Esempio n. 1
0
 def __init__(self, execparams, parent):
     mandatoryparams = ['filepath', 'pattern']
     Action.__init__(self,
                     execparams=execparams,
                     manparams=mandatoryparams,
                     parent=parent)
     ProcessableAction.__init__(self, ['matchval'])
Esempio n. 2
0
 def __init__(self, execparams, parent):
     psplog.debug('New reg query action: exparms: {0} parent: {1}'.format(execparams, parent))
     Action.__init__(self, execparams=execparams, parent=parent)
     hivemap = {'hklm': 'L', 'hkey_local_machine': 'L', 'hku': 'U', 'hkey_users': 'U', 'hkcu': 'C', 'hkey_current_user': '******', 'hkcc': 'G', 'hkey_current_config': 'G', 'hkcr': 'R', 'hkey_classes_root': 'R'}
     try:
         self.hive = hivemap[self.execparams['regkey'].split('\\', 1)[0].lower()]
     except:
         self.hive = None
Esempio n. 3
0
 def Execute(self):
     Action.Execute(self)
     attrib = self.execparams['attribute']
     value = self.execparams['value']
     pspid = self.execparams.get('pspid', None)
     config = (self.execparams.get('config', 'false').lower() == 'true')
     if (attrib in ['vendor', 'product', 'version', 'installDate']):
         config = True
     try:
         prevPSPs = self.actmgr.GetPSPsFrom(self.parent.parent)
     except:
         psplog.error('Error getting previous PSP objects. Make sure there is a NewSWAction before you try to save to it.', exc_info=True)
         return False
     if (pspid != None):
         prevPSP = filter((lambda x: (x.pspid == pspid)), prevPSPs)[0]
         if ((prevPSP[attrib] != None) and (prevPSP[attrib] != 'NTR')):
             psplog.debug('before copy: {0}'.format(prevPSP))
             prevPSP = copy.deepcopy(prevPSP)
             psplog.debug('after copy: {0}'.format(prevPSP))
             self.actmgr.addPSP(prevPSP, self.parent)
         prevPSP.SaveAttribute(attrib, value, config)
     else:
         for prevPSP in prevPSPs:
             if ((prevPSP[attrib] != None) and (prevPSP[attrib] != 'NTR')):
                 psplog.debug('prevPSP: {0}'.format(prevPSP))
                 newPSP = copy.deepcopy(prevPSP)
                 psplog.debug('newPSP: {0}'.format(newPSP))
                 self.actmgr.addPSP(newPSP, self.parent)
                 newPSP.SaveAttribute(attrib, value, config)
     return True
Esempio n. 4
0
 def Validate(self):
     result = Action.Validate(self)
     if (self.hive is None):
         result.append(ValidationFailure(self, 'Invalid Hive: {0}'.format(self.execparams['regkey'].split('\\', 1)[0])))
     if ((self.execparams.get('regvalue') is None) and (self.execparams.get('regdata') is not None)):
         result.append(ValidationFailure(self, 'You cannot have a regdata without a regvalue.'))
     return result
Esempio n. 5
0
 def Validate(self):
     valid = Action.Validate(self)
     goodif = self.execparams.get('goodif', None)
     if (goodif is not None):
         try:
             parsed = self._parseIt(goodif)
             for (ndx, item) in enumerate(parsed):
                 if (not (item in self.validstatements)):
                     valid.append(
                         ValidationFailure(
                             self,
                             ('%s is not a valid SafetyCheck Statement' %
                              item)))
                 if (item in self.binaryops):
                     if (((ndx - 1) < 0) or ((ndx + 1) > len(parsed))
                             or (parsed[(ndx - 1)] not in self.conds)
                             or (parsed[(ndx + 1)] not in self.conds)):
                         valid.append(
                             ValidationFailure(
                                 self, 'Invalid use of binary operator!'))
         except SyntaxError:
             psplog.critical('Unable to parse the SafetyCheck line!',
                             exc_info=True)
             valid.append(
                 ValidationFailure(self,
                                   'Unable to parse the SafetyCheck line!'))
     return valid
Esempio n. 6
0
 def Execute(self):
     Action.Execute(self)
     self.script = self.execparams['name']
     self.entrypoint = self.execparams.get('entrypoint', 'main')
     self.args = self.execparams.get('args')
     try:
         PSPmodule = __import__('ops.psp.{0}'.format(self.script),
                                fromlist=self.entrypoint)
         PSPmethod = PSPmodule.__dict__[self.entrypoint]
         try:
             if (self.additionaldata and self.args):
                 self.result = PSPmethod(self.additionaldata, self.args)
             elif self.additionaldata:
                 self.result = PSPmethod(self.additionaldata)
             else:
                 self.result = PSPmethod(self.args)
         except SystemExit:
             pass
     except ImportError:
         psplog.critical(
             '[ScriptAction] There was an error importing the script: {0}'.
             format(self.script),
             exc_info=True)
         self.result = False
     except:
         psplog.critical(
             '[ScriptAction] There was an error executing the entrypoint: {0}.{1}'
             .format(self.script, self.entrypoint),
             exc_info=True)
         self.result = False
     return (self.result or False)
Esempio n. 7
0
 def Validate(self):
     Action.Validate(self)
     if (self.parent is None):
         raise AttributeError('The Process Action cannot ride the rollercoaster by itself! (It needs a parent)')
     if isinstance(self.parent, ProcessableAction):
         return self.parent.validateprocess(self.execparams)
     else:
         raise AttributeError('The parent action is not processable.')
