Ejemplo n.º 1
0
TEST_F(PacksTests, test_check_platform) {
  Pack fpack("discovery_pack", getPackWithDiscovery());
  EXPECT_TRUE(fpack.checkPlatform());

  // Depending on the current build platform, this check will be true or false.
  fpack.platform_ = kSDKPlatform;
  EXPECT_TRUE(fpack.checkPlatform());

  fpack.platform_ = (kSDKPlatform == "darwin") ? "linux" : "darwin";
  EXPECT_FALSE(fpack.checkPlatform());

  fpack.platform_ = "null";
  EXPECT_TRUE(fpack.checkPlatform());

  fpack.platform_ = "";
  EXPECT_TRUE(fpack.checkPlatform());

  fpack.platform_ = "bad_value";
  EXPECT_FALSE(fpack.checkPlatform());

  fpack.platform_ = "posix";
  if (isPlatform(PlatformType::TYPE_POSIX) ||
      isPlatform(PlatformType::TYPE_LINUX) ||
      isPlatform(PlatformType::TYPE_OSX) ||
      isPlatform(PlatformType::TYPE_FREEBSD)) {
    EXPECT_TRUE(fpack.checkPlatform());
  }

  if (isPlatform(PlatformType::TYPE_WINDOWS)) {
    EXPECT_FALSE(fpack.checkPlatform());
  }
}
Ejemplo n.º 2
0
bool Map::isAnyPlatformBelow(float X, float Y) {

	Y += pPlayer_sy;

	short current_px = -1 * pOffset_X;
	short next_px = current_px + pSize;

	int index_x = pos_X;

	while (!(current_px <= X && next_px > X)) {
		++index_x;
		current_px = next_px;
		next_px += pSize;
	}

	short current_py = App::getScreenHeight();
	short next_py = current_py - pSize;

	int index_y = pAmountEntityVertical - 1;

	while (!(current_py >= Y && next_py < Y)) {
		--index_y;
		current_py = next_py;
		next_py -= pSize;
	}

	if (isPlatform(pMap[index_x][index_y])
			|| isPlatform(pMap[index_x + 1][index_y]))
		return true;

	return false;
}
Ejemplo n.º 3
0
QueryData genChromeExtensions(QueryContext& context) {
  fs::path chromePath;

  /// Each home directory will include custom extensions.
  if (isPlatform(PlatformType::TYPE_WINDOWS)) {
    chromePath = "\\AppData\\Local\\Google\\Chrome\\User Data\\%\\Extensions\\";
  } else if (isPlatform(PlatformType::TYPE_OSX)) {
    chromePath = "/Library/Application Support/Google/Chrome/%/Extensions/";
  } else {
    chromePath = "/.config/google-chrome/%/Extensions/";
  }

  return genChromeBasedExtensions(context, chromePath);
}
Ejemplo n.º 4
0
std::shared_ptr<PlatformProcess> PlatformProcess::launchTestPythonScript(
    const std::string& args) {
  std::string osquery_path;
  auto osquery_path_option = getEnvVar("OSQUERY_DEPS");
  if (osquery_path_option) {
    osquery_path = *osquery_path_option;
  } else {
    if (!isPlatform(PlatformType::TYPE_FREEBSD)) {
      osquery_path = "/usr/local/osquery";
    } else {
      osquery_path = "/usr/local";
    }
  }

  // The whole-string, space-delimited, python process arguments.
  auto argv = osquery_path + "/bin/python " + args;

  std::shared_ptr<PlatformProcess> process;
  int process_pid = ::fork();
  if (process_pid == 0) {
    // Start a Python script
    ::execlp("sh", "sh", "-c", argv.c_str(), nullptr);
    ::exit(0);
  } else if (process_pid > 0) {
    process.reset(new PlatformProcess(process_pid));
  }

  return process;
}
Ejemplo n.º 5
0
  void SetUp() override {
    if (isPlatform(PlatformType::TYPE_WINDOWS)) {
      socket_path = OSQUERY_SOCKET;
    } else {
      socket_path = kTestWorkingDirectory;
    }

    socket_path += "testextmgr" + std::to_string(rand());

    if (!isPlatform(PlatformType::TYPE_WINDOWS)) {
      remove(socket_path);
      if (pathExists(socket_path)) {
        throw std::domain_error("Cannot test sockets: " + socket_path);
      }
    }
  }
Ejemplo n.º 6
0
TEST_F(FlagsTests, test_platform) {
  PlatformType mPlatformType = PlatformType::TYPE_POSIX;
  EXPECT_TRUE(isPlatform(PlatformType::TYPE_POSIX, mPlatformType));

  mPlatformType = PlatformType::TYPE_OSX | PlatformType::TYPE_POSIX;
  EXPECT_TRUE(isPlatform(PlatformType::TYPE_POSIX, mPlatformType));
  EXPECT_TRUE(isPlatform(PlatformType::TYPE_OSX, mPlatformType));

