def main_routine(vm, snapshots_list):
for snapshot in snapshots_list:
task_name = f'{vm}_{snapshot}'
logging.info(f'{task_name}: Task started')
# Stop VM, restore snapshot, start VM
vm_functions.vm_stop(vm, ignore_status_error=1)
time.sleep(3)
result = vm_functions.vm_snapshot_restore(vm, snapshot)
# If we were unable to restore snapshot - continue to next snapshot/VM
if result[0] != 0:
logging.error(
f'Unable to restore VM {vm} to snapshot {snapshot}. VM will be skipped.'
)
vm_functions.vm_stop(vm)
continue
time.sleep(3)
result = vm_functions.vm_start(vm, ui)
# If we were unable to start VM - continue to next one
if result[0] != 0:
logging.error(f'Unable to start VM {vm}. VM will be skipped.')
continue
# Wait for VM
time.sleep(7)
# Set guest network state
result = vm_functions.vm_network(vm, vm_network_state)
if result[0] != 0:
vm_functions.vm_stop(vm)
continue
# Set guest resolution
if vm_resolution == 'random':
resolutions = [
'1280 1024 32', '1920 1080 32', '1920 1200 32', '2560 1440 32',
'3840 2160 32'
]
random_resolution = random.choice(resolutions)
vm_functions.vm_set_resolution(vm, random_resolution)
else:
vm_functions.vm_set_resolution(vm, vm_resolution)
# Run pre exec script
if vm_pre_exec:
vm_functions.vm_exec(vm, vm_login, vm_password, vm_pre_exec)
take_screenshot(vm, task_name)
else:
logging.debug('Pre exec is not set.')
# Set path to file on guest OS
remote_file_path = support_functions.randomize_filename(
vm_login, filename, remote_folder)
# Upload file to VM, check if file exist and execute
result = vm_functions.vm_upload(vm, vm_login, vm_password, filename,
remote_file_path)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
take_screenshot(vm, task_name)
# Check if file exist on VM
result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
remote_file_path)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
take_screenshot(vm, task_name)
# Run file
result = vm_functions.vm_exec(vm,
vm_login,
vm_password,
remote_file_path,
uac_fix=uac_fix,
uac_parent=uac_parent)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
take_screenshot(vm, task_name)
logging.debug(f'Waiting for {timeout / 2} seconds...')
time.sleep(timeout / 2)
take_screenshot(vm, task_name)
logging.debug(f'Waiting for {timeout / 2} seconds...')
time.sleep(timeout / 2)
take_screenshot(vm, task_name)
# Run post exec script
if vm_post_exec:
vm_functions.vm_exec(vm, vm_login, vm_password, vm_post_exec)
take_screenshot(vm, task_name)
else:
logging.debug('Post exec is not set.')
# Stop VM, restore snapshot
vm_functions.vm_stop(vm)
vm_functions.vm_snapshot_restore(vm, snapshot)
logging.info(f'{task_name}: Task finished')
def main_routine(vm, snapshots_list):
for snapshot in snapshots_list:
task_name = f'{vm}_{snapshot}'
logging.info(f'{task_name}: Task started')
# Create directory for report
if report:
os.makedirs(f'reports/{sha256}', mode=0o444, exist_ok=True)
# Stop VM, restore snapshot
vm_functions.vm_stop(vm, ignore_status_error=1)
time.sleep(delay / 2)
result = vm_functions.vm_snapshot_restore(vm,
snapshot,
ignore_status_error=1)
if result[0] != 0:
# If we were unable to restore snapshot - continue to the next snapshot/VM
logging.error(
f'Unable to restore VM "{vm}" to snapshot "{snapshot}". Skipping.'
)
vm_functions.vm_stop(vm, ignore_status_error=1)
continue
# Change MAC address
if vm_mac:
vm_functions.vm_set_mac(vm, vm_mac)
# Disable time sync
if no_time_sync:
vm_functions.vm_disable_time_sync(vm)
# Dump traffic
if pcap:
if vm_network_state == 'off':
logging.warning(
'Traffic dump enabled, but network state is set to \'off\'.'
