1.1 --- a/OpenSecurity/bin/launch.py Tue Dec 10 12:16:11 2013 +0100
1.2 +++ b/OpenSecurity/bin/launch.py Tue Dec 10 14:04:11 2013 +0100
1.3 @@ -36,6 +36,8 @@
1.4 import os
1.5 import subprocess
1.6 import sys
1.7 +import urllib
1.8 +import urllib2
1.9
1.10 from PyQt4 import QtCore
1.11 from PyQt4 import QtGui
1.12 @@ -44,7 +46,6 @@
1.13 from about import About
1.14 from cygwin import Cygwin
1.15 from environment import Environment
1.16 -import opensecurity_server
1.17
1.18
1.19 # ------------------------------------------------------------
1.20 @@ -61,17 +62,25 @@
1.21 self.setWindowTitle('OpenSecuirty Launch Application')
1.22 self.setup_ui()
1.23
1.24 - # known vms and applications
1.25 - self._apps, self_vms = [], []
1.26 -
1.27 # positionate ourself central
1.28 screen = QtGui.QDesktopWidget().screenGeometry()
1.29 self.resize(self.geometry().width() * 1.25, self.geometry().height())
1.30 size = self.geometry()
1.31 self.move((screen.width() - size.width()) / 2, (screen.height() - size.height()) / 2)
1.32
1.33 - # refresh vm and command input
1.34 - self.refresh()
1.35 + self._vms = [ { 'name': 'SecurityDVM0', 'ip': '192.168.56.101' } ]
1.36 + self._apps = [ { 'name': 'Browser', 'command': '/usr/bin/iceweasel' } ]
1.37 +
1.38 + # add the VMs we know
1.39 + self._cbVM.clear()
1.40 + for vm in self._vms:
1.41 + self._cbVM.addItem(vm['name'])
1.42 +
1.43 + # add the commands we know
1.44 + self._cbApplication.clear()
1.45 + for app in self._apps:
1.46 + self._cbApplication.addItem(app['name'])
1.47 +
1.48
1.49
1.50 def app_get(self):
1.51 @@ -101,23 +110,6 @@
1.52 self.accept()
1.53
1.54
1.55 - def refresh(self):
1.56 - """load the known vms and commands and adjust input fields"""
1.57 -
1.58 - self._apps = opensecurity_server.query_apps()
1.59 - self._vms = opensecurity_server.query_vms()
1.60 -
1.61 - # add the VMs we know
1.62 - self._cbApplication.clear()
1.63 - for app in self._apps:
1.64 - self._cbApplication.addItem(app['name'])
1.65 -
1.66 - # add the commands we know
1.67 - self._cbVM.clear()
1.68 - for vm in self._vms:
1.69 - self._cbVM.addItem(vm['name'])
1.70 -
1.71 -
1.72 def setup_ui(self):
1.73 """Create the widgets."""
1.74
1.75 @@ -192,17 +184,6 @@
1.76 btnAbout.clicked.connect(self.clicked_about)
1.77
1.78
1.79 - def user_get(self):
1.80 - """The user of the vm of choice."""
1.81 - v = str(self._cbVM.currentText())
1.82 - for vm in self._vms:
1.83 - if v == vm['name']:
1.84 - return vm['user']
1.85 - return v
1.86 -
1.87 - user = property(user_get)
1.88 -
1.89 -
1.90 def vm_get(self):
1.91 """The vm of choice."""
