Skip to content

Commit

Permalink
Add SFTP Upload and add field to S3 Upload (Velocidex#785)
Browse files Browse the repository at this point in the history
  • Loading branch information
clayscode authored Dec 3, 2020
1 parent cdd66cf commit 87f75a6
Show file tree
Hide file tree
Showing 6 changed files with 349 additions and 3 deletions.
17 changes: 16 additions & 1 deletion artifacts/definitions/Server/Utils/CreateCollector.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@ parameters:
- ZIP
- GCS
- S3
- SFTP

- name: target_args
description: Type Dependent args
Expand Down Expand Up @@ -143,6 +144,19 @@ parameters:
name=name,
credentials=TargetArgs.GCSKey)
- name: SFTPCollection
type: hidden
default : |
LET upload_file(filename, name, accessor) = upload_sftp(
file=filename,
accessor=accessor,
name=name,
user=TargetArgs.user,
path=TargetArgs.path,
privatekey=TargetArgs.privatekey,
endpoint=TargetArgs.endpoint,
hostkey = TargetArgs.hostkey)
- name: CloudCollection
type: hidden
default: |
Expand Down Expand Up @@ -294,7 +308,8 @@ sources:
a = { SELECT StandardCollection AS Value FROM scope() WHERE target = "ZIP" },
b = { SELECT S3Collection + CloudCollection AS Value FROM scope() WHERE target = "S3" },
c = { SELECT GCSCollection + CloudCollection AS Value FROM scope() WHERE target = "GCS" },
d = { SELECT "" AS Value FROM scope() WHERE log(message="Unknown collection type " + target) }
d = { SELECT SFTPCollection + CloudCollection AS Value FROM scope() WHERE target = "SFTP" },
e = { SELECT "" AS Value FROM scope() WHERE log(message="Unknown collection type " + target) }
)
LET definitions <= SELECT * FROM chain(
Expand Down
1 change: 1 addition & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@ require (
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
github.com/olekukonko/tablewriter v0.0.4
github.com/pkg/errors v0.9.1
github.com/pkg/sftp v1.12.0 // indirect
github.com/pkg/term v0.0.0-20190109203006-aa71e9d9e942 // indirect
github.com/pquerna/cachecontrol v0.0.0-20200921180117-858c6e7e6b7e // indirect
github.com/processout/grpc-go-pool v1.2.1
Expand Down
4 changes: 4 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,8 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8=
github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs=
Expand Down Expand Up @@ -369,6 +371,8 @@ github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/sftp v1.12.0 h1:/f3b24xrDhkhddlaobPe2JgBqfdt+gC/NYl0QY9IOuI=
github.com/pkg/sftp v1.12.0/go.mod h1:fUqqXB5vEgVCZ131L+9say31RAri6aF6KDViawhxKK8=
github.com/pkg/term v0.0.0-20190109203006-aa71e9d9e942 h1:A7GG7zcGjl3jqAqGPmcNjd/D9hzL95SuoOQAaFNdLU0=
github.com/pkg/term v0.0.0-20190109203006-aa71e9d9e942/go.mod h1:eCbImbZ95eXtAUIbLAuAVnBnwf83mjf6QIVH8SHYwqQ=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
Expand Down
94 changes: 94 additions & 0 deletions gui/velociraptor/src/components/flows/offline-collector.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ class OfflineCollectorParameters extends React.Component {
<option value="ZIP">Zip Archive</option>
<option value="GCS">Google Cloud Bucket</option>
<option value="S3">AWS Bucket</option>
<option value="SFTP">SFTP Upload</option>
</Form.Control>
</Col>
</Form.Group>
Expand Down Expand Up @@ -185,7 +186,100 @@ class OfflineCollectorParameters extends React.Component {
/>
</Col>
</Form.Group>

<Form.Group as={Row}>
<Form.Label column sm="3">Skip Cert Verification</Form.Label>
<Col sm="8">
<Form.Control as="select"
value={this.props.parameters.target_args.noverifycert}
onChange={(e) => {
this.props.parameters.target_args.noverifycert = e.target.value;
this.props.setParameters(this.props.parameters);
}}
>
<option value="N">N</option>
<option value="Y">Y</option>
</Form.Control>
</Col>
</Form.Group>



</>
}

{ this.props.parameters.target === "SFTP" && <>
<Form.Group as={Row}>
<Form.Label column sm="3">Upload Path</Form.Label>
<Col sm="8">
<Form.Control as="textarea" rows={3}
placeholder="Upload Path"
value={this.props.parameters.target_args.path}
onChange={e => {
this.props.parameters.target_args.path = e.target.value;
this.props.setParameters(this.props.parameters);
}}
/>
</Col>
</Form.Group>

<Form.Group as={Row}>
<Form.Label column sm="3">Private Key</Form.Label>
<Col sm="8">
<Form.Control as="textarea" rows={3}
placeholder="Private Key"
value={this.props.parameters.target_args.privatekey}
onChange={e => {
this.props.parameters.target_args.privatekey = e.target.value;
this.props.setParameters(this.props.parameters);
}}
/>
</Col>
</Form.Group>

<Form.Group as={Row}>
<Form.Label column sm="3">User</Form.Label>
<Col sm="8">
<Form.Control as="textarea" rows={3}
placeholder="User"
value={this.props.parameters.target_args.user}
onChange={e => {
this.props.parameters.target_args.user = e.target.value;
this.props.setParameters(this.props.parameters);
}}
/>
</Col>
</Form.Group>

<Form.Group as={Row}>
<Form.Label column sm="3">Endpoint</Form.Label>
<Col sm="8">
<Form.Control as="textarea" rows={3}
placeholder="Endpoint"
value={this.props.parameters.target_args.endpoint}
onChange={e => {
this.props.parameters.target_args.endpoint = e.target.value;
this.props.setParameters(this.props.parameters);
}}
/>
</Col>
</Form.Group>

<Form.Group as={Row}>
<Form.Label column sm="3">Host Key</Form.Label>
<Col sm="8">
<Form.Control as="textarea" rows={3}
placeholder="Leave Blank to disable host key checking"
value={this.props.parameters.target_args.hostkey}
onChange={(e) => {
this.props.parameters.target_args.hostkey = e.target.value;
this.props.setParameters(this.props.parameters);
}}
/>
</Col>
</Form.Group>
</>

}

</Form>
Expand Down
13 changes: 11 additions & 2 deletions vql/tools/s3_upload.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,12 @@ func (self *S3UploadFunction) Call(ctx context.Context,
upload_response, err := upload_S3(
sub_ctx, scope, file,
arg.Bucket,
arg.Name, arg.CredentialsKey, arg.CredentialsSecret, arg.Region, arg.Endpoint, arg.NoVerifyCert)
arg.Name,
arg.CredentialsKey,
arg.CredentialsSecret,
arg.Region,
arg.Endpoint,
arg.NoVerifyCert)
if err != nil {
scope.Log("upload_S3: %v", err)
// Relay the error in the UploadResponse
Expand All @@ -97,7 +102,11 @@ func (self *S3UploadFunction) Call(ctx context.Context,
func upload_S3(ctx context.Context, scope *vfilter.Scope,
reader glob.ReadSeekCloser,
bucket, name string,
credentialsKey string, credentialsSecret string, region string, endpoint string, NoVerifyCert bool) (
credentialsKey string,
credentialsSecret string,
region string,
endpoint string,
NoVerifyCert bool) (
*api.UploadResponse, error) {

scope.Log("upload_S3: Uploading %v to %v", name, bucket)
Expand Down
Loading

0 comments on commit 87f75a6

Please sign in to comment.