admin/RmEye
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3475c90afecf48b78351d16fa085d23eb42cdf2b
RmEye/Server/plugin.py
huoji 3475c90afe init
2022-08-22 20:14:03 +08:00

112 lines
4.6 KiB
Python
Raw Blame History

from imp import find_module, load_module
import global_vars
import sys
import os
def reload_plugs():
for index in range(len(global_vars.g_plugs)):
_, plug_obj = global_vars.g_plugs[index]
del sys.modules[plug_obj.__name__]
del plug_obj
global_vars.g_plugs = walk_path_get_plugs(
global_vars.PLUGS_PATH)
def walk_path_get_plugs(pPath):
plugs = []
for root, dirs, files in os.walk(pPath):
for file in files:
if file.endswith(".py"):
module_name = file[:-3]
plugs_path = os.path.join(root, file)
if module_name not in sys.modules:
file_handle, file_path, dect = find_module(
module_name, [root])
try:
print("load module:", module_name)
module_obj = load_module(
module_name, file_handle, file_path, dect)
print("load module_obj:", module_obj)
if hasattr(module_obj, "rm_plugs_config") == False \
or hasattr(module_obj, "plugin_init") == False \
or 'author' not in module_obj.rm_plugs_config.keys() \
or 'description' not in module_obj.rm_plugs_config.keys() \
or 'version' not in module_obj.rm_plugs_config.keys() \
or "enable" in module_obj.rm_plugs_config.keys() and module_obj.rm_plugs_config['enable'] == False:
del module_obj
del sys.modules[module_name]
continue
print('----------------------------------')
print('加载模块: {} 模块作者: {} 模块介绍: {} 版本: {}'.format(
module_name, module_obj.rm_plugs_config['author'], module_obj.rm_plugs_config['description'], module_obj.rm_plugs_config['version']))
plugs.append((plugs_path, module_obj))
module_obj.plugin_init()
finally:
if file_handle:
file_handle.close()
return plugs
def dispath_process_terminal(host, current_process, raw_log_data, json_log_data):
for index in range(len(global_vars.g_plugs)):
_, plug_obj = global_vars.g_plugs[index]
if hasattr(plug_obj, "process_terminal"):
plug_obj.process_terminal(
current_process, host, raw_log_data, json_log_data)
def dispath_rule_new_process_create(host, current_process, raw_log_data, json_log_data):
threat_type = global_vars.THREAT_TYPE_NONE
for index in range(len(global_vars.g_plugs)):
_, plug_obj = global_vars.g_plugs[index]
if hasattr(plug_obj, "rule_new_process_create"):
if threat_type == global_vars.THREAT_TYPE_NONE:
threat_type = plug_obj.rule_new_process_create(
current_process, host, raw_log_data, json_log_data)
else:
plug_obj.rule_new_process_create(
current_process, host, raw_log_data, json_log_data)
return threat_type
def dispath_rule_new_process_action(host, current_process, raw_log_data, json_log_data):
threat_type = global_vars.THREAT_TYPE_NONE
for index in range(len(global_vars.g_plugs)):
_, plug_obj = global_vars.g_plugs[index]
if hasattr(plug_obj, "rule_new_process_action"):
if threat_type == global_vars.THREAT_TYPE_NONE:
threat_type = plug_obj.rule_new_process_action(
current_process, host, raw_log_data, json_log_data)
else:
plug_obj.rule_new_process_action(
current_process, host, raw_log_data, json_log_data)
return threat_type
def dispath_rule_init():
for index in range(len(global_vars.g_plugs)):
_, plug_obj = global_vars.g_plugs[index]
if hasattr(plug_obj, "rule_init"):
plug_obj.rule_init()
# 有性能问题,以后再说
def dispath_html_menu():
plugin_menu = []
for index in range(len(global_vars.g_plugs)):
_, plug_obj = global_vars.g_plugs[index]
if hasattr(plug_obj, "html_menu"):
plugin_menu.append(plug_obj.html_menu())
return plugin_menu
def dispath_html_draw(name):
for index in range(len(global_vars.g_plugs)):
_, plug_obj = global_vars.g_plugs[index]
if hasattr(plug_obj, "html_draw"):
if plug_obj.rm_plugs_config['html'] == name:
return plug_obj.html_draw()
return 'Access Denied '
Reference in New Issue View Git Blame Copy Permalink