Show
Ignore:
Timestamp:
12/20/06 11:09:07 (2 years ago)
Author:
kindlund
Message:

sc: merging branch using tags svn+ssh://kindlund@www.honeyclient.org/home/svn/honeyclient/honeyclient/tags/bug/PRE-42 and svn+ssh://kindlund@www.honeyclient.org/home/svn/honeyclient/honeyclient/tags/bug/POST-42

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • honeyclient/branches/rel/0.9

    • Property sc:bug-fix-release-branch set to 0.9

  • honeyclient/branches/rel/0.9/bin/StartAgent.pl

    • Property svn:keywords set to Id "$file"
    r13 r130  
    1 #!perl -w 
     1#!perl -w -Ilib 
     2 
     3# $Id$ 
    24 
    35use strict; 
     
    3537    print "Watchdog fault detected, recovering Agent daemon.\n"; 
    3638    # XXX: Reenable this, eventually. 
    37 #    Carp::carp __PACKAGE__ . "->_watchdogFaultHandler(): Error occurred during processing.\n" . $errMsg; 
     39    #Carp::carp __PACKAGE__ . "->_watchdogFaultHandler(): Error occurred during processing.\n" . $errMsg; 
    3840 
    3941 

  • honeyclient/branches/rel/0.9/bin/StartManager.pl

    • Property svn:keywords set to Id "$file"
    r13 r130  
    1 #!/usr/bin/perl -w 
     1#!perl -w -Ilib 
     2 
     3# $Id$ 
    24 
    35use strict; 
     
    2022my $agentState = HoneyClient::Manager->run( 
    2123                    driver           => 'IE', # Change to 'IE' or 'FF' 
    22                     master_vm_config => '/vm/Agent.Master-2/winXPPro.cfg', 
     24                    master_vm_config => '/vm/Agent.Master-7/winXPPro.cfg', 
    2325                    agent_state      => encode_base64(nfreeze({ 
    2426                        IE => { # Change to 'IE' or 'FF' 
     
    2628                            # Enable this line, if you want to only go to the 
    2729                            # first 5 links for each domain. 
    28                             #max_relative_links_to_visit => 5, 
     30                            max_relative_links_to_visit => 5, 
    2931                         }, 
    3032                    })),  

  • honeyclient/branches/rel/0.9/etc/honeyclient.xml

    • Property svn:keywords set to Id "$file"
    r13 r130  
    99For information about the syntax of this file format, please type 
    1010"perldoc XML::Simple". 
     11 
     12CVS: $Id$ 
    1113 
    1214####################################################################### 
     
    4547<HoneyClient> 
    4648    <!-- Global Options --> 
    47     <timeout description="Default timeout used for all communications between each module (in seconds)." default="600"> 
    48         600 
     49    <!-- Note: This timeout should be long enough so that the Agent watchdog code will properly let the integrity checking code finish, before detecting a faulty timeout in processing. --> 
     50    <timeout description="Default timeout used for all communications between each module (in seconds)." default="900"> 
     51        1800 
    4952    </timeout> 
    5053    <log_config description="The global Log4perl configuration file, used throughout all modules.  This setting should not need to be changed." default="etc/honeyclient_log.conf"> 
     
