def filament(ansi_term_mock):
fil.FILAMENTS_DIR = os.path.join(os.path.dirname(__file__), '..',
'fixtures\\filaments')
f = Filament()
flmt._ansi_term = ansi_term_mock
f.scheduler = Mock(spec_set=BackgroundScheduler)
return f
IO.write_console('fibratus run: ERROR - %s is not a valid kernel event. Run list-kevents to see'
' the available kernel events' % kevent)
sys.exit()
if __name__ == '__main__':
if args['run']:
if len(kevent_filters) > 0 and not filament_name:
for kfilter in kevent_filters:
_check_kevent(kfilter)
filament = None
filament_filters = []
if not filament_name:
IO.write_console('Starting fibratus...', False)
else:
if not Filament.exists(filament_name):
IO.write_console('fibratus run: ERROR - %s filament does not exist. Run list-filaments to see'
' the availble filaments' % filament_name)
sys.exit()
filament = Filament()
try:
filament.load_filament(filament_name)
except FilamentError as e:
IO.write_console('fibratus run: ERROR - %s' % e)
sys.exit()
filament.initialize_filament()
filament_filters = filament.filters
if len(filament_filters) > 0:
for kfilter in filament_filters:
def filament(ansi_term_mock):
fil.FILAMENTS_DIR = os.path.join(os.path.dirname(__file__), '..', 'fixtures\\filaments')
f = Filament()
f.ansi_term = ansi_term_mock
f.scheduler = Mock(spec_set=BackgroundScheduler)
return f
def main():
if args['run']:
if len(kevent_filters) > 0 and not filament_name:
for kfilter in kevent_filters:
_check_kevent(kfilter)
enum_handles = False if args['--no-enum-handles'] else True
cswitch = True if args['--cswitch'] else False
filament = None
filament_filters = []
if filament_name:
if not Filament.exists(filament_name):
panic('fibratus run: ERROR - %s filament does not exist. Run list-filaments to see '
'the available filaments' % filament_name)
filament = Filament()
try:
filament.load_filament(filament_name)
except FilamentError as e:
panic('fibratus run: ERROR - %s' % e)
filament_filters = filament.filters
if len(filament_filters) > 0:
for kfilter in filament_filters:
_check_kevent(kfilter)
filament.render_tabular()
try:
fibratus = Fibratus(filament, enum_handles=enum_handles, cswitch=cswitch)
except KeyboardInterrupt:
# the user has stopped command execution
# before opening the kernel event stream
sys.exit(0)
@PHANDLER_ROUTINE
def handle_ctrl_c(event):
if event == 0:
fibratus.stop_ktrace()
return 0
set_console_ctrl_handler(handle_ctrl_c, True)
# add specific filters
filters = dict()
filters['pid'] = args['--pid'] if args['--pid'] else None
filters['image'] = args['--image'] if args['--image'] else None
if not filament:
if len(kevent_filters) > 0:
fibratus.add_filters(kevent_filters, **filters)
else:
fibratus.add_filters([], **filters)
else:
if len(filament_filters) > 0:
fibratus.add_filters(filament_filters, **filters)
else:
fibratus.add_filters([], **filters)
try:
fibratus.run()
except KeyboardInterrupt:
set_console_ctrl_handler(handle_ctrl_c, False)
elif args['list-filaments']:
filaments = Tabular(['Filament', 'Description'], 'Description',
sort_by='Filament')
for filament, desc in Filament.list_filaments().items():
filaments.add_row([filament, desc])
filaments.draw()
elif args['list-kevents']:
kevents = Tabular(['KEvent', 'Category', 'Description'], 'Description',
sort_by='Category')
for kevent, meta in KEvents.meta_info().items():
kevents.add_row([kevent, meta[0].name, meta[1]])
kevents.draw()
def main():
if args['run']:
if len(kevent_filters) > 0 and not filament_name:
for kfilter in kevent_filters:
_check_kevent(kfilter)
enum_handles = False if args['--no-enum-handles'] else True
cswitch = True if args['--cswitch'] else False
filament = None
filament_filters = []
if not filament_name:
print('Starting fibratus...')
