2 Created on Nov 19, 2013
8 from subprocess import Popen, PIPE, call, STARTUPINFO, _subprocess
12 from cygwin import Cygwin
13 from environment import Environment
21 from opensecurity_util import logger, setupLogger, OpenSecurityException
29 class VMManagerException(Exception):
30 def __init__(self, value):
33 return repr(self.value)
40 def __init__(self, vendorid, productid, revision):
41 self.vendorid = vendorid.lower()
42 self.productid = productid.lower()
43 self.revision = revision.lower()
46 def __eq__(self, other):
47 return self.vendorid == other.vendorid and self.productid == other.productid and self.revision == other.revision
50 return hash(self.vendorid) ^ hash(self.productid) ^ hash(self.revision)
53 return "VendorId = \'" + str(self.vendorid) + "\' ProductId = \'" + str(self.productid) + "\' Revision = \'" + str(self.revision) + "\'"
55 #def __getitem__(self, item):
56 # return self.coords[item]
58 class VMManager(object):
59 vmRootName = "SecurityDVM"
60 systemProperties = None
64 browsingManager = None
65 status_message = 'Starting up...'
70 self.systemProperties = self.getSystemProperties()
71 self.machineFolder = self.systemProperties["Default machine folder"]
73 # only proceed if we have a working background environment
76 self.rsdHandler = DeviceHandler(self)
77 self.rsdHandler.start()
78 self.browsingManager = BrowsingManager(self)
79 self.browsingManager.start()
81 logger.critical(self.status_message)
86 if VMManager._instance == None:
87 VMManager._instance = VMManager()
88 return VMManager._instance
93 """check if the backend (VirtualBox) is sufficient for our task"""
95 # ensure we have our system props
96 if self.systemProperties == None:
97 self.systemProperties = self.getSystemProperties()
98 if self.systemProperties == None:
99 self.status_message = 'Failed to get backend system properties. Is Backend (VirtualBox?) installed?'
102 # check for existing Extension pack
103 if not 'Remote desktop ExtPack' in self.systemProperties:
104 self.status_message = 'No remote desktop extension pack found. Please install the "Oracle VM VirtualBox Extension Pack" from https://www.virtualbox.org/wiki/Downloads.'
106 if self.systemProperties['Remote desktop ExtPack'] == 'Oracle VM VirtualBox Extension Pack ':
107 self.status_message = 'Unsure if suitable extension pack is installed. Please install the "Oracle VM VirtualBox Extension Pack" from https://www.virtualbox.org/wiki/Downloads.'
110 # check if we do have our root VMs installed
112 if not self.vmRootName in vms:
113 self.status_message = 'Unable to locate root SecurityDVM. Please download and setup the initial image.'
116 # basically all seems nice and ready to rumble
117 self.status_message = 'All is ok.'
123 if self.rsdHandler != None:
124 self.rsdHandler.stop()
125 self.rsdHandler.join()
126 drives = self.getNetworkDrives()
127 for drive in drives.keys():
128 driveHandler = UnmapDriveHandler(self, drive)
130 for vm in self.listSDVM():
134 # return hosty system properties
135 def getSystemProperties(self):
136 result = checkResult(Cygwin.vboxExecute('list systemproperties'))
139 props = dict((k.strip(),v.strip().strip('"')) for k,v in (line.split(':', 1) for line in result[1].strip().splitlines()))
142 # return the folder containing the guest VMs
143 def getMachineFolder(self):
144 return self.machineFolder
146 # list all existing VMs registered with VBox
148 result = checkResult(Cygwin.vboxExecute('list vms'))[1]
149 vms = list(k.strip().strip('"') for k,_ in (line.split(' ') for line in result.splitlines()))
153 def listRunningVMS(self):