    6972            </timeout> 
    7073            <Browser> 
    71                    <!-- HoneyClient::Agent::Driver::IE Options --> 
    72                <!-- TODO: Update this. --> 
    73                <ignore_links_timed_out description="If this parameter is 1, then the browser will never attempt to revisit any links that caused the browser to initially time out." default="0"> 
     74                <!-- HoneyClient::Agent::Driver::IE Options --> 
     75                <!-- TODO: Update this. --> 
     76                <ignore_links_timed_out description="If this parameter is 1, then the browser will never attempt to revisit any links that caused the browser to initially time out." default="0"> 
    7477                    1 
    7578                </ignore_links_timed_out> 
    76                <!-- TODO: Update this. --> 
    77                <process_name description="The name of the Internet Explorer application process, as it appears in the Task Manager." default="iexplore.exe"> 
     79                <!-- TODO: Update this. --> 
     80                <process_name description="The name of the Internet Explorer application process, as it appears in the Task Manager." default="iexplore.exe"> 
    7881                    iexplore.exe 
    7982                </process_name> 
    80                <max_relative_links_to_visit description="An integer, representing the maximum number of relative links that the browser should visit, before moving onto another website.  If negative, then the browser will exhaust all possible relative links found, before moving on.  This functionality is best effort; it's possible for the browser to visit new links on previously visited websites." default="-1"> 
     83                <max_relative_links_to_visit description="An integer, representing the maximum number of relative links that the browser should visit, before moving onto another website.  If negative, then the browser will exhaust all possible relative links found, before moving on.  This functionality is best effort; it's possible for the browser to visit new links on previously visited websites." default="-1"> 
    8184                    -1 
    8285                </max_relative_links_to_visit> 
    83                <IE> 
    84                        <!-- HoneyClient::Agent::Driver::IE Options --> 
    85                    <!-- TODO: Update this. --> 
    86                    <ignore_links_timed_out description="If this parameter is 1, then the browser will never attempt to revisit any links that caused the browser to initially time out." default="0"> 
     86                <IE> 
     87                    <!-- HoneyClient::Agent::Driver::IE Options --> 
     88                    <!-- TODO: Update this. --> 
     89                    <ignore_links_timed_out description="If this parameter is 1, then the browser will never attempt to revisit any links that caused the browser to initially time out." default="0"> 
    8790                        1 
    8891                    </ignore_links_timed_out> 
    89                    <!-- TODO: Update this. --> 
    90                    <process_name description="The name of the Internet Explorer application process, as it appears in the Task Manager." default="iexplore.exe"> 
     92                    <!-- TODO: Update this. --> 
     93                    <process_name description="The name of the Internet Explorer application process, as it appears in the Task Manager." default="iexplore.exe"> 
    9194                        iexplore.exe 
    9295                    </process_name> 
    93                    <max_relative_links_to_visit description="An integer, representing the maximum number of relative links that the browser should visit, before moving onto another website.  If negative, then the browser will exhaust all possible relative links found, before moving on.  This functionality is best effort; it's possible for the browser to visit new links on previously visited websites." default="-1"> 
     96                    <max_relative_links_to_visit description="An integer, representing the maximum number of relative links that the browser should visit, before moving onto another website.  If negative, then the browser will exhaust all possible relative links found, before moving on.  This functionality is best effort; it's possible for the browser to visit new links on previously visited websites." default="-1"> 
    9497                        -1 
    9598                    </max_relative_links_to_visit> 
    96                    </IE> 
     99                </IE> 
    97100                <FF> 
    98                    <max_relative_links_to_visit description="An integer, representing the maximum number of relative links that the browser should visit, before moving onto another website.  If negative, then the browser will exhaust all possible relative links found, before moving on.  This functionality is best effort; it's possible for the browser to visit new links on previously visited websites." default="-1"> 
     101                    <max_relative_links_to_visit description="An integer, representing the maximum number of relative links that the browser should visit, before moving onto another website.  If negative, then the browser will exhaust all possible relative links found, before moving on.  This functionality is best effort; it's possible for the browser to visit new links on previously visited websites." default="-1"> 
    99102                        5 
    100103                    </max_relative_links_to_visit> 
    101                    <!-- http://gatekeeper-w.mitre.org:80 --> 
    102                    <http_proxy description="Set to your HTTP Proxy if you have one, otherwise set to 'none'"> 
     104                    <!-- http://gatekeeper-w.mitre.org:80 --> 
     105                    <http_proxy description="Set to your HTTP Proxy if you have one, otherwise set to 'none'"> 
    103106                        none 
    104107                    </http_proxy> 
    105                    <ff_exec description="path to the firefox executable (default install path is C:\Program Files\Mozilla Firefox\firefox.exe)"> 
     108                    <ff_exec description="path to the firefox executable (default install path is C:\Program Files\Mozilla Firefox\firefox.exe)"> 
    106109                        C:\Program Files\Mozilla Firefox\firefox.exe 
    107110                    </ff_exec> 
    108                </FF> 
     111                </FF> 
    109112            </Browser> 
    110113            <EmailClient> 
     
    112115        </Driver> 
    113116        <perform_integrity_checks description="An integer, representing whether the Agent should perform any integrity checks. 1 enables, 0 disables." default="1"> 
    114             0 
     117            1  
    115118        </perform_integrity_checks> 
    116119        <!-- HoneyClient::Agent::Integrity Options --> 
     
