be linux
            #TODO write into DB
            return 'linux'

    #TODO NOT IMPLEMENTED
    return 'unknown'
Exemple #11
0
def load_modules():
    """ Import modules from source/modules/ folder """
    lib.module_objects = []
    lib.modules = {}
    module_names = [
        x[:-3] for x in os.listdir('source/modules')
        if x[0] != '_' and x[-3:] == '.py'
    ]

    # import/reimport modules
    for m in module_names:
        if 'source.modules.' + m in sys.modules:
            imp.reload(sys.modules['source.modules.' + m])  # TODO deprecated?
        else:
            importlib.import_module('source.modules.' + m)

    # initialize modules dictionary
    for v in lib.module_objects:
        if v.name in lib.modules:
            log.warn('Duplicit module %s.' % (v.name))
        lib.modules[v.name] = v

    log.info('%d modules loaded.' % (len(lib.modules)))
Exemple #12
0
def exit_program(signal, frame):
    if signal == -1: # immediate termination due to -h or bad parameter
        lib.scheduler.stop()
        sys.exit(0)
    
    log.attachline()
    log.info('Killing all the threads...')
    # stop the scheduler (will stop all threads)
    lib.scheduler.stop()
    # wait for scheduler termination
    while lib.scheduler.isAlive():
        time.sleep(0.1)
    log.info('Cleaning databases...')
    lib.db['dict'].clean()
    # disconnect from databases
    log.info('Disconnecting from databases...')
    for dbname in lib.db.keys():
        if lib.db[dbname]:
            lib.db[dbname].close()
    log.info('%s out.' % lib.appname)
    sys.exit(0)
Exemple #13
0
 def version(self):
     self.execute('SELECT SQLITE_VERSION()')
     data = self.cursor.fetchone()
     log.info("SQLite version: %s" % data)