/* * Function: create_default_fdisk_partition * * Parameters: op - CCIMObjectPath pointer that points to the object path * of the device to fdisk. * * Returns: Returns a CCIMProperty pointer. The CCIMProperty referenced * by the pointer will contain an mValue of cim_true for * success or cim_false on failure. * * Description: Executes the fdisk command on the device pointed to my 'op' * with the -B parameter. * * Notes: The calling program is responsible for releasing the memory * used by the returned CCIMProperty. */ CCIMProperty * create_default_fdisk_partition(CCIMObjectPath *op) { char devpath[MAXPATHLEN]; char err_file[L_tmpnam]; char command_line[CMDLEN]; int len; int error; /* This function is called from Solaris_DiskDrive, not Solaris_Disk. */ if (!check_rights("Solaris_DiskDrive") || op == NULL) { return (create_result(PROPFALSE)); } if (get_devpath(op, devpath, sizeof (devpath)) == cim_false) { util_handleError(INVOKE_METHOD, CIM_ERR_INVALID_PARAMETER, CIM_ERR_FAILED, NULL, &error); return (create_result(PROPFALSE)); } make_fdisk_path(devpath); (void) tmpnam(err_file); /* * Build the fdisk command line. Some combinations of * parameters can cause fdisk to output a message and wait * for a y/n response, echo'ing an 'n' and piping it to * fdisk solves this problem. * * Using the form of fdisk (-F) that takes partition information * from a disk file so that multiple partitions can be created * by one request. */ len = snprintf(command_line, sizeof (command_line), "echo n | /usr/sbin/fdisk -B %s 2> %s", devpath, err_file); if (len < 0 || (len + 1) > sizeof (command_line)) { util_handleError(INVOKE_METHOD, CIM_ERR_FAILED, NULL, NULL, &error); return (create_result(PROPFALSE)); } /* Execute the command. */ if (!execute_cmd(command_line, err_file)) { return (create_result(PROPFALSE)); } return (create_result(PROPTRUE)); }
// send a job for the given assignment // static int send_assigned_job(ASSIGNMENT& asg) { int retval; DB_WORKUNIT wu; char suffix[256], path[MAXPATHLEN]; const char *rtfpath; static bool first=true; static int seqno=0; static R_RSA_PRIVATE_KEY key; BEST_APP_VERSION* bavp; if (first) { first = false; sprintf(path, "%s/upload_private", config.key_dir); retval = read_key_file(path, key); if (retval) { log_messages.printf(MSG_CRITICAL, "can't read key\n"); return -1; } } retval = wu.lookup_id(asg.workunitid); if (retval) { log_messages.printf(MSG_CRITICAL, "assigned WU %d not found\n", asg.workunitid ); return retval; } bavp = get_app_version(wu, false, false); if (!bavp) { log_messages.printf(MSG_CRITICAL, "App version for assigned WU not found\n" ); return ERR_NOT_FOUND; } rtfpath = config.project_path("%s", wu.result_template_file); sprintf(suffix, "%d_%d_%d", getpid(), (int)time(0), seqno++); retval = create_result( wu, const_cast<char*>(rtfpath), suffix, key, config, 0, 0 ); if (retval) { log_messages.printf(MSG_CRITICAL, "[WU#%d %s] create_result(): %s\n", wu.id, wu.name, boincerror(retval) ); return retval; } int result_id = boinc_db.insert_id(); SCHED_DB_RESULT result; retval = result.lookup_id(result_id); add_result_to_reply(result, wu, bavp, false); if (config.debug_assignment) { log_messages.printf(MSG_NORMAL, "[assign] [WU#%d] [RESULT#%d] [HOST#%d] send assignment %d\n", wu.id, result_id, g_reply->host.id, asg.id ); } return 0; }