    118121            <!-- Files which are read in only. --> 
    119122            <!-- TODO: Update this. --> 
    120             <file_checklist description="The file containing the list of files and directories to check during filesystem checking."
    121                 none 
     123            <file_checklist description="The file containing the list of files and directories to check during filesystem checking." default="none"
     124                etc/file_checklist.txt 
    122125            </file_checklist> 
    123126            <!-- TODO: Update this. --> 
    124             <file_exclude description="The file containing the list of files or directories to exclude if found in subdirectories during filesystem checking."
    125                 /tmp/file_exclude.txt 
     127            <file_exclude description="The file containing the list of files or directories to exclude if found in subdirectories during filesystem checking." default="none"
     128                ../../../etc/file_exclude.txt 
    126129            </file_exclude> 
    127             <!-- TODO: Update this. --> 
    128             <reg_list_to_check description="The file containing the list of registry keys to check."> 
    129                 /tmp/reg_list_to_check.txt 
    130             </reg_list_to_check> 
    131130            <!-- Files which are written out only. --> 
    132131            <!-- TODO: Update this. --> 
     
    140139            <!-- Files to read and write. --> 
    141140            <!-- TODO: Update this. --> 
    142             <clean_reg description="Stores baseline for the registry.  Always appended with a number."> 
    143                 clean.reg 
    144             </clean_reg> 
    145             <!-- TODO: Update this. --> 
    146             <current_reg description="Stores the current state of the register to check against the clean state."> 
    147                 current.reg 
    148             </current_reg> 
    149             <!-- TODO: Update this. --> 
    150             <diffs description="The file for the diff command to redirect its output to.  Always appended with a number."> 
    151                 differences.out 
    152             </diffs> 
    153             <!-- TODO: Update this. --> 
    154141            <test_dir description="If you're testing integrity checks, this is the directory that you can specify to minimize testing time. Only the files in this directory will be part of the integrity check."> 
    155142                ../t/testintegrity 
    156143            </test_dir> 
     144            <Registry> 
     145                <!-- HoneyClient::Agent::Integrity::Registry::Test Options --> 
     146                <Test> 
     147                    <!-- 
     148                        Note: you should *never* need to change *any* values 
     149                        within this section of the configuration.  All contents 
     150                        are *only* used for unit testing. 
     151                    --> 
     152                    <before_registry_file description="The relative path to a (before) sample registry dump, that's used during unit testing." default="t/test_registry/before.reg"> 
     153                        t/test_registry/before.reg 
     154                    </before_registry_file> 
     155                    <after_registry_file description="The relative path to an (after) sample registry dump, that's used during unit testing." default="t/test_registry/after.reg"> 
     156                        t/test_registry/after.reg 
     157                    </after_registry_file> 
     158                </Test> 
     159                <Parser> 
     160                    <!-- HoneyClient::Agent::Integrity::Registry::Parser::Test Options --> 
     161                    <Test> 
     162                        <!-- 
     163                            Note: you should *never* need to change *any* values 
     164                            within this section of the configuration.  All contents 
     165                            are *only* used for unit testing. 
     166                        --> 
     167                        <registry_file description="The relative path to a sample registry dump, that's used during unit testing." default="t/test_registry/dump.reg"> 
     168                            t/test_registry/dump.reg 
     169                        </registry_file> 
     170                    </Test> 
     171                </Parser> 
     172            </Registry> 
    157173        </Integrity> 
    158174    </Agent> 
     
    314330                    are *only* used for unit testing. 
    315331                --> 
    316                 <!-- TODO: Update this. --> 
    317332                <test_vm_config description="The relative path to the (empty) test VM, that's used during unit testing." default="t/testVM/winXPPro.vmx"> 
    318333                    t/testVM/winXPPro.vmx 

  • honeyclient/branches/rel/0.9/etc/honeyclient_log.conf

    • Property svn:keywords set to Id "$file"
    r13 r130  
    77#              modules. 
    88# 
    9 # CVS: $Id: honeylog.conf 1099 2006-06-29 22:38:16Z jdurick
     9# CVS: $Id
    1010# 
    1111# @author jdurick, kindlund 
     
    6060 
    6161log4perl.rootLogger=INFO, Screen 
     62# Suppress Parser Debugging Messages 
     63#log4perl.logger.HoneyClient.Agent.Integrity.Registry.Parser=INFO, Screen 
    6264log4perl.appender.Screen=Log::Log4perl::Appender::Screen 
    6365# If you want colorized logging to the screen, enable this line, instead. 
    6466#log4perl.appender.Screen=Log::Log4perl::Appender::ScreenColoredLevels 
    6567log4perl.appender.Screen.stderr=0 
    66 log4perl.appender.Screen.Threshold=INFO 
     68log4perl.appender.Screen.Threshold=DEBUG 
    6769log4perl.appender.Screen.layout=Log::Log4perl::Layout::PatternLayout 
    6870log4perl.appender.Screen.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %5p [%M] (%F:%L) - %m%n 

  • honeyclient/branches/rel/0.9/etc/inline2test.conf

    • Property svn:keywords set to Id "$file"

