def testUploadOverlyLargeSignedBinary(self): with mock.patch.object(config_updater_util, "_MAX_SIGNED_BINARY_BYTES", 5): with utils.TempDirectory() as dir_path: executable_path = os.path.join(dir_path, "foo.exe") with open(executable_path, "wb") as f: f.write(b"\xaa\xbb\xcc\xdd\xee\xff") expected_message = ( "File [%s] is of size 6 (bytes), which exceeds the allowed maximum " "of 5 bytes." % executable_path) with self.assertRaisesWithLiteralMatch( config_updater_util.BinaryTooLargeError, expected_message): config_updater_util.UploadSignedBinary( executable_path, config_pb2.ApiGrrBinary.Type.EXECUTABLE, "windows")
def testUploadPythonHack(self): with utils.TempDirectory() as dir_path: python_hack_path = os.path.join(dir_path, "hello_world.py") with open(python_hack_path, "wb") as f: f.write(b"print('Hello, world!')") config_updater_util.UploadSignedBinary( python_hack_path, objects_pb2.SignedBinaryID.BinaryType.PYTHON_HACK, "linux", upload_subdirectory="test") python_hack_urn = rdfvalue.RDFURN( "aff4:/config/python_hacks/linux/test/hello_world.py") blob_iterator, _ = signed_binary_utils.FetchBlobsForSignedBinaryByURN( python_hack_urn) uploaded_blobs = list( signed_binary_utils.StreamSignedBinaryContents(blob_iterator)) uploaded_content = b"".join(uploaded_blobs) self.assertEqual(uploaded_content, b"print('Hello, world!')")
def testUploadExecutable(self): with utils.TempDirectory() as dir_path: executable_path = os.path.join(dir_path, "foo.exe") with open(executable_path, "wb") as f: f.write(b"\xaa\xbb\xcc\xdd") config_updater_util.UploadSignedBinary( executable_path, objects_pb2.SignedBinaryID.BinaryType.EXECUTABLE, "windows", upload_subdirectory="anti-malware/registry-tools") executable_urn = rdfvalue.RDFURN( "aff4:/config/executables/windows/anti-malware/registry-tools/" "foo.exe") blob_iterator, _ = signed_binary_utils.FetchBlobsForSignedBinaryByURN( executable_urn) uploaded_blobs = list( signed_binary_utils.StreamSignedBinaryContents(blob_iterator)) uploaded_content = b"".join(uploaded_blobs) self.assertEqual(uploaded_content, b"\xaa\xbb\xcc\xdd")
def main(args): """Main.""" grr_config.CONFIG.AddContext(contexts.COMMAND_LINE_CONTEXT) grr_config.CONFIG.AddContext(contexts.CONFIG_UPDATER_CONTEXT) if args.subparser_name == "initialize": config_lib.ParseConfigCommandLine() if args.noprompt: config_updater_util.InitializeNoPrompt( grr_config.CONFIG, external_hostname=args.external_hostname, admin_password=args.admin_password, mysql_hostname=args.mysql_hostname, mysql_port=args.mysql_port, mysql_username=args.mysql_username, mysql_password=args.mysql_password, mysql_db=args.mysql_db, mysql_client_key_path=args.mysql_client_key_path, mysql_client_cert_path=args.mysql_client_cert_path, mysql_ca_cert_path=args.mysql_ca_cert_path, redownload_templates=args.redownload_templates, repack_templates=not args.norepack_templates) else: config_updater_util.Initialize( grr_config.CONFIG, external_hostname=args.external_hostname, admin_password=args.admin_password, redownload_templates=args.redownload_templates, repack_templates=not args.norepack_templates) return server_startup.Init() try: print("Using configuration %s" % grr_config.CONFIG) except AttributeError: raise RuntimeError("No valid config specified.") if args.subparser_name == "generate_keys": try: config_updater_keys_util.GenerateKeys( grr_config.CONFIG, overwrite_keys=args.overwrite_keys) except RuntimeError as e: # GenerateKeys will raise if keys exist and overwrite_keys is not set. print("ERROR: %s" % e) sys.exit(1) grr_config.CONFIG.Write() elif args.subparser_name == "repack_clients": upload = not args.noupload repacking.TemplateRepacker().RepackAllTemplates(upload=upload) elif args.subparser_name == "show_user": if args.username: print(config_updater_util.GetUserSummary(args.username)) else: print(config_updater_util.GetAllUserSummaries()) elif args.subparser_name == "update_user": config_updater_util.UpdateUser(args.username, password=args.password, is_admin=args.admin) elif args.subparser_name == "delete_user": config_updater_util.DeleteUser(args.username) elif args.subparser_name == "add_user": config_updater_util.CreateUser(args.username, password=args.password, is_admin=args.admin) elif args.subparser_name == "upload_python": config_updater_util.UploadSignedBinary( args.file, rdf_objects.SignedBinaryID.BinaryType.PYTHON_HACK, args.platform, upload_subdirectory=args.upload_subdirectory) elif args.subparser_name == "upload_exe": config_updater_util.UploadSignedBinary( args.file, rdf_objects.SignedBinaryID.BinaryType.EXECUTABLE, args.platform, upload_subdirectory=args.upload_subdirectory) elif args.subparser_name == "set_var": var = args.var val = args.val config = grr_config.CONFIG print("Setting %s to %s" % (var, val)) if val.startswith("["): # Allow setting of basic lists. val = val[1:-1].split(",") config.Set(var, val) config.Write() elif args.subparser_name == "switch_datastore": config_updater_util.SwitchToRelDB(grr_config.CONFIG) grr_config.CONFIG.Write() elif args.subparser_name == "upload_artifact": with io.open(args.file, "r") as filedesc: source = filedesc.read() try: artifact.UploadArtifactYamlFile(source, overwrite=args.overwrite_artifact) except