)
if report:
pcap_file = f'{cwd}/reports/{sha256}/{vm}_{snapshot}.pcap'
else:
pcap_file = f'{cwd}/{vm}_{snapshot}.pcap'
vm_functions.vm_pcap(vm, pcap_file)
# Start VM
time.sleep(delay / 2)
result = vm_functions.vm_start(vm, ui)
if result[0] != 0:
# If we were unable to start VM - continue to the next one
logging.error(f'Unable to start VM "{vm}". Skipping.')
vm_functions.vm_stop(vm, ignore_status_error=1)
continue
# Wait for VM
time.sleep(delay)
# Set guest network state
result = vm_functions.vm_network(vm, vm_network_state)
if result[0] != 0:
vm_functions.vm_stop(vm)
continue
# Set guest resolution
vm_functions.vm_set_resolution(vm, vm_resolution)
# Start screen recording
if record:
if report:
recording_name = f'{cwd}/reports/{sha256}/{vm}_{snapshot}.webm'
else:
recording_name = f'{cwd}/{vm}_{snapshot}.webm'
recording_name = support_functions.normalize_path(recording_name)
vm_functions.vm_record(vm, recording_name)
# Run pre exec script
if vm_pre_exec:
vm_functions.vm_exec(vm,
vm_login,
vm_password,
vm_pre_exec,
open_with=open_with,
file_args=file_args)
take_screenshot(vm, task_name)
else:
logging.debug('Pre exec is not set.')
# Set path to file on guest OS
remote_file_path = support_functions.randomize_filename(
vm_login, filename, remote_folder)
# Upload file to VM, check if file exist and execute
result = vm_functions.vm_upload(vm, vm_login, vm_password, filename,
remote_file_path)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
# Check if file exist on VM
result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
remote_file_path)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
take_screenshot(vm, task_name)
# Run file
result = vm_functions.vm_exec(vm,
vm_login,
vm_password,
remote_file_path,
open_with=open_with,
file_args=file_args)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
take_screenshot(vm, task_name)
for _ in range(2):
logging.debug(f'Waiting for {timeout / 2} seconds...')
time.sleep(timeout / 2)
take_screenshot(vm, task_name)
# Check for file at the end of task
result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
remote_file_path)
if result[0] != 0:
logging.info(
'Original file does not exists anymore (melted or removed by AV).'
)
# Run post exec script
if vm_post_exec:
vm_functions.vm_exec(vm,
vm_login,
vm_password,
vm_post_exec,
open_with=open_with)
take_screenshot(vm, task_name)
else:
logging.debug('Post exec is not set.')
# Get file from guest
if vm_get_file:
# Normalize path and extract file name
src_path = support_functions.normalize_path(vm_get_file)
src_filename = os.path.basename(src_path)
if report:
# Place in reports directory
dst_file = f'{cwd}/reports/{sha256}/{src_filename}'
else:
# Place in current dir
dst_file = f'{cwd}/{src_filename}'
# Download file
vm_functions.vm_copyfrom(vm, vm_login, vm_password, src_path,
dst_file)
# Stop recording
if record:
vm_functions.vm_record_stop(vm)
# Dump VM memory
if memdump:
if report:
memdump_file = f'{cwd}/reports/{sha256}/{vm}_{snapshot}.dmp'
else:
memdump_file = f'{cwd}/{vm}_{snapshot}.dmp'
vm_functions.vm_memdump(vm, memdump_file)
# Stop VM
vm_functions.vm_stop(vm)
# Save html report as ./reports/<file_hash>/index.html
if report:
support_functions.html_report(vm, snapshot, filename, file_args,
file_size, sha256, md5, timeout,
vm_network_state)
logging.info(f'{task_name}: Task finished')
def test14_vm_snapshot_restore_nonexisting_a(self):
result = vm_functions.vm_snapshot_restore(vm_good, snapshot_bad)
self.assertEqual(result[0], 1)
self.assertEqual(result[1], '')
self.assertRegex(result[2], 'Could not find a snapshot')
def test15_vm_snapshot_restore_nonexisting_b(self):
result = vm_functions.vm_snapshot_restore(vm_bad, snapshot_bad)
self.assertEqual(result[0], 1)
self.assertEqual(result[1], '')
self.assertRegex(result[2], 'Could not find a registered machine')
def test13_vm_snapshot_restore_good(self):
result = vm_functions.vm_snapshot_restore(vm_good, snapshot_good)
self.assertEqual(result[0], 0)
self.assertRegex(result[1], 'Restoring snapshot')
self.assertRegex(result[2], '100%')
def main_routine(vm, snapshots_list):
for snapshot in snapshots_list:
task_name = f'{vm}_{snapshot}'
logging.info(f'{task_name}: Task started')
# Create directory for report
if report:
os.makedirs(f'reports/{sha256}', mode=0o444, exist_ok=True)
# Stop VM, restore snapshot, start VM
vm_functions.vm_stop(vm, ignore_status_error=1)
time.sleep(delay / 2)
result = vm_functions.vm_snapshot_restore(vm,
snapshot,
ignore_status_error=1)
# If we were unable to restore snapshot - continue to the next snapshot/VM
if result[0] != 0:
logging.error(
f'Unable to restore VM "{vm}" to snapshot "{snapshot}". Skipping.'