  • honeyclient/branches/rel/0.9/lib/HoneyClient/Agent.pm

    • Property svn:executable deleted
    • Property svn:keywords set to Id "$file"
    r13 r130  
    55# Description: Central library used for agent-based operations. 
    66# 
    7 # CVS: $Id: Agent.pm 1049 2006-06-28 16:37:41Z flindiakos
     7# CVS: $Id
    88# 
    99# @author knwang, ttruong, kindlund 
     
    210210# TODO: Update unit tests to include 'dclone' 
    211211use Storable qw(nfreeze thaw dclone); 
     212$Storable::Deparse = 1; 
     213$Storable::Eval = 1; 
    212214 
    213215# Include Base64 Libraries 
     
    236238our $PERFORM_INTEGRITY_CHECKS : shared = 
    237239    getVar(name => "perform_integrity_checks"); 
     240 
     241# A globally shared, serialized hashtable, containing the 
     242# initialized integrity state of the VM -- ready to be checked 
     243# against, at any time. 
     244our $integrityState : shared = undef; 
    238245 
    239246# A globally shared, serialized hashtable, containing data per 
     
    359366        $driverUpdateQueues{$driverName} = new Thread::Queue; 
    360367    } 
     368 
     369    # Perform initial integrity baseline check. 
     370    #my $integrity = undef; 
     371    #if ($PERFORM_INTEGRITY_CHECKS) { 
     372    #    print "Initializing Integrity Check...\n"; 
     373    #    # TODO: Initialize Integrity Checks 
     374    #    $integrity = HoneyClient::Agent::Integrity->new(); 
     375    #    $integrity->initAll(); 
     376    #} 
     377    #$integrityState = $integrity->serialize(); 
    361378 
    362379    # Release data lock. 
     
    688705            eval { 
    689706 
    690                 my $integrity = undef; 
    691                 if ($PERFORM_INTEGRITY_CHECKS) { 
    692                     print "Initializing Filesystem Integrity Check...\n"; 
    693                     # TODO: Initialize Integrity Checks 
    694                     $integrity = HoneyClient::Agent::Integrity->new(); 
    695                     $integrity->initAll(); 
    696                 } 
    697   
    698707                ################################### 
    699708                ### Driver Initialization Phase ### 
    700709                ################################### 
     710 
     711                # Initially set local integrity object to undef. 
     712                my $integrity = undef; 
    701713                 
    702714                # Initially set all driver objects to undef.  
     
    705717                # Acquire lock on stored driver state. 
    706718                $data = _lock(); 
     719 
     720                if ($PERFORM_INTEGRITY_CHECKS) { 
     721                    # XXX: WARNING - The $integrityState object data is NOT thread-safe 
     722                    # (since it relies on external data stored on the file system). 
     723                    # As such, do NOT try to call integrity checks on multiple, simultaneous 
     724                    # asynchronous threaded drivers. 
     725                    #$integrity = thaw($integrityState); 
     726                    # Perform initial integrity baseline check. 
     727                    print "Initializing Integrity Check...\n"; 
     728                    # TODO: Initialize Integrity Checks 
     729                    $integrity = HoneyClient::Agent::Integrity->new(); 
     730                    $integrity->initAll(); 
     731 
     732                    # TODO: Delete this. 
     733                    #$Data::Dumper::Indent = 1; 
     734                    #$Data::Dumper::Terse = 1; 
     735                    #print "Integrity: " . Dumper($integrity) . "\n"; 
     736                } 
    707737 
    708738                # Now, initialize each driver object.  
     
    805835                    # For now, we update a scalar called 'is_compromised' within 
    806836                    # the $data->{$driverName}->{'status'} sub-hashtable. 
    807                     print "Performing Filesystem Integrity Check...\n"; 
     837                    print "Performing Integrity Checks...\n"; 
    808838                    if ($integrity->checkAll()) { 
    809839                        print "Integrity Check: FAILED\n"; 
     
    10991129=head1 SEE ALSO 
    11001130 
    1101 XXX: Fill this in. 
    1102  
    1103 XXX: If you have a mailing list, mention it here. 
    1104  
    1105 XXX: If you have a web site set up for your module, mention it here. 
     1131L<http://www.honeyclient.org/trac> 
    11061132 
    11071133=head1 REPORTING BUGS 
    11081134 
    1109 XXX: Mention website/mailing list to use, when reporting bugs. 
     1135L<http://www.honeyclient.org/trac/newticket> 
    11101136 
    11111137=head1 ACKNOWLEDGEMENTS 