154 result = checkResult(Cygwin.vboxExecute('list runningvms'))[1]
155 vms = list(k.strip().strip('"') for k,_ in (line.split(' ') for line in result.splitlines()))
158 # list existing SDVMs
163 if vm.startswith(self.vmRootName) and vm != self.vmRootName:
167 # generate valid (not already existing SDVM name). necessary for creating a new VM
168 def generateSDVMName(self):
170 for i in range(0,999):
171 if(not self.vmRootName+str(i) in vms):
172 return self.vmRootName+str(i)
175 # check if the device is mass storage type
177 def isMassStorageDevice(device):
178 keyname = 'SYSTEM\CurrentControlSet\Enum\USB' + '\VID_' + device.vendorid+'&'+'PID_'+ device.productid
179 key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, keyname)
180 #subkeys = _winreg.QueryInfoKey(key)[0]
181 #for i in range(0, subkeys):
182 # print _winreg.EnumKey(key, i)
183 devinfokeyname = win32api.RegEnumKey(key, 0)
184 win32api.RegCloseKey(key)
186 devinfokey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, keyname+'\\'+devinfokeyname)
187 value = win32api.RegQueryValueEx(devinfokey, 'SERVICE')[0]
188 win32api.RegCloseKey(devinfokey)
190 return 'USBSTOR' in value
192 # return the RSDs connected to the host
194 def getConnectedRSDS():
195 results = checkResult(Cygwin.vboxExecute('list usbhost'))[1]
196 results = results.split('Host USB Devices:')[1].strip()
198 items = list( "UUID:"+result for result in results.split('UUID:') if result != '')
202 for line in item.splitlines():
204 k,v = line[:line.index(':')].strip(), line[line.index(':')+1:].strip()
207 #if 'Product' in props.keys() and props['Product'] == 'Mass Storage':
209 usb_filter = USBFilter( re.search(r"\((?P<vid>[0-9A-Fa-f]+)\)", props['VendorId']).groupdict()['vid'],
210 re.search(r"\((?P<pid>[0-9A-Fa-f]+)\)", props['ProductId']).groupdict()['pid'],
211 re.search(r"\((?P<rev>[0-9A-Fa-f]+)\)", props['Revision']).groupdict()['rev'] )
212 if VMManager.isMassStorageDevice(usb_filter):
213 rsds[props['UUID']] = usb_filter;
214 logger.debug(usb_filter)
217 # return the RSDs attached to all existing SDVMs
218 def getAttachedRSDs(self):
219 vms = self.listSDVM()
220 attached_devices = dict()
222 rsd_filter = self.getUSBFilter(vm)
223 if rsd_filter != None:
224 attached_devices[vm] = rsd_filter
225 return attached_devices
227 # configures hostonly networking and DHCP server. requires admin rights
228 def configureHostNetworking(self):
229 #cmd = 'vboxmanage list hostonlyifs'
230 #Cygwin.vboxExecute(cmd)
231 #cmd = 'vboxmanage hostonlyif remove \"VirtualBox Host-Only Ethernet Adapter\"'
232 #Cygwin.vboxExecute(cmd)
233 #cmd = 'vboxmanage hostonlyif create'
234 #Cygwin.vboxExecute(cmd)
235 checkResult(Cygwin.vboxExecute('hostonlyif ipconfig \"VirtualBox Host-Only Ethernet Adapter\" --ip 192.168.56.1 --netmask 255.255.255.0'))
236 #cmd = 'vboxmanage dhcpserver add'
237 #Cygwin.vboxExecute(cmd)
238 checkResult(Cygwin.vboxExecute('dhcpserver modify --ifname \"VirtualBox Host-Only Ethernet Adapter\" --ip 192.168.56.100 --netmask 255.255.255.0 --lowerip 192.168.56.101 --upperip 192.168.56.200'))
240 def isSDVMExisting(self, vm_name):
241 sdvms = self.listSDVM()
242 return vm_name in sdvms
244 #create new virtual machine instance based on template vm named SecurityDVM (\SecurityDVM\SecurityDVM.vmdk)
245 def createVM(self, vm_name):
246 if self.isSDVMExisting(vm_name):
248 #remove eventually existing SDVM folder
249 machineFolder = Cygwin.cygPath(self.machineFolder)
250 checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '\\\"'))
251 hostonly_if = self.getHostOnlyIFs()