bool recipe::hot_result() const { // Check if the recipe tools make this food item hot upon making it. // We don't actually know which specific tool the player used/will use here, but // we're checking for a class of tools; because of the way requirements // processing works, the "surface_heat" id gets nuked into an actual // list of tools, see data/json/recipes/cooking_tools.json. // // Currently it's only checking for a hotplate because that's a // suitable item in both the "surface_heat" and "water_boiling_heat" // tools, and it's usually the first item in a list of tools so if this // does get heated we'll find it right away. // // TODO: Make this less of a hack if( create_result().is_food() ) { const requirement_data::alter_tool_comp_vector &tool_lists = requirements().get_tools(); for( const std::vector<tool_comp> &tools : tool_lists ) { for( const tool_comp &t : tools ) { if( t.type == "hotplate" ) { return true; } } } } return false; }
const std::function<bool( const item & )> recipe::get_component_filter() const { const item result = create_result(); // Disallow crafting of non-perishables with rotten components // Make an exception for seeds // TODO: move seed extraction recipes to uncraft std::function<bool( const item & )> rotten_filter = return_true<item>; if( result.is_food() && !result.goes_bad() && !has_flag( "ALLOW_ROTTEN" ) ) { rotten_filter = []( const item & component ) { return !component.rotten(); }; } // If the result is made hot, we can allow frozen components. // EDIBLE_FROZEN components ( e.g. flour, chocolate ) are allowed as well // Otherwise forbid them std::function<bool( const item & )> frozen_filter = return_true<item>; if( result.is_food() && !hot_result() ) { frozen_filter = []( const item & component ) { return !component.has_flag( "FROZEN" ) || component.has_flag( "EDIBLE_FROZEN" ); }; } return [ rotten_filter, frozen_filter ]( const item & component ) { return is_crafting_component( component ) && rotten_filter( component ) && frozen_filter( component ); }; }
std::vector<item> recipe::create_results( int batch ) const { std::vector<item> items; const bool by_charges = item::count_by_charges( result_ ); if( contained || !by_charges ) { // by_charges items get their charges multiplied in create_result const int num_results = by_charges ? batch : batch * result_mult; for( int i = 0; i < num_results; i++ ) { item newit = create_result(); items.push_back( newit ); } } else { item newit = create_result(); newit.charges *= batch; items.push_back( newit ); } return items; }
static t_result *new_result(t_result *r, t_tetrim *t, t_result *res) { int size; size = r->size; free(r); if (t->index == 'A' && !res) { r = create_result(); r->size = size + 1; res = algo_result(r, t, res); } return (res); }
pResult analyze(const mana::PE& pe) override { pResult res = create_result(); check_functions(pe, dynamic_import, NO_OPINION, "[!] The program may be hiding some of its imports", AT_LEAST_TWO, res); check_functions(pe, anti_debug, SUSPICIOUS, "Functions which can be used for anti-debugging purposes", AT_LEAST_ONE, res); check_functions(pe, vanilla_injection, MALICIOUS, "Code injection capabilities", AT_LEAST_THREE, res); check_functions(pe, "", NO_OPINION, "Can access the registry", AT_LEAST_ONE, res); check_functions(pe, process_creation_api, NO_OPINION, "Possibly launches other programs", AT_LEAST_ONE, res); check_functions(pe, "(Nt|Zw)(.*)", SUSPICIOUS, "Uses Windows' Native API", AT_LEAST_TWO, res); check_functions(pe, "Crypt(.*)", NO_OPINION, "Uses Microsoft's cryptographic API", AT_LEAST_ONE, res); check_functions(pe, temporary_files, NO_OPINION, "Can create temporary files", AT_LEAST_TWO, res); check_functions(pe, "Wlx(.