app.service.interfaces namespace¶
Submodules¶
app.service.interfaces.i_app_svc module¶
-
class
app.service.interfaces.i_app_svc.
AppServiceInterface
¶ Bases:
abc.ABC
-
abstract
find_link
(unique)¶ Locate a given link by its unique property :param unique: :return:
-
abstract
find_op_with_link
(link_id)¶ Locate an operation with the given link ID :param link_id: :return: Operation or None
-
abstract
load_plugin_expansions
(plugins)¶
-
abstract
load_plugins
(plugins)¶ Store all plugins in the data store :return:
-
abstract
register_contacts
()¶
-
abstract
resume_operations
()¶ Resume all unfinished operations :return: None
-
abstract
retrieve_compiled_file
(name, platform)¶
-
abstract
run_scheduler
()¶ Kick off all scheduled jobs, as their schedule determines :return:
-
abstract
start_sniffer_untrusted_agents
()¶ Cyclic function that repeatedly checks if there are agents to be marked as untrusted :return: None
-
abstract
teardown
()¶
-
abstract
app.service.interfaces.i_auth_svc module¶
-
class
app.service.interfaces.i_auth_svc.
AuthServiceInterface
¶ Bases:
abc.ABC
-
abstract
apply
(app, users)¶ Set up security on server boot :param app: :param users: :return: None
-
abstract
check_permissions
(group, request)¶ Check if a request is allowed based on the user permissions :param group: :param request: :return: None
-
abstract
get_permissions
(request)¶
-
abstract
login_user
(request)¶ Kick off all scheduled jobs, as their schedule determines :return:
-
abstract static
logout_user
(request)¶ Log the user out :param request: :return: None
-
abstract
app.service.interfaces.i_contact_svc module¶
-
class
app.service.interfaces.i_contact_svc.
ContactServiceInterface
¶ Bases:
abc.ABC
-
abstract
build_filename
()¶
-
abstract
handle_heartbeat
()¶ Accept all components of an agent profile and save a new agent or register an updated heartbeat. :return: the agent object, instructions to execute
-
abstract
register
(contact)¶ Register a virtual subclass of an ABC.
Returns the subclass, to allow usage as a class decorator.
-
abstract
app.service.interfaces.i_data_svc module¶
-
class
app.service.interfaces.i_data_svc.
DataServiceInterface
¶ Bases:
abc.ABC
-
abstract
apply
(collection)¶ Add a new collection to RAM :param collection: :return:
-
abstract static
destroy
()¶ Clear out all data :return:
-
abstract
load_data
(plugins)¶ Non-blocking read all the data sources to populate the object store :return: None
-
abstract
locate
(object_name, match)¶ Find all c_objects which match a search. Return all c_objects if no match. :param object_name: :param match: dict() :return: a list of c_object types
-
abstract
reload_data
(plugins)¶ Blocking read all the data sources to populate the object store :return: None
-
abstract
remove
(object_name, match)¶ Remove any c_objects which match a search :param object_name: :param match: dict() :return:
-
abstract
restore_state
()¶
-
abstract
save_state
()¶ Accept all components of an agent profile and save a new agent or register an updated heartbeat. :return: the agent object, instructions to execute
-
abstract
store
(c_object)¶ Accept any c_object type and store it (create/update) in RAM :param c_object: :return: a single c_object
-
abstract
app.service.interfaces.i_event_svc module¶
-
class
app.service.interfaces.i_event_svc.
EventServiceInterface
¶ Bases:
abc.ABC
-
abstract
fire_event
(event, **callback_kwargs)¶ Fire an event :param event: The event topic and (optional) subtopic, separated by a ‘/’ :param callback_kwargs: Any additional parameters to pass to the event handler :return: None
-
abstract
observe_event
(event, callback)¶ Register an event handler :param event: The event topic and (optional) subtopic, separated by a ‘/’ :param callback: The function that will handle the event :return: None
-
abstract
app.service.interfaces.i_file_svc module¶
-
class
app.service.interfaces.i_file_svc.