252 checkResult(Cygwin.vboxExecute('createvm --name ' + vm_name + ' --ostype Debian --register'))
253 checkResult(Cygwin.vboxExecute('modifyvm ' + vm_name + ' --memory 512 --vram 10 --cpus 1 --usb on --usbehci on --nic1 hostonly --hostonlyadapter1 \"' + hostonly_if['Name'] + '\" --nic2 nat'))
254 checkResult(Cygwin.vboxExecute('storagectl ' + vm_name + ' --name SATA --add sata --portcount 2'))
257 # attach storage image to controller
258 def storageAttach(self, vm_name):
259 if self.isStorageAttached(vm_name):
260 self.storageDetach(vm_name)
261 checkResult(Cygwin.vboxExecute('storageattach ' + vm_name + ' --storagectl SATA --port 0 --device 0 --type hdd --medium \"'+ self.machineFolder + '\SecurityDVM\SecurityDVM.vmdk\"'))
263 # return true if storage is attached
264 def isStorageAttached(self, vm_name):
265 info = self.getVMInfo(vm_name)
266 return (info['SATA-0-0']!='none')
268 # detach storage from controller
269 def storageDetach(self, vm_name):
270 if self.isStorageAttached(vm_name):
271 checkResult(Cygwin.vboxExecute('storageattach ' + vm_name + ' --storagectl SATA --port 0 --device 0 --type hdd --medium none'))
273 def changeStorageType(self, filename, storage_type):
274 checkResult(Cygwin.vboxExecute('modifyhd \"' + filename + '\" --type ' + storage_type))
276 # list storage snaphots for VM
277 def updateTemplate(self):
280 self.poweroffVM('SecurityDVM')
281 self.waitShutdown('SecurityDVM')
284 self.genCertificateISO('SecurityDVM')
285 self.attachCertificateISO('SecurityDVM')
287 self.storageDetach('SecurityDVM')
288 results = checkResult(Cygwin.vboxExecute('list hdds'))[1]
289 results = results.replace('Parent UUID', 'Parent')
290 items = list( "UUID:"+result for result in results.split('UUID:') if result != '')
295 for line in item.splitlines():
297 k,v = line[:line.index(':')].strip(), line[line.index(':')+1:].strip()
299 snaps[props['UUID']] = props
302 template_storage = self.machineFolder + '\SecurityDVM\SecurityDVM.vmdk'
306 for hdd in snaps.values():
307 if hdd['Location'] == template_storage:
308 template_uuid = hdd['UUID']
309 logger.debug('found parent uuid ' + template_uuid)
312 for hdd in snaps.values():
313 if hdd['Parent'] == template_uuid:
314 #template_uuid = hdd['UUID']
315 logger.debug('removing snapshot ' + hdd['UUID'])
316 checkResult(Cygwin.vboxExecute('closemedium disk {' + hdd['UUID'] + '} --delete'))#[1]
317 # parse result 0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
319 self.changeStorageType(template_storage,'normal')
320 self.storageAttach('SecurityDVM')
321 self.startVM('SecurityDVM')
322 self.waitStartup('SecurityDVM')
323 checkResult(Cygwin.sshExecute('"sudo apt-get -y update"', VMManager.getHostOnlyIP('SecurityDVM'), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + 'SecurityDVM' + '/dvm_key'))
324 checkResult(Cygwin.sshExecute('"sudo apt-get -y upgrade"', VMManager.getHostOnlyIP('SecurityDVM'), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + 'SecurityDVM' + '/dvm_key'))
325 #self.stopVM('SecurityDVM')
326 self.hibernateVM('SecurityDVM')
327 self.waitShutdown('SecurityDVM')
328 self.storageDetach('SecurityDVM')
329 self.changeStorageType(template_storage,'immutable')
330 self.storageAttach('SecurityDVM')
331 self.rsdHandler = DeviceHandler(self)
332 self.rsdHandler.start()
334 #remove VM from the system. should be used on VMs returned by listSDVMs
335 def removeVM(self, vm_name):
336 logger.info('Removing ' + vm_name)
337 checkResult(Cygwin.vboxExecute('unregistervm ' + vm_name + ' --delete'))
338 machineFolder = Cygwin.cygPath(self.machineFolder)
