Navigation

← Previous Changeset
Next Changeset →

Changeset 926

Timestamp:

10/15/07 17:16:26 (1 year ago)

Author:

kindlund

Message:

Experimental support for object clones. (UNTESTED)

Files:

honeyclient/branches/exp/kindlund-dynamic_updates/bin/StartManager.pl (modified) (3 diffs)
honeyclient/branches/exp/kindlund-dynamic_updates/clone_test.pl (added)
honeyclient/branches/exp/kindlund-dynamic_updates/etc/honeyclient.xml (modified) (2 diffs)
honeyclient/branches/exp/kindlund-dynamic_updates/lib/HoneyClient/Manager.pm (modified) (12 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

honeyclient/branches/exp/kindlund-dynamic_updates/bin/StartManager.pl

r791	r926
7	7	use Carp ();
8	8
	9	# Include Dumper Library
9	10	use Data::Dumper;
10	11
…	…
18	19	use Getopt::Long;
19	20
	21	# Include utility access to global configuration.
	22	use HoneyClient::Util::Config qw(getVar);
	23
	24	# Include Manager Library
20	25	use HoneyClient::Manager;
21	26
	27	# Include Logging Library
	28	use Log::Log4perl qw(:easy);
	29
	30	# The global logging object.
	31	our $LOG = get_logger();
	32
22	33	# We expect that the user will supply a single argument to this script.
23		# Namely, the initial URL that they want the Agent to use.
24		# They can however supply multiple urls which will be processed in order
	34	# Namely, the initial set of URLs that they want the Agent to use.
25	35
26	36	# Change to 'HoneyClient::Agent::Driver::Browser::IE' or
27	37	# 'HoneyClient::Agent::Driver::Browser::FF'
28		my $driver = ~~"HoneyClient::Agent::Driver::Browser::IE"~~;
	38	my $driver = undef;
29	39	my $config = undef;
30	40	my $maxrel = -1;
…	…
38	48	'url_list=s' => \$urllist,
39	49	'max_relative_links:i' => \$maxrel);
	50
	51	# Sanity Check. Make sure $driver is set.
	52	unless (defined($driver)) {
	53	$driver = getVar(name => "default_driver",
	54	namespace => "HoneyClient::Agent");
	55	}
40	56
41	57	# Go through the list of urls to create the array

honeyclient/branches/exp/kindlund-dynamic_updates/etc/honeyclient.xml

r809	r926
72	72	<name>HoneyClient::Agent::Driver::Browser::FF</name>
73	73	</allowed_drivers>
	74	<default_driver description="If no driver is manually specified, then this Driver will be used as the default by the Agent." default="HoneyClient::Agent::Driver::Browser::IE">
	75	HoneyClient::Agent::Driver::Browser::IE
	76	</default_driver>
74	77	<!-- HoneyClient::Agent::Driver Options -->
75	78	<Driver>
…	…
94	97	1
95	98	</ignore_links_timed_out>
96		<!-- ~~TODO: Upda~~te this. -->
	99	<!-- XXX: Delete this. -->
97	100	<process_name description="The name of the Internet Explorer application process, as it appears in the Task Manager." default="iexplore.exe">
98	101	iexplore.exe

