Package modules :: Package packages :: Module applet
[hide private]
[frames] | no frames]

Source Code for Module modules.packages.applet

 1  # Copyright (C) 2010-2014 Cuckoo Foundation. 
 2  # This file is part of Cuckoo Sandbox - http://www.cuckoosandbox.org 
 3  # See the file 'docs/LICENSE' for copying permission. 
 4   
 5  import os 
 6  import string 
 7  import random 
 8   
 9  from lib.common.abstracts import Package 
10  from lib.api.process import Process 
11  from lib.common.exceptions import CuckooPackageError 
12   
13 -class Applet(Package):
14 """Java Applet analysis package.""" 15
16 - def get_path(self):
17 prog_files = os.getenv("ProgramFiles") 18 paths = [ 19 os.path.join(prog_files, "Mozilla Firefox", "firefox.exe"), 20 os.path.join(prog_files, "Internet Explorer", "iexplore.exe"), 21 ] 22 23 for path in paths: 24 if os.path.exists(path): 25 return path 26 27 return None
28
29 - def make_html(self, path, class_name):
30 html = "<html>" 31 html += "<body>" 32 html += "<applet archive=\"%s\" code=\"%s\" width=\"1\" height=\"1\">" % (path, class_name) 33 html += "</applet>" 34 html += "</body>" 35 html += "</html>" 36 37 file_name = "".join(random.choice(string.ascii_lowercase) for x in range(6)) + ".html" 38 file_path = os.path.join(os.getenv("TEMP"), file_name) 39 with open(file_path, "w") as file_handle: 40 file_handle.write(html) 41 42 return file_path
43
44 - def start(self, path):
45 browser = self.get_path() 46 if not browser: 47 raise CuckooPackageError("Unable to find any browser " 48 "executable available") 49 50 dll = self.options.get("dll", None) 51 free = self.options.get("free", False) 52 class_name = self.options.get("class", None) 53 suspended = True 54 if free: 55 suspended = False 56 57 html_path = self.make_html(path, class_name) 58 59 p = Process() 60 if not p.execute(path=browser, args="\"%s\"" % html_path, suspended=suspended): 61 raise CuckooPackageError("Unable to execute initial Internet " 62 "Explorer process, analysis aborted") 63 64 if not free and suspended: 65 p.inject(dll) 66 p.resume() 67 return p.pid 68 else: 69 return None
70
71 - def check(self):
72 return True
73
74 - def finish(self):
75 if self.options.get("procmemdump", False): 76 for pid in self.pids: 77 p = Process(pid=pid) 78 p.dump_memory() 79 80 return True
81