§ 0M7E¢£éãóü—dZddlZddlZddlZddlZddlmZddlmZddl m Z mZddlm Z mZmZmZddlmZmZmZddlmZdd lmZmZdd lmZddlmZddlmZm Z dd l!m"Z"m#Z#m$Z$m%Z%ddl&m'Z'ddl(m)Z)ej*e+¦«Z,dZ-e.ej/d¬¦« 0¦«¦«Z1e2e3e fZ4e d¬¦«Gd„d¦«¦«Z5Gd„dee¦«Z6Gd„dee¦«Z7dS)u This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.Â See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program.Â If not, see . CopyrightÂ Â© 2019 Cloud Linux Software Inc. This software is also available under ImunifyAV commercial license, see éN)ÚAbstractEventLoop)Údefaultdict)Ú dataclassÚfield)ÚAnyÚ AsyncIteratorÚIterableÚcast)ÚMessageÚ ReportableÚReportTarget)Úget_myimunify_users)ÚMessageSinkÚ MessageSource)Ú AbstractPanel)ÚHostingPanel)Ú load_stateÚ save_state)ÚScopeÚrecurring_checkÚsafe_cancel_taskÚsplit_for_chunk)ÚMalwareHitStatus)Ú MalwareHiti,é)ÚdaysT)Úslotscón—eZdZUdZee¬¦«Zeeee fe d<dZee d<dZ ee d<dS)Ú ProcessedHitsz"Result of processing malware hits.)Údefault_factoryÚfilesrÚinfected_countÚ cleaned_countN)Ú__name__Ú __module__Ú__qualname__Ú__doc__rÚlistr!ÚdictÚstrrÚ__annotations__r"Úintr#©óú^/opt/imunify360/venv/lib/python3.11/site-packages/imav/plugins/send_malware_infection_state.pyrr<sb€€€€€€à,Ð,à"' %¸Ð"=Ñ"=Ô"=€Eˆ4S˜#X”ÔÐ=Ð=Ñ=Ø€NCÐÐÑØ€M3ÐÐÑÐÐr.rcó —eZdZdZejZdS)ÚMalwareInfectionStateÚMALWARE_STATE_SNAPSHOTSN)r$r%r&ÚDEFAULT_METHODr ÚAPIÚTARGETr-r.r/r1r1Es€€€€€Ø.€NØ Ô €F€F€Fr.r1có^—eZdZejZdZdZd„Zde fd„Z de fd„Zd„Ze dedefd „¦«Zd(deezd zfd„Zdefd „Zd„Zd„Ze dedefd„¦«Zdedeeeffd„Zdeedefd„Z d)dedededeeeefdedededeed zdefd„Z d)deedededededeed zde!efd „Z"e d!ed"e#edefd#„¦«Z$de!efd$„Z%deedededede!ef d%„Z&deedededed&e'de!efd'„Z(d S)*ÚSendMalwareInfectionStateiècó"—d|_d|_dS)Nr)Ú_taskÚ_last_send_timestamp©Úselfs r/Ú__init__z"SendMalwareInfectionState.__init__Os€ØˆŒ Ø$%ˆÔ!Ð!Ð!r.Úloopcƒó K—dS©Nr-)r<r>s r/Úcreate_sinkz%SendMalwareInfectionState.create_sinkSsèè€Øˆr.cƒóÎK—||_| ¦«|_| t t ¦«|j¦«¦«¦«|_dSr@)Ú_sinkÚ_load_last_send_timestampr:Úcreate_taskrÚRECURRING_CHECK_INTERVALÚ_check_and_sendr9)r<r>Úsinks r/Ú create_sourcez'SendMalwareInfectionState.create_sourceVs^èè€ØˆŒ Ø$(×$BÒ$BÑ$DÔ$DˆÔ!Ø×%Ò%ØKÐ5OÕ4Ñ5Ô5°dÔ6JÑKÔKÑMÔMñ ô ˆŒ ˆ ˆ r.cƒódK—|j&d|jc|_}t|¦«ƒd{V—†dSdSr@)r9r)r<Úts r/Úshutdownz"SendMalwareInfectionState.shutdown]sKèè€ØŒ:Ð!Ø $¤*ˆMˆDŒJ˜Ý" 1Ñ%Ô%Ð%Ð%Ð%Ð%Ð%Ð%Ð%Ð%Ð%ð"Ð!r.Ú timestampÚreturncóF—t|ttf¦«o|dkS)z.Check if timestamp is a valid positive number.r)Ú isinstancer,Úfloat)rMs r/Ú_is_valid_timestampz-SendMalwareInfectionState._is_valid_timestampbs!