honeyclient/branches/exp/kindlund-dynamic_updates/lib/HoneyClient/Manager.pm

r816	r926
281	281	use HoneyClient::Util::Config qw(getVar);
282	282
283		# Include the VM Utility Library
	283	# Include the VM Utility Libraries
	284	use HoneyClient::Manager::VM::Clone;
	285
	286	# XXX: Remove this, eventually.
284	287	# TODO: Include unit tests.
285	288	use HoneyClient::Manager::VM qw();
…	…
472	475	$SIG{TERM} = sub { };
473	476
474		HoneyClient::Manager::VM->destroy();
	477	# XXX: Remove this, eventually.
	478	# HoneyClient::Manager::VM->destroy();
475	479
476	480	# XXX: Need to clean this up.
…	…
481	485	$stubFW->testConnect();
482	486
483		# Check to see if a clone was created...
484		if (defined($vmCloneConfig)) {
485		# We sleep for a bit, to make sure that the previous VM daemon was
486		# properly destroyed and released the previous port that was in use.
487		sleep (10);
488
489		# We reinstantiate a new VM daemon, because if the user had hit CTRL-C
490		# or called any other signal, then that signal would propagate to all
491		# processes, causing the VM daemon's signal handler to self terminate.
492		#
493		# Hence, rather than fight the VM daemon's natural self termination,
494		# we let the daemon die, but the create a new one, for the sole purpose
495		# of cleaning up the clones.
496		HoneyClient::Manager::VM->init();
497		$LOG->info("Calling suspendVM(config => " . $vmCloneConfig . ").");
498		my $stubVM = getClientHandle(namespace => "HoneyClient::Manager::VM");
499		$stubVM->suspendVM(config => $vmCloneConfig);
500		print "Done!\n";
501		HoneyClient::Manager::VM->destroy();
502		}
	487	# XXX: Remove this, eventually.
	488	# # Check to see if a clone was created...
	489	# if (defined($vmCloneConfig)) {
	490	# # We sleep for a bit, to make sure that the previous VM daemon was
	491	# # properly destroyed and released the previous port that was in use.
	492	# sleep (10);
	493	#
	494	# # We reinstantiate a new VM daemon, because if the user had hit CTRL-C
	495	# # or called any other signal, then that signal would propagate to all
	496	# # processes, causing the VM daemon's signal handler to self terminate.
	497	# #
	498	# # Hence, rather than fight the VM daemon's natural self termination,
	499	# # we let the daemon die, but the create a new one, for the sole purpose
	500	# # of cleaning up the clones.
	501	# HoneyClient::Manager::VM->init();
	502	# $LOG->info("Calling suspendVM(config => " . $vmCloneConfig . ").");
	503	# my $stubVM = getClientHandle(namespace => "HoneyClient::Manager::VM");
	504	# $stubVM->suspendVM(config => $vmCloneConfig);
	505	# print "Done!\n";
	506	# HoneyClient::Manager::VM->destroy();
	507	# }
503	508
504	509	# This variable may contain a filename that the Manager
…	…
571	576	my $agentState = undef;
572	577
573		# Sanity check, make sure the master_vm_config has
574		# ~~been specified~~.
	578	# Sanity check, make sure the master_vm_config is
	579	# set.
575	580	my $argsExist = scalar(%args);
576	581	if (!$argsExist \|\|
…	…
604	609	my ($class, %args) = @_;
605	610
	611	# XXX: Remove some of these, eventually.
606	612	my $stubVM = undef;
607	613	my $stubFW = undef;
…	…
617	623	my $vmStateTable = { };
618	624
	625	# Temporary variable to hold each cloned VM.
	626	my $vm = undef;
	627
619	628	# Get a stub connection to the firewall.
620	629	$stubFW = getClientHandle(namespace => "HoneyClient::Manager::FW",
…	…
624	633	$stubFW->testConnect();
625	634
626		$URL = HoneyClient::Manager::VM->init();