339 checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '\\\"'))
342 def startVM(self, vm_name):
343 logger.info('Starting ' + vm_name)
344 result = checkResult(Cygwin.vboxExecute('startvm ' + vm_name + ' --type headless' ))
345 while 'successfully started' not in result[1]:
346 logger.error("Failed to start SDVM: " + vm_name + " retrying")
347 logger.error("Command returned:\n" + result[2])
349 result = checkResult(Cygwin.vboxExecute('startvm ' + vm_name + ' --type headless'))
352 # return wether VM is running or not
353 def isVMRunning(self, vm_name):
354 return vm_name in self.listRunningVMS()
357 def stopVM(self, vm_name):
358 logger.info('Sending shutdown signal to ' + vm_name)
359 checkResult(Cygwin.sshExecute( '"sudo shutdown -h now"', VMManager.getHostOnlyIP(vm_name), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + vm_name + '/dvm_key' ))
362 def hibernateVM(self, vm_name):
363 logger.info('Sending hibernate-disk signal to ' + vm_name)
364 checkResult(Cygwin.sshExecute( '"sudo hibernate-disk&"', VMManager.getHostOnlyIP(vm_name), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + vm_name + '/dvm_key', wait_return=False))
367 def poweroffVM(self, vm_name):
368 if not self.isVMRunning(vm_name):
370 logger.info('Powering off ' + vm_name)
371 return checkResult(Cygwin.vboxExecute('controlvm ' + vm_name + ' poweroff'))
373 #list the hostonly IFs exposed by the VBox host
375 def getHostOnlyIFs():
376 result = Cygwin.vboxExecute('list hostonlyifs')[1]
379 props = dict((k.strip(),v.strip().strip('"')) for k,v in (line.split(':', 1) for line in result.strip().splitlines()))
382 # return the hostOnly IP for a running guest or the host
384 def getHostOnlyIP(vm_name):
386 logger.info('Getting hostOnly IP address for Host')
387 return VMManager.getHostOnlyIFs()['IPAddress']
389 logger.info('Getting hostOnly IP address ' + vm_name)
390 result = checkResult(Cygwin.vboxExecute('guestproperty get ' + vm_name + ' /VirtualBox/GuestInfo/Net/0/V4/IP'))
394 if result.startswith('No value set!'):
396 return result[result.index(':')+1:].strip()
398 # attach removable storage device to VM by provision of filter
399 def attachRSD(self, vm_name, rsd_filter):
400 return checkResult(Cygwin.vboxExecute('usbfilter add 0 --target ' + vm_name + ' --name OpenSecurityRSD --vendorid ' + rsd_filter.vendorid + ' --productid ' + rsd_filter.productid + ' --revision ' + rsd_filter.revision))
402 # detach removable storage from VM by
403 def detachRSD(self, vm_name):
404 return checkResult(Cygwin.vboxExecute('usbfilter remove 0 --target ' + vm_name))
406 # return the description set for an existing VM
407 def getVMInfo(self, vm_name):
408 results = checkResult(Cygwin.vboxExecute('showvminfo ' + vm_name + ' --machinereadable'))[1]
409 props = dict((k.strip().strip('"'),v.strip().strip('"')) for k,v in (line.split('=', 1) for line in results.splitlines()))
412 # return the configured USB filter for an existing VM
413 def getUSBFilter(self, vm_name):
414 props = self.getVMInfo(vm_name)
415 keys = set(['USBFilterVendorId1', 'USBFilterProductId1', 'USBFilterRevision1'])
416 keyset = set(props.keys())
418 if keyset.issuperset(keys):
419 usb_filter = USBFilter(props['USBFilterVendorId1'], props['USBFilterProductId1'], props['USBFilterRevision1'])
422 #generates ISO containing authorized_keys for use with guest VM
423 def genCertificateISO(self, vm_name):
424 machineFolder = Cygwin.cygPath(self.machineFolder)
425 # remove .ssh folder if exists
426 checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '/.ssh\\\"'))
427 # remove .ssh folder if exists