else:
if not Filament.exists(filament_name):
panic(
'fibratus run: ERROR - %s filament does not exist. Run list-filaments to see '
'the availble filaments' % filament_name)
filament = Filament()
try:
filament.load_filament(filament_name)
except FilamentError as e:
panic('fibratus run: ERROR - %s' % e)
filament_filters = filament.filters
if len(filament_filters) > 0:
for kfilter in filament_filters:
_check_kevent(kfilter)
filament.render_tabular()
try:
fibratus = Fibratus(filament,
enum_handles=enum_handles,
cswitch=cswitch)
except KeyboardInterrupt:
# the user has stopped command execution
# before opening the kernel event stream
sys.exit(0)
@PHANDLER_ROUTINE
def handle_ctrl_c(event):
if event == 0:
fibratus.stop_ktrace()
return 0
set_console_ctrl_handler(handle_ctrl_c, True)
# add specific filters
filters = dict()
filters['pid'] = args['--pid'] if args['--pid'] else None
if not filament:
if len(kevent_filters) > 0:
fibratus.add_filters(kevent_filters, **filters)
else:
fibratus.add_filters([], **filters)
else:
if len(filament_filters) > 0:
fibratus.add_filters(filament_filters, **filters)
else:
fibratus.add_filters([], **filters)
try:
fibratus.run()
except KeyboardInterrupt:
set_console_ctrl_handler(handle_ctrl_c, False)
elif args['list-filaments']:
filaments = Tabular(['Filament', 'Description'],
'Description',
sort_by='Filament')
for filament, desc in Filament.list_filaments().items():
filaments.add_row([filament, desc])
filaments.draw()
elif args['list-kevents']:
kevents = Tabular(['KEvent', 'Category', 'Description'],
'Description',
sort_by='Category')
for kevent, meta in KEvents.meta_info().items():
kevents.add_row([kevent, meta[0].name, meta[1]])
kevents.draw()
IO.write_console('fibratus run: ERROR - %s is not a valid kernel event. Run list-kevents to see'
' the available kernel events' % kevent)
sys.exit()
if __name__ == '__main__':
if args['run']:
if len(kevent_filters) > 0 and not filament_name:
for kfilter in kevent_filters:
_check_kevent(kfilter)
filament = None
filament_filters = []
if not filament_name:
IO.write_console('Starting fibratus...', False)
else:
if not Filament.exists(filament_name):
IO.write_console('fibratus run: ERROR - %s filament does not exist. Run list-filaments to see'
' the availble filaments' % filament_name)
sys.exit()
filament = Filament()
try:
filament.load_filament(filament_name)
except FilamentError as e:
IO.write_console('fibratus run: ERROR - %s' % e)
sys.exit()
filament.initialize_filament()
filament_filters = filament.filters
if len(filament_filters) > 0:
for kfilter in filament_filters:
' the available kernel events' % kevent)
sys.exit()
if __name__ == '__main__':
if args['run']:
if len(kevent_filters) > 0 and not filament_name:
for kfilter in kevent_filters:
_check_kevent(kfilter)
filament = None
filament_filters = []
if not filament_name:
IO.write_console('Starting fibratus...', False)
else:
if not Filament.exists(filament_name):
IO.write_console(
'fibratus run: ERROR - %s filament does not exist. Run list-filaments to see'
' the availble filaments' % filament_name)
sys.exit()
filament = Filament()
try:
filament.load_filament(filament_name)
except FilamentError as e:
IO.write_console('fibratus run: ERROR - %s' % e)
sys.exit()
filament.initialize_filament()
filament_filters = filament.filters
if len(filament_filters) > 0:
' the available kernel events' % kevent)
sys.exit()
if __name__ == '__main__':
if args['run']:
if len(kevent_filters) > 0 and not filament_name:
for kfilter in kevent_filters:
_check_kevent(kfilter)
filament = None
filament_filters = []
if not filament_name:
IO.write_console('Starting fibratus...', False)
else:
if not Filament.exists(filament_name):
IO.write_console(
'fibratus run: ERROR - %s filament does not exist. Run list-filaments to see'
' the availble filaments' % filament_name)
sys.exit()
filament = Filament()
try:
filament.load_filament(filament_name)
except FilamentError as e:
IO.write_console('fibratus run: ERROR - %s' % e)
sys.exit()
filament.initialize_filament()
filament_filters = filament.filters
if len(filament_filters) > 0: