示例#1
0
  def _collect_wordpress_file(self, evidence):
    """Extract artifacts using image_export.

    Args:
        evidence (Evidence object):  The evidence to process
    Returns:
        location (str): The file path to the extracted evidence.
        number of artifacts (int): The number of files extracted.
    """
    try:
      collected_artifacts = extract_files(
          file_name=_WP_DB_NAME, disk_path=evidence.local_path,
          output_dir=os.path.join(self.output_dir, 'artifacts'))
    except TurbiniaException as e:
      raise TurbiniaException(
          'artifact extraction failed: {0:s}'.format(str(e)))

    # Extract base dir from our list of collected artifacts
    location = os.path.dirname(collected_artifacts[0])

    return (location, len(collected_artifacts))
示例#2
0
    def run(self, evidence, result):
        """Run the Jenkins worker.

    Args:
        evidence (Evidence object):  The evidence to process
        result (TurbiniaTaskResult): The object to place task results into.

    Returns:
        TurbiniaTaskResult object.
    """

        # Where to store the resulting output file.
        output_file_name = 'jenkins_analysis.txt'
        output_file_path = os.path.join(self.output_dir, output_file_name)

        # What type of evidence we should output.
        output_evidence = ReportText(source_path=output_file_path)

        # TODO(aarontp): We should find a more optimal solution for this because
        # this requires traversing the entire filesystem and extracting more files
        # than we need.  Tracked in https://github.com/google/turbinia/issues/402
        try:
            collected_artifacts = extract_files(file_name='config.xml',
                                                disk_path=evidence.local_path,
                                                output_dir=os.path.join(
                                                    self.output_dir,
                                                    'artifacts'))
        except TurbiniaException as e:
            result.close(self, success=False, status=str(e))
            return result

        jenkins_artifacts = []
        jenkins_re = re.compile(
            r'^.*jenkins[^\/]*(\/users\/[^\/]+)*\/config\.xml$')
        for collected_artifact in collected_artifacts:
            if re.match(jenkins_re, collected_artifact):
                jenkins_artifacts.append(collected_artifact)

        version = None
        credentials = []
        for filepath in jenkins_artifacts:
            with open(filepath, 'r') as input_file:
                config = input_file.read()

            extracted_version = self._extract_jenkins_version(config)
            extracted_credentials = self._extract_jenkins_credentials(config)

            if extracted_version:
                version = extracted_version

            credentials.extend(extracted_credentials)

        (report, priority,
         summary) = self.analyze_jenkins(version, credentials)
        output_evidence.text_data = report
        result.report_data = report
        result.report_priority = priority

        # Write the report to the output file.
        with open(output_file_path, 'wb') as fh:
            fh.write(output_evidence.text_data.encode('utf8'))
            fh.write('\n'.encode('utf8'))

        # Add the resulting evidence to the result object.
        result.add_evidence(output_evidence, evidence.config)
        result.close(self, success=True, status=summary)

        return result