def test_mode_module(name, interactive):
print "[+] Enabling test mode."
if 'temp_path' not in fame_config:
fame_config.temp_path = os.path.join(fame_dir, "temp")
print "[+] Setting temp_path to {}".format(fame_config.temp_path)
dispatcher = Dispatcher(interactive)
module = dispatcher.get_module(name)
if not module:
error("Could not find module '{}'".format(name))
return module
def __init__(self, values):
self['status'] = self.STATUS_PENDING
self['executed_modules'] = []
self['pending_modules'] = []
self['waiting_modules'] = []
self['canceled_modules'] = []
self['preloading_modules'] = []
self['tags'] = []
self['iocs'] = []
self['results'] = {}
self['generated_files'] = {}
self['extracted_files'] = []
self['support_files'] = {}
self['logs'] = []
self['extractions'] = []
self['probable_names'] = []
self['options'] = {}
self['date'] = datetime.datetime.now()
self['end_date'] = None
self['groups'] = []
self['analyst'] = []
MongoDict.__init__(self, values)
self._file = File(store.files.find_one({'_id': self['file']}))
if '_id' not in self:
self._init_threat_intelligence()
# Sort preloading and processing modules
if self['modules']:
processing = []
for module_name in self['modules']:
module = dispatcher.get_module(module_name)
if module is not None:
if module.info['type'] == "Preloading":
self['preloading_modules'].append(module_name)
else:
processing.append(module_name)
self['modules'] = processing
self.save()
if self['modules']:
self.queue_modules(self['modules'])
self._automatic()
self.resume()
def queue_modules(self, modules, fallback_waiting=True):
for module_name in iterify(modules):
self.log("debug",
"Trying to queue module '{0}'".format(module_name))
if (module_name not in self['executed_modules']
and module_name not in self['pending_modules']):
module = dispatcher.get_module(module_name)
if module is None:
self._error_with_module(
module_name, "module has been removed or disabled.")
else:
if self._can_execute_module(module):
if self.append_to('pending_modules', module_name):
celery.send_task('run_module',
args=(self['_id'], module_name),
queue=module.info['queue'])
elif fallback_waiting:
self.append_to('waiting_modules', module_name)
def run(self, module_name):
self.log('debug', "Trying to run {0}".format(module_name))
print(("Trying to run {0}".format(module_name)))
# This test prevents multiple execution of the same module
if self.append_to('executed_modules', module_name):
module = dispatcher.get_module(module_name)
if module is None:
self._error_with_module(
module_name, "module has been removed or disabled.")
else:
try:
module.initialize()
if module.info['type'] == "Preloading":
self.update_value('status', self.STATUS_PRELOADING)
else:
self.update_value('status', self.STATUS_RUNNING)
if module.execute(self):
# Save results, if any
if module.results is not None:
self.update_value(['results', module_name],
module.results)
# Save tags, and queue triggered modules
for tag in module.tags:
tag_string = "%s(%s)" % (module_name, tag)
self.add_tag(tag_string)
self.add_tag(module_name)
self.log('debug', "Done with {0}".format(module_name))
except Exception:
tb = traceback.format_exc()
self._error_with_module(module_name, tb)
self.remove_from('pending_modules', module_name)
self.remove_from('waiting_modules', module_name)
self.resume()
args = parser.parse_args()
analysis = TestAnalysis(args.file, args.type)
if args.local:
print "[+] Enabling local mode. /!\ THIS COULD BE DANGEROUS! /!\ "
module_classes.IsolatedProcessingModule = module_classes.ProcessingModule
if args.test:
module = test_mode_module(args.module, args.interactive)
module.initialize()
else:
try:
fame_init()
module = dispatcher.get_module(args.module)
module.initialize()
except:
module = test_mode_module(args.module, args.interactive)
module.initialize()
ret = module.execute(analysis)
print "\nResult: {}\n".format(ret)
analysis.pprint()
if module.results is not None:
print "## Detailed results\n"
print module.results