  // Now set and check a valid casting.
  mPlatformType = static_cast<PlatformType>(8);
  EXPECT_EQ(PlatformType::TYPE_LINUX, mPlatformType);

  // Set something that doesn't make sense
  mPlatformType = PlatformType::TYPE_WINDOWS | PlatformType::TYPE_BSD;
  EXPECT_FALSE(isPlatform(PlatformType::TYPE_LINUX, mPlatformType));
  EXPECT_FALSE(isPlatform(PlatformType::TYPE_OSX, mPlatformType));
}
Ejemplo n.º 7
0
  void TearDown() override {
    Dispatcher::stopServices();
    Dispatcher::joinServices();

    if (!isPlatform(PlatformType::TYPE_WINDOWS)) {
      remove(socket_path);
    }
  }
Ejemplo n.º 8
0
QueryData genListeningPorts(QueryContext& context) {
  QueryData results;

  auto sockets = SQL::selectAllFrom("process_open_sockets");

  for (const auto& socket : sockets) {
    if (socket.at("family") == kAF_UNIX && socket.at("path").empty()) {
      // Skip anonymous unix domain sockets
      continue;
    }

    if ((socket.at("family") == kAF_INET || socket.at("family") == kAF_INET6) &&
        socket.at("remote_port") != "0") {
      // Listening UDP/TCP ports have a remote_port == "0"
      continue;
    }

    Row r;
    r["pid"] = socket.at("pid");

    if (socket.at("family") == kAF_UNIX) {
      r["port"] = "0";
      r["path"] = socket.at("path");
      r["socket"] = "0";
    } else {
      r["address"] = socket.at("local_address");
      r["port"] = socket.at("local_port");

      auto socket_it = socket.find("socket");
      if (socket_it != socket.end()) {
        r["socket"] = socket_it->second;
      } else {
        r["socket"] = "0";
      }
    }

    r["protocol"] = socket.at("protocol");
    r["family"] = socket.at("family");

    auto fd_it = socket.find("fd");
    if (fd_it != socket.end()) {
      r["fd"] = fd_it->second;
    } else {
      r["fd"] = "0";
    }

    // When running under linux, we also have the user namespace
    // column available. It can be used with the docker_containers
    // table
    if (isPlatform(PlatformType::TYPE_LINUX)) {
      r["net_namespace"] = socket.at("net_namespace");
    }

    results.push_back(r);
  }

  return results;
}
Ejemplo n.º 9
0
QueryData genPythonPackages(QueryContext& context) {
  QueryData results;
  std::set<std::string> paths;
  if (context.constraints.count("directory") > 0 &&
      context.constraints.at("directory").exists(EQUALS)) {
    paths = context.constraints["directory"].getAll(EQUALS);
  } else {
    paths = kPythonPath;
  }
  for (const auto& key : paths) {
    genSiteDirectories(key, results);
  }

  if (isPlatform(PlatformType::TYPE_OSX)) {
    for (const auto& dir : kDarwinPythonPath) {
      std::vector<std::string> versions;
      if (!listDirectoriesInDirectory(dir, versions, false).ok()) {
        continue;
      }

      for (const auto& version : versions) {
        // macOS will link older versions to 2.6.
        auto version_path = fs::path(version).parent_path();
        if (fs::is_symlink(symlink_status(version_path))) {
          continue;
        }

        auto complete = version + "lib/python" +
                        version_path.filename().string() + "/site-packages/";
        genSiteDirectories(complete, results);
      }
    }
  } else if (isPlatform(PlatformType::TYPE_WINDOWS)) {
    // Enumerate any system installed python packages
    auto installPathKey = "HKEY_LOCAL_MACHINE\\" + kWinPythonInstallKey;
    genWinPythonPackages(installPathKey, results);

    // Enumerate any user installed python packages
    installPathKey = "HKEY_USERS\\%\\" + kWinPythonInstallKey;
    genWinPythonPackages(installPathKey, results);
  }

  return results;
}
Ejemplo n.º 10
0
TEST_F(LoggerTests, test_recursion) {
  // Stop the internal Glog facilities.
  google::ShutdownGoogleLogging();

  auto& rf = RegistryFactory::get();
  auto plugin = std::make_shared<RecursiveLoggerPlugin>();
  rf.registry("logger")->add("recurse", plugin);
  EXPECT_TRUE(rf.exists("logger", "recurse"));
  EXPECT_TRUE(rf.setActive("logger", "recurse").ok());

