app.service namespace

Submodules

app.service.app_svc module

class app.service.app_svc.AppService(application)

Bases: app.utility.base_service.BaseService

Locate a given link by its unique property

Parameters:unique
Returns:
load_plugins()

Store all plugins in the data store

Returns:
register_contacts()
resume_operations()

Resume all unfinished operations

Returns:None
retrieve_compiled_file(name, platform)
run_scheduler()

Kick off all scheduled jobs, as their schedule determines

Returns:
start_sniffer_untrusted_agents()

Cyclic function that repeatedly checks if there are agents to be marked as untrusted

Returns:None
teardown()

app.service.auth_svc module

class app.service.auth_svc.AuthService

Bases: app.utility.base_service.BaseService

class User(username, password, permissions)

Bases: tuple

password

Alias for field number 1

permissions

Alias for field number 2

username

Alias for field number 0

apply(app, users)

Set up security on server boot :param app: :param users: :return: None

check_permissions(group, request)

Check if a request is allowed based on the user permissions :param request: :return: None

get_permissions(request)
login_user(request)

Log a user in and save the session :param request: :return: the response/location of where the user is trying to navigate

static logout_user(request)

Log the user out :param request: :return: None

class app.service.auth_svc.DictionaryAuthorizationPolicy(user_map)

Bases: aiohttp_security.abc.AbstractAuthorizationPolicy

authorized_userid(identity)

Retrieve authorized user id. Return the user_id of the user identified by the identity or ‘None’ if no user exists related to the identity.

permits(identity, permission, context=None)

Check user permissions. Return True if the identity is allowed the permission in the current context, else return False.

app.service.auth_svc.check_authorization(func)

Authorization Decorator This requires that the calling class have self.auth_svc set to the authentication service.

app.service.contact_svc module

class app.service.contact_svc.ContactService

Bases: app.utility.base_service.BaseService

build_filename()
handle_heartbeat(**kwargs)
register(contact)
app.service.contact_svc.report(func)

app.service.data_svc module

class app.service.data_svc.Adjustment(ability_id, trait, value, offset)

Bases: tuple

ability_id

Alias for field number 0

offset

Alias for field number 3

trait

Alias for field number 1

value

Alias for field number 2

class app.service.data_svc.DataService

Bases: app.utility.base_service.BaseService

apply(collection)

Add a new collection to RAM

Parameters:collection
Returns:
static destroy()

Clear out all data

Returns:
load_data(plugins=())

Non-blocking read all the data sources to populate the object store

Returns:None
locate(object_name, match=None)

Find all c_objects which match a search. Return all c_objects if no match.

Parameters:
  • object_name
  • match – dict()
Returns:

a list of c_object types

reload_data(plugins=())

Blocking read all the data sources to populate the object store

Returns:None
remove(object_name, match)

Remove any c_objects which match a search

Parameters:
  • object_name
  • match – dict()
Returns:

restore_state()

Restore the object database

Returns:
save_state()

Save RAM database to file

Returns:
store(c_object)

Accept any c_object type and store it (create/update) in RAM

Parameters:c_object
Returns:a single c_object

app.service.file_svc module

class app.service.file_svc.FileSvc

Bases: app.utility.base_service.BaseService

add_special_payload(name, func)

Call a special function when specific payloads are downloaded

Parameters:
  • name
  • func
Returns:

compile_go(platform, output, src_fle, arch='amd64', ldflags='-s -w', cflags='', buildmode='', build_dir='.')

Dynamically compile a go file

Parameters:
  • platform
  • output
  • src_fle
  • arch – Compile architecture selection (defaults to AMD64)
  • ldflags – A string of ldflags to use when building the go executable
  • cflags – A string of CFLAGS to pass to the go compiler
  • buildmode – GO compiler buildmode flag
  • build_dir – The path to build should take place in
Returns:

create_exfil_sub_directory(dir_name)
find_file_path(name, location='')

Find the location on disk of a file by name.

Parameters:
  • name
  • location
Returns:

a tuple: the plugin the file is found in & the relative file path

get_file(headers)

Retrieve file :param headers: headers dictionary. The file key is REQUIRED. :type headers: dict or dict-equivalent :return: File contents and optionally a display_name if the payload is a special payload :raises: KeyError if file key is not provided, FileNotFoundError if file cannot be found

get_payload_name_from_uuid(payload)
read_file(name, location='payloads')

Open a file and read the contents

Parameters:
  • name
  • location
Returns:

a tuple (file_path, contents)

read_result_file(link_id, location='data/results')

Read a result file. If file encryption is enabled, this method will return the plaintext content.

Parameters:
  • link_id – The id of the link to return results from.
  • location – The path to results directory.
Returns:

save_file(filename, payload, target_dir)
save_multipart_file_upload(request, target_dir)

Accept a multipart file via HTTP and save it to the server

Parameters:
  • request
  • target_dir – The path of the directory to save the uploaded file to.
write_result_file(link_id, output, location='data/results')

Writes the results of a link execution to disk. If file encryption is enabled, the results file will contain ciphertext.

Parameters:
  • link_id – The link id of the result being written.
  • output – The content of the link’s output.
  • location – The path to the results directory.
Returns:

app.service.learning_svc module

class app.service.learning_svc.LearningService

Bases: app.utility.base_service.BaseService

static add_parsers(directory)
build_model()

The model is a static set of all variables used inside all ability commands This can be used to determine which facts - when found together - are more likely to be used together :return:

learn(facts, link, blob)

app.service.planning_svc module

class app.service.planning_svc.PlanningService

Bases: app.utility.base_planning_svc.BasePlanningService

repeated subroutine

For a given operation, create all cleanup links. If agent is supplied, only return cleanup links for that agent.

Parameters:
  • operation
  • agent
Returns:

None

For an operation and agent combination, create links (that can be executed). When no agent is supplied, links for all agents are returned

Parameters:
  • operation
  • agent
  • trim – call trim_links() on list of links before returning
  • planner
  • stopping_conditions
Returns:

a list of links

Sort links by their score then by the order they are defined in an adversary profile

app.service.rest_svc module

class app.service.rest_svc.RestService

Bases: app.utility.base_service.BaseService

construct_agents_for_group(group)
create_operation(access, data)
create_schedule(access, data)
delete_ability(data)
delete_adversary(data)
delete_agent(data)
delete_operation(data)
display_objects(object_name, data)
display_operation_report(data)
display_result(data)
download_contact_report(contact)
find_abilities(paw)
list_payloads()
persist_ability(data)
persist_adversary(data)

Save a new adversary from either the GUI or REST API. This writes a new YML file into the core data/ directory.

Parameters:data
Returns:the ID of the created adversary
persist_source(data)
task_agent_with_ability(paw, ability_id, facts=())
update_agent_data(data)
update_chain_data(data)
update_config(data)
update_operation(op_id, state=None, autonomous=None)
update_planner(data)

Update a new planner from either the GUI or REST API with new stopping conditions. This overwrites the existing YML file.

Parameters:data
Returns:the ID of the created adversary