コード例 #1
0
    def LoadProfile(self, name, **kw):
        """Wraps the Rekall profile's LoadProfile to fetch profiles from GRR."""
        profile = None

        # If the user specified a special profile path we use their choice.
        try:
            profile = super(GrrRekallSession, self).LoadProfile(name, **kw)
        except io_manager.IOManagerError as e:
            # Currently, Rekall will raise when the repository directory is not
            # created. This is fine, because we'll create the directory after
            # WriteRekallProfile runs a few lines later.
            self.logging.warning(e)

        if profile:
            return profile

        # Cant load the profile, we need to ask the server for it.
        self.logging.info("Asking server for profile %s", name)
        self.action.SendReply(
            rekall_types.RekallResponse(
                missing_profile=name,
                repository_version=constants.PROFILE_REPOSITORY_VERSION,
            ))

        # Wait for the server to wake us up. When we wake up the server should
        # have sent the profile over by calling the WriteRekallProfile.
        self.action.Suspend()

        # Now the server should have sent the data already. We try to load the
        # profile one more time.
        return super(GrrRekallSession, self).LoadProfile(name, use_cache=False)
コード例 #2
0
ファイル: grr_rekall.py プロジェクト: HMSH00D/grr 
    def write_data_stream(self):
        """Prepares a RekallResponse and send to the server."""
        if self.data:

            response_msg = rekall_types.RekallResponse(
                json_messages=self.robust_encoder.encode(self.data),
                json_context_messages=self.robust_encoder.encode(
                    self.context_messages.items()),
                plugin=self.plugin)

            self.context_messages = self.new_context_messages
            self.new_context_messages = {}

            # Queue the response to the server.
            self.action.SendReply(response_msg)
コード例 #3
0
  def GetData(self, name, raw=False, default=None):
    # Cant load the profile, we need to ask the server for it.
    self.session.logging.info("Asking server for profile %s", name)
    UPLOADED_PROFILES.pop(name, None)

    self.session.action.SendReply(rekall_types.RekallResponse(
        missing_profile=name,
        repository_version=constants.PROFILE_REPOSITORY_VERSION,))

    # Wait for the server to wake us up. When we wake up the server should
    # have sent the profile over by calling the WriteRekallProfile.
    self.session.action.Suspend()

    # We expect the profile to be here if all went well.
    result = UPLOADED_PROFILES.get(name, obj.NoneObject()).payload
    if result:
      return self.Decoder(result)

    return result