  FLAGS_logtostderr = true;
  initStatusLogger("logger_test");
  initLogger("logger_test");
  LOG(WARNING) << "Log to the recursive logger";
  EXPECT_EQ(1U, plugin->statuses);

  FLAGS_logger_status_sync = false;
  LOG(WARNING) << "recurse";
  if (isPlatform(PlatformType::TYPE_WINDOWS)) {
    for (size_t i = 0; i < 100; i++) {
      std::this_thread::sleep_for(std::chrono::microseconds(10));
      if (plugin->statuses == 3U) {
        break;
      }
    }
  }
  EXPECT_EQ(3U, plugin->statuses);

  // Try again with the tool type as a daemon.
  auto tool_type = kToolType;
  kToolType = ToolType::DAEMON;
  LOG(WARNING) << "recurse";

  // The daemon calls the status relay within the scheduler.
  EXPECT_EQ(3U, plugin->statuses);

  // All of recursive log lines will sink during the next call.
  relayStatusLogs(true);
  EXPECT_EQ(4U, plugin->statuses);
  relayStatusLogs(true);
  EXPECT_EQ(5U, plugin->statuses);
  kToolType = tool_type;

  EXPECT_EQ(0U, queuedStatuses());
  EXPECT_EQ(0U, queuedSenders());

  // Make sure the test file does not create a filesystem log.
  // This will happen if the logtostderr is not set.
  EXPECT_FALSE(pathExists("logger_test.INFO"));

  FLAGS_logtostderr = false;
}
Ejemplo n.º 11
0
TEST_F(SQLiteUtilTests, test_table_attributes_event_based) {
  {
    SQLInternal sql_internal("select * from process_events");
    if (!isPlatform(PlatformType::TYPE_WINDOWS)) {
      EXPECT_TRUE(sql_internal.ok());
      EXPECT_TRUE(sql_internal.eventBased());
    }
  }

  {
    SQLInternal sql_internal("select * from time");
    EXPECT_TRUE(sql_internal.ok());
    EXPECT_FALSE(sql_internal.eventBased());
  }
}
Ejemplo n.º 12
0
bool Pack::checkPlatform(const std::string& platform) const {
  if (platform.empty() || platform == "null") {
    return true;
  }

  if (platform.find("any") != std::string::npos ||
      platform.find("all") != std::string::npos) {
    return true;
  }

  auto linux_type = (platform.find("linux") != std::string::npos ||
                     platform.find("ubuntu") != std::string::npos ||
                     platform.find("centos") != std::string::npos);
  if (linux_type && isPlatform(PlatformType::TYPE_LINUX)) {
    return true;
  }

  auto posix_type = (platform.find("posix") != std::string::npos);
  if (posix_type && isPlatform(PlatformType::TYPE_POSIX)) {
    return true;
  }

  return (platform.find(kSDKPlatform) != std::string::npos);
}
Ejemplo n.º 13
0
TEST_F(FilesystemLoggerTests, test_log_status) {
  if (isPlatform(PlatformType::TYPE_WINDOWS)) {
    // Cannot test status deterministically on windows.
    return;
  }

  initStatusLogger("osqueryd");
  initLogger("osqueryd");

  LOG(WARNING) << "Filesystem logger test is generating a warning status (1/3)";

  auto status_path = fs::path(FLAGS_logger_path) / "osqueryd.INFO";
  EXPECT_TRUE(osquery::pathExists(status_path));

  std::string content;
  EXPECT_TRUE(readFile(status_path, content));
  auto lines = osquery::split(content, "\n").size();
  EXPECT_EQ(4U, lines);

  LOG(WARNING) << "Filesystem logger test is generating a warning status (2/3)";
  content.clear();
  readFile(status_path, content);
  lines = osquery::split(content, "\n").size();
  EXPECT_EQ(5U, lines);

  auto& rf = RegistryFactory::get();
  auto filesystem_test = std::make_shared<FilesystemTestLoggerPlugin>();
  rf.registry("logger")->add("filesystem_test", filesystem_test);
  EXPECT_TRUE(rf.setActive("logger", "filesystem,filesystem_test").ok());