627		print "VM Daemon Listening On: " . $URL . "\n";
628
629		$stubVM = getClientHandle(namespace => "HoneyClient::Manager::VM",
630		fault_handler => \&_handleFaultAndCleanup);
	635	# XXX: Remove these, eventually.
	636	# $URL = HoneyClient::Manager::VM->init();
	637	# print "VM Daemon Listening On: " . $URL . "\n";
	638	#
	639	# $stubVM = getClientHandle(namespace => "HoneyClient::Manager::VM",
	640	# fault_handler => \&_handleFaultAndCleanup);
631	641
632		print "Calling setMasterVM()...\n";
633		$som = $stubVM->setMasterVM(config => $args{'master_vm_config'});
634		print "Result: " . $som->result() . "\n";
635
636		print "Calling quickCloneVM()...\n";
637		$som = $stubVM->quickCloneVM();
638		print "Result: " . $som->result() . "\n";
639		$vmCloneConfig = $som->result();
640
641		# Make sure the VM is fully cloned, before trying to make any subsequent calls.
642		print "Calling isRegisteredVM()...\n";
643		$som = $stubVM->isRegisteredVM(config => $vmCloneConfig);
644		$ret = $som->result();
645
646		if (defined($ret)) {
647		print "Result: " . $ret . "\n";
648		}
649
650		while (!defined($ret)) {
651		sleep (3);
652		print "Calling isRegisteredVM()...\n";
653		$som = $stubVM->isRegisteredVM(config => $vmCloneConfig);
654		$ret = $som->result();
655		if (defined($ret)) {
656		print "Result: " . $ret . "\n";
657		}
658		}
659
660		print "Calling getStateVM()...\n";
661		$som = $stubVM->getStateVM(config => $vmCloneConfig);
662		$vmState = $som->result();
663
664		if ($vmState == VM_EXECUTION_STATE_ON) {
665		print "ON\n";
666		} elsif ($vmState == VM_EXECUTION_STATE_OFF) {
667		print "OFF\n";
668		} elsif ($vmState == VM_EXECUTION_STATE_SUSPENDED) {
669		print "SUSPENDED\n";
670		} elsif ($vmState == VM_EXECUTION_STATE_STUCK) {
671		print "STUCK\n";
672		} else {
673		print "UNKNOWN\n";
674		}
675
676		while ($vmState != VM_EXECUTION_STATE_ON) {
677		sleep (3);
678
679		print "Calling getStateVM()...\n";
680		$som = $stubVM->getStateVM(config => $vmCloneConfig);
681		$vmState = $som->result();
682
683		if ($vmState == VM_EXECUTION_STATE_ON) {
684		print "ON\n";
685		} elsif ($vmState == VM_EXECUTION_STATE_OFF) {
686		print "OFF\n";
687		} elsif ($vmState == VM_EXECUTION_STATE_SUSPENDED) {
688		print "SUSPENDED\n";
689		} elsif ($vmState == VM_EXECUTION_STATE_STUCK) {
690		print "STUCK\n";
691		} else {
692		print "UNKNOWN\n";
693		}
694		}
695
696		print "Calling getMACaddrVM()...\n";
697		$som = $stubVM->getMACaddrVM(config => $vmCloneConfig);
698		print "Result: " . $som->result() . "\n";
699		$vmMAC = $som->result();
700
701		# Figure out when the Agent on the VM is alive and well.
702		$ret = undef;
703		my $logMsgPrinted = 0;
704		while (!$ret) {
705		sleep (3);
706		print "Calling getIPaddrVM()...\n";
707		$som = $stubVM->getIPaddrVM(config => $vmCloneConfig);
708		if (defined($som->result())) {
709		print "Result: " . $som->result() . "\n";
710		}
711		$vmIP = $som->result();
712
713		print "Calling getNameVM()...\n";
714		$som = $stubVM->getNameVM(config => $vmCloneConfig);
715		print "Result: " . $som->result() . "\n";
716		$vmName = $som->result();
717
718		if (defined($vmIP) && defined($vmName)) {
719		if (!$logMsgPrinted) {
720		$LOG->info("Created clone VM (" . $vmName . ") using IP (" . $vmIP . ") and MAC (" . $vmMAC . ").");
721		$logMsgPrinted = 1;
722		}
723
724		# Try contacting the Agent; ignore any faults.
725		$SUPPRESS_ERRORS = 1;
726		$stubAgent = getClientHandle(namespace => "HoneyClient::Agent",
727		address => $vmIP,