428 checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '/dvm_key\\\"'))
429 # create .ssh folder in vm_name
430 checkResult(Cygwin.bashExecute('/usr/bin/mkdir -p \\\"' + machineFolder + '/' + vm_name + '/.ssh\\\"'))
431 # generate dvm_key pair in vm_name / .ssh
432 checkResult(Cygwin.bashExecute('/usr/bin/ssh-keygen -q -t rsa -N \\\"\\\" -C \\\"' + vm_name + '\\\" -f \\\"' + machineFolder + '/' + vm_name + '/.ssh/dvm_key\\\"'))
433 # move out private key
434 checkResult(Cygwin.bashExecute('/usr/bin/mv \\\"' + machineFolder + '/' + vm_name + '/.ssh/dvm_key\\\" \\\"' + machineFolder + '/' + vm_name + '\\\"'))
435 # set permissions for private key
436 checkResult(Cygwin.bashExecute('/usr/bin/chmod 500 \\\"' + machineFolder + '/' + vm_name + '/dvm_key\\\"'))
437 # rename public key to authorized_keys
438 checkResult(Cygwin.bashExecute('/usr/bin/mv \\\"' + machineFolder + '/' + vm_name + '/.ssh/dvm_key.pub\\\" \\\"' + machineFolder + '/' + vm_name + '/.ssh/authorized_keys\\\"'))
439 # set permissions for authorized_keys
440 checkResult(Cygwin.bashExecute('/usr/bin/chmod 500 \\\"' + machineFolder + '/' + vm_name + '/.ssh/authorized_keys\\\"'))
441 # generate iso image with .ssh/authorized keys
442 checkResult(Cygwin.bashExecute('/usr/bin/genisoimage -J -R -o \\\"' + machineFolder + '/' + vm_name + '/'+ vm_name + '.iso\\\" \\\"' + machineFolder + '/' + vm_name + '/.ssh\\\"'))
444 # attaches generated ssh public cert to guest vm
445 def attachCertificateISO(self, vm_name):
446 result = checkResult(Cygwin.vboxExecute('storageattach ' + vm_name + ' --storagectl SATA --port 1 --device 0 --type dvddrive --mtype readonly --medium \"' + self.machineFolder + '\\' + vm_name + '\\'+ vm_name + '.iso\"'))
449 # wait for machine to come up
450 def waitStartup(self, vm_name, timeout_ms = 30000):
451 checkResult(Cygwin.vboxExecute('guestproperty wait ' + vm_name + ' SDVMStarted --timeout ' + str(timeout_ms) + ' --fail-on-timeout'))
452 return VMManager.getHostOnlyIP(vm_name)
454 # wait for machine to shutdown
455 def waitShutdown(self, vm_name):
456 while vm_name in self.listRunningVMS():
460 #Small function to check if the mentioned location is a directory
461 def isDirectory(self, path):
462 result = checkResult(Cygwin.cmdExecute('dir ' + path + ' | FIND ".."'))
463 return string.find(result[1], 'DIR',)
465 def mapNetworkDrive(self, drive, networkPath, user, password):
466 #self.unmapNetworkDrive(drive)
467 #Check for drive availability
468 if os.path.exists(drive):
469 logger.error("Drive letter is already in use: " + drive)
471 #Check for network resource availability
473 while not os.path.exists(networkPath):
477 logger.info("Path not accessible: " + networkPath + " retrying")
480 command = 'USE ' + drive + ' ' + networkPath + ' /PERSISTENT:NO'
482 command += ' ' + password + ' /User' + user
484 result = checkResult(Cygwin.execute('C:\\Windows\\system32\\NET', command))
485 #result = checkResult(Cygwin.cmdExecute('NET ' + command))
486 if string.find(result[1], 'successfully',) == -1:
487 logger.error("Failed: NET " + command)
491 def unmapNetworkDrive(self, drive):
492 #drives = self.getNetworkDrives()
493 #if drive not in drives.keys():
495 command = 'USE ' + drive + ' /DELETE /YES' #' ' + networkPath +
496 result = checkResult(Cygwin.execute('C:\\Windows\\system32\\net.exe', command))
497 #result = checkResult(Cygwin.cmdExecute('NET ' + command))
498 if string.find(str(result[1]), 'successfully',) == -1:
499 logger.error(result[2])
503 def getNetworkDrives(self):
504 ip = VMManager.getHostOnlyIP(None)
505 ip = ip[:ip.rindex('.')]
