Exemplo n.º 1
0
def main_routine(vm, snapshots_list):
    for snapshot in snapshots_list:
        task_name = f'{vm}_{snapshot}'
        logging.info(f'{task_name}: Task started')

        # Stop VM, restore snapshot, start VM
        vm_functions.vm_stop(vm, ignore_status_error=1)
        time.sleep(3)
        result = vm_functions.vm_snapshot_restore(vm, snapshot)
        # If we were unable to restore snapshot - continue to next snapshot/VM
        if result[0] != 0:
            logging.error(
                f'Unable to restore VM {vm} to snapshot {snapshot}. VM will be skipped.'
            )
            vm_functions.vm_stop(vm)
            continue

        time.sleep(3)
        result = vm_functions.vm_start(vm, ui)
        # If we were unable to start VM - continue to next one
        if result[0] != 0:
            logging.error(f'Unable to start VM {vm}. VM will be skipped.')
            continue

        # Wait for VM
        time.sleep(7)

        # Set guest network state
        result = vm_functions.vm_network(vm, vm_network_state)
        if result[0] != 0:
            vm_functions.vm_stop(vm)
            continue

        # Set guest resolution
        if vm_resolution == 'random':
            resolutions = [
                '1280 1024 32', '1920 1080 32', '1920 1200 32', '2560 1440 32',
                '3840 2160 32'
            ]
            random_resolution = random.choice(resolutions)
            vm_functions.vm_set_resolution(vm, random_resolution)
        else:
            vm_functions.vm_set_resolution(vm, vm_resolution)

        # Run pre exec script
        if vm_pre_exec:
            vm_functions.vm_exec(vm, vm_login, vm_password, vm_pre_exec)
            take_screenshot(vm, task_name)
        else:
            logging.debug('Pre exec is not set.')

        # Set path to file on guest OS
        remote_file_path = support_functions.randomize_filename(
            vm_login, filename, remote_folder)

        # Upload file to VM, check if file exist and execute
        result = vm_functions.vm_upload(vm, vm_login, vm_password, filename,
                                        remote_file_path)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue
        take_screenshot(vm, task_name)

        # Check if file exist on VM
        result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
                                           remote_file_path)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue
        take_screenshot(vm, task_name)

        # Run file
        result = vm_functions.vm_exec(vm,
                                      vm_login,
                                      vm_password,
                                      remote_file_path,
                                      uac_fix=uac_fix,
                                      uac_parent=uac_parent)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue

        take_screenshot(vm, task_name)
        logging.debug(f'Waiting for {timeout / 2} seconds...')
        time.sleep(timeout / 2)
        take_screenshot(vm, task_name)
        logging.debug(f'Waiting for {timeout / 2} seconds...')
        time.sleep(timeout / 2)
        take_screenshot(vm, task_name)

        # Run post exec script
        if vm_post_exec:
            vm_functions.vm_exec(vm, vm_login, vm_password, vm_post_exec)
            take_screenshot(vm, task_name)
        else:
            logging.debug('Post exec is not set.')

        # Stop VM, restore snapshot
        vm_functions.vm_stop(vm)
        vm_functions.vm_snapshot_restore(vm, snapshot)
        logging.info(f'{task_name}: Task finished')
Exemplo n.º 2
0
def main_routine(vm, snapshots_list):
    for snapshot in snapshots_list:
        task_name = f'{vm}_{snapshot}'
        logging.info(f'{task_name}: Task started')

        # Create directory for report
        if report:
            os.makedirs(f'reports/{sha256}', mode=0o444, exist_ok=True)

        # Stop VM, restore snapshot
        vm_functions.vm_stop(vm, ignore_status_error=1)
        time.sleep(delay / 2)
        result = vm_functions.vm_snapshot_restore(vm,
                                                  snapshot,
                                                  ignore_status_error=1)
        if result[0] != 0:
            # If we were unable to restore snapshot - continue to the next snapshot/VM
            logging.error(
                f'Unable to restore VM "{vm}" to snapshot "{snapshot}". Skipping.'
            )
            vm_functions.vm_stop(vm, ignore_status_error=1)
            continue
        # Change MAC address
        if vm_mac:
            vm_functions.vm_set_mac(vm, vm_mac)
        # Disable time sync
        if no_time_sync:
            vm_functions.vm_disable_time_sync(vm)
        # Dump traffic
        if pcap:
            if vm_network_state == 'off':
                logging.warning(
                    'Traffic dump enabled, but network state is set to \'off\'.'
                )
            if report:
                pcap_file = f'{cwd}/reports/{sha256}/{vm}_{snapshot}.pcap'
            else:
                pcap_file = f'{cwd}/{vm}_{snapshot}.pcap'
            vm_functions.vm_pcap(vm, pcap_file)

