Source Code for Module rekall.plugins.response.renderers

  1  # Rekall Memory Forensics 
  2  # Copyright 2016 Google Inc. All Rights Reserved. 
  3  # 
  4  # This program is free software; you can redistribute it and/or modify 
  5  # it under the terms of the GNU General Public License as published by 
  6  # the Free Software Foundation; either version 2 of the License, or (at 
  7  # your option) any later version. 
  8  # 
  9  # This program is distributed in the hope that it will be useful, but 
 10  # WITHOUT ANY WARRANTY; without even the implied warranty of 
 11  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 
 12  # General Public License for more details. 
 13  # 
 14  # You should have received a copy of the GNU General Public License 
 15  # along with this program; if not, write to the Free Software 
 16  # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
 17  # 
 18   
 19  __author__ = "Michael Cohen <scudette@google.com>" 
 20   
 21   
 22  from rekall.ui import text 
 23  from rekall.plugins.renderers import data_export 
 24  from rekall_lib import utils 
 25   
 26   
 27 -class FileSpec_Text(text.TextObjectRenderer): 
 28      renders_type = "FileSpec" 
 29   
 30 -    def render_row(self, target, width=None, **_): 
 31          if target.filesystem == "API": 
 32              return text.Cell(unicode(target.name), width=width) 
 33   
 34          else: 
 35              return text.Cell(u"%s (%s)" % (target.name, target.filesystem), 
 36                               width=width) 
 37   
 38   
 39 -class FileInformation_TextObjectRenderer(text.TextObjectRenderer): 
 40      renders_type = "FileInformation" 
 41   
 42 -    def render_row(self, target, **options): 
 43          return FileSpec_Text( 
 44              renderer=self.renderer, session=self.session).render_row( 
 45                  target.filename, **options) 
 46   
 47   
 48 -class UserTextObjectRenderer(text.TextObjectRenderer): 
 49      renders_type = "User" 
 50   
 51 -    def render_row(self, item, **_): 
 52          if item.username: 
 53              return text.Cell(u"%s (%s)" % (item.username, item.uid)) 
 54          return text.Cell(unicode(item.uid)) 
 55   
 56   
 57 -class GroupTextObjectRenderer(text.TextObjectRenderer): 
 58      renders_type = "Group" 
 59   
 60 -    def render_row(self, item, **_): 
 61          if item.group_name: 
 62              return text.Cell(u"%s (%s)" % (item.group_name, item.gid)) 
 63          return text.Cell(unicode(item.gid)) 
 64   
 65   
 66 -class DataExportFileSpecObjectRenderer( 
 67          data_export.DataExportBaseObjectRenderer): 
 68      renders_type = "FileSpec" 
 69   
 70 -    def Summary(self, item, **_): 
 71          return utils.SmartStr(item) 
 72   
 73 -    def GetState(self, item, **options): 
 74          return dict(filesystem=item.filesystem, name=item.name) 
 75   
 76   
 77 -class PermissionsFileSpecObjectRenderer( 
 78          data_export.DataExportBaseObjectRenderer): 
 79      renders_type = "Permissions" 
 80   
 81 -    def Summary(self, item, **_): 
 82          return utils.SmartStr(item) 
 83   
 84 -    def GetState(self, item, **options): 
 85          return dict(perm=str(item), int_perm=int(item)) 
 86   
 87   
 88 -class LiveProcessTextRenderer(text.TextObjectRenderer): 
 89      renders_type = "LiveProcess" 
 90   
 91 -    def render_row(self, target, width=None, **_): 
 92          return text.Cell("%s (%s)" % (target.name, target.pid), width=width) 
 93   
 94 -class LiveProcessDataExportRenderer( 
 95          data_export.DataExportBaseObjectRenderer): 
 96      renders_type = "LiveProcess" 
 97   
 98 -    def GetState(self, item, **_): 
 99          return item.as_dict() 
100