$('H6|dZddlZddlZddlZddlZddlZddlmZddlZ ddl m Z m Z ddl mZddlmZddlmZddlmZdd lmZdd lmZdd lmZdd lmZeeeecZZGd deZ GddeZ!dS)u This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program.  If not, see . Copyright © 2019 Cloud Linux Software Inc. This software is also available under ImunifyAV commercial license, see Generic Sensor plugin - Creates listening unix domain socket on config.GenericSensor.SOCKET_PATH - Expects alert data formatted as N) getLogger) SimpleRpcGENERIC_SENSOR_SOCKET_PATH) MessageType)Sensor)UnixSocketAuthProtocol)g)getNetworkLogger) RpcServerAV)Scope) LineBufferc eZdZejejejejejej ej ej dZ dZ fdZdZdZdZdZxZS)Protocol)NOOP MALWARE_SCANMALWARE_SCAN_TASKMALWARE_SCAN_COMPLETEMALWARE_CLEAN_COMPLETEMALWARE_RESTORE_COMPLETEMALWARE_CHECK_DETACHED_SCANSMALWARE_SEND_FILEScV||_||_t|_d|_dSN)_loop_sinkr _line_buffer transport)selfloopsink_s P/opt/imunify360/venv/lib/python3.11/site-packages/imav/plugins/generic_sensor.py__init__zProtocol.__init__Gs'  &LLc t|nY#tttjf$r:}t d||Yd}~dSd}~wwxYw|j dkrBt d|j |j |j |dS||_ t ddS)Nz@Rejected generic_sensor connection: SO_PEERCRED unavailable (%s)rzJRejected generic_sensor connection from non-root peer uid=%d gid=%d pid=%dzConnection made)superconnection_madeOSErrorAttributeErrorstructerrornetwork_loggerwarningclose_uid_gid_pidrdebug)rrexc __class__s r"r'zProtocol.connection_madeMs  GG # #I . . . .6     " "/    OO    FFFFF  9>>  " "'       OO    F"./////s!%A;/A66A;c|jdS|}|std|dS|j||jD]s}|rotd || |}|r+tj |d<| |tdS)NzEmpty message received <%s>zdata_received: {!r} timestamp) rdecodestriploggerr+rappendr,r2format _parse_msgtime _process_msg)rdatamsgsmsgtokenss r" data_receivedzProtocol.data_receivedes > ! F{{}}zz||  LL6 = = = F   &&&$ . .C .$$%:%A%A#%F%FGGG--.*.)++F;'%%f---  . .r$c tj|S#tj$r,tdt |YdSwxYw)Nz#data_received(%s): unable to decode)jsonloadsJSONDecodeErrorr9 exceptionrepr)rrAs r"r<zProtocol._parse_msgws^ O:c?? "# O O O   BDII N N N N N N Os7AAc| |d}|j|}nN#t$rA}tdt |t |Yd}~dSd}~wwxYw|dkrd|dD|d<|j|j||dS)Nmethodz1data_received(%s): Wrong or missing 'method' [%s]rcZg|](}tjtj|)S)osfsdecodebase64 b64decode).0fs r" z)Protocol._process_msg..s:"""56 F,Q//00"""r$filelist) METHOD2MSGTYPEKeyErrorr9r+rIr create_taskrprocess_message)rrBrKmsgtypees r"r>zProtocol._process_msg}s H%F)&1GG    LLCV Q    FFFFF   ( ( ("":@:L"""F:  tz99''&//JJKKKKKs A#6AA#cHd|_tddS)N Disconnected)rr,r2)rrs r"connection_lostzProtocol.connection_losts#^,,,,,r$)__name__ __module__ __qualname__rNoop MalwareScanMalwareScanTaskMalwareScanCompleteMalwareCleanCompleteMalwareRestoreCompleteCheckDetachedScansMalwareSendFilesrVr#r'rCr<r>r^ __classcell__)r4s@r"rr;s #/(8!,!@"-"B$/$F(3(F):  N 000000...$OOO LLL&-------r$rc*eZdZeZeZejZ dZ dS) GenericSensorcHKtjrGGfddt}|d{Vt_tjSt jt j j dt j j rt j j  fdj d{Vt_t jj dtjS)Nc,eZdZjZjZdS)8GenericSensor.create_sensor..GenericSensorSocketN)r_r`ra SOCKET_PATHPROTOCOL_CLASS)rsr"GenericSensorSocketros". !%!4r$rrT)exist_okc0Sr)rq)rrr sr"z-GenericSensor.create_sensor..s++D$77r$i)rSOCKET_ACTIVATIONr creater sensor_serverrNmakedirspathdirnamerpexistsunlinkcreate_unix_serverchmod)rrr rrs``` r" create_sensorzGenericSensor.create_sensors:  & # 5 5 5 5 5 5 5k 5 5 5%8$>$>tT$J$JJJJJJJAO? " K(899D I I I Iw~~d.// , $*+++$($;$;7777779I%%AO HT%u - - -? "r$N) r_r`rarrprrqr AVSCOPErrMr$r"rlrls4,KN HE#####r$rl)"__doc__rPrErNr*r=loggingrimav.contracts.messagesimav defence360agent.contracts.configrr"defence360agent.contracts.messagesr!defence360agent.contracts.pluginsr'defence360agent.internals.auth_protocolr&defence360agent.internals.global_scoper defence360agent.internals.loggerr defence360agent.simple_rpcr defence360agent.utilsr defence360agent.utils.bufferr r_r9r,rrlrMr$r"rs: ;:::::444444JJJJJJ444444======222222''''''333333"8,,.>.>x.H.HW-W-W-W-W-%W-W-W-t#####F#####r$