How to use the turbinia.lib.text_formatter function in turbinia

To help you get started, we’ve selected a few turbinia examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github google / turbinia / turbinia / workers / bulk_extractor.py View on Github external
fmt.bullet(
              'Program: {0} - {1}'.format(
                  self.check_xml_attrib('creator/program'),
                  self.check_xml_attrib('creator/version'))))
      findings.append(
          fmt.bullet(
              'Command Line: {0}'.format(
                  self.check_xml_attrib(
                      'creator/execution_environment/command_line'))))
      findings.append(
          fmt.bullet(
              'Start Time: {0}'.format(
                  self.check_xml_attrib(
                      'creator/execution_environment/start_time'))))
      findings.append(
          fmt.bullet(
              'Elapsed Time: {0}'.format(
                  self.check_xml_attrib('report/elapsed_seconds'))))

      # Retrieve results from each of the scanner runs
      feature_files = self.xml.find('feature_files')
      if feature_files is not None:
        feature_iter = feature_files.iter()
        findings.append(fmt.heading5('Scanner Results'))
        for f in feature_iter:
          if f.tag == 'feature_file':
            name = next(feature_iter)
            count = next(feature_iter)
            findings.append(fmt.bullet('{0}:{1}'.format(name.text, count.text)))
            features_count += int(count.text)
      else:
        findings.append(fmt.heading5("There are no findings to report."))
github google / turbinia / turbinia / workers / analysis / wordpress.py View on Github external
if match:
        line = '{0:s}: Wordpress theme editor edited file ({1:s})'.format(
            self._get_timestamp(log_line), match.group('edited_file'))
        report.append(fmt.bullet(line))
        findings_summary.add('theme_edit')

    if report:
      findings_summary = ', '.join(sorted(list(findings_summary)))
      summary = 'Wordpress access logs found ({0:s})'.format(findings_summary)

      report.insert(0, fmt.heading4(fmt.bold(summary)))
      report_text = '\n'.join(report)
      return (report_text, Priority.HIGH, summary)

    report_text = 'No Wordpress install or theme editing found in access logs'
    return (fmt.heading4(report_text), Priority.LOW, report_text)
github google / turbinia / turbinia / workers / bulk_extractor.py View on Github external
features_count = 0
    report_path = os.path.join(output_file_path, 'report.xml')

    # Check if report.xml was not generated by bulk extractor.
    if not os.path.exists(report_path):
      report = 'Execution successful, but the report is not available.'
      return (report, report)

    # Parse existing XML file.
    self.xml = xml_tree.parse(report_path)

    # Place in try/except statement to continue execution when
    # an attribute is not found and NoneType is returned.
    try:
      # Retrieve summary related results.
      findings.append(fmt.heading4('Bulk Extractor Results'))
      findings.append(fmt.heading5('Run Summary'))
      findings.append(
          fmt.bullet(
              'Program: {0} - {1}'.format(
                  self.check_xml_attrib('creator/program'),
                  self.check_xml_attrib('creator/version'))))
      findings.append(
          fmt.bullet(
              'Command Line: {0}'.format(
                  self.check_xml_attrib(
                      'creator/execution_environment/command_line'))))
      findings.append(
          fmt.bullet(
              'Start Time: {0}'.format(
                  self.check_xml_attrib(
                      'creator/execution_environment/start_time'))))
github google / turbinia / turbinia / workers / analysis / jenkins.py View on Github external
priority = Priority.LOW
    credentials_registry = {hash: username for username, hash in credentials}
    # TODO: Add timeout parameter when dynamic configuration is ready.
    # Ref: https://github.com/google/turbinia/issues/244
    weak_passwords = bruteforce_password_hashes(credentials_registry.keys())

    if not version:
      version = 'Unknown'
    report.append(fmt.bullet('Jenkins version: {0:s}'.format(version)))

    if weak_passwords:
      priority = Priority.CRITICAL
      summary = 'Jenkins analysis found potential issues'
      report.insert(0, fmt.heading4(fmt.bold(summary)))
      line = '{0:n} weak password(s) found:'.format(len(weak_passwords))
      report.append(fmt.bullet(fmt.bold(line)))
      for password_hash, plaintext in weak_passwords:
        line = 'User "{0:s}" with password "{1:s}"'.format(
            credentials_registry.get(password_hash), plaintext)
        report.append(fmt.bullet(line, level=2))
    elif credentials_registry or version != 'Unknown':
      summary = (
          'Jenkins version {0:s} found with {1:d} credentials, but no issues '
          'detected'.format(version, len(credentials_registry)))
      report.insert(0, fmt.heading4(summary))
      priority = Priority.MEDIUM
    else:
      summary = 'No Jenkins instance found'
      report.insert(0, fmt.heading4(summary))

