1.1 --- a/OpenSecurity/bin/cygwin.py Fri May 09 14:09:02 2014 +0200
1.2 +++ b/OpenSecurity/bin/cygwin.py Fri May 09 13:21:59 2014 +0100
1.3 @@ -43,7 +43,6 @@
1.4 from environment import Environment
1.5 from opensecurity_util import logger, setupLogger, OpenSecurityException
1.6 import time
1.7 -#import wmi
1.8 # ------------------------------------------------------------
1.9 # code
1.10
1.11 @@ -62,12 +61,14 @@
1.12 theClass.cygwin_bin = os.path.join(theClass.cygwin_root, 'bin') + os.path.sep
1.13 theClass.cygwin_bash = os.path.join(theClass.cygwin_bin, 'bash.exe')
1.14 theClass.cygwin_ssh = os.path.join(theClass.cygwin_bin, 'ssh.exe')
1.15 + theClass.cygwin_scp = os.path.join(theClass.cygwin_bin, 'scp.exe')
1.16 theClass.cygwin_x11 = os.path.join(theClass.cygwin_bin, 'XWin.exe')
1.17 theClass.win_cmd = os.environ.get("COMSPEC", "cmd.exe")
1.18 """get the path to the VirtualBox installation on this system"""
1.19 theClass.vbox_root = theClass.getRegEntry('SOFTWARE\Oracle\VirtualBox', 'InstallDir')[0]
1.20 theClass.vbox_man = os.path.join(theClass.vbox_root, 'VBoxManage.exe')
1.21 -
1.22 + #theClass.user_home = os.path.expanduser("~")
1.23 + theClass.user_home = os.environ['APPDATA']#os.path.expandvars("%APPDATA%")
1.24 return theClass
1.25
1.26 class XRunner(threading.Thread):
1.27 @@ -96,9 +97,11 @@
1.28 cygwin_bash = ''
1.29 cygwin_ssh = ''
1.30 cygwin_x11 = ''
1.31 + cygwin_scp = ''
1.32 vbox_root = ''
1.33 vbox_man = ''
1.34 win_cmd = ''
1.35 + user_home = ''
1.36 """Some nifty methods working with Cygwin"""
1.37
1.38 def __call__(self, command, arguments, wait_return=True, window = False):
1.39 @@ -131,6 +134,10 @@
1.40 @staticmethod
1.41 def ssh():
1.42 return Cygwin.cygwin_ssh
1.43 +
1.44 + @staticmethod
1.45 + def scp():
1.46 + return Cygwin.cygwin_scp
1.47
1.48 @staticmethod
1.49 def x11():
1.50 @@ -144,6 +151,10 @@
1.51 def cmd():
1.52 return Cygwin.win_cmd
1.53
1.54 + @staticmethod
1.55 + def home():
1.56 + return Cygwin.user_home
1.57 +
1.58 executeLock = threading.Lock()
1.59 #executes command on host system
1.60 @staticmethod
1.61 @@ -207,7 +218,7 @@
1.62 @staticmethod
1.63 def sshExecute(command, address, user_name, certificate, wait_return=True, window = False):
1.64 command = ' -v -o StrictHostKeyChecking=no -i "' + certificate + '" ' + user_name + '@' + address + ' ' + command
1.65 - return Cygwin.execute(Cygwin.cygwin_ssh, command, wait_return, window)
1.66 + return Cygwin.execute(Cygwin.cygwin_ssh, command, wait_return, window)
1.67
1.68 #machineFolder + '/' + vm_name + '/dvm_key
1.69 #address = self.getHostOnlyIP(vm_name)
1.70 @@ -245,19 +256,28 @@
1.71 return Cygwin.bashExecute(cmd)[1].rstrip('\n')
1.72
1.73 # start
1.74 +import os
1.75 +import win32api
1.76 +import win32con
1.77 +import win32security
1.78 +
1.79 if __name__ == "__main__":
1.80 logger = setupLogger('Cygwin')
1.81 c = Cygwin()
1.82 - logger.info(c.root())
1.83 - logger.info(c.bin())
1.84 - logger.info(c.bash())
1.85 - logger.info(c.ssh())
1.86 - logger.info(c.x11())
1.87 + #logger.info(c.root())
1.88 + #logger.info(c.bin())
1.89 + #logger.info(c.bash())
1.90 + #logger.info(c.ssh())
1.91 + #logger.info(c.x11())
1.92 + #logger.info(c.home())
1.93
1.94 - runner = XRunner()
1.95 - runner.start()
1.96 + #PSEXEC -i -s -d CMD
1.97 + #tasklist /v /fo list /fi "IMAGENAME eq explorer.exe"
1.98
1.99 - Cygwin.start_X11()
1.100 + #runner = XRunner()
1.101 + #runner.start()
1.102 +
1.103 + #Cygwin.start_X11()
1.104
1.105
1.106