  LOG(WARNING) << "Filesystem logger test is generating a warning status (3/3)";
  content.clear();
  readFile(status_path, content);
  lines = osquery::split(content, "\n").size();
  EXPECT_EQ(6U, lines);

  relayStatusLogs(true);
  content.clear();
  readFile(status_path, content);
  lines = osquery::split(content, "\n").size();
  EXPECT_EQ(6U, lines);
}
Ejemplo n.º 14
0
void Initializer::initShell() const {
  // Get the caller's home dir for temporary storage/state management.
  auto homedir = osqueryHomeDirectory();
  if (osquery::pathExists(homedir).ok()) {
    // Only apply user/shell-specific paths if not overridden by CLI flag.
    if (Flag::isDefault("database_path")) {
      osquery::FLAGS_database_path =
          (fs::path(homedir) / "shell.db").make_preferred().string();
    }
    if (Flag::isDefault("extensions_socket")) {
      if (isPlatform(PlatformType::TYPE_WINDOWS)) {
        osquery::FLAGS_extensions_socket = "\\\\.\\pipe\\shell.em";
      } else {
        osquery::FLAGS_extensions_socket =
            (fs::path(homedir) / "shell.em").make_preferred().string();
      }
    }
  } else {
    fprintf(
        stderr, "Cannot access or create osquery home: %s", homedir.c_str());
    FLAGS_disable_extensions = true;
    FLAGS_disable_database = true;
  }
}
Ejemplo n.º 15
0
/** Sciaga ze stosu ostatni element na ktorym wykryto kolizje */
short Map::checkColision(const short& Player_x, const short& Player_y,ColisionSide& cSide) {

	pPlayer_x = Player_x;
	pPlayer_y = Player_y;

	/** Pobieranie kolizcji z bonusem badz przeszkoda ( kolizje bez powtorzen )
	 * odlozonej na stos podczas rysowania	 */
	short result = -1;

	if (pColisionStack.size() > 0) {
		Point point = pColisionStack.top();
		pColisionStack.pop();

		short X = point.X;
		short Y = point.Y;

		if (!itWasReturn[X][Y]) {
			itWasReturn[X][Y] = true;
			result = pMap[X][Y];
			if ( isBonus( result ) || isAdditionalBonus( result ) ) {
				drawID->at(X)[Y] = false;
				return result;
			}
		}
	}

	{ /** wykrywanie kolizji z platforma */
		short X = Player_x + 5;
		short Y = Player_y;
		short current_px = -1 * pOffset_X;
		short next_px = current_px + pSize;

		ushort index_x = pos_X;

		// szukanie kolumny w ktorej jest kolizja
		while (!(current_px <= X && next_px > X)) {
			++index_x;
			current_px = next_px;
			next_px += pSize;
		}

		ushort current_py = App::getScreenHeight();
		ushort next_py = current_py - pSize;

		int index_y = pAmountEntityVertical - 1;

		// szukanie wiersza w ktorym jest kolizja od gory
		while (!(current_py >= Y && next_py < Y)) {
			--index_y;
			current_py = next_py;
			next_py -= pSize;
		}

		if (isPlatform(pMap[index_x][index_y]) || isPlatform(pMap[index_x + 1][index_y])) {
			cSide.up = true;
			cSide.pos_Y_px = current_py;
		}

		current_py = App::getScreenHeight();
		next_py = current_py - pSize;

		index_y = pAmountEntityVertical - 1;
		Y = Player_y + pPlayer_sy;

		// szukanie wiersza w ktorym jest kolizja od dolu
		while (!(current_py >= Y && next_py < Y)) {
			--index_y;
			current_py = next_py;
			next_py -= pSize;
		}

		if (isPlatform(pMap[index_x][index_y]) || isPlatform(pMap[index_x + 1][index_y])) {
			cSide.down = true;
			cSide.pos_Y_px = (current_py - 3 * pSize) + 1;
		}

		current_py = App::getScreenHeight();
		next_py = current_py - pSize;

		index_y = pAmountEntityVertical - 1;
		Y = Player_y;

		// szukanie wiersza w ktorym kolizja jest od boku
		while (!( current_py < Y + pPlayer_sy && current_py > Y && next_py < Y + pPlayer_sy && next_py > Y ) ) {
			--index_y;
			current_py = next_py;
			next_py -= pSize;
			if( index_y < 0 ) break;
		}

		if( index_y > 0 && ( isPlatform(pMap[index_x][index_y]) || isPlatform(pMap[index_x + 1][index_y]) )) {

			float halfTiles = current_py - 0.5 * pSize;
			float halfPlayer = pPlayer_y + 0.5 * pPlayer_sy;

			if( halfTiles < halfPlayer ) {
				cSide.up = true;
				cSide.pos_Y_px = current_py;
			}
			else {
				cSide.down = true;
				cSide.pos_Y_px = (current_py - 3 * pSize) + 1;
			}
		}

	} //END ADD

	return (result);
}