1.92 v = str(self._cbVM.currentText())
1.93 @@ -235,9 +216,9 @@
1.94 app.exec_()
1.95
1.96 if dlg.result() == QtGui.QDialog.Accepted:
1.97 - return dlg.user, dlg.vm, dlg.app
1.98 + return dlg.vm, dlg.app
1.99
1.100 - return '', '', ''
1.101 + return '', ''
1.102
1.103
1.104 def main():
1.105 @@ -245,40 +226,43 @@
1.106
1.107 # parse command line
1.108 parser = argparse.ArgumentParser(description = 'OpenSecurity Launcher: run application in VM')
1.109 - parser.add_argument('user', metavar='USER', help='USER on Virtual Machine', nargs='?', type=str, default='')
1.110 parser.add_argument('ip', metavar='IP', help='IP of Virtual Machine', nargs='?', type=str, default='')
1.111 parser.add_argument('command', metavar='COMMAND', help='Full path of command and arguments to start inside VM', nargs='?', type=str, default='')
1.112 args = parser.parse_args()
1.113
1.114 # we must have at least all or none set
1.115 - set_user = args.user != ''
1.116 set_ip = args.ip != ''
1.117 set_command = args.command != ''
1.118 - set_ALL = set_user and set_ip and set_command
1.119 - set_NONE = (not set_user) and (not set_ip) and (not set_command)
1.120 + set_ALL = set_ip and set_command
1.121 + set_NONE = (not set_ip) and (not set_command)
1.122 if (not set_ALL) and (not set_NONE):
1.123 - sys.stderr.write("Please specify user, ip and command or none.\n")
1.124 + sys.stderr.write("Please specify ip and command or none.\n")
1.125 sys.stderr.write("Type '--help' for help.\n")
1.126 sys.exit(1)
1.127
1.128 # check if we need to ask the user
1.129 if set_NONE:
1.130 - args.user, args.ip, args.command = ask_user()
1.131 + args.ip, args.command = ask_user()
1.132
1.133 # still no IP? --> no chance, over and out!
1.134 if args.ip == '':
1.135 sys.exit(0)
1.136
1.137 # ensure we have our X11 running
1.138 - Cygwin.start_X11()
1.139 + #Cygwin.start_X11()
1.140
1.141 - # the SSH command
1.142 - user_at_guest = args.user + '@' + args.ip
1.143 - ssh = 'DISPLAY=:0 /usr/bin/ssh -Y ' + user_at_guest + ' ' + args.command
1.144 - print(ssh)
1.145 + # call the OpenSecurity Admin to launch our progie =)
1.146 + url_vm = urllib.quote(args.ip)
1.147 + url_command = urllib.quote(args.command)
1.148 + print(url_vm)
1.149 + print(url_command)
1.150
1.151 - # off we go!
1.152 - Cygwin()(['/bin/bash', '--login', '-i', '-c', ssh], None, None, None)
1.153 + # user_at_guest = args.user + '@' + args.ip
1.154 + # ssh = 'DISPLAY=:0 /usr/bin/ssh -Y ' + user_at_guest + ' ' + args.command
1.155 + # print(ssh)
1.156 +
1.157 + # # off we go!
1.158 + # Cygwin()(['/bin/bash', '--login', '-i', '-c', ssh], None, None, None)
1.159
1.160
1.161 # start
2.1 --- a/OpenSecurity/bin/opensecurity_client_restful_server.py Tue Dec 10 12:16:11 2013 +0100
2.2 +++ b/OpenSecurity/bin/opensecurity_client_restful_server.py Tue Dec 10 14:04:11 2013 +0100
2.3 @@ -50,12 +50,12 @@
2.4 # const
2.5
2.6
2.7 -__version__ = "0.1"
2.8 +__version__ = "0.2"
2.9
2.10
2.11 """All the URLs we know mapping to class handler"""
2.12 opensecurity_urls = (
2.13 - '/application', 'os_application',
2.14 + #'/application', 'os_application',
2.15 '/credentials', 'os_credentials',
2.16 '/notification', 'os_notification',
2.17 '/password', 'os_password',
2.18 @@ -67,53 +67,53 @@
2.19 # code
2.20
2.21
2.22 -class os_application:
2.23 - """OpenSecurity '/application' handler.
2.24 +# class os_application:
2.25 +#
2.26 +# PRESUMLY DEAD CODE
2.27 +#
2.28 + # """OpenSecurity '/application' handler.