*)", MALICIOUS, "Possibly attempts GINA replacement", AT_LEAST_THREE, res); check_functions(pe, keylogger_api, MALICIOUS, "Uses functions commonly found in keyloggers", AT_LEAST_TWO, res); check_functions(pe, packer_api, SUSPICIOUS, "Memory manipulation functions often used by packers", AT_LEAST_TWO, res); check_functions(pe, raw_socket_api, SUSPICIOUS, "Leverages the raw socket API to access the Internet", AT_LEAST_ONE, res); check_functions(pe, wininet_api, NO_OPINION, "Has Internet access capabilities", AT_LEAST_ONE, res); check_functions(pe, privilege_api, MALICIOUS, "Functions related to the privilege level", AT_LEAST_ONE, res); check_functions(pe, service_manipulation_api, SUSPICIOUS, "Interacts with services", AT_LEAST_ONE, res); check_functions(pe, hdd_enumeration, NO_OPINION, "Enumerates local disk drives", AT_LEAST_ONE, res); check_functions(pe, driver_enumeration, SUSPICIOUS, "Enumerates drivers present on the system", AT_LEAST_ONE, res); check_functions(pe, process_manipulation_api, SUSPICIOUS, "Manipulates other processes", AT_LEAST_ONE, res); check_functions(pe, eventlog_deletion, MALICIOUS, "Deletes entries from the event log", AT_LEAST_ONE, res); check_functions(pe, dacl_api, SUSPICIOUS, "Changes object ACLs", AT_LEAST_ONE, res); check_functions(pe, screenshot_api, SUSPICIOUS, "Can take screenshots", AT_LEAST_TWO, res); check_functions(pe, audio_api, SUSPICIOUS, "Can use the microphone to record audio.", AT_LEAST_ONE, res); check_functions(pe, networking_api, SUSPICIOUS, "Modifies the network configuration", AT_LEAST_ONE, res); check_functions(pe, "GetClipboardData", NO_OPINION, "Reads the contents of the clipboard", AT_LEAST_ONE, res); check_functions(pe, "IsUserAnAdmin", NO_OPINION, "Checks if it has admin rights", AT_LEAST_ONE, res); check_functions(pe, "Cert(Add|Open|Register|Remove|Save|Srv|Store)(.*)", SUSPICIOUS, "Interacts with the certificate store", AT_LEAST_ONE, res); check_functions(pe, shutdown_functions, NO_OPINION, "Can shut the system down or lock the screen", AT_LEAST_ONE, res); switch (res->get_level()) { case NO_OPINION: if (res->get_information() && res->get_information()->size() > 0) { res->set_summary("The PE contains common functions which appear in legitimate applications."); } break; case SUSPICIOUS: res->set_summary("The PE contains functions most legitimate programs don't use."); break; case MALICIOUS: res->set_summary("The PE contains functions mostly used by malwares."); break; default: break; } return res; }
CCIMProperty * create_filesystem(CCIMObjectPath *op) { char devpath[MAXPATHLEN]; char command_line[CMDLEN]; int len; int error; /* check to make sure caller has admin write rights */ if (!check_rights("Solaris_DiskPartition")) { return (create_result(PROPFALSE)); } if (get_devpath(op, devpath, sizeof (devpath)) == cim_false) { util_handleError(INVOKE_METHOD, CIM_ERR_INVALID_PARAMETER, NULL, NULL, &error); return (create_result(PROPFALSE)); } /* Create 'newfs' command line */ len = snprintf(command_line, sizeof (command_line), "echo y | /usr/sbin/newfs %s 2>/dev/null", devpath); if (len < 0 || (len + 1) > sizeof (command_line)) { util_handleError(INVOKE_METHOD, CIM_ERR_FAILED, CIM_ERR_FAILED, NULL, &error); return (create_result(PROPFALSE)); } /* Execute the command. */ if (!execute_cmd(command_line, "/dev/null")) { return (create_result(PROPFALSE)); } return (create_result(PROPTRUE)); }
