def testListNetworkConnections(self):
result = self.RunAction(
network.ListNetworkConnections,
arg=rdf_client_action.ListNetworkConnectionsArgs())
for r in result:
self.assertTrue(r.process_name)
self.assertTrue(r.local_address)
def testListNetworkConnectionsFilter(self):
result = self.RunAction(
network.ListNetworkConnections,
arg=rdf_client_action.ListNetworkConnectionsArgs(
listening_only=True))
for r in result:
self.assertTrue(r.process_name)
self.assertTrue(r.local_address)
self.assertEqual(r.state, "LISTEN")
def _ProcessClientActionSource(self, source):
# TODO(user): Add support for remaining client actions
# EnumerateFilesystems and OSXEnumerateRunningServices
request = {}
action_name = source.base_source.attributes["client_action"]
if action_name == "GetHostname":
action = admin.GetHostnameFromClient
elif action_name == "ListProcesses":
action = standard.ListProcessesFromClient
elif action_name == "ListNetworkConnections":
action = network.ListNetworkConnectionsFromClient
request = rdf_client_action.ListNetworkConnectionsArgs()
elif action_name == "EnumerateInterfaces":
action = operating_system.EnumerateInterfacesFromClient
elif action_name == "EnumerateUsers":
action = operating_system.EnumerateUsersFromClient
# elif action_name == "EnumerateFilesystems":
# action = operating_system.EnumerateFilesystemsFromClient
elif action_name == "StatFS":
action = standard.StatFSFromClient
paths = []
if "action_args" in source.base_source.attributes:
if "path_list" in source.base_source.attributes["action_args"]:
paths = source.base_source.attributes["action_args"]["path_list"]
request = rdf_client_action.StatFSRequest(
path_list=paths, pathtype=source.path_type)
# elif action_name == "OSXEnumerateRunningServices":
# action = operating_system.OSXEnumerateRunningServicesFromClient
else:
raise ValueError("Incorrect action type: %s" % action_name)
yield action, request
def _ProcessClientActionSource(self, args):
# TODO(user): Add support for remaining client actions
# EnumerateFilesystems, StatFS and OSXEnumerateRunningServices
switch_action = {
"GetHostname": (admin.GetHostname, {}),
"ListProcesses": (standard.ListProcesses, {}),
"ListNetworkConnections":
(network.ListNetworkConnections,
rdf_client_action.ListNetworkConnectionsArgs()),
"EnumerateInterfaces": (operating_system.EnumerateInterfaces, {}),
"EnumerateUsers": (linux.EnumerateUsers, {}),
# "EnumerateFilesystems": (operating_system.EnumerateFilesystems, {}),
# "StatFS": (standard.StatFS, {}),
# "OSXEnumerateRunningServices": (osx.OSXEnumerateRunningServices, {}),
}
action_name = args.base_source.attributes["client_action"]
try:
yield switch_action[action_name]
except KeyError:
raise ValueError("Incorrect action type: %s" % action_name)