        # Start VM
        time.sleep(delay / 2)
        result = vm_functions.vm_start(vm, ui)
        if result[0] != 0:
            # If we were unable to start VM - continue to the next one
            logging.error(f'Unable to start VM "{vm}". Skipping.')
            vm_functions.vm_stop(vm, ignore_status_error=1)
            continue

        # Wait for VM
        time.sleep(delay)

        # Set guest network state
        result = vm_functions.vm_network(vm, vm_network_state)
        if result[0] != 0:
            vm_functions.vm_stop(vm)
            continue

        # Set guest resolution
        vm_functions.vm_set_resolution(vm, vm_resolution)

        # Start screen recording
        if record:
            if report:
                recording_name = f'{cwd}/reports/{sha256}/{vm}_{snapshot}.webm'
            else:
                recording_name = f'{cwd}/{vm}_{snapshot}.webm'
            recording_name = support_functions.normalize_path(recording_name)
            vm_functions.vm_record(vm, recording_name)

        # Run pre exec script
        if vm_pre_exec:
            vm_functions.vm_exec(vm,
                                 vm_login,
                                 vm_password,
                                 vm_pre_exec,
                                 open_with=open_with,
                                 file_args=file_args)
            take_screenshot(vm, task_name)
        else:
            logging.debug('Pre exec is not set.')

        # Set path to file on guest OS
        remote_file_path = support_functions.randomize_filename(
            vm_login, filename, remote_folder)

        # Upload file to VM, check if file exist and execute
        result = vm_functions.vm_upload(vm, vm_login, vm_password, filename,
                                        remote_file_path)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue

        # Check if file exist on VM
        result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
                                           remote_file_path)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue
        take_screenshot(vm, task_name)

        # Run file
        result = vm_functions.vm_exec(vm,
                                      vm_login,
                                      vm_password,
                                      remote_file_path,
                                      open_with=open_with,
                                      file_args=file_args)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue
        take_screenshot(vm, task_name)

        for _ in range(2):
            logging.debug(f'Waiting for {timeout / 2} seconds...')
            time.sleep(timeout / 2)
            take_screenshot(vm, task_name)

        # Check for file at the end of task
        result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
                                           remote_file_path)
        if result[0] != 0:
            logging.info(
                'Original file does not exists anymore (melted or removed by AV).'
            )

        # Run post exec script
        if vm_post_exec:
            vm_functions.vm_exec(vm,
                                 vm_login,
                                 vm_password,
                                 vm_post_exec,
                                 open_with=open_with)
            take_screenshot(vm, task_name)
        else:
            logging.debug('Post exec is not set.')

        # Get file from guest
        if vm_get_file:
            # Normalize path and extract file name
            src_path = support_functions.normalize_path(vm_get_file)
            src_filename = os.path.basename(src_path)
            if report:
                # Place in reports directory
                dst_file = f'{cwd}/reports/{sha256}/{src_filename}'
            else:
                # Place in current dir
                dst_file = f'{cwd}/{src_filename}'
            # Download file
            vm_functions.vm_copyfrom(vm, vm_login, vm_password, src_path,
                                     dst_file)

        # Stop recording
        if record:
            vm_functions.vm_record_stop(vm)

        # Dump VM memory
        if memdump:
            if report:
                memdump_file = f'{cwd}/reports/{sha256}/{vm}_{snapshot}.dmp'
            else:
                memdump_file = f'{cwd}/{vm}_{snapshot}.dmp'
            vm_functions.vm_memdump(vm, memdump_file)

        # Stop VM
        vm_functions.vm_stop(vm)

        # Save html report as ./reports/<file_hash>/index.html
        if report:
            support_functions.html_report(vm, snapshot, filename, file_args,
                                          file_size, sha256, md5, timeout,
                                          vm_network_state)

        logging.info(f'{task_name}: Task finished')
Exemplo n.º 3
0
 def test14_vm_snapshot_restore_nonexisting_a(self):
     result = vm_functions.vm_snapshot_restore(vm_good, snapshot_bad)
     self.assertEqual(result[0], 1)
     self.assertEqual(result[1], '')
     self.assertRegex(result[2], 'Could not find a snapshot')
Exemplo n.º 4
0
 def test15_vm_snapshot_restore_nonexisting_b(self):
     result = vm_functions.vm_snapshot_restore(vm_bad, snapshot_bad)
     self.assertEqual(result[0], 1)
     self.assertEqual(result[1], '')
     self.assertRegex(result[2], 'Could not find a registered machine')
Exemplo n.º 5
0
 def test13_vm_snapshot_restore_good(self):
     result = vm_functions.vm_snapshot_restore(vm_good, snapshot_good)
     self.assertEqual(result[0], 0)
     self.assertRegex(result[1], 'Restoring snapshot')
     self.assertRegex(result[2], '100%')
Exemplo n.º 6
0
def main_routine(vm, snapshots_list):
    for snapshot in snapshots_list:
        task_name = f'{vm}_{snapshot}'
        logging.info(f'{task_name}: Task started')