507 result = checkResult(Cygwin.execute('C:\\Windows\\system32\\net.exe', 'USE'))
508 for line in result[1].splitlines():
511 drives[parts[1]] = parts[2]
514 def genNetworkDrive(self):
515 network_drives = self.getNetworkDrives()
516 logical_drives = VMManager.getLogicalDrives()
517 drives = list(map(chr, range(68, 91)))
519 if drive+':' not in network_drives and drive not in logical_drives:
522 def getNetworkDrive(self, vm_name):
523 ip = self.getHostOnlyIP(vm_name)
524 result = checkResult(Cygwin.execute('C:\\Windows\\system32\\net.exe', 'USE'))
525 for line in result[1].splitlines():
526 if line != None and ip in line:
530 def getLogicalDrives():
531 drive_bitmask = ctypes.cdll.kernel32.GetLogicalDrives()
532 return list(itertools.compress(string.ascii_uppercase, map(lambda x:ord(x) - ord('0'), bin(drive_bitmask)[:1:-1])))
535 def getDriveType(drive):
536 return ctypes.cdll.kernel32.GetDriveTypeW(u"%s:\\"%drive)
539 def getVolumeInfo(drive):
540 volumeNameBuffer = ctypes.create_unicode_buffer(1024)
541 fileSystemNameBuffer = ctypes.create_unicode_buffer(1024)
543 max_component_length = None
544 file_system_flags = None
546 rc = ctypes.cdll.kernel32.GetVolumeInformationW(
547 #ctypes.c_wchar_p("F:\\"),
550 ctypes.sizeof(volumeNameBuffer),
552 max_component_length,
554 fileSystemNameBuffer,
555 ctypes.sizeof(fileSystemNameBuffer)
558 return volumeNameBuffer.value, fileSystemNameBuffer.value
560 # handles browsing request
561 def handleBrowsingRequest(self):
562 handler = BrowsingHandler(self)
566 def getActiveUserName(self):
567 key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI')
568 v = str(win32api.RegQueryValueEx(key, 'LastLoggedOnUser')[0])
569 win32api.RegCloseKey(key)
570 user_name = win32api.ExpandEnvironmentStrings(v)
573 def getUserSID(self, user_name):
574 account_name = win32security.LookupAccountName(None, user_name)
575 sid = win32security.ConvertSidToStringSid(account_name[0])
578 def getAppDataDir(self, sid):
579 key = win32api.RegOpenKey(win32con.HKEY_USERS, sid + '\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders')
580 value, type = win32api.RegQueryValueEx(key, "AppData")
581 win32api.RegCloseKey(key)
584 #key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList' + '\\' + sid)
585 #value, type = win32api.RegQueryValueEx(key, "ProfileImagePath")
588 def backupFile(self, src, dest):
589 certificate = Cygwin.cygPath(self.getMachineFolder()) + '/' + self.browsingManager.vm_name + '/dvm_key'
590 command = '-r -o StrictHostKeyChecking=no -i "' + certificate + '" "osecuser@' + self.browsingManager.ip_addr + ':' + src + '" "' + dest + '"'
591 return Cygwin.execute(Cygwin.cygwin_scp, command, wait_return=True, window=False)
593 def restoreFile(self, src, dest):
594 certificate = Cygwin.cygPath(self.getMachineFolder()) + '/' + self.browsingManager.vm_name + '/dvm_key'
595 #command = '-r -v -o StrictHostKeyChecking=no -i \"' + certificate + '\" \"' + src + '\" \"osecuser@' + self.browsingManager.ip_addr + ':' + dest + '\"'
596 command = '-r -o StrictHostKeyChecking=no -i "' + certificate + '" "' + src + '" "osecuser@' + self.browsingManager.ip_addr + ':' + dest + '"'
597 return Cygwin.execute(Cygwin.cygwin_scp, command, wait_return=True, window=False)
601 def checkResult(result):
603 logger.error('Command failed:' + ''.join(result[2]))