/* * Function: writeVolumeName * * Parameters: params - CCIMPropertyList pointer. Property list * containing the new disk label name. * op - CCIMObjectPath pointer. Object path containing * the deviceId of the disk to label. * * Returns: Returns a CCIMProperty pointer. The CCIMProperty referenced * by the pointer will contain an mValue of cim_true for * success or cim_false on failure. * * Description: Executes the fmthard -n volume_name command on the device * pointed to by 'op'. */ CCIMProperty * label_disk(CCIMPropertyList *params, CCIMObjectPath *op) { char devpath[MAXPATHLEN]; char command_line[CMDLEN]; int len; cimchar *label; int error; if (!check_rights("Solaris_Disk") || op == NULL || params == NULL) { return (create_result(PROPFALSE)); } if (get_devpath(op, devpath, sizeof (devpath)) == cim_false) { util_handleError(INVOKE_METHOD, CIM_ERR_INVALID_PARAMETER, NULL, NULL, &error); return (create_result(PROPFALSE)); } /* Extract the label from the input parameters */ if ((label = get_prop_val(params->mDataObject)) == NULL) { return (create_result(PROPFALSE)); } if (strlen(label) > 8) { util_handleError(INVOKE_METHOD, CIM_ERR_INVALID_PARAMETER, NULL, NULL, &error); return (create_result(PROPFALSE)); } /* Build the command line to execute */ len = snprintf(command_line, sizeof (command_line), "/usr/sbin/fmthard -n '%s' %s 2> /dev/null", label, devpath); if (len < 0 || (len + 1) > sizeof (command_line)) { util_handleError(INVOKE_METHOD, CIM_ERR_INVALID_PARAMETER, NULL, NULL, &error); return (create_result(PROPFALSE)); } /* Execute the command. */ if (!execute_cmd(command_line, "/dev/null")) { return (create_result(PROPFALSE)); } return (create_result(PROPTRUE)); }
CCIMProperty * create_partitions(CCIMPropertyList *params, CCIMObjectPath *op) { char devpath[MAXPATHLEN]; char fmt_file[L_tmpnam]; char command_line[CMDLEN]; int len; int error; if (!check_rights("Solaris_Disk") || op == NULL || params == NULL) { return (create_result(PROPFALSE)); } if (get_devpath(op, devpath, sizeof (devpath)) == cim_false) { util_handleError(INVOKE_METHOD, CIM_ERR_INVALID_PARAMETER, NULL, NULL, &error); return (create_result(PROPFALSE)); } /* Create a format data file to be used by the fmthard command. */ if (build_fmt_file(fmt_file, params) == cim_false) { /* last error is set in build_fmt_file function */ util_removeFile(fmt_file); return (create_result(PROPFALSE)); } /* Create 'fmthard' command line */ len = snprintf(command_line, sizeof (command_line), "/usr/sbin/fmthard -s %s %s 2> /dev/null", fmt_file, devpath); if (len < 0 || (len + 1) > sizeof (command_line)) { util_handleError(INVOKE_METHOD, CIM_ERR_FAILED, CIM_ERR_FAILED, NULL, &error); util_removeFile(fmt_file); return (create_result(PROPFALSE)); } /* Execute the command. */ if (!execute_cmd(command_line, "/dev/null")) { util_removeFile(fmt_file); return (create_result(PROPFALSE)); } util_removeFile(fmt_file); return (create_result(PROPTRUE)); }
static CCIMProperty * create_result_out(char *status, CCIMPropertyList *outParams) { if (strcmp(status, PROPFALSE) == 0) { /* We have to put something in the out params when we fail. */ ulong_t dummy [] = {0}; int error; char *array_str; CCIMProperty *p; if ((array_str = cim_encodeUint32Array(dummy, 1)) == NULL) { util_handleError(DISK_DRIVE, CIM_ERR_FAILED, CIM_ERR_FAILED, NULL, &error); } else if ((p = cim_createProperty("FDiskPartitions", sint32_array, array_str, NULL, cim_false)) == NULL) { free(array_str); } else if ((cim_addPropertyToPropertyList(outParams, p)) == NULL) { cim_freeProperty(p); } } return (create_result(status)); }