)
vm_functions.vm_stop(vm, ignore_status_error=1)
continue
time.sleep(delay / 2)
result = vm_functions.vm_start(vm, ui)
# If we were unable to start VM - continue to the next one
if result[0] != 0:
logging.error(f'Unable to start VM "{vm}". Skipping.')
continue
# Wait for VM
time.sleep(delay)
# Set guest network state
result = vm_functions.vm_network(vm, vm_network_state)
if result[0] != 0:
vm_functions.vm_stop(vm)
continue
# Set guest resolution
if vm_resolution == 'random':
resolutions = [
'1280 1024 32', '1920 1080 32', '1920 1200 32', '2560 1440 32',
'3840 2160 32'
]
random_resolution = random.choice(resolutions)
vm_functions.vm_set_resolution(vm, random_resolution)
else:
vm_functions.vm_set_resolution(vm, vm_resolution)
# Run pre exec script
if vm_pre_exec:
vm_functions.vm_exec(vm,
vm_login,
vm_password,
vm_pre_exec,
uac_parent=uac_parent)
take_screenshot(vm, task_name)
else:
logging.debug('Pre exec is not set.')
# Set path to file on guest OS
remote_file_path = support_functions.randomize_filename(
vm_login, filename, remote_folder)
# Upload file to VM, check if file exist and execute
result = vm_functions.vm_upload(vm, vm_login, vm_password, filename,
remote_file_path)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
# Check if file exist on VM
result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
remote_file_path)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
take_screenshot(vm, task_name)
# Run file
result = vm_functions.vm_exec(vm,
vm_login,
vm_password,
remote_file_path,
uac_parent=uac_parent)
if result[0] != 0:
take_screenshot(vm, task_name)
vm_functions.vm_stop(vm)
continue
take_screenshot(vm, task_name)
logging.debug(f'Waiting for {timeout / 2} seconds...')
time.sleep(timeout / 2)
take_screenshot(vm, task_name)
logging.debug(f'Waiting for {timeout / 2} seconds...')
time.sleep(timeout / 2)
take_screenshot(vm, task_name)
# Check for file at the end of task
result = vm_functions.vm_file_stat(vm, vm_login, vm_password,
remote_file_path)
if result[0] != 0:
logging.info(
'Original file does not exists anymore (melted or removed by AV).'
)
# Run post exec script
if vm_post_exec:
vm_functions.vm_exec(vm,
vm_login,
vm_password,
vm_post_exec,
uac_parent=uac_parent)
take_screenshot(vm, task_name)
else:
logging.debug('Post exec is not set.')
# Save html report as ./reports/<file_hash>/index.html
if report:
support_functions.html_report(vm, snapshot, filename, file_size,
sha256, md5, timeout,
vm_network_state)
# Stop VM
vm_functions.vm_stop(vm)
logging.info(f'{task_name}: Task finished')
def test_vm_snapshot_restore_nonexisting2(self):
result = vm_functions.vm_snapshot_restore('nonexisted', 'nonexisted')
self.assertEqual(result[0], 1)
self.assertEqual(result[1], '')
self.assertRegex(result[2], 'Could not find a registered machine')
def test_vm_snapshot_restore_nonexisting1(self):
result = vm_functions.vm_snapshot_restore('w10_x64', 'nonexisted')
self.assertEqual(result[0], 1)
self.assertEqual(result[1], '')
self.assertRegex(result[2], 'Could not find a snapshot')
def test_vm_snapshot_restore_good(self):
result = vm_functions.vm_snapshot_restore('w10_x64', 'live')
self.assertEqual(result[0], 0)
self.assertRegex(result[1], 'Restoring snapshot')
self.assertRegex(result[2], '100%')