Source Code for Module rekall.plugins.common.bovine

  1  # Rekall Memory Forensics 
  2  # Copyright 2014 Google Inc. All Rights Reserved. 
  3  # 
  4  # This program is free software; you can redistribute it and/or modify 
  5  # it under the terms of the GNU General Public License as published by 
  6  # the Free Software Foundation; either version 2 of the License, or (at 
  7  # your option) any later version. 
  8  # 
  9  # This program is distributed in the hope that it will be useful, but 
 10  # WITHOUT ANY WARRANTY; without even the implied warranty of 
 11  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 
 12  # General Public License for more details. 
 13  # 
 14  # You should have received a copy of the GNU General Public License 
 15  # along with this program; if not, write to the Free Software 
 16  # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
 17  # 
 18   
 19  """The plugins in this module are mainly used to visually test renderers.""" 
 20   
 21  __author__ = "Adam Sindelar <adamsh@google.com>" 
 22   
 23  import itertools 
 24   
 25  from rekall import plugin 
 26  from rekall import algo 
 27  from rekall_lib import utils 
 28   
 29  from rekall.plugins.renderers import visual_aides 
 30   
 31   
 32 -class RekallBovineExperience3000(plugin.Command): 
 33      """Renders Bessy the cow and some beer. 
 34   
 35      This is a text renderer stress-test. It uses multiple features at the 
 36      same time: 
 37   
 38      - Multiple coloring rules per line (this was a doozy). 
 39      - Two columns with colors next to each other. 
 40      - Text with its own newlines isn't rewrapped. 
 41      - It still wraps if it overflows the cell. 
 42      - Bovine readiness and international spirit. 
 43      """ 
 44      __name = "moo" 
 45   
 46 -    def render(self, renderer): 
 47          renderer.table_header([ 
 48              dict(name="Dogma", width=35, style="full"), 
 49              dict(name="Bessy", width=65, type="bool", style="cow"), 
 50              dict(name="Pilsner", width=50, style="full"), 
 51              dict(name="Nowrap", width=10, nowrap=True)]) 
 52   
 53          fixtures = self.session.LoadProfile("tests/fixtures") 
 54          beer = fixtures.data["ascii_art"]["beer"] 
 55          phys_map = fixtures.data["fixtures"]["phys_map"] 
 56   
 57          renderer.table_row( 
 58              ("This is a renderer stress-test. The flags should have correct" 
 59               " colors, the beer should be yellow and the cell on the left" 
 60               " should not bleed into the cell on the right.\n" 
 61               "This is a really " 
 62               "long column of text with its own newlines in it!\n" 
 63               "This bovine experience has been brought to you by Rekall."), 
 64              True, 
 65              utils.AttributedString("\n".join(beer["ascii"]), 
 66                                     beer["highlights"]), 
 67              ("This is a fairly long line that shouldn't get wrapped.\n" 
 68               "The same row has another line that shouldn't get wrapped.")) 
 69   
 70          renderer.section("Heatmap test:") 
 71          cells = [] 
 72          for digit in itertools.islice(algo.EulersDecimals(), 0xff): 
 73              cells.append(dict(heat=float(digit + 1) * .1, value=digit)) 
 74   
 75          randomized = visual_aides.Heatmap( 
 76              caption="Offset (p)", 
 77              # Some of the below xs stand for eXtreme. The other ones just 
 78              # look cool. 
 79              column_headers=["%0.2x" % x for x in xrange(0, 0xff, 0x10)], 
 80              row_headers=["0x%0.6x" % x for x 
 81                           in xrange(0x0, 0xfffff, 0x10000)], 
 82              cells=cells, 
 83              greyscale=False) 
 84   
 85          gradual = visual_aides.Heatmap( 
 86              caption="Offset (v)", 
 87              column_headers=["%0.2x" % x for x in xrange(0, 0xff, 0x10)], 
 88              row_headers=["0x%0.6x" % x for x 
 89                           in xrange(0x0, 0xfffff, 0x10000)], 
 90              cells=[dict(value="%x" % x, heat=x / 255.0) for x in xrange(256)], 
 91              greyscale=False) 
 92   
 93          ranges_legend = visual_aides.MapLegend(phys_map["ranges_legend"]) 
 94   
 95          ranges = visual_aides.RunBasedMap( 
 96              caption="Offset (p)", 
 97              legend=ranges_legend, 
 98              runs=phys_map["runs"]) 
 99   
100          renderer.table_header([dict(name="Random Heatmap", style="full", 
101                                      width=60, align="c"), 
102                                 dict(name="Gradual Heatmap", style="full", 
103                                      width=60, align="c"), 
104                                 dict(name="Legend", style="full", 
105                                      orientation="horizontal")]) 
106          renderer.table_row(randomized, gradual, visual_aides.HeatmapLegend()) 
107   
108          renderer.table_header([dict(name="Greyscale Random", style="full", 
109                                      width=60, align="c"), 
110                                 dict(name="Memory Ranges", style="full", 
111                                      width=80, align="c"), 
112                                 dict(name="Ranges Legend", style="full", 
113                                      width=30, orientation="vertical")]) 
114   
115          randomized.greyscale = True 
116          renderer.table_row(randomized, ranges, ranges_legend) 
117