app.service.interfaces namespace

Submodules

app.service.interfaces.i_app_svc module

class app.service.interfaces.i_app_svc.AppServiceInterface

Bases: abc.ABC

Locate a given link by its unique property :param unique: :return:

Locate an operation with the given link ID :param link_id: :return: Operation or None

abstract load_plugin_expansions(plugins)
abstract load_plugins(plugins)

Store all plugins in the data store :return:

abstract register_contacts()
abstract resume_operations()

Resume all unfinished operations :return: None

abstract retrieve_compiled_file(name, platform)
abstract run_scheduler()

Kick off all scheduled jobs, as their schedule determines :return:

abstract start_sniffer_untrusted_agents()

Cyclic function that repeatedly checks if there are agents to be marked as untrusted :return: None

abstract teardown()

app.service.interfaces.i_auth_svc module

class app.service.interfaces.i_auth_svc.AuthServiceInterface

Bases: abc.ABC

abstract apply(app, users)

Set up security on server boot :param app: :param users: :return: None

abstract check_permissions(group, request)

Check if a request is allowed based on the user permissions :param group: :param request: :return: None

abstract get_permissions(request)
abstract login_user(request)

Kick off all scheduled jobs, as their schedule determines :return:

abstract static logout_user(request)

Log the user out :param request: :return: None

app.service.interfaces.i_contact_svc module

class app.service.interfaces.i_contact_svc.ContactServiceInterface

Bases: abc.ABC

abstract build_filename()
abstract handle_heartbeat()

Accept all components of an agent profile and save a new agent or register an updated heartbeat. :return: the agent object, instructions to execute

abstract register(contact)

Register a virtual subclass of an ABC.

Returns the subclass, to allow usage as a class decorator.

app.service.interfaces.i_data_svc module

class app.service.interfaces.i_data_svc.DataServiceInterface

Bases: abc.ABC

abstract apply(collection)

Add a new collection to RAM :param collection: :return:

abstract static destroy()

Clear out all data :return:

abstract load_data(plugins)

Non-blocking read all the data sources to populate the object store :return: None

abstract locate(object_name, match)

Find all c_objects which match a search. Return all c_objects if no match. :param object_name: :param match: dict() :return: a list of c_object types

abstract reload_data(plugins)

Blocking read all the data sources to populate the object store :return: None

abstract remove(object_name, match)

Remove any c_objects which match a search :param object_name: :param match: dict() :return:

abstract restore_state()
abstract save_state()

Accept all components of an agent profile and save a new agent or register an updated heartbeat. :return: the agent object, instructions to execute

abstract store(c_object)

Accept any c_object type and store it (create/update) in RAM :param c_object: :return: a single c_object

app.service.interfaces.i_event_svc module

class app.service.interfaces.i_event_svc.EventServiceInterface

Bases: abc.ABC

abstract fire_event(event, **callback_kwargs)

Fire an event :param event: The event topic and (optional) subtopic, separated by a ‘/’ :param callback_kwargs: Any additional parameters to pass to the event handler :return: None

abstract observe_event(event, callback)

Register an event handler :param event: The event topic and (optional) subtopic, separated by a ‘/’ :param callback: The function that will handle the event :return: None

app.service.interfaces.i_file_svc module

class app.service.interfaces.i_file_svc.FileServiceInterface

Bases: abc.ABC

abstract add_special_payload(name, func)

Call a special function when specific payloads are downloaded :param name: :param func: :return:

abstract compile_go(platform, output, src_fle, arch, ldflags, cflags, buildmode, build_dir, loop)

Dynamically compile a go file :param platform: :param output: :param src_fle: :param arch: Compile architecture selection (defaults to AMD64) :param ldflags: A string of ldflags to use when building the go executable :param cflags: A string of CFLAGS to pass to the go compiler :param buildmode: GO compiler buildmode flag :param build_dir: The path to build should take place in :return:

abstract create_exfil_sub_directory(dir_name)
abstract find_file_path(name, location)

Find the location on disk of a file by name. :param name: :param location: :return: a tuple: the plugin the file is found in & the relative file path

abstract get_file(headers)

Retrieve file :param headers: headers dictionary. The file key is REQUIRED. :type headers: dict or dict-equivalent :return: File contents and optionally a display_name if the payload is a special payload :raises: KeyError if file key is not provided, FileNotFoundError if file cannot be found

abstract get_payload_name_from_uuid(payload)
abstract read_file(name, location)

Open a file and read the contents :param name: :param location: :return: a tuple (file_path, contents)

abstract read_result_file(link_id, location)

Read a result file. If file encryption is enabled, this method will return the plaintext content. :param link_id: The id of the link to return results from. :param location: The path to results directory. :return:

abstract save_file(filename, payload, target_dir)
abstract save_multipart_file_upload(request, target_dir)

Accept a multipart file via HTTP and save it to the server :param request: :param target_dir: The path of the directory to save the uploaded file to.

abstract write_result_file(link_id, output, location)

Writes the results of a link execution to disk. If file encryption is enabled, the results file will contain ciphertext. :param link_id: The link id of the result being written. :param output: The content of the link’s output. :param location: The path to the results directory. :return:

app.service.interfaces.i_learning_svc module

class app.service.interfaces.i_learning_svc.LearningServiceInterface

Bases: abc.ABC

abstract static add_parsers(directory)
abstract build_model()

The model is a static set of all variables used inside all ability commands This can be used to determine which facts - when found together - are more likely to be used together :return:

abstract learn(facts, link, blob)

app.service.interfaces.i_planning_svc module

class app.service.interfaces.i_planning_svc.PlanningServiceInterface

Bases: abc.ABC

For a given operation, create all cleanup links. If agent is supplied, only return cleanup links for that agent. :param operation: :param agent: :return: None

For an operation and agent combination, create links (that can be executed). When no agent is supplied, links for all agents are returned :param operation: :param buckets: :param agent: :param trim: call trim_links() on list of links before returning :return: a list of links

Sort links by their score then by the order they are defined in an adversary profile

app.service.interfaces.i_rest_svc module

class app.service.interfaces.i_rest_svc.RestServiceInterface

Bases: abc.ABC

abstract construct_agents_for_group(group)
abstract create_operation(access, data)
abstract create_schedule(access, data)
abstract delete_ability(data)
abstract delete_adversary(data)
abstract delete_agent(data)
abstract delete_operation(data)
abstract display_objects(object_name, data)
abstract display_operation_report(data)
abstract display_result(data)
abstract download_contact_report(contact)
abstract find_abilities(paw)
abstract list_payloads()
abstract persist_ability(access, data)
abstract persist_adversary(access, data)

Save a new adversary from either the GUI or REST API. This writes a new YML file into the core data/ directory. :param access :param data: :return: the ID of the created adversary

abstract persist_source(access, data)
abstract task_agent_with_ability(paw, ability_id, obfuscator, facts)
abstract update_agent_data(data)
abstract update_chain_data(data)
abstract update_config(data)
abstract update_operation(op_id, state, autonomous)
abstract update_planner(data)

Update a new planner from either the GUI or REST API with new stopping conditions. This overwrites the existing YML file. :param data: :return: the ID of the created adversary