Comments (2)
It is not offered by current version of drakplayground, but you can hack current methods to get the injector instance and call read_file
:
*** Welcome to drakrun playground ***
Your VM is now ready and running with internet connection.
You can connect to it using VNC (password can be found in /etc/drakrun/scripts/cfg.template)
Run help() to list available commands.
[2023-09-20 11:46:59,901][DEBUG] Using selector: EpollSelector
In [1]: copy
Out[1]: <bound method DrakmonShell.copy of <drakrun.playground.DrakmonShell object at 0x7f6a52bd8130>>
In [2]: copy.__self__.injector
Out[2]: <drakrun.injector.Injector at 0x7f6a52bd80a0>
In [3]: copy.__self__.injector.read_file("C:\\Windows\\system32\\ntdll.dll", "./ntdll.dll")
Out[3]: CompletedProcess(args=['injector', '-o', 'json', '-d', 'vm-0', '-r', PosixPath('/var/lib/drakrun/profiles/kernel.json'), '-i', '1800', '-k', '0x187000', '-m', 'readfile', '--timeout', '55', '-e', 'C:\\Windows\\system32\\ntdll.dll', '-B', './ntdll.dll'], returncode=0, stdout=b'{"Plugin": "inject", "TimeStamp": "1695203326.029329", "Method": "ReadFile", "Status": "Success", "ProcessName": "C:\\\\Windows\\\\system32\\\\ntdll.dll", "Arguments": "", "InjectedPid": 0, "InjectedTid": 0}\n', stderr=b'DRAKVUF injector v1.1-git20230913113759+b38d7ed-1 Copyright (C) 2014-2023 Tamas K Lengyel\n')
I will leave the issue open as it is good feature request, I'm also missing that option.
from drakvuf-sandbox.
Great idea.
I wrote a method in playground.py as below:
def copy1(self, remote, local): ####################################################
remote = Path(remote)
self.injector.read_file(self.desktop / remote.name, local)
and added it in main() as:
with DrakmonShell(args.vm_id, args.dns) as shell, graceful_exit(
start_dnsmasq(args.vm_id, args.dns)
):
helpers = {
"help": shell.help,
"copy": shell.copy,
"copy1":shell.copy1, #################################
"mount": shell.mount,
"drakvuf": shell.drakvuf,
"vm": shell.vm,
"run": shell.run,
}
Finally, I can copy file from guest using copy1(), like copy1("log.txt", "/home/log.txt"). and it worked as expected!
Thanks.
from drakvuf-sandbox.
Related Issues (20)
- `draksetup` doesn't care if chosen explorer.exe for injection is 32-bit or 64-bit HOT 1
- Xen-hypervisor is not in releases HOT 1
- CI is broken HOT 2
- mac can run ???? HOT 1
- `draksetup postinstall` doesn't work with 32-bit Windows
- injector: Repeat injection in case of failure and add proper exception handling
- install drakcore error ubuntu22.04 HOT 5
- errror
- error
- Guest VM can not get IP via DHCP
- Postinstall airgap PDB HOT 1
- Flaky preflight check
- Unable to analyze HOT 1
- Where is Xen-Hypervisor Release download HOT 2
- Log parsing issue? HOT 1
- Error Occuring while Analyzing Malware samples in Drakvuf Sandbox : "ERROR_VIRUS_INFECTED , ERROR_ELEVATION_REQUIRED" HOT 1
- Web interface: Bucket (minio) unavailable after install HOT 1
- `draksetup postinstall` shows logs about failed inject? HOT 2
- Unexpected exception from create_rekall_profile during postinstall HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from drakvuf-sandbox.