    report = '\n'.join(report)
    return (report, priority, summary)
github google / turbinia / turbinia / workers / tomcat.py View on Github external
'(^.*Deploying web application archive.*)', re.MULTILINE)
    tomcat_manager_activity_re = re.compile(
        '(^.*POST /manager/html/upload.*)', re.MULTILINE)

    count = 0
    for password_entry in re.findall(tomcat_user_passwords_re, tomcat_file):
      findings.append(fmt.bullet('Tomcat user: ' + password_entry.strip()))
      count += 1

    for deployment_entry in re.findall(tomcat_deploy_re, tomcat_file):
      findings.append(
          fmt.bullet('Tomcat App Deployed: ' + deployment_entry.strip()))
      count += 1

    for mgmt_entry in re.findall(tomcat_manager_activity_re, tomcat_file):
      findings.append(fmt.bullet('Tomcat Management: ' + mgmt_entry.strip()))
      count += 1

    if findings:
      msg = 'Tomcat analysis found {0:d} results'.format(count)
      findings.insert(0, fmt.heading4(fmt.bold(msg)))
      report = '\n'.join(findings)
      return (report, Priority.HIGH, msg)

    report = 'No Tomcat findings to report'
    return (report, Priority.LOW, report)
github google / turbinia / turbinia / client.py View on Github external
def format_task_detail(self, task, show_files=False):
    """Formats a single task in detail.

    Args:
      task (dict): The task to format data for
      show_files (bool): Whether we want to print out log file paths

    Returns:
      list: Formatted task data
    """
    report = []
    saved_paths = task.get('saved_paths') or []
    status = task.get('status') or 'No task status'

    report.append(fmt.heading2(task.get('name')))
    line = '{0:s} {1:s}'.format(fmt.bold('Status:'), status)
    report.append(fmt.bullet(line))
    report.append(fmt.bullet('Task Id: {0:s}'.format(task.get('id'))))
    report.append(
        fmt.bullet('Executed on worker {0:s}'.format(task.get('worker_name'))))
    if task.get('report_data'):
      report.append('')
      report.append(fmt.heading3('Task Reported Data'))
      report.extend(task.get('report_data').splitlines())
    if show_files:
      report.append('')
      report.append(fmt.heading3('Saved Task Files:'))
      for path in saved_paths:
        report.append(fmt.bullet(fmt.code(path)))
      report.append('')
    return report
github google / turbinia / turbinia / workers / analysis / jenkins.py View on Github external
report_text(str): The report data
        report_priority(int): The priority of the report (0 - 100)
        summary(str): A summary of the report (used for task status)
      )
    """
    report = []
    summary = ''
    priority = Priority.LOW
    credentials_registry = {hash: username for username, hash in credentials}
    # TODO: Add timeout parameter when dynamic configuration is ready.
    # Ref: https://github.com/google/turbinia/issues/244
    weak_passwords = bruteforce_password_hashes(credentials_registry.keys())

    if not version:
      version = 'Unknown'
    report.append(fmt.bullet('Jenkins version: {0:s}'.format(version)))

    if weak_passwords:
      priority = Priority.CRITICAL
      summary = 'Jenkins analysis found potential issues'
      report.insert(0, fmt.heading4(fmt.bold(summary)))
      line = '{0:n} weak password(s) found:'.format(len(weak_passwords))
      report.append(fmt.bullet(fmt.bold(line)))
      for password_hash, plaintext in weak_passwords:
        line = 'User "{0:s}" with password "{1:s}"'.format(
            credentials_registry.get(password_hash), plaintext)
        report.append(fmt.bullet(line, level=2))
    elif credentials_registry or version != 'Unknown':
      summary = (
          'Jenkins version {0:s} found with {1:d} credentials, but no issues '
          'detected'.format(version, len(credentials_registry)))
      report.insert(0, fmt.heading4(summary))
github google / turbinia / turbinia / client.py View on Github external
"""Formats a single task in short form.

    Args:
      task (dict): The task to format data for
      show_files (bool): Whether we want to print out log file paths

    Returns:
      list: Formatted task data
    """
    report = []
    saved_paths = task.get('saved_paths') or []
    status = task.get('status') or 'No task status'
    report.append(fmt.bullet('{0:s}: {1:s}'.format(task.get('name'), status)))
    if show_files:
      for path in saved_paths:
        report.append(fmt.bullet(fmt.code(path), level=2))
      report.append('')
    return report