604 raise OpenSecurityException('Command failed:' + ''.join(result[2]))
607 # handles browsing request
608 class UnmapDriveHandler(threading.Thread):
613 def __init__(self, vmmanager, drv):
614 threading.Thread.__init__(self)
620 self.vmm.unmapNetworkDrive(self.drive)
621 mappedDrives = self.vmm.getNetworkDrives()
622 #logger.info(mappedDrives)
623 #logger.info(self.drive)
624 if self.drive not in mappedDrives.keys():
627 #handles browsing session creation
628 class BrowsingHandler(threading.Thread):
630 def __init__(self, vmmanager):
631 threading.Thread.__init__(self)
635 browser = '\\\"/usr/bin/chromium; pidof dbus-launch | xargs kill\\\"'
636 if Cygwin.is_X11_running()==False:
639 self.vmm.browsingManager.started.wait()
640 result = checkResult(Cygwin.sshExecuteX11(browser, self.vmm.browsingManager.ip_addr, 'osecuser', Cygwin.cygPath(self.vmm.getMachineFolder()) + '/' + self.vmm.browsingManager.vm_name + '/dvm_key'))
641 #backup settings on vm
643 logger.error("BrowsingHandler closing. Cleaning up")
644 self.vmm.backupFile('/home/osecuser/.config/chromium', self.vmm.browsingManager.appDataDir + '/OpenSecurity/')
645 self.vmm.browsingManager.restart.set()
648 # handles browsing Vm creation and destruction
649 class BrowsingManager(threading.Thread):
658 def __init__(self, vmmanager):
659 threading.Thread.__init__(self)
661 self.restart = threading.Event()
662 self.started = threading.Event()
669 if self.drive != None:
670 driveHandler = UnmapDriveHandler(self.vmm, self.drive)
677 if self.vm_name != None:
678 self.vmm.poweroffVM(self.vm_name)
679 self.vmm.removeVM(self.vm_name)
682 self.vm_name = self.vmm.generateSDVMName()
683 self.vmm.createVM(self.vm_name)
684 self.vmm.storageAttach(self.vm_name)
685 self.vmm.genCertificateISO(self.vm_name)
686 self.vmm.attachCertificateISO(self.vm_name)
687 self.vmm.startVM(self.vm_name)
688 self.ip_addr = self.vmm.waitStartup(self.vm_name)
689 if self.ip_addr == None:
691 self.drive = self.vmm.genNetworkDrive()
692 if self.drive == None:
694 networkPath = '\\\\' + self.ip_addr + '\\Download'
695 self.vmm.mapNetworkDrive(self.drive, networkPath, None, None)
698 user = self.vmm.getActiveUserName()
699 sid = self.vmm.getUserSID(user)
700 path = self.vmm.getAppDataDir(sid)
701 self.appDataDir = Cygwin.cygPath(path)
702 # create chromium settings dir on local machine if not existing
703 checkResult(Cygwin.bashExecute('/usr/bin/mkdir -p \\\"' + self.appDataDir + '/OpenSecurity\\\"'))
704 # create chromium settings dir on remote machine if not existing
705 checkResult(Cygwin.sshExecute('"mkdir -p \\\"/home/osecuser/.config\\\""', self.ip_addr, 'osecuser', Cygwin.cygPath(self.vmm.getMachineFolder()) + '/' + self.vm_name + '/dvm_key'))
706 #restore settings on vm
707 self.vmm.restoreFile(self.appDataDir + '/OpenSecurity/chromium', '/home/osecuser/.config/')
710 logger.error("BrowsingHandler failed. Cleaning up")
712 class DeviceHandler(threading.Thread):
717 def __init__(self, vmmanger):
718 threading.Thread.__init__(self)
725 self.connectedRSDs = dict()
728 tmp_rsds = self.vmm.getConnectedRSDS()
730 self.attachedRSDs = self.vmm.getAttachedRSDs()
731 for vm_name in self.attachedRSDs.keys():
732 if self.attachedRSDs[vm_name] not in tmp_rsds.values():
733 drive = self.vmm.getNetworkDrive(vm_name)
