def live(self):
try:
base_as = pmem.MacPmemAddressSpace(session=self.session,
filename=self.device)
except IOError as e:
self.session.logging.debug("%s", e)
tarfile_handle = tarfile.open(self.driver_path)
# Try to extract the resource into a tempdir.
with utils.TempDirectory() as tmp_name:
self.session.logging.info("Unpacking driver to %s", tmp_name)
tarfile_handle.extractall(tmp_name)
# Change ownership of the extracted files to make sure they are
# owned by root otherwise they will not load.
for root, files, dirs in os.walk(tmp_name):
for f in files:
os.chown(os.path.join(root, f), 0, 0)
for d in dirs:
os.chown(os.path.join(root, d), 0, 0)
for member_name in tarfile_handle.getnames():
if member_name.endswith(".kext"):
self.member_name = member_name.lstrip("/")
full_driver_path = os.path.join(
tmp_name, self.member_name)
self.session.logging.info("Loading driver from %s",
full_driver_path)
res = subprocess.check_call(
["kextload", full_driver_path])
if res != 0:
raise plugin.PluginError("%s. Are you root?" % e)
try:
base_as = pmem.MacPmemAddressSpace(
session=self.session, filename=self.device)
self.we_started_driver = True
break
except IOError as e:
self.session.logging.debug("%s", e)
raise plugin.PluginError("%s. Are you root?" % e)
self.session.physical_address_space = base_as
with self.session:
self.session.SetParameter("live", True)
def live(self):
phys_as = obj.NoneObject("Unable to access physical memory")
if self.plugin_args.mode == "Memory":
try:
phys_as = pmem.MacPmemAddressSpace(
session=self.session, filename=self.plugin_args.device)
except IOError as e:
self.session.logging.debug("%s", e)
self.load_driver()
phys_as = pmem.MacPmemAddressSpace(
session=self.session, filename=self.plugin_args.device)
self.session.physical_address_space = phys_as
with self.session:
self.session.SetParameter("live_mode", self.plugin_args.mode)
self.session.SetParameter("session_name",
"Live (%s)" % self.plugin_args.mode)
def live(self):
try:
base_as = pmem.MacPmemAddressSpace(session=self.session,
filename=self.device)
except IOError as e:
self.session.logging.debug("%s", e)
tarfile_handle = tarfile.open(self.driver_path)
# Try to extract the resource into a tempdir.
with utils.TempDirectory() as tmp_name:
self.session.logging.info("Unpacking driver to %s", tmp_name)
tarfile_handle.extractall(tmp_name)
for member_name in tarfile_handle.getnames():
if member_name.endswith(".kext"):
self.member_name = member_name.lstrip("/")
full_driver_path = os.path.join(tmp_name,
self.member_name)
self.session.logging.info(
"Loading driver from %s", full_driver_path)
res = subprocess.check_call(
["kextload", full_driver_path])
if res != 0:
raise plugin.PluginError("%s. Are you root?" % e)
try:
base_as = pmem.MacPmemAddressSpace(session=self.session,
filename=self.device)
self.we_started_driver = True
break
except IOError as e:
self.session.logging.debug("%s", e)
raise plugin.PluginError("%s. Are you root?" % e)
self.session.physical_address_space = base_as