2.1 --- a/OpenSecurity/bin/vmmanager.pyw Fri May 09 14:09:02 2014 +0200
2.2 +++ b/OpenSecurity/bin/vmmanager.pyw Fri May 09 13:21:59 2014 +0100
2.3 @@ -21,7 +21,9 @@
2.4 from opensecurity_util import logger, setupLogger, OpenSecurityException
2.5 import ctypes
2.6 import itertools
2.7 -import _winreg
2.8 +import win32api
2.9 +import win32con
2.10 +import win32security
2.11 DEBUG = True
2.12
2.13 class VMManagerException(Exception):
2.14 @@ -174,16 +176,16 @@
2.15 @staticmethod
2.16 def isMassStorageDevice(device):
2.17 keyname = 'SYSTEM\CurrentControlSet\Enum\USB' + '\VID_' + device.vendorid+'&'+'PID_'+ device.productid
2.18 - key = _winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE, keyname)
2.19 + key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, keyname)
2.20 #subkeys = _winreg.QueryInfoKey(key)[0]
2.21 #for i in range(0, subkeys):
2.22 # print _winreg.EnumKey(key, i)
2.23 - devinfokeyname = _winreg.EnumKey(key, 0)
2.24 - _winreg.CloseKey(key)
2.25 + devinfokeyname = win32api.RegEnumKey(key, 0)
2.26 + win32api.RegCloseKey(key)
2.27
2.28 - devinfokey = _winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE, keyname+'\\'+devinfokeyname)
2.29 - value = _winreg.QueryValueEx(devinfokey, 'SERVICE')[0]
2.30 - _winreg.CloseKey(devinfokey)
2.31 + devinfokey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, keyname+'\\'+devinfokeyname)
2.32 + value = win32api.RegQueryValueEx(devinfokey, 'SERVICE')[0]
2.33 + win32api.RegCloseKey(devinfokey)
2.34
2.35 return 'USBSTOR' in value
2.36
2.37 @@ -479,7 +481,7 @@
2.38 if user != None:
2.39 command += ' ' + password + ' /User' + user
2.40
2.41 - result = checkResult(Cygwin.execute('C:\\Windows\\system32\\NET ', command))
2.42 + result = checkResult(Cygwin.execute('C:\\Windows\\system32\\NET', command))
2.43 #result = checkResult(Cygwin.cmdExecute('NET ' + command))
2.44 if string.find(result[1], 'successfully',) == -1:
2.45 logger.error("Failed: NET " + command)
2.46 @@ -560,6 +562,41 @@
2.47 handler = BrowsingHandler(self)
2.48 handler.start()
2.49 return 'ok'
2.50 +
2.51 + def getActiveUserName(self):
2.52 + key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI')
2.53 + v = str(win32api.RegQueryValueEx(key, 'LastLoggedOnUser')[0])
2.54 + win32api.RegCloseKey(key)
2.55 + user_name = win32api.ExpandEnvironmentStrings(v)
2.56 + return user_name
2.57 +
2.58 + def getUserSID(self, user_name):
2.59 + account_name = win32security.LookupAccountName(None, user_name)
2.60 + sid = win32security.ConvertSidToStringSid(account_name[0])
2.61 + return sid
2.62 +
2.63 + def getAppDataDir(self, sid):
2.64 + key = win32api.RegOpenKey(win32con.HKEY_USERS, sid + '\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders')
2.65 + value, type = win32api.RegQueryValueEx(key, "AppData")
2.66 + win32api.RegCloseKey(key)
2.67 + return value
2.68 +
2.69 + #key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList' + '\\' + sid)
2.70 + #value, type = win32api.RegQueryValueEx(key, "ProfileImagePath")
2.71 + #print value
2.72 +
2.73 + def backupFile(self, src, dest):
2.74 + certificate = Cygwin.cygPath(self.getMachineFolder()) + '/' + self.browsingManager.vm_name + '/dvm_key'
2.75 + command = '-r -o StrictHostKeyChecking=no -i "' + certificate + '" "osecuser@' + self.browsingManager.ip_addr + ':' + src + '" "' + dest + '"'
2.76 + return Cygwin.execute(Cygwin.cygwin_scp, command, wait_return=True, window=False)
2.77 +
2.78 + def restoreFile(self, src, dest):
