def FromSerializedBytes(cls, value: bytes): raise NotImplementedError( "Class {} does not implement FromSerializedBytes.".format( compatibility.GetName(cls)))
def GetRegistryValue(self, source): """Retrieve directly specified registry values, returning Stat objects.""" new_paths = set() has_glob = False for kvdict in source.attributes["key_value_pairs"]: if "*" in kvdict["key"] or rdf_paths.GROUPING_PATTERN.search( kvdict["key"]): has_glob = True if kvdict["value"]: # This currently only supports key value pairs specified using forward # slash. path = "\\".join((kvdict["key"], kvdict["value"])) else: # If value is not set, we want to get the default value. In # GRR this is done by specifying the key only, so this is what # we do here. path = kvdict["key"] try: expanded_paths = artifact_utils.InterpolateKbAttributes( path, self.state.knowledge_base) except artifact_utils.KbInterpolationMissingAttributesError as error: logging.error(str(error)) if not self.args.ignore_interpolation_errors: raise else: expanded_paths = [] new_paths.update(expanded_paths) if has_glob: self.CallFlow( filesystem.Glob.__name__, paths=new_paths, pathtype=rdf_paths.PathSpec.PathType.REGISTRY, request_data={ "artifact_name": self.current_artifact_name, "source": source.ToPrimitiveDict() }, next_state=compatibility.GetName(self.ProcessCollected)) else: # We call statfile directly for keys that don't include globs because it # is faster and some artifacts rely on getting an IOError to trigger # fallback processing. for new_path in new_paths: pathspec = rdf_paths.PathSpec( path=new_path, pathtype=rdf_paths.PathSpec.PathType.REGISTRY) # TODO(hanuszczak): Support for old clients ends on 2021-01-01. # This conditional should be removed after that date. if not self.client_version or self.client_version >= 3221: stub = server_stubs.GetFileStat request = rdf_client_action.GetFileStatRequest(pathspec=pathspec) else: stub = server_stubs.StatFile request = rdf_client_action.ListDirRequest(pathspec=pathspec) self.CallClient( stub, request, request_data={ "artifact_name": self.current_artifact_name, "source": source.ToPrimitiveDict() }, next_state=compatibility.GetName( self.ProcessCollectedRegistryStatEntry))
def CollectArtifactFiles(self, source): """Collect files from artifact pathspecs.""" self._StartSubArtifactCollector( artifact_list=source.attributes["artifact_list"], source=source, next_state=compatibility.GetName(self.ProcessCollectedArtifactFiles))
def _GroupItemsByType(iterable): """Returns a dict, grouping items by the name of their type.""" results = {} for item in iterable: results.setdefault(compatibility.GetName(type(item)), []).append(item) return results
def Start(self): """Start processing.""" self.CallClient( server_stubs.ListProcesses, next_state=compatibility.GetName(self.IterateProcesses))
def CreateBlobStore(self): backing_store_name = compatibility.GetName(mem_blobs.InMemoryBlobStore) bs = dual_blob_store.DualBlobStore(backing_store_name, backing_store_name) return bs, lambda: _StopBackgroundThread(bs)
def MultiGetFileStarted(): return compatibility.GetName(transfer.MultiGetFile) in [ f.flow_class_name for f in data_store.REL_DB.ReadAllFlowObjects( client_id=self.client_id) ]
def Start(self): """Call the kill function on the client.""" self.CallClient( server_stubs.Kill, next_state=compatibility.GetName(self.Confirmation))
def Start(self): """Call the UpdateConfiguration function on the client.""" self.CallClient( server_stubs.UpdateConfiguration, request=self.args.config, next_state=compatibility.GetName(self.Confirmation))
def Start(self): self.CallClient( server_stubs.GetClientStats, next_state=compatibility.GetName(self.StoreResults))
def Start(self): """Issue a request to delete tempfiles in directory.""" self.CallClient( server_stubs.DeleteGRRTempFiles, self.args.pathspec, next_state=compatibility.GetName(self.Done))
def _ScheduleCronJob(self): cron_job_id = compatibility.GetName(cron_system.OSBreakDownCronJob) cronjobs.ScheduleSystemCronJobs(names=[cron_job_id]) cronjobs.CronManager().DisableJob(cron_job_id) return cron_job_id
def __repr__(self): return "<{} {}>".format(compatibility.GetName(type(self)), self)
def __repr__(self): content = str(self) # Note %r, which prevents nasty nonascii characters from being printed, # including dangerous terminal escape sequences. return "<%s(%r)>" % (compatibility.GetName(self.__class__), content)