FileServiceInterface
¶ Bases:
abc.ABC
-
abstract
add_special_payload
(name, func)¶ Call a special function when specific payloads are downloaded :param name: :param func: :return:
-
abstract
compile_go
(platform, output, src_fle, arch, ldflags, cflags, buildmode, build_dir, loop)¶ Dynamically compile a go file :param platform: :param output: :param src_fle: :param arch: Compile architecture selection (defaults to AMD64) :param ldflags: A string of ldflags to use when building the go executable :param cflags: A string of CFLAGS to pass to the go compiler :param buildmode: GO compiler buildmode flag :param build_dir: The path to build should take place in :return:
-
abstract
create_exfil_sub_directory
(dir_name)¶
-
abstract
find_file_path
(name, location)¶ Find the location on disk of a file by name. :param name: :param location: :return: a tuple: the plugin the file is found in & the relative file path
-
abstract
get_file
(headers)¶ Retrieve file :param headers: headers dictionary. The file key is REQUIRED. :type headers: dict or dict-equivalent :return: File contents and optionally a display_name if the payload is a special payload :raises: KeyError if file key is not provided, FileNotFoundError if file cannot be found
-
abstract
get_payload_name_from_uuid
(payload)¶
-
abstract
read_file
(name, location)¶ Open a file and read the contents :param name: :param location: :return: a tuple (file_path, contents)
-
abstract
read_result_file
(link_id, location)¶ Read a result file. If file encryption is enabled, this method will return the plaintext content. :param link_id: The id of the link to return results from. :param location: The path to results directory. :return:
-
abstract
save_file
(filename, payload, target_dir)¶
-
abstract
save_multipart_file_upload
(request, target_dir)¶ Accept a multipart file via HTTP and save it to the server :param request: :param target_dir: The path of the directory to save the uploaded file to.
-
abstract
write_result_file
(link_id, output, location)¶ Writes the results of a link execution to disk. If file encryption is enabled, the results file will contain ciphertext. :param link_id: The link id of the result being written. :param output: The content of the link’s output. :param location: The path to the results directory. :return:
-
abstract
app.service.interfaces.i_learning_svc module¶
-
class
app.service.interfaces.i_learning_svc.
LearningServiceInterface
¶ Bases:
abc.ABC
-
abstract static
add_parsers
(directory)¶
-
abstract
build_model
()¶ The model is a static set of all variables used inside all ability commands This can be used to determine which facts - when found together - are more likely to be used together :return:
-
abstract
learn
(facts, link, blob)¶
-
abstract static
app.service.interfaces.i_planning_svc module¶
-
class
app.service.interfaces.i_planning_svc.
PlanningServiceInterface
¶ Bases:
abc.ABC
-
abstract
generate_and_trim_links
(agent, operation, abilities, trim)¶
-
abstract
get_cleanup_links
(operation, agent)¶ For a given operation, create all cleanup links. If agent is supplied, only return cleanup links for that agent. :param operation: :param agent: :return: None
-
abstract
get_links
(operation, buckets, agent, trim)¶ For an operation and agent combination, create links (that can be executed). When no agent is supplied, links for all agents are returned :param operation: :param buckets: :param agent: :param trim: call trim_links() on list of links before returning :return: a list of links
-
abstract static
sort_links
(self, links)¶ Sort links by their score then by the order they are defined in an adversary profile
-
abstract
app.service.interfaces.i_rest_svc module¶
-
class
app.service.interfaces.i_rest_svc.
RestServiceInterface
¶ Bases:
abc.ABC
-
abstract
apply_potential_link
(link)¶
-
abstract
construct_agents_for_group
(group)¶
-
abstract
create_operation
(access, data)¶
-
abstract
create_schedule
(access, data)¶
-
abstract
delete_ability
(data)¶
-
abstract
delete_adversary
(data)¶
-
abstract
delete_agent
(data)¶
-
abstract
delete_operation
(data)¶
-
abstract
display_objects
(object_name, data)¶
-
abstract
display_operation_report
(data)¶
-
abstract
display_result
(data)¶
-
abstract
download_contact_report
(contact)¶
-
abstract
find_abilities
(paw)¶
-
abstract
get_link_pin
(json_data)¶
-
abstract
get_potential_links
(op_id, paw)¶
-
abstract
list_payloads
()¶
-
abstract
persist_ability
(access, data)¶
-
abstract
persist_adversary
(access, data)¶ Save a new adversary from either the GUI or REST API. This writes a new YML file into the core data/ directory. :param access :param data: :return: the ID of the created adversary
-
abstract
persist_source
(access, data)¶
-
abstract
task_agent_with_ability
(paw, ability_id, obfuscator, facts)¶
-
abstract
update_agent_data
(data)¶
-
abstract
update_chain_data
(data)¶
-
abstract
update_config
(data)¶
-
abstract
update_operation
(op_id, state, autonomous)¶
-
abstract
update_planner
(data)¶ Update a new planner from either the GUI or REST API with new stopping conditions. This overwrites the existing YML file. :param data: :return: the ID of the created adversary
-
abstract