  • honeyclient/branches/rel/0.9/lib/HoneyClient/Agent/Driver.pm

    • Property svn:executable deleted
    • Property svn:keywords set to Id "$file"
    r13 r130  
    66#              HoneyClient VM. 
    77# 
    8 # CVS: $Id: Driver.pm 1412 2006-10-18 20:33:18Z kindlund
     8# CVS: $Id
    99# 
    1010# @author knwang, ttruong, kindlund 
     
    160160# Make sure Log::Log4perl loads 
    161161BEGIN { use_ok('Log::Log4perl', qw(:nowarn)) 
    162         or diag("Can't load Log::Log4perl package. Check to make sure the package library is correctly linsted within the path."); 
     162        or diag("Can't load Log::Log4perl package. Check to make sure the package library is correctly listed within the path."); 
    163163        
    164164        # Suppress all logging messages, since we need clean output for unit testing. 
     
    697697L<perltoot/"Autoloaded Data Methods"> 
    698698 
    699 XXX: If you have a mailing list, mention it here. 
    700  
    701 XXX: If you have a web site set up for your module, mention it here. 
     699L<http://www.honeyclient.org/trac> 
    702700 
    703701=head1 REPORTING BUGS 
    704702 
    705 XXX: Mention website/mailing list to use, when reporting bugs. 
     703L<http://www.honeyclient.org/trac/newticket> 
    706704 
    707705=head1 AUTHORS 

  • honeyclient/branches/rel/0.9/lib/HoneyClient/Agent/Driver/Browser.pm

    • Property svn:keywords set to Id "$file"
    r13 r130  
    77#              HoneyClient VM. 
    88# 
    9 # CVS: $Id: Browser.pm 1423 2006-11-6 14:21:47Z stephenson
     9# CVS: $Id
    1010# 
    1111# @author knwang, kindlund, stephenson 
     
    8484  $browser->{links_to_visit}->{'http://www.mitre.org'} = 1; 
    8585 
    86   # Now, drive IE for one iteration. 
     86  # Now, drive the browser for one iteration. 
    8787  $browser->drive(); 
    8888 
     
    9090 
    9191This library allows the Agent module to drive an instance of any broswer, 
    92 running inside the HoneyClient VM.  The purpose  
    93 of this module is to programmatically navigate the browser to different 
    94 websites, in order to become purposefully infected with new malware. 
    95 The module implements the logic necessary to decide the order in which 
    96 the  
     92running inside the HoneyClient VM.  The purpose of this module is to 
     93programmatically navigate the browser to different websites, in order to 
     94become purposefully infected with new malware. 
    9795 
    9896This module is object-oriented in design, retaining all state information  
     
    175173    # Do not simply export all your public functions/methods/constants. 
    176174 
    177     # This allows declaration use HoneyClient::Agent::Driver::IE ':all'; 
     175    # This allows declaration use HoneyClient::Agent::Driver::Browser ':all'; 
    178176    # If you do not need this, moving things directly into @EXPORT or @EXPORT_OK 
    179177    # will save memory. 
     
    213211 
    214212# Use Storable Library 
     213# TODO: Need unit testing. 
    215214use Storable qw(dclone); 
    216215 
     
    240239=head1 DEFAULT PARAMETER LIST 
    241240 
    242 When an IE B<$object> is instantiated using the B<new()> function, 
     241When a Browser B<$object> is instantiated using the B<new()> function, 
    243242the following parameters are supplied default values.  Each value 
    244243can be overridden by specifying the new (key => value) pair into the 
     
    302301This parameter is a hashtable of fully qualified URLs, such that each 
    303302URL shares a common B<hostname>.  This is an internal hashtable used 
    304 by the IE driver that should be initially empty.  As the IE driver 
    305 extracts and removes new URLs off the B<links_to_visit> hashtable, 
     303by the Browser driver that should be initially empty.  As the Browser 
     304driver extracts and removes new URLs off the B<links_to_visit> hashtable, 
    306305driving the browser to each URL, any B<relative> links found are 
    307306added into this hashtable; any B<external> links found are added 
     
    364363=over 4 
    365364 
    366 A string containing the process name of the Internet Explorer 
    367 browser application, as it appears in the Task Manager.  This is 
    368 usually called "iexplore.exe". 
     365A string containing the process name of the  browser application, 
     366as it appears in the Task Manager. 
    369367 
    370368=back 
     