Esempio n. 8
0
 def Execute(self):
     Action.Execute(self)
     plugin = self.execparams['command']
     handler = self.execparams['handlerfunc']
     safetychecked = False
     if (not safetychecked):
         try:
             addSafetyHandler(plugin, handler)
         except:
             psplog.critical("Unable to add safetyHandler for '{0}'.  Please use caution!".format(plugin))
Esempio n. 9
0
 def Execute(self):
     Action.Execute(self)
     swtype = self.execparams.get('type')
     if (swtype == 'PSP'):
         res = PSP()
     else:
         res = None
     self.result = res
     self.actmgr.addPSP(self.result, self)
     return (self.result is not None)
Esempio n. 10
0
 def Execute(self):
     Action.Execute(self)
     flag = self.execparams['flag']
     val = (True if (self.execparams.get('unset') is None) else False)
     if (flag in self.paramvalues['flag']):
         ops.env.set(flag, val)
         self.result = True
     else:
         self.result = False
     return self.result
Esempio n. 11
0
 def Execute(self):
     Action.Execute(self)
     self.result = None
     suc = False
     self.command = self.execparams['command']
     self.note = self.execparams.get('note', None)
     self.arguments = self.execparams.get('arguments', None)
     try:
         suc = True
     except:
         psplog.error('Greylist failed.', exc_info=True)
         suc = False
     return suc
Esempio n. 12
0
 def Execute(self):
     Action.Execute(self)
     self.result = None
     suc = False
     self.regkey = self.execparams['regkey'].split('\\', 1)[1]
     self.regvalue = self.execparams.get('regvalue', None)
     self.regsubkey = self.execparams.get('regsubkey', None)
     self.regdata = self.execparams.get('regdata', None)
     self.regcompare = self.execparams.get('regcompare', '=')
     searchkeys = (True if ((self.regsubkey is not None) and (self.regvalue is None)) else False)
     searchvalues = (True if (self.regvalue is not None) else False)
     try:
         result = ops.psp.RegQuery(self.hive, self.regkey, self.regvalue, searchvalues, searchkeys, haltonerror=True)
         if ((self.regvalue is None) and (self.regsubkey is None) and (self.regdata is None)):
             self.result = result
             suc = True
         elif ((len(result) > 0) and ((self.regvalue in result) or (self.regvalue is None)) and ((self.regsubkey in result) or (self.regsubkey is None))):
             self.result = result
             suc = True
             if (self.regdata is not None):
                 if ((self.regcompare == 'regex') and (not re.match(self.regdata, result[self.regvalue], re.IGNORECASE))):
                     suc = False
                 elif ((self.regcompare == '>') and (not (result[self.regvalue].lower() > self.regdata.lower()))):
                     suc = False
                 elif ((self.regcompare == '<') and (not (result[self.regvalue].lower() < self.regdata.lower()))):
                     suc = False
                 elif ((self.regcompare == '=') and (not (result[self.regvalue].lower() == self.regdata.lower()))):
                     suc = False
                 elif ((self.regcompare == '>=') and (not (result[self.regvalue].lower() >= self.regdata.lower()))):
                     suc = False
                 elif ((self.regcompare == '<=') and (not (result[self.regvalue].lower() <= self.regdata.lower()))):
                     suc = False
         else:
             suc = False
     except RegistryError:
         suc = False
     except:
         psplog.error('Unknown error while querying registry (See OPLOGS for more info)!', exc_info=True)
         suc = False
     psplog.debug('Registry Query key,result,success?: {2},{0},{1}'.format(self.result, suc, self.regkey))
     return suc
Esempio n. 13
0
 def __init__(self, execparams, parent):
     mandatoryparams = ['filepath', 'pattern']
     Action.__init__(self, execparams=execparams, manparams=mandatoryparams, parent=parent)
     ProcessableAction.__init__(self, ['matchval'])
Esempio n. 14
0
 def __init__(self, execparams, parent):
     Action.__init__(self, execparams=execparams, parent=parent)
Esempio n. 15
0
 def Execute(self):
     Action.Execute(self)
     self.path = self.execparams['directory']
     mask = self.execparams.get('dirmask', '*')
     self.result = GetDirList(mask=mask, path=self.path)
     return (self.result is not None)
Esempio n. 16
0
 def __init__(self, params, **kwargs):
     Action.__init__(self, execparams=params, **kwargs)
Esempio n. 17
0
 def __init__(self, params, parent):
     self.additionaldata = None
     Action.__init__(self, execparams=params, parent=parent)
Esempio n. 18
0
 def __init__(self, params, parent):
     self.mandatoryparams = ['text']
     Action.__init__(self, params, parent)
Esempio n. 19
0
 def Execute(self):
     Action.Execute(self)
     self.result = self.parent.process(self.execparams)
     return (self.result is not None)
Esempio n. 20
0
 def __init__(self, params, parent):
     self.mandatoryparams = None
     Action.__init__(self, execparams=params, parent=parent)
Esempio n. 21
0
 def Execute(self):
     Action.Execute(self)
     pathnmask = self.execparams['filepath']
     pattern = self.execparams['pattern']
     self.result = GetFileGrep(pathnmask=pathnmask, pattern=pattern)
     return (self.result is not None)
Esempio n. 22
0
 def Execute(self):
     Action.Execute(self)
     self.result = self.execparams['text']
     return True