2.79 + certificate = Cygwin.cygPath(self.getMachineFolder()) + '/' + self.browsingManager.vm_name + '/dvm_key'
2.80 + #command = '-r -v -o StrictHostKeyChecking=no -i \"' + certificate + '\" \"' + src + '\" \"osecuser@' + self.browsingManager.ip_addr + ':' + dest + '\"'
2.81 + command = '-r -o StrictHostKeyChecking=no -i "' + certificate + '" "' + src + '" "osecuser@' + self.browsingManager.ip_addr + ':' + dest + '"'
2.82 + return Cygwin.execute(Cygwin.cygwin_scp, command, wait_return=True, window=False)
2.83 +
2.84 +
2.85
2.86 def checkResult(result):
2.87 if result[0] != 0:
2.88 @@ -586,17 +623,6 @@
2.89 #logger.info(self.drive)
2.90 if self.drive not in mappedDrives.keys():
2.91 self.running = False
2.92 -
2.93 -
2.94 - #browser = '/usr/bin/iceweasel'
2.95 - #browser = '/usr/bin/midori'
2.96 - #browser = '/usr/bin/chromium '
2.97 - #if Cygwin.is_X11_running()==True:
2.98 - #result = checkResult(Cygwin.bashExecute('DISPLAY=:0 xhost '+new_ip))
2.99 -
2.100 - #browser = '\\\"/usr/bin/chromium; pidof dbus-launch | xargs kill\\\"'
2.101 - #Cygwin.start_X11()
2.102 - #result = checkResult(Cygwin.sshExecuteX11(browser, new_ip, 'osecuser', Cygwin.cygPath(self.vmm.getMachineFolder()) + '/' + new_sdvm + '/dvm_key'))
2.103
2.104 #handles browsing session creation
2.105 class BrowsingHandler(threading.Thread):
2.106 @@ -610,10 +636,12 @@
2.107 if Cygwin.is_X11_running()==False:
2.108 Cygwin.start_X11()
2.109 try:
2.110 - self.vmm.browsingManager.started.wait()
2.111 + self.vmm.browsingManager.started.wait()
2.112 result = checkResult(Cygwin.sshExecuteX11(browser, self.vmm.browsingManager.ip_addr, 'osecuser', Cygwin.cygPath(self.vmm.getMachineFolder()) + '/' + self.vmm.browsingManager.vm_name + '/dvm_key'))
2.113 + #backup settings on vm
2.114 except:
2.115 logger.error("BrowsingHandler closing. Cleaning up")
2.116 + self.vmm.backupFile('/home/osecuser/.config/chromium', self.vmm.browsingManager.appDataDir + '/OpenSecurity/')
2.117 self.vmm.browsingManager.restart.set()
2.118
2.119
2.120 @@ -625,6 +653,7 @@
2.121 ip_addr = None
2.122 vm_name = None
2.123 drive = None
2.124 + appDataDir = None
2.125
2.126 def __init__(self, vmmanager):
2.127 threading.Thread.__init__(self)
2.128 @@ -665,8 +694,18 @@
2.129 networkPath = '\\\\' + self.ip_addr + '\\Download'
2.130 self.vmm.mapNetworkDrive(self.drive, networkPath, None, None)
2.131 self.started.set()
2.132 +
2.133 + user = self.vmm.getActiveUserName()
2.134 + sid = self.vmm.getUserSID(user)
2.135 + path = self.vmm.getAppDataDir(sid)
2.136 + self.appDataDir = Cygwin.cygPath(path)
2.137 + # create chromium settings dir on local machine if not existing
2.138 + checkResult(Cygwin.bashExecute('/usr/bin/mkdir -p \\\"' + self.appDataDir + '/OpenSecurity\\\"'))
2.139 + # create chromium settings dir on remote machine if not existing
2.140 + checkResult(Cygwin.sshExecute('"mkdir -p \\\"/home/osecuser/.config\\\""', self.ip_addr, 'osecuser', Cygwin.cygPath(self.vmm.getMachineFolder()) + '/' + self.vm_name + '/dvm_key'))
2.141 + #restore settings on vm
2.142 + self.vmm.restoreFile(self.appDataDir + '/OpenSecurity/chromium', '/home/osecuser/.config/')
2.143 self.restart.wait()
2.144 -
2.145 except:
2.146 logger.error("BrowsingHandler failed. Cleaning up")
2.147
2.148 @@ -745,6 +784,8 @@
2.149 print drives
2.150 print VMManager.getDriveType("E")
2.151 print VMManager.getVolumeInfo("E")
2.152 +
2.153 + #vmm.backupFile()
2.154 #for device in devices.values():
2.155 # #print device
2.156 # if VMManager.isMassStorageDevice(device):