    458456    ignore_links_timed_out  => getVar(name => "ignore_links_timed_out"), 
    459457 
    460     # A string containing the process name of the Internet Explorer 
    461     # browser application, as it appears in the Task Manager.  This is 
    462     # usually called "iexplore.exe". 
     458    # A string containing the process name of the browser application, 
     459    # as it appears in the Task Manager. 
    463460    process_name            => getVar(name => "process_name"), 
    464461 
     
    495492# 'links_to_visit' hashtable is checked. 
    496493# 
    497 # Inputs: HoneyClient::Agent::Driver::IE object 
     494# Inputs: HoneyClient::Agent::Driver::Browser object 
    498495# Outputs: link, or undef if all applicable scalars/hashtables are empty 
    499496sub _getNextLink { 
     
    682679#   hash. 
    683680# 
    684 # Inputs: HoneyClient::Agent::Driver::IE object, 
     681# Inputs: HoneyClient::Agent::Driver::Browser object, 
    685682#         hostname[:port] of referring URL, 
    686683#         array of URL strings 
    687 # Outputs: HoneyClient::Agent::Driver::IE object 
     684# Outputs: HoneyClient::Agent::Driver::Browser object 
    688685sub _processLinks { 
    689686 
     
    751748# already in the hashtable. 
    752749# 
    753 # Inputs: HoneyClient::Agent::Driver::IE object, url to validate 
     750# Inputs: HoneyClient::Agent::Driver::Browser object, url to validate 
    754751# Outputs: url if valid, empty string if invalid 
    755752sub _validateLink { 
     
    838835=head1 METHODS IMPLEMENTED 
    839836 
    840 The following functions have been implemented by the IE driver.  Many 
     837The following functions have been implemented by the Browser driver.  Many 
    841838of these methods were implementations of the parent Driver interface. 
    842839 
     
    845842Driver interface, see the L<HoneyClient::Agent::Driver> documentation. 
    846843 
    847 =head2 HoneyClient::Agent::Driver::IE->new($param => $value, ...) 
     844=head2 HoneyClient::Agent::Driver::Browser->new($param => $value, ...) 
    848845 
    849846=over 4 
    850847 
    851 Creates a new IE driver object, which contains a hashtable 
     848Creates a new Browser driver object, which contains a hashtable 
    852849containing any of the supplied "param => value" arguments. 
    853850 
     
    859856corresponding $value(s) B<must> also be specified. 
    860857 
    861 I<Output>: The instantiated IE driver B<$object>, fully initialized. 
     858I<Output>: The instantiated Browser driver B<$object>, fully initialized. 
    862859 
    863860=back 
     
    921918=pod 
    922919 
    923 =head2 $object->drive(
     920=head2 $object->drive(url => $url
    924921 
    925922=over 4 
    926923 
    927 Drives an instance of Microsoft Internet Explorer for one iteration, 
     924Drives an instance of the browser for one iteration, 
    928925navigating to the next URL and updating the driver's corresponding 
    929926internal hashtables accordingly. 
     
    933930the "DEFAULT PARAMETER LIST" section. 
    934931 
    935 Once a drive() iteration has completed, the corresponding Microsoft 
    936 Internet Explorer browser process is terminated.  Thus, each call to 
    937 drive() invokes a new instance of the browser. 
    938  
    939 I<Output>: The updated IE driver B<$object>, containing state information 
    940 from driving Microsoft Internet Explorer for one iteration. 
    941  
    942 B<Warning>: This method will B<croak> if the IE driver object is B<unable> 
     932Once a drive() iteration has completed, the corresponding browser process  
     933is terminated.  Thus, each call to drive() invokes a new instance of the  
     934browser. 
     935 
     936I<Inputs>: 
     937 B<$url> is an optional argument, specifying the next immediate URL the browser must drive to. 
     938 
     939I<Output>: The updated Browser driver B<$object>, containing state information 
     940from driving the browser for one iteration. 
     941 
     942B<Warning>: This method will B<croak> if the Browser driver object is B<unable> 
    943943to navigate to a new link, because its list of links to visit is empty.  
    944944 
     
    10901090=over 4 
    10911091 
    1092 Returns the next URL that the Microsoft Internet Explorer browser will 
    1093 navigate to, upon the next subsequent call to the B<$object>'s drive() 
    1094 method. 
     1092Returns the next URL that the browser will navigate to, upon the next 
     1093subsequent call to the B<$object>'s drive() method. 
    10951094 
    10961095I<Output>: The next URL that the browser will be driven to.  The returned 
    1097 data may be undef, if the IE driver is finished and there are no links 
     1096data may be undef, if the Browser driver is finished and there are no links 
    10981097left to navigate to. 
    10991098 
     
