Changeset 59

Show
Ignore:
Timestamp:
11/30/06 15:01:25 (2 years ago)
Author:
xkovah
Message:

changed Integrity.pm to allow reading registry exclusion regexes from file, also changed the defauls location for filesystem/registry in/exclusion files to be in etc

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • honeyclient/branches/bug/42/etc/honeyclient.xml

    r36 r59  
    120120            <!-- TODO: Update this. --> 
    121121            <file_checklist description="The file containing the list of files and directories to check during filesystem checking."> 
    122                 none 
     122                ../../../etc/file_checklist.txt 
    123123            </file_checklist> 
    124124            <!-- TODO: Update this. --> 
    125125            <file_exclude description="The file containing the list of files or directories to exclude if found in subdirectories during filesystem checking."> 
    126                 /tmp/file_exclude.txt 
     126                ../../../etc/file_exclude.txt 
    127127            </file_exclude> 
    128128            <!-- TODO: Update this. --> 
     129            <reg_exclude_file description="The file containing the list of regular expressions specifying registry keys to exclude during registry checking."> 
     130                ../../../etc/reg_exclude.txt 
     131            </reg_exclude_file> 
     132            <!-- TODO: Update this. --> 
    129133            <reg_list_to_check description="The file containing the list of registry keys to check."> 
    130                 /tmp/reg_list_to_check.txt 
     134                ../../../etc/reg_list_to_check.txt 
    131135            </reg_list_to_check> 
    132136            <!-- Files which are written out only. --> 

  • honeyclient/branches/bug/42/lib/HoneyClient/Agent/Integrity.pm

    r57 r59  
    306306    # List of registry keys to check 
    307307    reg_list_to_check   => getVar(name => "reg_list_to_check", namespace => "HoneyClient::Agent::Integrity"), 
     308 
     309    # List of registry keys to exclude 
     310    reg_exclude_file => getVar(name => "reg_exclude_file", namespace => "HoneyClient::Agent::Integrity"), 
    308311     
    309312    ### Files to write and read ### 
     
    891894    else { 
    892895        #otherwise, if we're given input via file, use it 
    893         if(-f "$self->reg_list_to_check"){ 
    894             open REGDIRS, "$self->reg_list_to_check" or die "Cannot open $self->reg_list_to_check: $!\n"; 
     896        if(-f "$self->{reg_list_to_check}"){ 
     897            open REGDIRS, "$self->{reg_list_to_check}" or die "Cannot open $self->{reg_list_to_check}: $!\n"; 
    895898            #wipe out any hardcoded ones 
    896899            @{$self->{reg_check_array}} = (); 
     
    920923    } 
    921924 
    922     $self->{reg_exclude_array} = \@default_reg_exclude_array; 
    923  
     925        if(-f $self->{reg_exclude_file}){ 
     926        open REGEXCLUDE, "$self->{reg_exclude_file}" or die "Cannot open $self->{reg_exclude_file}: $!\n"; 
     927        #wipe out any hardcoded ones 
     928        @{$self->{reg_exclude_file}} = (); 
     929        while(<REGEXCLUDE>){ 
     930            push @{$self->{reg_exclude_array}}, $_; 
     931        } 
     932    } 
     933    else{ 
     934        $self->{reg_exclude_array} = \@default_reg_exclude_array; 
     935    } 
    924936} 
    925937################################################################################