rdf_artifacts.ArtifactDefinitionError as e: print("Error %s. You may need to set --overwrite_artifact." % e) elif args.subparser_name == "delete_artifacts": artifact_list = args.artifact if not artifact_list: raise ValueError("No artifact to delete given.") artifact_registry.DeleteArtifactsFromDatastore(artifact_list) print("Artifacts %s deleted." % artifact_list) elif args.subparser_name == "rotate_server_key": print(""" You are about to rotate the server key. Note that: - Clients might experience intermittent connection problems after the server keys rotated. - It's not possible to go back to an earlier key. Clients that see a new certificate will remember the cert's serial number and refuse to accept any certificate with a smaller serial number from that point on. """) if input("Continue? [yN]: ").upper() == "Y": if args.keylength: keylength = int(args.keylength) else: keylength = grr_config.CONFIG["Server.rsa_key_length"] maintenance_utils.RotateServerKey(cn=args.common_name, keylength=keylength)
def main(argv): """Main.""" del argv # Unused. if flags.FLAGS.subparser_name == "version": version = config_server.VERSION["packageversion"] print("GRR configuration updater {}".format(version)) return token = config_updater_util.GetToken() grr_config.CONFIG.AddContext(contexts.COMMAND_LINE_CONTEXT) grr_config.CONFIG.AddContext(contexts.CONFIG_UPDATER_CONTEXT) if flags.FLAGS.subparser_name == "initialize": config_lib.ParseConfigCommandLine() if flags.FLAGS.noprompt: config_updater_util.InitializeNoPrompt(grr_config.CONFIG, token=token) else: config_updater_util.Initialize(grr_config.CONFIG, token=token) return server_startup.Init() try: print("Using configuration %s" % grr_config.CONFIG) except AttributeError: raise RuntimeError("No valid config specified.") if flags.FLAGS.subparser_name == "generate_keys": try: config_updater_util.GenerateKeys( grr_config.CONFIG, overwrite_keys=flags.FLAGS.overwrite_keys) except RuntimeError as e: # GenerateKeys will raise if keys exist and overwrite_keys is not set. print("ERROR: %s" % e) sys.exit(1) grr_config.CONFIG.Write() elif flags.FLAGS.subparser_name == "repack_clients": upload = not flags.FLAGS.noupload repacking.TemplateRepacker().RepackAllTemplates(upload=upload, token=token) elif flags.FLAGS.subparser_name == "show_user": if flags.FLAGS.username: print(config_updater_util.GetUserSummary(flags.FLAGS.username)) else: print(config_updater_util.GetAllUserSummaries()) elif flags.FLAGS.subparser_name == "update_user": config_updater_util.UpdateUser(flags.FLAGS.username, password=flags.FLAGS.password, is_admin=flags.FLAGS.admin) elif flags.FLAGS.subparser_name == "delete_user": config_updater_util.DeleteUser(flags.FLAGS.username) elif flags.FLAGS.subparser_name == "add_user": config_updater_util.CreateUser(flags.FLAGS.username, password=flags.FLAGS.password, is_admin=flags.FLAGS.admin) elif flags.FLAGS.subparser_name == "upload_python": config_updater_util.UploadSignedBinary( flags.FLAGS.file, rdf_objects.SignedBinaryID.BinaryType.PYTHON_HACK, flags.FLAGS.platform, upload_subdirectory=flags.FLAGS.upload_subdirectory, token=token) elif flags.FLAGS.subparser_name == "upload_exe": config_updater_util.UploadSignedBinary( flags.FLAGS.file, rdf_objects.SignedBinaryID.BinaryType.EXECUTABLE, flags.FLAGS.platform, upload_subdirectory=flags.FLAGS.upload_subdirectory, token=token) elif flags.FLAGS.subparser_name == "set_var": config = grr_config.CONFIG print("Setting %s to %s" % (flags.FLAGS.var, flags.FLAGS.val)) if flags.FLAGS.val.startswith("["): # Allow setting of basic lists. flags.FLAGS.val = flags.FLAGS.val[1:-1].split(",") config.Set(flags.FLAGS.var, flags.FLAGS.val) config.Write() elif flags.FLAGS.subparser_name == "upload_artifact": yaml.load(open(flags.FLAGS.file, "rb")) # Check it will parse. try: artifact.UploadArtifactYamlFile( open(flags.FLAGS.file, "rb").read(), overwrite=flags.FLAGS.overwrite_artifact) except rdf_artifacts.ArtifactDefinitionError as e: print("Error %s. You may need to set --overwrite_artifact." % e) elif flags.FLAGS.subparser_name == "delete_artifacts": artifact_list = flags.FLAGS.artifact if not artifact_list: raise ValueError("No artifact to delete given.") artifact_registry.DeleteArtifactsFromDatastore(artifact_list, token=token) print("Artifacts %s deleted." % artifact_list) elif flags.FLAGS.subparser_name == "download_missing_rekall_profiles": print("Downloading missing Rekall profiles.") s = rekall_profile_server.GRRRekallProfileServer() s.GetMissingProfiles() elif flags.FLAGS.subparser_name == "rotate_server_key": print(""" You are about to rotate the server key. Note that: - Clients might experience intermittent connection problems after the server keys rotated. - It's not possible to go back to an earlier key. Clients that see a new certificate will remember the cert's serial number and refuse to accept any certificate with a smaller serial number from that point on. """) if builtins.input("Continue? [yN]: ").upper() == "Y": if flags.FLAGS.keylength: keylength = int(flags.FLAGS.keylength) else: keylength = grr_config.CONFIG["Server.rsa_key_length"] maintenance_utils.RotateServerKey(cn=flags.FLAGS.common_name, keylength=keylength)