2.29
2.30 - This is called on GET /application?vm=VM-ID&app=APP-ID
2.31 - This tries to access the vm identified with the label VM-ID
2.32 - and launched the application identified APP-ID
2.33 - """
2.34 + # This is called on GET /application?vm=VM-ID&app=APP-ID
2.35 + # This tries to access the vm identified with the label VM-ID
2.36 + # and launched the application identified APP-ID
2.37 + # """
2.38
2.39 - def GET(self):
2.40 + # def GET(self):
2.41
2.42 - # pick the arguments
2.43 - args = web.input()
2.44 + # # pick the arguments
2.45 + # args = web.input()
2.46
2.47 - # we _need_ a vm
2.48 - if not "vm" in args:
2.49 - raise web.badrequest('no vm given')
2.50 + # # we _need_ a vm
2.51 + # if not "vm" in args:
2.52 + # raise web.badrequest('no vm given')
2.53
2.54 - # we _need_ a app
2.55 - if not "app" in args:
2.56 - raise web.badrequest('no app given')
2.57 + # # we _need_ a app
2.58 + # if not "command" in args:
2.59 + # raise web.badrequest('no app given')
2.60
2.61 - apps = opensecurity_server.query_apps()
2.62 - vms = opensecurity_server.query_vms()
2.63 + # # check if we do have valid vm
2.64 + # v = [v for v in vms if v['name'] == args.vm]
2.65 + # if len(v) == 0:
2.66 + # raise web.notfound('vm not found')
2.67 + # v = v[0]
2.68
2.69 - # check if we do have valid vm
2.70 - v = [v for v in vms if v['name'] == args.vm]
2.71 - if len(v) == 0:
2.72 - raise web.notfound('vm not found')
2.73 - v = v[0]
2.74 + # # check if we do have a valid app
2.75 + # a = [a for a in apps if a['name'] == args.app]
2.76 + # if len(a) == 0:
2.77 + # raise web.notfound('app not found')
2.78 + # a = a[0]
2.79
2.80 - # check if we do have a valid app
2.81 - a = [a for a in apps if a['name'] == args.app]
2.82 - if len(a) == 0:
2.83 - raise web.notfound('app not found')
2.84 - a = a[0]
2.85 + # # invoke launch with
2.86 + # res = "starting: launch " + v['user'] + " " + v['ip'] + " " + a['command']
2.87 +
2.88 + # launch_image = os.path.join(sys.path[0], 'launch.py')
2.89 + # process_command = [sys.executable, launch_image, v['user'], v['ip'], a['command']]
2.90 + # process = subprocess.Popen(process_command, shell = False, stdout = subprocess.PIPE)
2.91 + # result = process.communicate()[0]
2.92 + # if process.returncode != 0:
2.93 + # return 'Launch of application aborted.'
2.94
2.95 - # invoke launch with
2.96 - res = "starting: launch " + v['user'] + " " + v['ip'] + " " + a['command']
2.97 -
2.98 - launch_image = os.path.join(sys.path[0], 'launch.py')
2.99 - process_command = [sys.executable, launch_image, v['user'], v['ip'], a['command']]
2.100 - process = subprocess.Popen(process_command, shell = False, stdout = subprocess.PIPE)
2.101 - result = process.communicate()[0]
2.102 - if process.returncode != 0:
2.103 - return 'Launch of application aborted.'
2.104 -
2.105 - return result
2.106 + # return result
2.107
2.108
2.109 class os_credentials:
3.1 --- a/OpenSecurity/bin/opensecurity_server.py Tue Dec 10 12:16:11 2013 +0100
3.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
3.3 @@ -1,69 +0,0 @@
3.4 -#!/bin/env python
3.5 -# -*- coding: utf-8 -*-
3.6 -
3.7 -# ------------------------------------------------------------
3.8 -# opensecurity-server
3.9 -#
3.10 -# talk to the opensecurity server
3.11 -#
3.12 -# Autor: Oliver Maurhart, <oliver.maurhart@ait.ac.at>
3.13 -#
3.14 -# Copyright (C) 2013 AIT Austrian Institute of Technology
3.15 -# AIT Austrian Institute of Technology GmbH
3.16 -# Donau-City-Strasse 1 | 1220 Vienna | Austria
3.17 -# http://www.ait.ac.at
3.18 -#
3.19 -# This program is free software; you can redistribute it and/or
3.20 -# modify it under the terms of the GNU General Public License
3.21 -# as published by the Free Software Foundation version 2.
3.22 -#
3.23 -# This program is distributed in the hope that it will be useful,
3.24 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
3.25 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3.26 -# GNU General Public License for more details.