CCIMProperty * get_disk_geometry(CCIMPropertyList *out, CCIMObjectPath *op) { CCIMProperty *prop = NULL; CCIMPropertyList *prop_list = NULL; ulong_t geometry[NUM_GEOM_ELEMENTS]; char *array_str; int error; /* * Don't use get_devpath since we are going through the API. * Parse the object path to get the media name to pass in. */ if (op != NULL) { prop_list = op->mKeyProperties; } for (; prop_list; prop_list = prop_list->mNext) { if (((prop = prop_list->mDataObject) != NULL && prop->mName != NULL && strcasecmp(prop->mName, "Tag")) == 0) { break; } } if (prop == NULL || prop->mValue == NULL) { return (create_result(PROPFALSE)); } cim_logDebug("get_disk_geometry", "%s", prop->mValue); error = disk_geometry(prop->mValue, geometry); if (error != 0) { /* We have to put something in the out params when we fail. */ ulong_t dummy [] = {0}; char *array_str; CCIMProperty *p; cim_logDebug("get_disk_geometry", "disk_geometry failed"); if ((array_str = cim_encodeUint32Array(dummy, 1)) == NULL) { util_handleError(DISK_DRIVE, CIM_ERR_FAILED, CIM_ERR_FAILED, NULL, &error); } else if ((p = cim_createProperty("geometry", sint32_array, array_str, NULL, cim_false)) == NULL) { free(array_str); } else if ((cim_addPropertyToPropertyList(out, p)) == NULL) { cim_freeProperty(p); } return (create_result(PROPFALSE)); } array_str = cim_encodeUint32Array(geometry, NUM_GEOM_ELEMENTS); if (array_str == NULL) { util_handleError(DISK_DRIVE, CIM_ERR_FAILED, CIM_ERR_FAILED, NULL, &error); return (create_result(PROPFALSE)); } if ((prop = cim_createProperty("geometry", sint32_array, array_str, NULL, cim_false)) == NULL) { free(array_str); return (create_result(PROPFALSE)); } if ((cim_addPropertyToPropertyList(out, prop)) == NULL) { cim_freeProperty(prop); return (create_result(PROPFALSE)); } return (create_result(PROPTRUE)); }
static int send_assigned_job(ASSIGNMENT& asg) { int retval; DB_WORKUNIT wu; char suffix[256], path[256], buf[256]; const char *rtfpath; static bool first=true; static int seqno=0; static R_RSA_PRIVATE_KEY key; BEST_APP_VERSION* bavp; if (first) { first = false; sprintf(path, "%s/upload_private", config.key_dir); retval = read_key_file(path, key); if (retval) { log_messages.printf(MSG_CRITICAL, "can't read key\n"); return -1; } } retval = wu.lookup_id(asg.workunitid); if (retval) { log_messages.printf(MSG_CRITICAL, "assigned WU %d not found\n", asg.workunitid ); return retval; } bavp = get_app_version(wu); if (!bavp) { log_messages.printf(MSG_CRITICAL, "App version for assigned WU not found\n" ); return ERR_NOT_FOUND; } rtfpath = config.project_path("%s", wu.result_template_file); sprintf(suffix, "%d_%d_%d", getpid(), (int)time(0), seqno++); retval = create_result(wu, (char *)rtfpath, suffix, key, config, 0, 0); if (retval) { log_messages.printf(MSG_CRITICAL, "[WU#%d %s] create_result() %d\n", wu.id, wu.name, retval ); return retval; } int result_id = boinc_db.insert_id(); DB_RESULT result; retval = result.lookup_id(result_id); add_result_to_reply(result, wu, bavp, false); // if this is a one-job assignment, fill in assignment.resultid // so that it doesn't get sent again // if (!asg.multi && asg.target_type!=ASSIGN_NONE) { DB_ASSIGNMENT db_asg; db_asg.id = asg.id; sprintf(buf, "resultid=%d", result_id); retval = db_asg.update_field(buf); if (retval) { log_messages.printf(MSG_CRITICAL, "assign update failed: %d\n", retval ); return retval; } asg.resultid = result_id; } if (config.debug_assignment) { log_messages.printf(MSG_NORMAL, "[assign] [WU#%d] [RESULT#%d] [HOST#%d] send assignment %d\n", wu.id, result_id, g_reply->host.id, asg.id ); } return 0; }
