def write(self, address, data): """ Write to physical memory @param addr: Address to start writing to @param data: Data to be written to memory @return: True/False """ if not self._connect(): logger.error("No VM connected.") return False logger.debug("Sending memory write request to hypervisor.") # Construct our request req = KvmMemRequest() req.type = self.CMD_TYPE.WRITE req.address = address req.length = len(data) req.data = data try: # Send our request self.SOCK.send( ` req `) # Get our response status = self.SOCK.recv(1) except: logger.error("Failed to write to memory sensor") self._disconnect() return None # What is our status as reported by the hypervisor? if status == '\x00': logger.error("Error in memory ready, reported by guest. (%s)" % self.vm_name) return False return True
def write(self, address, data): """ Write to physical memory @param addr: Address to start writing to @param data: Data to be written to memory @return: True/False """ if not self._connect(): logger.error("No VM connected.") return False logger.debug("Sending memory write request to hypervisor.") # Construct our request req = KvmMemRequest() req.type = self.CMD_TYPE.WRITE req.address = address req.length = len(data) req.data = data try: # Send our request self.SOCK.send(`req`) # Get our response status = self.SOCK.recv(1) except: logger.error("Failed to write to memory sensor") self._disconnect() return None # What is our status as reported by the hypervisor? if status == '\x00': logger.error("Error in memory ready, reported by guest. (%s)" % self.vm_name) return False return True
def _read_from_sensor(self, address, read_len): """ Read physical memory @param address: Address to start reading from @param read_len: How much memory to read @TODO: Fix KVM bug that doesn't allow reading the first page of memory! """ # BUGFIX: Some bizarre stuff was happenin the volatility NativeType read_len = int(read_len) logger.debug( "Sending memory read request to hypervisor. (0x%016X, %d)" % (address, read_len)) if read_len < 1: logger.error("Read length must be >= 1") # Construct our request req = KvmMemRequest() req.type = self.CMD_TYPE.READ req.address = address req.length = read_len # Try RETRIES time to read from the guest system read = "" for retry in range(3): if not self._connect(): logger.error("No VM connected.") return None read = "" try: self.SOCK.settimeout(1) # Send our request self.SOCK.send(repr(req)) # Get our response while len(read) < read_len + 1: logger.debug("Reading %d bytes... (%d read)" % (read_len, len(read))) read += self.SOCK.recv(read_len + 1 - len(read)) # Optimization if all of the bits are 1 if len(read) == 1 and read == "\xff": read = ("\xff" * read_len) + "\x01" self.SOCK.settimeout(None) except: logger.error("Failed to read from sensor. [0x%016X, %d] " "(Attempt %d/%d)" % (address, read_len, retry, self.RETRIES)) import traceback traceback.print_exc() self._disconnect() logger.debug("Read %d bytes" % len(read)) # Did we get all of our data? if len(read) != read_len + 1: logger.error( "Could not read memory from sensor. (Addr: %016X, Len: %d, %s)" % (address, read_len, self.vm_name)) logger.error("Got %d bytes, expected %d" % (len(read), read_len)) return None # extract portions of our resposne status = read[-1] data = read[:-1] # What is our status as reported by the hypervisor? if status == 0: logger.error( "Error in memory read, reported by guest. (Addr: %016X, Len: %d, %s)" % (address, read_len, self.vm_name)) return None return data
def _read_from_sensor(self, address, read_len): """ Read physical memory @param address: Address to start reading from @param read_len: How much memory to read @TODO: Fix KVM bug that doesn't allow reading the first page of memory! """ # BUGFIX: Some bizarre stuff was happenin the volatility NativeType read_len = int(read_len) logger.debug( "Sending memory read request to hypervisor. (0x%016X, %d)" % ( address, read_len)) if read_len < 1: logger.error("Read length must be >= 1") # Construct our request req = KvmMemRequest() req.type = self.CMD_TYPE.READ req.address = address req.length = read_len # Try RETRIES time to read from the guest system read = "" for retry in range(3): if not self._connect(): logger.error("No VM connected.") return None read = "" try: self.SOCK.settimeout(1) # Send our request self.SOCK.send(repr(req)) # Get our response while len(read) < read_len+1: logger.debug("Reading %d bytes... (%d read)" % (read_len, len(read))) read += self.SOCK.recv(read_len + 1 - len(read)) # Optimization if all of the bits are 1 if len(read) == 1 and read == "\xff": read = ("\xff" * read_len) + "\x01" self.SOCK.settimeout(None) except: logger.error("Failed to read from sensor. [0x%016X, %d] " "(Attempt %d/%d)" % ( address, read_len, retry, self.RETRIES)) import traceback traceback.print_exc() self._disconnect() logger.debug("Read %d bytes" % len(read)) # Did we get all of our data? if len(read) != read_len + 1: logger.error( "Could not read memory from sensor. (Addr: %016X, Len: %d, %s)" % ( address, read_len, self.vm_name)) logger.error("Got %d bytes, expected %d" % (len(read), read_len)) return None # extract portions of our resposne status = read[-1] data = read[:-1] # What is our status as reported by the hypervisor? if status == 0: logger.error( "Error in memory read, reported by guest. (Addr: %016X, Len: %d, %s)" % ( address, read_len, self.vm_name)) return None return data