734 #self.stopVM(vm_name)
735 self.vmm.detachRSD(vm_name)
736 self.vmm.poweroffVM(vm_name)
737 self.vmm.removeVM(vm_name)
739 #self.vmm.unmapNetworkDrive(drive)
740 driveHandler = UnmapDriveHandler(self.vmm, drive)
745 if tmp_rsds.keys() == self.connectedRSDs.keys():
746 logger.debug("Nothing's changed. sleep(3)")
750 logger.info("Something's changed")
751 self.connectedRSDs = tmp_rsds
753 #create new vm for attached device if any
754 self.attachedRSDs = self.vmm.getAttachedRSDs()
755 self.connectedRSDs = self.vmm.getConnectedRSDS()
758 for connected_device in self.connectedRSDs.values():
759 if (self.attachedRSDs and False) or (connected_device not in self.attachedRSDs.values()):
760 new_sdvm = self.vmm.generateSDVMName()
761 self.vmm.createVM(new_sdvm)
762 self.vmm.storageAttach(new_sdvm)
763 self.vmm.attachRSD(new_sdvm, connected_device)
764 self.vmm.startVM(new_sdvm)
765 new_ip = self.vmm.waitStartup(new_sdvm)
766 drive = self.vmm.genNetworkDrive()
768 self.vmm.mapNetworkDrive(drive, '\\\\' + new_ip + '\\USB', None, None)
770 if __name__ == '__main__':
771 #man = VMManager.getInstance()
773 #print man.getConnectedRSDs()
774 #print man.getNetworkDrives()
775 #man.genNetworkDrive()
776 #drive_bitmask = ctypes.cdll.kernel32.GetLogicalDrives()
777 #print list(itertools.compress(string.ascii_uppercase, map(lambda x:ord(x) - ord('0'), bin(drive_bitmask)[:1:-1])))
778 #print list(map(chr, range(68, 91)))
779 #print Cygwin.getRegEntry('SYSTEM\CurrentControlSet\Enum\USB', 'VID_1058&PID_0704')[0]
780 #devices = VMManager.getConnectedRSDS()
783 drives = VMManager.getLogicalDrives()
785 print VMManager.getDriveType("E")
786 print VMManager.getVolumeInfo("E")
789 #for device in devices.values():
791 # if VMManager.isMassStorageDevice(device):
801 #man.genCertificateISO('SecurityDVM0')
802 #man.guestExecute('SecurityDVM0', '/bin/ls -la')
803 #logger = setupLogger('VMManager')
806 #man.sshExecute('/bin/ls -la', 'SecurityDVM0')
807 #man.sshExecuteX11('/usr/bin/iceweasel', 'SecurityDVM0')
808 #man.removeVM('SecurityDVM0')
809 #man.netUse('192.168.56.134', 'USB\\')
810 #ip = '192.168.56.139'
812 #man.cygwin_path = 'c:\\cygwin64\\bin\\'
813 #man.handleDeviceChange()
814 #print man.listSDVM()
815 #man.configureHostNetworking()
816 #new_vm = man.generateSDVMName()
817 #man.createVM(new_vm)
820 #man.isAvailable('c:')
821 #ip = man.getHostOnlyIP('SecurityDVM0')
822 #man.mapNetworkDrive('h:', '\\\\' + ip + '\Download', None, None)
824 #man.genCertificateISO(new_vm)
825 #man.attachCertificateISO(new_vm)
827 #man.attachCertificateISO(vm_name)
828 #man.guestExecute(vm_name, "ls")
829 #man.sshGuestX11Execute('SecurityDVM1', '/usr/bin/iceweasel')
831 #print man.cygwinPath("C:\Users\BarthaM\VirtualBox VMs\SecurityDVM\.ssh\*")
832 #man.genCertificateISO('SecurityDVM')
833 #man.attachCertificateISO('SecurityDVM')
834 #man.isStorageAttached('SecurityDVM')
835 #man.guestExecute('SecurityDVM', 'sudo apt-get -y update')
836 #man.guestExecute('SecurityDVM', 'sudo apt-get -y upgrade' )
838 #man.stopVM('SecurityDVM')
839 #man.storageDetach('SecurityDVM')
840 #man.changeStorageType('C:\Users\BarthaM\VirtualBox VMs\SecurityDVM\SecurityDVM.vmdk','immutable')
841 #man.storageAttach('SecurityDVM')
844 #cmd = "c:\\cygwin64\\bin\\bash.exe --login -c \"/bin/ls\""