pResult analyze(const mana::PE& pe) override { pResult res = create_result(); auto ioh = pe.get_image_optional_header(); if (!ioh) { return res; } auto characteristics = *nt::translate_to_flags(ioh->DllCharacteristics, nt::DLL_CHARACTERISTICS); auto config = pe.get_config(); if (config) { // /GS if (config->SecurityCookie != 0) { res->add_information("Stack Canary", "enabled"); } else { res->add_information("Stack Canary", "disabled"); } } else { // Actually, this may not be absolutely true. Some very old binaries may still have /GS enabled. // Add a Yara rule to detect the stack cookie's default value? res->add_information("Stack Canary", "disabled"); } // SafeSEH if (std::find(characteristics.begin(), characteristics.end(), "IMAGE_DLLCHARACTERISTICS_NO_SEH") != characteristics.end() || !config) { res->add_information("SafeSEH", "disabled"); } else { std::stringstream ss; ss << "enabled (" << config->SEHandlerCount << " registered handler" << (config->SEHandlerCount == 1 ? "" : "s") << ")"; res->add_information("SafeSEH", ss.str()); } // ASLR if (std::find(characteristics.begin(), characteristics.end(), "IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE") != characteristics.end()) { res->add_information("ASLR", "enabled"); } else { res->add_information("ASLR", "disabled"); } // DEP if (std::find(characteristics.begin(), characteristics.end(), "IMAGE_DLLCHARACTERISTICS_NX_COMPAT") != characteristics.end()) { res->add_information("DEP", "enabled"); } else { res->add_information("DEP", "disabled"); } if (res->get_information()->size() > 0) { res->set_summary("The following exploit mitigation techniques have been detected"); } return res; }
//get new_rectangle information RESULT *dpm_ttic_gpu_get_new_rects(IplImage *Image,GPUModel *MO,FLOAT *boxes,int *NUM) { const int *numpart = MO->MI->numpart; const int GL = (numpart[0]+1)*4+3; const FLOAT ratio = MO->MI->ratio; int LL = GL-3; FLOAT **x1 = MO->MI->x1; FLOAT **x2 = MO->MI->x2; FLOAT **y1 = MO->MI->y1; FLOAT **y2 = MO->MI->y2; int ML = 1+2*(1+numpart[0]); RESULT *CUR =create_result(*NUM); //no_rectangle was detected if(*NUM==0) return(CUR); FLOAT *Avec = (FLOAT *)calloc(ML,sizeof(FLOAT)); for(int ii=0;ii<*NUM;ii++) { FLOAT *P = boxes+GL*ii; FLOAT *Avec_T = Avec; int CNUM = (int)(*(P+GL-3)); int PP[4]; *(Avec_T++)=P[3]-P[1]; for(int kk=0;kk<LL;kk+=4) { *(Avec_T++)=*(P+kk+1); *(Avec_T++)=*(P+kk); } FLOAT XP1=0,XP2=0,YP1=0,YP2=0; Avec_T = Avec; FLOAT *x1_T = x1[CNUM]; FLOAT *x2_T = x2[CNUM]; FLOAT *y1_T = y1[CNUM]; FLOAT *y2_T = y2[CNUM]; //get rectangle coodinate (by linear-method) for(int kk=0;kk<ML;kk++) { YP1 += *Avec_T*(*(y1_T++)); YP2 += *Avec_T*(*(y2_T++)); XP1 += *Avec_T*(*(x1_T++)); XP2 += *Avec_T*(*(x2_T++)); Avec_T++; } //save result if(XP1>0) {PP[0]=(int)XP1;} else {PP[0]=0;} if(YP1>0) {PP[1]=(int)YP1;} else {PP[1]=0;} if(XP2<Image->width){PP[2]=(int)XP2;} else {PP[2]=Image->width;} if(YP2<Image->height) {PP[3]=(int)YP2;} else {PP[3]=Image->height;} //memcpy_s(CUR->point+ii*4,4*sizeof(int),PP,4*sizeof(int)); memcpy(CUR->point+ii*4, PP,4*sizeof(int)); CUR->scale[ii]=*(P+GL-1); CUR->score[ii]=*(P+GL-2); CUR->type[ii] = CNUM; //calculate image coodinate for ORIGINAL-scale-image[640x480] int *OPP = CUR->OR_point+ii*4; OPP[0] = (int)((FLOAT)PP[0]/ratio); OPP[1] = (int)((FLOAT)PP[1]/ratio); OPP[2] = (int)((FLOAT)PP[2]/ratio); OPP[3] = (int)((FLOAT)PP[3]/ratio); #ifdef PRINT_INFO printf("scale:%f score:%f type:%d\n",CUR->scale[ii],CUR->score[ii],CUR->type[ii]); #endif } free(Avec); return(CUR); }