示例#1
0
    def collect(self):
        apis = []
        for plugin_api in self.generate_api():
            apis.append(plugin_api)
            yield dict(plugin=plugin_api["plugin"],
                       api=yaml_utils.safe_dump(plugin_api),
                       raw_api=plugin_api)

        if self.plugin_args.output_file:
            with open(self.plugin_args.output_file, "wb") as fd:
                fd.write(yaml_utils.safe_dump(apis))
示例#2
0
    def write_manifest(self):
        yield dict(Message="Writing manifest file.")

        # Now upload the signed manifest to the bucket. Manifest must be
        # publicly accessible.
        upload_location = self._config.server.manifest_for_server()
        yield dict(Message="Writing manifest file to %s" % (
            upload_location.to_path()))

        upload_location.write_file(self._config.signed_manifest.to_json())

        print yaml_utils.safe_dump(self._config.manifest.to_primitive())
示例#3
0
    def write_config(self):
        server_config_filename = os.path.join(
            self.config_dir, self.server_config_filename)

        if os.access(server_config_filename, os.R_OK):
            yield dict(
                Message="Server config at %s exists. Remove to regenerate." % (
                    server_config_filename))

            # Load existing server config.
            server_config_data = open(server_config_filename, "rb").read()
            config = agent.Configuration.from_primitive(
                yaml.safe_load(server_config_data), session=self.session)

        else:
            # Make a new configuration
            config = agent.Configuration(session=self.session)
            self.session.SetParameter("agent_config_obj", config)

            self._build_config(config)

            yield dict(Message="Writing server config file %s" %
                       server_config_filename)

            with open(server_config_filename, "wb") as fd:
                fd.write(yaml_utils.safe_dump(config.to_primitive()))

        # The client gets just the client part of the configuration.
        client_config = agent.Configuration(session=self.session)
        client_config.client = config.client
        client_config.ca_certificate = config.ca_certificate

        client_config_filename = os.path.join(
            self.config_dir, self.client_config_filename)

        yield dict(
            Message="Writing client config file %s" % (
                client_config_filename))

        with open(client_config_filename, "wb") as fd:
            fd.write(self.client_config_warning +
                     yaml_utils.safe_dump(client_config.to_primitive()))

        # Now load the server config file to make sure it is validly written.
        self.session.SetParameter("agent_configuration", server_config_filename)
        self._config = self.session.GetParameter(
            "agent_config_obj", cached=False)

        if self._config == None:
            raise RuntimeError("Unable to parse provided configuration.")
示例#4
0
    def write_config(self):
        parameters = self._get_template_parameters()

        # The client config should be completely self contained (i.e. without
        # external file references).
        self.session.SetParameter("config_search_path", [self.config_dir])

        server_config_filename = os.path.join(self.config_dir,
                                              self.server_config_filename)

        if os.access(server_config_filename, os.R_OK):
            yield dict(
                Message="Server config at %s exists. Remove to regenerate." %
                (server_config_filename))

            # Load existing server config.
            server_config_data = open(server_config_filename, "rb").read()
        else:
            server_config_data = (
                self.server_config_template.format(**parameters) +
                self.client_config_template.format(**parameters))

            yield dict(Message="Writing server config file %s" %
                       server_config_filename)

            with open(server_config_filename, "wb") as fd:
                fd.write(server_config_data)

        config = agent.Configuration.from_primitive(
            yaml.safe_load(server_config_data), session=self.session)

        # The client gets the same configuration, except for the server part.
        client_config = config.copy()
        client_config.server = None

        labels = set(self.plugin_args.labels)
        labels.update(config.client.labels)

        if "All" not in labels:
            labels.add("All")

        client_config.client.labels = sorted(labels)

        client_config_filename = os.path.join(self.config_dir,
                                              self.client_config_filename)

        yield dict(Message="Writing client config file %s" %
                   (client_config_filename))

        with open(client_config_filename, "wb") as fd:
            fd.write(self.client_config_warning +
                     yaml_utils.safe_dump(client_config.to_primitive()))

        # Now load the server config file.
        self.session.SetParameter("agent_configuration",
                                  server_config_filename)
        self._config = self.session.GetParameter("agent_config_obj",
                                                 cached=False)
        if self._config == None:
            raise RuntimeError("Unable to parse provided configuration.")
示例#5
0
 def collect(self):
     artifact_profile = self.session.LoadProfile("artifacts")
     for artifact in self.plugin_args.artifacts:
         definition = artifact_profile.definitions_by_name.get(artifact)
         if definition:
             yield dict(divider=artifact)
             yield dict(Message=yaml_utils.safe_dump(definition))
示例#6
0
    def write_manifest(self):
        yield dict(Message="Writing manifest file.")

        manifest = agent.Manifest.from_keywords(
            session=self.session,
            rekall_session=dict(live="API"),

            # When the client starts up we want it to run the startup action and
            # store the result in the Startup batch queue.
            startup_actions=[
                interrogate.StartupAction.from_keywords(
                    session=self.session,
                    startup_message=(interrogate.Startup.from_keywords(
                        session=self.session,
                        location=self._config.server.flow_ticket_for_client(
                            "Startup",
                            path_template="{client_id}",
                        ))))
            ])

        # Now create a signed manifest.
        signed_manifest = agent.SignedManifest.from_keywords(
            session=self.session,
            data=manifest.to_json(),
            server_certificate=self._config.server.certificate,
        )

        signed_manifest.signature = self._config.server.private_key.sign(
            signed_manifest.data)

        # Now upload the signed manifest to the bucket. Manifest must be
        # publicly accessible.
        upload_location = self._config.server.manifest_for_server()
        yield dict(Message="Writing manifest file to %s" %
                   (upload_location.to_path()))

        upload_location.write_file(signed_manifest.to_json())

        print yaml_utils.safe_dump(manifest.to_primitive())
示例#7
0
def launch_client(_):
    flags, client_number = _
    config = yaml.safe_load(open(flags.config).read())
    config["client"]["writeback_path"] = "%s/pool_writeback%s.yaml" % (
        flags.state_dir, client_number)
    config_file_name = "%s/pool_config%s.yaml" % (flags.state_dir,
                                                  client_number)

    with open(config_file_name, "wb") as fd:
        fd.write(yaml_utils.safe_dump(config))

    rekall_session = session.Session(agent_configuration=config_file_name)
    agent_plugin = agent.RekallAgent(session=rekall_session, )

    # This does not exit.
    agent_plugin.collect()
示例#8
0
 def render_json(self, data, renderer):
     renderer.table_header([dict(name="Message")], auto_widths=True)
     renderer.table_row(yaml_utils.safe_dump(data))