def calculate(self): # Should contain the options for one e-mail out = [] tasks = linux_pslist.linux_pslist(self._config).calculate() for task in tasks: if not task.mm: continue # Get the dump for the process content = task.get_elf(task.mm.start_code) #print all elements that have at least 4 characters string_contents = self.binaryToString(content) emails = self.emailSearch(string_contents) # If dump directory is specified, we should dump all the tasks to the directory if self._config.DUMP_DIR: linux_common.write_elf_file(self._config.DUMP_DIR, task, task.mm.start_code) #proc_contents = task.get_elf(task.get_process_address_space()) out.append({"task": task, "emails": emails}) #Returns a tuple of (task, content) return out
def render_text(self, outfd, data): if not self._config.DUMP_DIR: debug.error("-D/--dump-dir must given that specifies an existing directory") self.table_header(outfd, [("Offset", "[addrpad]"), ("Name", "20"), ("Pid", "15"), ("Address", "[addrpad]"), ("Output File", "")]) for task in data: if not task.mm: continue proc_as = task.get_process_address_space() for vma in task.get_proc_maps(): if self._config.BASE and vma.vm_start != self._config.BASE: continue elf_addr = vma.vm_start buf = proc_as.zread(elf_addr, 4) if buf != "\x7fELF": continue file_path = linux_common.write_elf_file(self._config.DUMP_DIR, task, elf_addr) self.table_row(outfd, task.obj_offset, task.comm, str(task.pid), elf_addr, file_path)
def render_text(self, outfd, data): if not self._config.DUMP_DIR: debug.error( "-D/--dump-dir must given that specifies an existing directory" ) self.table_header( outfd, [ ("Offset", "[addrpad]"), ("Name", "20"), ("Pid", "15"), ("Address", "[addrpad]"), ("Output File", ""), ], ) for task in data: if not task.mm: continue file_path = linux_common.write_elf_file( self._config.DUMP_DIR, task, task.mm.start_code ) self.table_row( outfd, task.obj_offset, task.comm, str(task.pid), task.mm.start_code, file_path, )
def render_text(self, outfd, data): if not self._config.DUMP_DIR: debug.error( "-D/--dump-dir must given that specifies an existing directory" ) self.table_header(outfd, [("Offset", "[addrpad]"), ("Name", "20"), ("Pid", "15"), ("Address", "[addrpad]"), ("Output File", "")]) for task in data: if not task.mm: continue proc_as = task.get_process_address_space() for vma in task.get_proc_maps(): if self._config.BASE and vma.vm_start != self._config.BASE: continue elf_addr = vma.vm_start buf = proc_as.zread(elf_addr, 4) if buf != "\x7fELF": continue file_path = linux_common.write_elf_file( self._config.DUMP_DIR, task, elf_addr) self.table_row(outfd, task.obj_offset, task.comm, str(task.pid), elf_addr, file_path)
def render_text(self, outfd, data): if not self._config.DUMP_DIR: debug.error("-D/--dump-dir must given that specifies an existing directory") self.table_header(outfd, [("Offset", "[addrpad]"), ("Name", "20"), ("Pid", "15"), ("Address", "[addrpad]"), ("Output File", "")]) for task in data: if not task.mm: continue file_path = linux_common.write_elf_file(self._config.DUMP_DIR, task, task.mm.start_code) self.table_row(outfd, task.obj_offset, task.comm, str(task.pid), task.mm.start_code, file_path)