€õ˜)¥c5 \Ñ2Ô2ÐE°yÀA²~ÐEr.NÚtscó®—|€|jn|}| |¦«st d|¦«dSt |jd|i¦«dS)z1Save the last send timestamp to persistent state.Nz'Invalid timestamp to save: %s, skippingÚlast_send_timestamp)r:rRÚloggerÚwarningrÚ STATE_KEY)r<rSrMs r/Ú_save_last_send_timestampz3SendMalwareInfectionState._save_last_send_timestampgsi€à13°DÔ-Ð-Àˆ Ø×'Ò'¨ Ñ2Ô2ð ÝNŠNØ9¸9ñ ô ð ð ˆFÝ4”>Ð$9¸9Ð#EÑFÔFÐFÐFÐFr.cóÜ—t|j¦« d¦«}| |¦«st d¦«dSt t|¦«S)z3Load the last send timestamp from persistent state.rUzÑ>Ô>‰GˆAˆtØð Ý—’Ð1°8Ñ<Ô<Ð<Øà!%×!=Ò!=Øc˜8 Sñ"ô"ð ð ð ð ð ð ð gð ð"ð "&×!@Ò!@Øc˜8 S¨"ñ"ô"ð ð ð ð ð ð ð gð ð"ñ"ð7 ð s*Á$BÂ%C#Â' C#Â0)CÃC#Ä4EÅE(có\K—| ||||dg¬¦«23d{V—†}|WV—Œ 6dS)z+Generate messages aggregated at user level.rs©r|r‚rƒr„r†r‡N)r”)r<r|r‚rƒr„rfs r/r¨z1SendMalwareInfectionState._generate_user_messagessuèè€ð"×<Ò<ØØØØØ!#Øð =ñ ô ð ð ð ð ð ð ð 'ðˆMˆMˆMˆMˆMð ð ð sž+rªcóNK—| |¦«ƒd{V—†}tt¦«}|D]'}||j |j¦«Œ(tt¦«} |D][} | dd¦«}| || ¦«¦«}| | | ¦«Œ\| ¦«D]B\} }| ||||| | | g¦«¬¦«23d{V—†}|WV—Œ 6ŒCdS)z4Generate messages aggregated at document root level.Nrrrsr±)Úget_user_domains_detailsrr(rr~Údomainr[rŸÚkeysÚitemsr”)r<r|r‚rƒr„rªÚdomain_detailsÚdocroot_to_domainsÚdomain_dataÚdocroot_to_hitsrpr•rœrÚdocroot_hitsrfs r/r©z4SendMalwareInfectionState._generate_docroot_messages,s—èè€ð "×:Ò:¸8ÑDÔDÐDÐDÐDÐDÐDÐDˆõ;FÅdÑ:KÔ:KÐØ)ð Oð OˆKØ˜{Ô2Ô3×:Ò:¸;Ô;MÑNÔNÐNÐNõCNÝñC ôC ˆðð 9ð 9ˆCØŸš ¨Ñ+Ô+ˆIØ"×9Ò9ØÐ-×2Ò2Ñ4Ô4ñôˆOð ˜OÔ,×3Ò3°CÑ8Ô8Ð8Ð8ð&5×%:Ò%:Ñ%<Ô%<ð ð Ñ!ˆG\Ø!%×!@Ò!@Ø!ØØ!ØØ%,Ø/×3Ò3°G¸RÑ@Ô@ð "Añ"ô"ð ð ð ð ð ð ð gð ð"ð"ð ð sÄD#r@)rsN))r$r%r&rÚAV_IM360ÚSCOPEr‘rXr=rrArIrLÚstaticmethodrÚboolrRr,rQrYrDrGr`r*roÚMalwareHitDictr)r{r(rrr1rŽrr”r rŸrdr¨rr©r-r.r/r7r7Js™€€€€€ØŒN€EØ€JØ+€Ið&ð&ð&ð Ð&7ð ð ð ð ð Ð(9ð ð ð ð ð&ð&ð&ð ðF sðF¨tðFðFðFñ„\ðFðGðG¨C°%©K¸$Ñ,>ðGðGðGðGð&¨5ð&ð&ð&ð&ð-ð-ð-ð6ð6ð6ðð ˜Cð Cð ð ð ñ„\ð ð ^ð ¸¸SÀ#¸X¼ð ð ð ð ð $ ~Ô"6ð¸=ððððð2%'Ø)-ððà ððððð ð ˜$˜s C˜xœ.Ô)ððð ððð"ðð˜3”i $Ñ&ðð ððððð:%'Ø)-ððà>Ô"ððððð ð ðð"ð ð˜3”i $Ñ&ðð Ð,Ô -ððððð4ð ¨#ð ¸À#¼ð È3ð ð ð ñ„\ð ð(¨-Ð8MÔ*Nð(ð(ð(ð(ðTØ˜Ô(ðØ/4ðØ@CðØJMðà Ð,Ô -ððððð&à>Ô"ð&ðð&ðð &ð ð&ð ð &ð Ð,Ô -ð&ð&ð&ð&ð&ð&r.r7)8r'ÚdatetimeÚloggingr¢r^ÚasynciorÚcollectionsrÚdataclassesrrÚtypingrrr r Ú"defence360agent.contracts.messagesrrr Ú&defence360agent.contracts.myimunify_idrÚ!defence360agent.contracts.pluginsrrÚ"defence360agent.subsys.panels.baserÚ+defence360agent.subsys.panels.hosting_panelrÚ'defence360agent.subsys.persistent_staterrÚdefence360agent.utilsrrrrÚimav.malwarelib.configrÚimav.malwarelib.modelrÚ getLoggerr$rVrFr,Ú timedeltaÚ total_secondsr_r)r*rÀrr1r7r-r.r/úrÓs•ðððð*€€€Ø€€€Ø € € € Ø€€€Ø%Ð%Ð%Ð%Ð%Ð%Ø#Ð#Ð#Ð#Ð#Ð#Ø(Ð(Ð(Ð(Ð(Ð(Ð(Ð(Ø5Ð5Ð5Ð5Ð5Ð5Ð5Ð5Ð5Ð5Ð5Ð5ððððððððððð GÐFÐFÐFÐFÐFØHÐHÐHÐHÐHÐHÐHÐHØ<Ð<Ð<Ð<Ð<Ð<ØDÐDÐDÐDÐDÐDØJÐJÐJÐJÐJÐJÐJÐJððððððððððððð4Ð3Ð3Ð3Ð3Ð3Ø,Ð,Ð,Ð,Ð,Ð,à ˆÔ ˜8Ñ $Ô $€ð"ÐØÐ&HÔ&¨AÐ.Ñ.Ô.×<Ò<Ñ>Ô>Ñ?Ô?€ ðc˜3h”€ð€ÐÑÔðððððñôñÔðððððð˜G Zñôðð HðHðHðHðH ¨]ñHôHðHðHðHr.