3.27 -#
3.28 -# You should have received a copy of the GNU General Public License
3.29 -# along with this program; if not, write to the Free Software
3.30 -# Foundation, Inc., 51 Franklin Street, Fifth Floor,
3.31 -# Boston, MA 02110-1301, USA.
3.32 -# ------------------------------------------------------------
3.33 -
3.34 -# ------------------------------------------------------------
3.35 -# import
3.36 -
3.37 -from pprint import PrettyPrinter
3.38 -
3.39 -
3.40 -# ------------------------------------------------------------
3.41 -# code
3.42 -
3.43 -def query_apps():
3.44 - """get the list of known apps"""
3.45 -
3.46 - # TODO: REPLACE THIS HARDCODED STUFF WITH REAL CODE TO THE OS SERVER
3.47 - apps = [
3.48 - { 'vm': 'SecurityDVMBrowser', 'name': 'Browser', 'command': '/usr/bin/iceweasel'},
3.49 - ]
3.50 -
3.51 - return apps
3.52 -
3.53 -
3.54 -def query_vms():
3.55 - """get the list of registered vms, their ip and the prefered user"""
3.56 -
3.57 - # TODO: REPLACE THIS HARDCODED STUFF WITH REAL CODE TO THE OS SERVER
3.58 - vms = [
3.59 - { 'user': 'opensec', 'name': 'SecurityDVMBrowser', 'ip': '192.168.56.101'},
3.60 - ]
3.61 -
3.62 - return vms
3.63 -
3.64 -
3.65 -# start
3.66 -if __name__ == "__main__":
3.67 - print("known apps: ")
3.68 - PrettyPrinter().pprint(query_apps())
3.69 - print("known vms: ")
3.70 - PrettyPrinter().pprint(query_vms())
3.71 -
3.72 -
4.1 --- a/OpenSecurity/bin/opensecurityd.py Tue Dec 10 12:16:11 2013 +0100
4.2 +++ b/OpenSecurity/bin/opensecurityd.py Tue Dec 10 14:04:11 2013 +0100
4.3 @@ -47,21 +47,22 @@
4.4 # ------------------------------------------------------------
4.5 # const
4.6
4.7 -__version__ = "0.1"
4.8 +__version__ = "0.2"
4.9
4.10
4.11 """All the URLs we know mapping to class handler"""
4.12 opensecurity_urls = (
4.13 - '/device_change', 'os_device_change', # http://localhost:8080/device_change GET
4.14 - '/sdvm_started', 'os_sdvm_started', # http://localhost:8080/sdvm_started GET
4.15 - '/sdvms', 'os_sdvms', # http://localhost:8080/sdvms GET, PUT
4.16 - '/sdvms/(.*)/ip', 'os_sdvm_ip', # http://localhost:8080/sdvms/[VMNAME]/ip GET
4.17 - '/sdvms/(.*)/start', 'os_sdvm_start', # http://localhost:8080/sdvms/[VMNAME]/start GET
4.18 - '/sdvms/(.*)/stop', 'os_sdvm_stop', # http://localhost:8080/sdvms/[VMNAME]/stop GET
4.19 - '/sdvms/(.*)', 'os_sdvm', # http://localhost:8080/sdvms/[VMNAME] GET, DELETE
4.20 - '/vms', 'os_vms', # http://localhost:8080/vms GET
4.21 - '/vms/(.*)', 'os_vm', # http://localhost:8080/vms/[VMNAME] GET
4.22 - '/', 'os_root' # http://localhost:8080/ GET
4.23 + '/device_change', 'os_device_change', # http://localhost:8080/device_change GET
4.24 + '/browsing', 'os_browsing', # http://localhost:8080/browsing GET
4.25 + '/sdvms', 'os_sdvms', # http://localhost:8080/sdvms GET, PUT
4.26 + '/sdvms/(.*)/application/(.*)', 'os_sdvm_application', # http://localhost:8080/sdvms/[VMNAME]/application/[COMMAND] GET
4.27 + '/sdvms/(.*)/ip', 'os_sdvm_ip', # http://localhost:8080/sdvms/[VMNAME]/ip GET
4.28 + '/sdvms/(.*)/start', 'os_sdvm_start', # http://localhost:8080/sdvms/[VMNAME]/start GET
4.29 + '/sdvms/(.*)/stop', 'os_sdvm_stop', # http://localhost:8080/sdvms/[VMNAME]/stop GET
4.30 + '/sdvms/(.*)', 'os_sdvm', # http://localhost:8080/sdvms/[VMNAME] GET, DELETE
4.31 + '/vms', 'os_vms', # http://localhost:8080/vms GET
4.32 + '/vms/(.*)', 'os_vm', # http://localhost:8080/vms/[VMNAME] GET
4.33 + '/', 'os_root' # http://localhost:8080/ GET
4.34 )
4.35
4.36
4.37 @@ -83,15 +84,28 @@
4.38 gvm_mgr.handleDeviceChange()
4.39 return "os_device_change"
4.40
4.41 -class os_sdvm_started:
4.42 - """OpenSecurity '/sdvm_started' handler"""
4.43 +
4.44 +class os_browsing:
4.45 + """OpenSecurity '/browsing' handler
4.46 +
4.47 + - GET: Start and prepare a new SecurityVM for Internet Browsing. Return the name of the VM.