        # Create directory for report
        if report:
            os.makedirs(f'reports/{sha256}', mode=0o444, exist_ok=True)

        # Stop VM, restore snapshot, start VM
        vm_functions.vm_stop(vm, ignore_status_error=1)
        time.sleep(delay / 2)
        result = vm_functions.vm_snapshot_restore(vm,
                                                  snapshot,
                                                  ignore_status_error=1)
        # If we were unable to restore snapshot - continue to the next snapshot/VM
        if result[0] != 0:
            logging.error(
                f'Unable to restore VM "{vm}" to snapshot "{snapshot}". Skipping.'
            )
            vm_functions.vm_stop(vm, ignore_status_error=1)
            continue

        time.sleep(delay / 2)
        result = vm_functions.vm_start(vm, ui)
        # If we were unable to start VM - continue to the next one
        if result[0] != 0:
            logging.error(f'Unable to start VM "{vm}". Skipping.')
            continue

        # Wait for VM
        time.sleep(delay)

        # Set guest network state
        result = vm_functions.vm_network(vm, vm_network_state)
        if result[0] != 0:
            vm_functions.vm_stop(vm)
            continue

        # Set guest resolution
        if vm_resolution == 'random':
            resolutions = [
                '1280 1024 32', '1920 1080 32', '1920 1200 32', '2560 1440 32',
                '3840 2160 32'
            ]
            random_resolution = random.choice(resolutions)
            vm_functions.vm_set_resolution(vm, random_resolution)
        else:
            vm_functions.vm_set_resolution(vm, vm_resolution)

        # Run pre exec script
        if vm_pre_exec:
            vm_functions.vm_exec(vm,
                                 vm_login,
                                 vm_password,
                                 vm_pre_exec,
                                 uac_parent=uac_parent)
            take_screenshot(vm, task_name)
        else:
            logging.debug('Pre exec is not set.')

        # Set path to file on guest OS
        remote_file_path = support_functions.randomize_filename(
            vm_login, filename, remote_folder)

        # Upload file to VM, check if file exist and execute
        result = vm_functions.vm_upload(vm, vm_login, vm_password, filename,
                                        remote_file_path)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue

        # Check if file exist on VM
        result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
                                           remote_file_path)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue
        take_screenshot(vm, task_name)

        # Run file
        result = vm_functions.vm_exec(vm,
                                      vm_login,
                                      vm_password,
                                      remote_file_path,
                                      uac_parent=uac_parent)
        if result[0] != 0:
            take_screenshot(vm, task_name)
            vm_functions.vm_stop(vm)
            continue
        take_screenshot(vm, task_name)

        logging.debug(f'Waiting for {timeout / 2} seconds...')
        time.sleep(timeout / 2)
        take_screenshot(vm, task_name)
        logging.debug(f'Waiting for {timeout / 2} seconds...')
        time.sleep(timeout / 2)
        take_screenshot(vm, task_name)

        # Check for file at the end of task
        result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
                                           remote_file_path)
        if result[0] != 0:
            logging.info(
                'Original file does not exists anymore (melted or removed by AV).'
            )

        # Run post exec script
        if vm_post_exec:
            vm_functions.vm_exec(vm,
                                 vm_login,
                                 vm_password,
                                 vm_post_exec,
                                 uac_parent=uac_parent)
            take_screenshot(vm, task_name)
        else:
            logging.debug('Post exec is not set.')

        # Save html report as ./reports/<file_hash>/index.html
        if report:
            support_functions.html_report(vm, snapshot, filename, file_size,
                                          sha256, md5, timeout,
                                          vm_network_state)

        # Stop VM
        vm_functions.vm_stop(vm)
        logging.info(f'{task_name}: Task finished')
Exemplo n.º 7
0
 def test_vm_snapshot_restore_nonexisting2(self):
     result = vm_functions.vm_snapshot_restore('nonexisted', 'nonexisted')
     self.assertEqual(result[0], 1)
     self.assertEqual(result[1], '')
     self.assertRegex(result[2], 'Could not find a registered machine')
Exemplo n.º 8
0
 def test_vm_snapshot_restore_nonexisting1(self):
     result = vm_functions.vm_snapshot_restore('w10_x64', 'nonexisted')
     self.assertEqual(result[0], 1)
     self.assertEqual(result[1], '')
     self.assertRegex(result[2], 'Could not find a snapshot')
Exemplo n.º 9
0
 def test_vm_snapshot_restore_good(self):
     result = vm_functions.vm_snapshot_restore('w10_x64', 'live')
     self.assertEqual(result[0], 0)
     self.assertRegex(result[1], 'Restoring snapshot')
     self.assertRegex(result[2], '100%')