Python InterpolateListKbAttributes示例

编程语言: Python

命名空间/包名称: grr_response_core.lib.artifact_utils

方法/功能: InterpolateListKbAttributes

hotexamples.com的示例: 3

Python InterpolateListKbAttributes - 已找到3个示例。这些是从开源项目中提取的最受好评的grr_response_core.lib.artifact_utils.InterpolateListKbAttributes现实Python示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

文件： artifact_collector.py 项目： thetraker/grr

    def _ProcessRegistryKeySource(self, source):
        """Glob for paths in the registry."""
        keys = source.base_source.attributes.get("keys", [])
        if not keys:
            return

        interpolated_paths = artifact_utils.InterpolateListKbAttributes(
            input_list=keys,
            knowledge_base=self.knowledge_base,
            ignore_errors=self.ignore_interpolation_errors)

        glob_expressions = map(rdf_paths.GlobExpression, interpolated_paths)

        patterns = []
        for pattern in glob_expressions:
            patterns.extend(
                pattern.Interpolate(knowledge_base=self.knowledge_base))
        patterns.sort(key=len, reverse=True)

        file_finder_action = rdf_file_finder.FileFinderAction.Stat()
        request = rdf_file_finder.FileFinderArgs(
            paths=patterns,
            action=file_finder_action,
            follow_links=True,
            pathtype=rdf_paths.PathSpec.PathType.REGISTRY)
        action = file_finder.RegistryKeyFromClient

        yield action, request

示例#2

显示文件

文件： artifact_collector.py 项目： thetraker/grr

    def _ProcessGrepSource(self, source):
        """Find files fulfilling regex conditions."""
        attributes = source.base_source.attributes
        paths = artifact_utils.InterpolateListKbAttributes(
            attributes["paths"], self.knowledge_base,
            self.ignore_interpolation_errors)
        regex_list = artifact_utils.InterpolateListKbAttributes(
            attributes["content_regex_list"], self.knowledge_base,
            self.ignore_interpolation_errors)
        regex = utils.RegexListDisjunction(regex_list)
        condition = rdf_file_finder.FileFinderCondition.ContentsRegexMatch(
            regex=regex, mode="ALL_HITS")
        file_finder_action = rdf_file_finder.FileFinderAction.Stat()
        request = rdf_file_finder.FileFinderArgs(paths=paths,
                                                 action=file_finder_action,
                                                 conditions=[condition],
                                                 follow_links=True)
        action = file_finder.FileFinderOSFromClient

        yield action, request

示例#3

显示文件

  def _ProcessFileSource(self, source):
    """Glob paths and return StatEntry objects."""

    if source.path_type != rdf_paths.PathSpec.PathType.OS:
      raise ValueError("Only supported path type is OS.")

    paths = artifact_utils.InterpolateListKbAttributes(
        source.base_source.attributes["paths"], self.knowledge_base,
        self.ignore_interpolation_errors)

    file_finder_action = rdf_file_finder.FileFinderAction.Stat()
    request = rdf_file_finder.FileFinderArgs(
        paths=paths, pathtype=source.path_type, action=file_finder_action)
    action = file_finder.FileFinderOSFromClient

    yield action, request