4.48 + """
4.49
4.50 def GET(self):
4.51 - # self.request get address
4.52 - return "os_sdvm_started"
4.53 + try:
4.54 + browsingVM = gvm_mgr.handleBrowsingRequest()
4.55 + gvm_mgr.startVM(browsingVM)
4.56 + return browsingVM
4.57 + except:
4.58 + raise web.internalerror()
4.59
4.60 +
4.61 class os_sdvm:
4.62 - """OpenSecurity '/sdvms/[VM]' handler"""
4.63 + """OpenSecurity '/sdvms/[VM]' handler
4.64 +
4.65 + - GET: Information about a specific SecurityVM
4.66 + - DELETE: Remove a specific
4.67 + """
4.68
4.69 def GET(self, name):
4.70 return gvm_mgr.getVMInfo(name)
4.71 @@ -100,35 +114,60 @@
4.72 return gvm_mgr.removeVM(name)
4.73
4.74
4.75 +class os_sdvm_application:
4.76 + """OpenSecurity '/sdvms/[VM]/application/[CMD]' handler
4.77 +
4.78 + - GET: start application with given command in the VM.
4.79 + """
4.80 +
4.81 + def GET(self, name, command):
4.82 + command = '/' + command
4.83 + print('---> request to launch application in VM -- ' + name + ':' + command + ' <---')
4.84 + return gvm_mgr.sshGuestX11Execute(name, command)
4.85 +
4.86 +
4.87 class os_sdvm_ip:
4.88 - """OpenSecurity '/sdvms/[VM]/ip' handler"""
4.89 + """OpenSecurity '/sdvms/[VM]/ip' handler
4.90 +
4.91 + - GET: give IP of SecurityVM.
4.92 + """
4.93
4.94 def GET(self, name):
4.95 return gvm_mgr.getHostOnlyIP(name)
4.96
4.97
4.98 class os_sdvm_start:
4.99 - """OpenSecurity '/sdvms/[VM]/start' handler"""
4.100 + """OpenSecurity '/sdvms/[VM]/start' handler
4.101 +
4.102 + - GET: Start specific SecuirtyVM.
4.103 + """
4.104
4.105 def GET(self, name):
4.106 return gvm_mgr.startVM(name)
4.107
4.108
4.109 class os_sdvm_stop:
4.110 - """OpenSecurity '/sdvms/[VM]/stop' handler"""
4.111 + """OpenSecurity '/sdvms/[VM]/stop' handler
4.112 +
4.113 + - GET: stop specific Secuirty VM.
4.114 + """
4.115
4.116 def GET(self, name):
4.117 return gvm_mgr.stopVM(name)
4.118
4.119
4.120 class os_sdvms:
4.121 - """OpenSecurity '/sdvms' handler"""
4.122 + """OpenSecurity '/sdvms' handler
4.123 +
4.124 + - GET: list all available secuirty VMs.
4.125 + - POST: create new security vm.