    11451144 
    11461145Returns the next set of server hostnames and/or IP addresses that the 
    1147 Microsoft Internet Explorer browser will contact, upon the next subsequent 
    1148 call to the B<$object>'s drive() method. 
     1146browser will contact, upon the next subsequent call to the B<$object>'s 
     1147drive() method. 
    11491148 
    11501149Specifically, the returned data is a reference to a hashtable, containing 
     
    12761275=over 4 
    12771276 
    1278 Indicates if the IE driver B<$object> has driven the Microsoft Internet 
    1279 Explorer browser to all possible links it has found within its hashtables 
     1277Indicates if the Browser driver B<$object> has driven the browser   
     1278process to all possible links it has found within its hashtables 
    12801279and is unable to navigate the browser further without additional, external 
    12811280input. 
    12821281 
    1283 I<Output>: True if the IE driver B<$object> is finished, false otherwise. 
    1284  
    1285 B<Note>: Additional links can be fed to this IE driver at any time, by 
     1282I<Output>: True if the Browser driver B<$object> is finished, false otherwise. 
     1283 
     1284B<Note>: Additional links can be fed to this Browser driver at any time, by 
    12861285simply adding new hashtable entries to the B<links_to_visit> hashtable 
    12871286within the B<$object>. 
    12881287 
    12891288For example, if you wanted to add the URL "http://www.mitre.org" 
    1290 to the IE driver B<$object>, simply use the following code: 
     1289to the Browser driver B<$object>, simply use the following code: 
    12911290 
    12921291  $object->{links_to_visit}->{'http://www.mitre.org'} = 1; 
     
    13281327=over 4 
    13291328 
    1330 Returns the current status of the IE driver B<$object>, as it's state 
     1329Returns the current status of the Browser driver B<$object>, as it's state 
    13311330exists, between subsequent calls to $object->driver(). 
    13321331 
    13331332Specifically, the data returned is a reference to a hashtable, 
    13341333containing specific statistical information about the status 
    1335 of the IE driver's progress, between iterations of driving the 
    1336 Microsoft Internet Explorer browser
     1334of the Browser driver's progress, between iterations of driving the 
     1335browser process
    13371336 
    13381337The following is an example hashtable, containing all the 
     
    13511350 
    13521351I<Output>: A corresponding B<$hashref>, containing statistical information 
    1353 about the IE driver's progress, as previously mentioned. 
     1352about the Browser driver's progress, as previously mentioned. 
    13541353 
    13551354# XXX: Resolve this, per parent Driver description. 
     
    14201419=head1 BUGS & ASSUMPTIONS 
    14211420 
    1422 This module makes extensive use of the Win32::IE::Mechanize module. 
    1423 Any bugs found within that library will most likely be present here. 
    1424  
    14251421In a nutshell, this object is nothing more than a blessed anonymous 
    14261422reference to a hashtable, where (key => value) pairs are defined in 
     
    14301426or overriding (key => value) pairs. 
    14311427 
    1432 However, additional links can be fed to any IE driver at any time, by 
     1428However, additional links can be fed to any Browser driver at any time, by 
    14331429simply adding new hashtable entries to the B<links_to_visit> hashtable 
    14341430within the B<$object>. 
    14351431 
    14361432For example, if you wanted to add the URL "http://www.mitre.org" 
    1437 to the IE driver B<$object>, simply use the following code: 
     1433to the Browser driver B<$object>, simply use the following code: 
    14381434 
    14391435  $object->{links_to_visit}->{'http://www.mitre.org'} = 1; 
    14401436 
    1441 XXX: At some point, we may want to replace all the instances of '1' 
    1442 with more useful data, like a sub-hashtable that contains a set of 
    1443 L<Win32::OLE> options that would be fed directly into each 
    1444 instance of Win32::IE::Mechanize->new(%options). 
    1445  
    1446 In general, the IE driver does B<not> know how many links it will 
     1437In general, the Browser driver does B<not> know how many links it will 
    14471438ultimately end up browsing to, until it conducts an exhaustive 
    14481439spider of all initial URLs supplied.  As such, expect the output 
     
    14631454=head1 SEE ALSO 
    14641455 
    1465 Win32::IE::Mechanize 
    1466  
    1467 Win32::OLE 
    1468  
    1469 XXX: If you have a mailing list, mention it here. 
    1470  
    1471 XXX: If you have a web site set up for your module, mention it here. 
     1456L<http://www.honeyclient.org/trac> 
    14721457 
    14731458=head1 REPORTING BUGS 
    14741459 
    1475 XXX: Mention website/mailing list to use, when reporting bugs. 
     1460L<http://www.honeyclient.org/trac/newticket> 
    14761461 
    14771462=head1 AUTHORS 
     