728		fault_handler => \&_handleFault);
729
730		eval {
731		print "Calling getStatus()...\n";
732		$som = $stubAgent->getStatus();
733		$ret = thaw(decode_base64($som->result()));
734		print "Result:\n";
735		# Make Dumper format more verbose.
736		$Data::Dumper::Terse = 0;
737		$Data::Dumper::Indent = 2;
738		print Dumper($ret);
739
740		};
741		# Clear returned state, if any fault occurs.
742		if ($@) {
743		$ret = undef;
744		}
745		$SUPPRESS_ERRORS = 0;
746		}
747		}
	642	# print "Calling setMasterVM()...\n";
	643	# $som = $stubVM->setMasterVM(config => $args{'master_vm_config'});
	644	# print "Result: " . $som->result() . "\n";
	645
	646	# print "Calling quickCloneVM()...\n";
	647	# $som = $stubVM->quickCloneVM();
	648	# print "Result: " . $som->result() . "\n";
	649	# $vmCloneConfig = $som->result();
	650
	651	# # Make sure the VM is fully cloned, before trying to make any subsequent calls.
	652	# print "Calling isRegisteredVM()...\n";
	653	# $som = $stubVM->isRegisteredVM(config => $vmCloneConfig);
	654	# $ret = $som->result();
	655
	656	# if (defined($ret)) {
	657	# print "Result: " . $ret . "\n";
	658	# }
	659
	660	# while (!defined($ret)) {
	661	# sleep (3);
	662	# print "Calling isRegisteredVM()...\n";
	663	# $som = $stubVM->isRegisteredVM(config => $vmCloneConfig);
	664	# $ret = $som->result();
	665	# if (defined($ret)) {
	666	# print "Result: " . $ret . "\n";
	667	# }
	668	# }
	669
	670	# print "Calling getStateVM()...\n";
	671	# $som = $stubVM->getStateVM(config => $vmCloneConfig);
	672	# $vmState = $som->result();
	673	#
	674	# if ($vmState == VM_EXECUTION_STATE_ON) {
	675	# print "ON\n";
	676	# } elsif ($vmState == VM_EXECUTION_STATE_OFF) {
	677	# print "OFF\n";
	678	# } elsif ($vmState == VM_EXECUTION_STATE_SUSPENDED) {
	679	# print "SUSPENDED\n";
	680	# } elsif ($vmState == VM_EXECUTION_STATE_STUCK) {
	681	# print "STUCK\n";
	682	# } else {
	683	# print "UNKNOWN\n";
	684	# }
	685
	686	# while ($vmState != VM_EXECUTION_STATE_ON) {
	687	# sleep (3);
	688	#
	689	# print "Calling getStateVM()...\n";
	690	# $som = $stubVM->getStateVM(config => $vmCloneConfig);
	691	# $vmState = $som->result();
	692	#
	693	# if ($vmState == VM_EXECUTION_STATE_ON) {
	694	# print "ON\n";
	695	# } elsif ($vmState == VM_EXECUTION_STATE_OFF) {
	696	# print "OFF\n";
	697	# } elsif ($vmState == VM_EXECUTION_STATE_SUSPENDED) {
	698	# print "SUSPENDED\n";
	699	# } elsif ($vmState == VM_EXECUTION_STATE_STUCK) {
	700	# print "STUCK\n";
	701	# } else {
	702	# print "UNKNOWN\n";
	703	# }
	704	# }
	705
	706	# print "Calling getMACaddrVM()...\n";
	707	# $som = $stubVM->getMACaddrVM(config => $vmCloneConfig);
	708	# print "Result: " . $som->result() . "\n";
	709	# $vmMAC = $som->result();
	710
	711	# # Figure out when the Agent on the VM is alive and well.
	712	# $ret = undef;
	713	# my $logMsgPrinted = 0;
	714	# while (!$ret) {
	715	# sleep (3);
	716	# print "Calling getIPaddrVM()...\n";
	717	# $som = $stubVM->getIPaddrVM(config => $vmCloneConfig);
	718	# if (defined($som->result())) {
	719	# print "Result: " . $som->result() . "\n";
	720	# }
	721	# $vmIP = $som->result();
	722	#
	723	# print "Calling getNameVM()...\n";
	724	# $som = $stubVM->getNameVM(config => $vmCloneConfig);
	725	# print "Result: " . $som->result() . "\n";
	726	# $vmName = $som->result();
	727	#
	728	# if (defined($vmIP) && defined($vmName)) {
	729	# if (!$logMsgPrinted) {
	730	# $LOG->info("Created clone VM (" . $vmName . ") using IP (" . $vmIP . ") and MAC (" . $vmMAC . ").");
	731	# $logMsgPrinted = 1;