def testRelationalDBFlowsEnabled(self): result = data_store.RelationalDBFlowsEnabled() expected = self._IsDBTest() or self._IsStableDBTest() self.assertEqual( result, expected, "RelationalDBFlowsEnabled() is %s for %s" % (result, compatibility.GetName(self.__class__)))
def Start(self): self.state.end_time = self.args.duration.Expiry() self.CallStateInline(next_state=compatibility.GetName(self.SendMessage))
def __repr__(self): cls_name = compatibility.GetName(self.__class__) value = text.Hexify(self._value) return "{cls_name}('{value}')".format(cls_name=cls_name, value=value)
def testClass(self): class Foo(object): pass self.assertEqual(compatibility.GetName(Foo), "Foo")
def Start(self): """Issue a request to list the directory.""" self.CallClient(server_stubs.PlistQuery, request=self.args.request, next_state=compatibility.GetName(self.Receive))
def testFunction(self): def Bar(): pass self.assertEqual(compatibility.GetName(Bar), "Bar")
def __repr__(self): return "<{} varname={!r} fields={!r} metric={!r}>".format( compatibility.GetName(type(self)), self.metadata.varname, self.fields, self.metric)
def testClass(self): class Foo(object): pass compatibility.SetName(Foo, "Bar") self.assertEqual(compatibility.GetName(Foo), "Bar")
def _CreateOSBreakDownCronJobApproval(self): job_name = compatibility.GetName(cron_system.OSBreakDownCronJob) cronjobs.ScheduleSystemCronJobs(names=[job_name]) cronjobs.CronManager().DisableJob(job_name) return job_name
def testFunction(self): def Baz(): pass compatibility.SetName(Baz, "Thud") self.assertEqual(compatibility.GetName(Baz), "Thud")
def testCreateHuntFromFlow(self): email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=compatibility.GetName(email_plugin.EmailOutputPlugin), plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42)) args = flows_processes.ListProcessesArgs(filename_regex="test[a-z]*", fetch_binaries=True) flow_test_lib.StartFlow(flows_processes.ListProcesses, flow_args=args, client_id=self.client_id, output_plugins=[email_descriptor]) # Navigate to client and select newly created flow. self.Open("/#/clients/%s" % self.client_id) self.Click("css=a[grrtarget='client.flows']") self.Click("css=td:contains('ListProcesses')") # Open wizard and check if flow arguments are copied. self.Click("css=button[name=create_hunt]") self.WaitUntilEqual("test[a-z]*", self.GetValue, "css=label:contains('Filepath Regex') ~ * input") self.WaitUntil( self.IsChecked, "css=label:contains('Fetch Binaries') " "~ * input[type=checkbox]") # Go to output plugins page and check that we did not copy the output # plugins. self.Click("css=button:contains('Next')") self.WaitUntil(self.IsElementPresent, "css=grr-wizard-form:contains('Hunt parameters')") self.Click("css=grr-new-hunt-wizard-form button.Next") self.WaitUntil( self.IsElementPresent, "css=grr-wizard-form:contains('How to process results')") self.WaitUntilNot(self.IsElementPresent, "css=grr-output-plugin-descriptor-form") # Nothing else to check, so finish the hunt. # Click on "Next" button self.Click("css=grr-new-hunt-wizard-form button.Next") self.WaitUntil(self.IsElementPresent, "css=grr-wizard-form:contains('Where to run?')") self.Click("css=button:contains('Next')") self.WaitUntil(self.IsElementPresent, "css=grr-wizard-form:contains('Review')") self.Click("css=button:contains('Create Hunt')") self.Click("css=button:contains('Done')") # Check that we get redirected to ManageHunts. self.WaitUntilEqual(1, self.GetCssCount, "css=grr-hunts-list table tbody tr") self.WaitUntilEqual(1, self.GetCssCount, "css=grr-hunts-list table tbody tr.row-selected") self.WaitUntil(self.IsTextPresent, "GenericHunt") self.WaitUntil(self.IsTextPresent, compatibility.GetName(flows_processes.ListProcesses))
def testSimple(self): cls = compatibility.MakeType("Foo", (object, ), {}) self.assertEqual(compatibility.GetName(cls), "Foo") self.assertIsInstance(cls(), cls)
def CollectArtifacts(self, source): self._StartSubArtifactCollector( artifact_list=source.attributes["names"], source=source, next_state=compatibility.GetName(self.ProcessCollected))
def _IsStableDBTest(self): name = compatibility.GetName(self.__class__) return name.endswith("_StableRelationalDBEnabled")
def CollectArtifacts(self, client_artifact_collector_args): """Start the client side artifact collection.""" self.CallClient( server_stubs.ArtifactCollector, request=client_artifact_collector_args, next_state=compatibility.GetName(self.ProcessCollected))
def FromWireFormat(cls, value): raise NotImplementedError( "Class {} does not implement FromWireFormat.".format( compatibility.GetName(cls)))