    14821467 
    14831468Darien Kindlund, E<lt>kindlund@mitre.orgE<gt> 
     1469 
     1470Brad Stephenson, E<lt>stephenson@mitre.orgE<gt> 
    14841471 
    14851472=head1 COPYRIGHT & LICENSE 

  • honeyclient/branches/rel/0.9/lib/HoneyClient/Agent/Driver/Browser/FF.pm

    • Property svn:keywords set to Id "$file"
    r13 r130  
    13011301=head1 SEE ALSO 
    13021302 
     1303L<http://www.honeyclient.org/trac> 
     1304 
    13031305LWP::UserAgent 
    13041306 
     
    13111313HoneyClient::Agent::Driver::IE 
    13121314 
    1313  
    1314 XXX: If you have a mailing list, mention it here. 
    1315  
    1316 XXX: If you have a web site set up for your module, mention it here. 
    1317  
    13181315=head1 REPORTING BUGS 
    13191316 
    1320 XXX: Mention website/mailing list to use, when reporting bugs. 
     1317L<http://www.honeyclient.org/trac/newticket> 
    13211318 
    13221319=head1 AUTHORS 

  • honeyclient/branches/rel/0.9/lib/HoneyClient/Agent/Driver/Browser/IE.pm

    • Property svn:executable deleted
    • Property svn:keywords set to Id "$file"
    r13 r130  
    77#              HoneyClient VM. 
    88# 
    9 # CVS: $Id: IE.pm 1599 2006-11-08 20:04:30Z kindlund
     9# CVS: $Id
    1010# 
    1111# @author knwang, ttruong, kindlund, stephenson 

  • honeyclient/branches/rel/0.9/lib/HoneyClient/Agent/Integrity.pm

    • Property svn:keywords set to Id "$file"
    r13 r130  
    11################################################################################ 
    2 # Created on:  June 1, 2006 
     2# Created on:  June 01, 2006 
    33# Package:     HoneyClient::Agent 
    44# File:        Integrity.pm 
    5 # Description: Module for checking the system integrity for possible modification 
     5# Description: Module for checking the system integrity for possible 
     6#              modifications. 
    67# 
    78# @author knwang, xkovah, ttruong 
     
    2627################################################################################ 
    2728 
    28  
    29  
    3029=pod 
    3130 
     
    105104can_ok('HoneyClient::Agent::Integrity', 'initFileSystem'); 
    106105can_ok('HoneyClient::Agent::Integrity', 'checkFileSystem'); 
    107 can_ok('HoneyClient::Agent::Integrity', 'initRegistry'); 
    108 can_ok('HoneyClient::Agent::Integrity', 'checkRegistry'); 
    109 use HoneyClient::Agent::Integrity qw(initAll checkAll initRegistry checkRegistry initFileSystem checkFileSystem); 
     106use HoneyClient::Agent::Integrity qw(initAll checkAll initFileSystem checkFileSystem); 
    110107 
    111108# Make sure HoneyClient::Util::Config loads. 
     
    134131 
    135132# Make sure Storable loads. 
    136 BEGIN { use_ok('Storable', qw(dclone)) or diag("Can't load Storable package.  Check to make sure the package library is correctly listed within the path."); } 
     133BEGIN { use_ok('Storable', qw(dclone nfreeze thaw)) or diag("Can't load Storable package.  Check to make sure the package library is correctly listed within the path."); } 
    137134require_ok('Storable'); 
    138135can_ok('Storable', 'dclone'); 
    139 use Storable qw(dclone); 
     136can_ok('Storable', 'nfreeze'); 
     137can_ok('Storable', 'thaw'); 
     138use Storable qw(dclone nfreeze thaw); 
    140139 
    141140###Testing Globals### 
     
    159158# Include Global Configuration Processing Library 
    160159use HoneyClient::Util::Config qw(getVar); 
     160use HoneyClient::Agent::Integrity::Registry; 
    161161use File::Find qw(find); 
    162162#use Win32::TieRegistry; 
    163163use Digest::MD5; 
    164164use MIME::Base64; 
    165 use Switch; 
    166 use Storable qw(dclone); 
     165use Storable qw(nfreeze thaw dclone); 
     166$Storable::Deparse = 1; 
     167$Storable::Eval = 1; 
    167168use Data::Dumper; 
     169use File::Basename qw(dirname); 
    168170 
    169171BEGIN { 
     
    178180 
    179181    # Symbols to export on request