4.126 + """
4.127
4.128 def GET(self):
4.129 """get the list of SDVMs"""
4.130 return gvm_mgr.listSDVM()
4.131
4.132 - def PUT(self):
4.133 + def POST(self):
4.134 """create a new SDVM"""
4.135
4.136 # get a new vm-name
4.137 @@ -141,21 +180,30 @@
4.138 return name
4.139
4.140 class os_vm:
4.141 - """OpenSecurity '/vms/[VM]' handler"""
4.142 + """OpenSecurity '/vms/[VM]' handler
4.143 +
4.144 + - GET: list information of arbitrary VM.
4.145 + """
4.146
4.147 def GET(self, name):
4.148 return gvm_mgr.getVMInfo(name)
4.149
4.150
4.151 class os_vms:
4.152 - """OpenSecurity '/vms' handler"""
4.153 + """OpenSecurity '/vms' handler
4.154 +
4.155 + - GET: list all (also non Security) VMs.
4.156 + """
4.157
4.158 def GET(self):
4.159 return gvm_mgr.listVM()
4.160
4.161
4.162 class os_root:
4.163 - """OpenSecurity '/' handler"""
4.164 + """OpenSecurity '/' handler
4.165 +
4.166 + - GET: give information about current installation.
4.167 + """
4.168
4.169 def GET(self):
4.170 res = "'os_server': { "
5.1 --- a/OpenSecurity/bin/vmmanager.py Tue Dec 10 12:16:11 2013 +0100
5.2 +++ b/OpenSecurity/bin/vmmanager.py Tue Dec 10 14:04:11 2013 +0100
5.3 @@ -43,7 +43,7 @@
5.4 vboxManage = 'VBoxManage'
5.5
5.6 def __init__(self):
5.7 - self.cygwin_path = os.path.join(Cygwin.root(), 'bin')
5.8 + self.cygwin_path = os.path.join(Cygwin.root(), 'bin') + os.path.sep
5.9 self.vboxManage = os.path.join(self.getVBoxManagePath(), 'VBoxManage')
5.10 self.systemProperties = self.getSystemProperties()
5.11 return
5.12 @@ -292,6 +292,7 @@
5.13 self.createVM(new_sdvm)
5.14 self.genCertificateISO(new_sdvm)
5.15 self.attachCertificateISO(new_sdvm)
5.16 + return new_sdvm
5.17
5.18 # executes command over ssh on guest vm
5.19 def sshGuestExecute(self, vm_name, prog, user_name='opensec'):
6.1 --- a/OpenSecurity/test/create-security-vm.bat Tue Dec 10 12:16:11 2013 +0100
6.2 +++ b/OpenSecurity/test/create-security-vm.bat Tue Dec 10 14:04:11 2013 +0100
6.3 @@ -1,2 +1,2 @@
6.4 @echo off
6.5 -..\cygwin\bin\curl -X PUT http://127.0.0.1:8080/sdvms
6.6 \ No newline at end of file
6.7 +..\cygwin\bin\curl -X POST http://127.0.0.1:8080/sdvms
6.8 \ No newline at end of file
7.1 --- a/OpenSecurity/test/start-vm.bat Tue Dec 10 12:16:11 2013 +0100
7.2 +++ b/OpenSecurity/test/start-vm.bat Tue Dec 10 14:04:11 2013 +0100
7.3 @@ -1,2 +1,2 @@
7.4 @echo off
7.5 -..\cygwin\bin\curl --get http://127.0.0.1:8090/sdvms/SecurityDVM0/start
7.6 +..\cygwin\bin\curl --get http://127.0.0.1:8080/sdvms/SecurityDVM0/start
8.1 --- a/OpenSecurity/test/stop-vm.bat Tue Dec 10 12:16:11 2013 +0100
8.2 +++ b/OpenSecurity/test/stop-vm.bat Tue Dec 10 14:04:11 2013 +0100
8.3 @@ -1,3 +1,2 @@
8.4 @echo off
8.5 -..\cygwin\bin\curl --get http://127.0.0.1:8090/sdvms/SecurityDVM0/stop
8.6 -
8.7 +..\cygwin\bin\curl --get http://127.0.0.1:8080/sdvms/SecurityDVM0/stop