	732	# }
	733	#
	734	# # Try contacting the Agent; ignore any faults.
	735	# $SUPPRESS_ERRORS = 1;
	736	# $stubAgent = getClientHandle(namespace => "HoneyClient::Agent",
	737	# address => $vmIP,
	738	# fault_handler => \&_handleFault);
	739	#
	740	# eval {
	741	# print "Calling getStatus()...\n";
	742	# $som = $stubAgent->getStatus();
	743	# $ret = thaw(decode_base64($som->result()));
	744	# print "Result:\n";
	745	# # Make Dumper format more verbose.
	746	# $Data::Dumper::Terse = 0;
	747	# $Data::Dumper::Indent = 2;
	748	# print Dumper($ret);
	749	#
	750	# };
	751	# # Clear returned state, if any fault occurs.
	752	# if ($@) {
	753	# $ret = undef;
	754	# }
	755	# $SUPPRESS_ERRORS = 0;
	756	# }
	757	# }
	758
	759	# Create a new cloned VM.
	760	$vm = HoneyClient::Manager::VM::Clone->new();
748	761
749	762	# Build our VM's connection table.
750	763	# Note: We assume our VM has a single MAC address
751	764	# and a single IP address.
752		$vmStateTable->{$vmName}->{sources}->{$vmMAC}->{$vmIP} = {
	765	# $vmStateTable->{$vmName}->{sources}->{$vmMAC}->{$vmIP} = {
	766	$vmStateTable->{$vm->name}->{sources}->{$vm->mac_address}->{$vm->ip_address} = {
753	767	# XXX: We assume we can't pinpoint what source TCP ports the
754	768	# corresponding driver will need. (We may want to get this
…	…
773	787	# Recreate the client stub; handle faults.
774	788	$stubAgent = getClientHandle(namespace => "HoneyClient::Agent",
775		address => $vmIP,
	789	# address => $vmIP,
	790	address => $vm->ip_address,
776	791	fault_handler => \&_handleFaultAndCleanup);
777	792
…	…
784	799	# Recreate the client stub; ignore faults.
785	800	$stubAgent = getClientHandle(namespace => "HoneyClient::Agent",
786		address => $vmIP,
	801	# address => $vmIP,
	802	address => $vm->ip_address,
787	803	fault_handler => \&_handleFault);
788	804
…	…
819	835	# Check to see if the VM has been compromised.
820	836	print "WARNING: VM HAS BEEN COMPROMISED!\n";
821		$LOG->info("Calling suspendVM(config => " . $vmCloneConfig . ").");
822		$som = $stubVM->suspendVM(config => $vmCloneConfig);
823		HoneyClient::Manager::VM->destroy();
	837	# $LOG->info("Calling suspendVM(config => " . $vmCloneConfig . ").");
	838	# $som = $stubVM->suspendVM(config => $vmCloneConfig);
	839	# HoneyClient::Manager::VM->destroy();
	840	my $vmName = $vm->name;
	841	$vm = undef;
824	842	$vmCompromised = 1;
825	843
…	…
846	864
847	865	$LOG->info("All URLs exhausted. Shutting down Manager.");
	866	$vm = undef;
848	867	# Get a local copy of the configuration and kill the global copy.
849		my $vmCfg = $vmCloneConfig;
850		$vmCloneConfig = undef;
851		$LOG->info("Calling suspendVM(config => " . $vmCfg . ").");
852		$stubVM->suspendVM(config => $vmCfg);
	868	# my $vmCfg = $vmCloneConfig;
	869	# $vmCloneConfig = undef;
	870	# $LOG->info("Calling suspendVM(config => " . $vmCfg . ").");
	871	# $stubVM->suspendVM(config => $vmCfg);
853	872	print "Done!\n";
854	873	_cleanup();
…	…
864	883
865	884	# Get the new targets from the Agent.
866		$vmStateTable->{$vmName}->{targets} = $ret->{$args{'driver'}}->{next}->{targets};
	885	$vmStateTable->{$vm->name}->{targets} = $ret->{$args{'driver'}}->{next}->{targets};
867	886
868	887	print "VM State Table:\n";

Navigation

Changeset 926

Legend:

honeyclient/branches/exp/kindlund-dynamic_updates/bin/StartManager.pl

honeyclient/branches/exp/kindlund-dynamic_updates/etc/honeyclient.xml

honeyclient/branches/exp/kindlund-dynamic_updates/lib/HoneyClient/Manager.pm

Download in other formats: