How to use the turbinia.lib.text_formatter.bullet function in turbinia
To help you get started, we’ve selected a few turbinia examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
google / turbinia / turbinia / workers / analysis / wordpress.py View on Github 
report = []
findings_summary = set()
for log_line in config.split('\n'):
if self.install_step_regex.search(log_line):
line = '{0:s}: Wordpress installation successful'.format(
self._get_timestamp(log_line))
report.append(fmt.bullet(line))
findings_summary.add('install')
match = self.theme_editor_regex.search(log_line)
if match:
line = '{0:s}: Wordpress theme editor edited file ({1:s})'.format(
self._get_timestamp(log_line), match.group('edited_file'))
report.append(fmt.bullet(line))
findings_summary.add('theme_edit')
if report:
findings_summary = ', '.join(sorted(list(findings_summary)))
summary = 'Wordpress access logs found ({0:s})'.format(findings_summary)
report.insert(0, fmt.heading4(fmt.bold(summary)))
report_text = '\n'.join(report)
return (report_text, Priority.HIGH, summary)
report_text = 'No Wordpress install or theme editing found in access logs'
return (fmt.heading4(report_text), Priority.LOW, report_text)task (dict): The task to format data for
show_files (bool): Whether we want to print out log file paths
Returns:
list: Formatted task data
"""
report = []
saved_paths = task.get('saved_paths') or []
status = task.get('status') or 'No task status'
report.append(fmt.heading2(task.get('name')))
line = '{0:s} {1:s}'.format(fmt.bold('Status:'), status)
report.append(fmt.bullet(line))
report.append(fmt.bullet('Task Id: {0:s}'.format(task.get('id'))))
report.append(
fmt.bullet('Executed on worker {0:s}'.format(task.get('worker_name'))))
if task.get('report_data'):
report.append('')
report.append(fmt.heading3('Task Reported Data'))
report.extend(task.get('report_data').splitlines())
if show_files:
report.append('')
report.append(fmt.heading3('Saved Task Files:'))
for path in saved_paths:
report.append(fmt.bullet(fmt.code(path)))
report.append('')
return report
permit_root_login_re = re.compile(
r'^\s*PermitRootLogin\s*(yes|prohibit-password|without-password)',
re.IGNORECASE | re.MULTILINE)
password_authentication_re = re.compile(
r'^\s*PasswordAuthentication[\s"]*No', re.IGNORECASE | re.MULTILINE)
permit_empty_passwords_re = re.compile(
r'^\s*PermitEmptyPasswords[\s"]*Yes', re.IGNORECASE | re.MULTILINE)
if re.search(permit_root_login_re, config):
findings.append(fmt.bullet('Root login enabled.'))
if not re.search(password_authentication_re, config):
findings.append(fmt.bullet('Password authentication enabled.'))
if re.search(permit_empty_passwords_re, config):
findings.append(fmt.bullet('Empty passwords permitted.'))
if findings:
summary = 'Insecure SSH configuration found.'
findings.insert(0, fmt.heading4(fmt.bold(summary)))
report = '\n'.join(findings)
return (report, Priority.HIGH, summary)
report = 'No issues found in SSH configuration'
return (report, Priority.LOW, report)report.append(fmt.heading2(task.get('name')))
line = '{0:s} {1:s}'.format(fmt.bold('Status:'), status)
report.append(fmt.bullet(line))
report.append(fmt.bullet('Task Id: {0:s}'.format(task.get('id'))))
report.append(
fmt.bullet('Executed on worker {0:s}'.format(task.get('worker_name'))))
if task.get('report_data'):
report.append('')
report.append(fmt.heading3('Task Reported Data'))
report.extend(task.get('report_data').splitlines())
if show_files:
report.append('')
report.append(fmt.heading3('Saved Task Files:'))
for path in saved_paths:
report.append(fmt.bullet(fmt.code(path)))
report.append('')
return reportsummary = msg
priority = Priority.CRITICAL
else:
msg = 'Did not find any suspicious commands.'
report.append(fmt.heading4(msg))
summary = msg
for filepath, command in evil_commands:
report.append(fmt.bullet(fmt.bold('Command:')))
report.append(fmt.code(command))
report.append('Found in file:')
report.append(fmt.code(filepath))
msg = 'Extracted {0:d} strings from {1:d} file(s)'.format(
strings_count, len(collected_artifacts))
report.append(fmt.bullet(msg))
return (report, priority, summary)report_text(str): The report data
report_priority(int): The priority of the report (0 - 100)
summary(str): A summary of the report (used for task status)
)
"""
findings = []
permit_root_login_re = re.compile(
r'^\s*PermitRootLogin\s*(yes|prohibit-password|without-password)',
re.IGNORECASE | re.MULTILINE)
password_authentication_re = re.compile(
r'^\s*PasswordAuthentication[\s"]*No', re.IGNORECASE | re.MULTILINE)
permit_empty_passwords_re = re.compile(
r'^\s*PermitEmptyPasswords[\s"]*Yes', re.IGNORECASE | re.MULTILINE)
if re.search(permit_root_login_re, config):
findings.append(fmt.bullet('Root login enabled.'))
if not re.search(password_authentication_re, config):
findings.append(fmt.bullet('Password authentication enabled.'))
if re.search(permit_empty_passwords_re, config):
findings.append(fmt.bullet('Empty passwords permitted.'))
if findings:
summary = 'Insecure SSH configuration found.'
findings.insert(0, fmt.heading4(fmt.bold(summary)))
report = '\n'.join(findings)
return (report, Priority.HIGH, summary)
report = 'No issues found in SSH configuration'
return (report, Priority.LOW, report)
try:
# Retrieve summary related results.
findings.append(fmt.heading4('Bulk Extractor Results'))
findings.append(fmt.heading5('Run Summary'))
findings.append(
fmt.bullet(
'Program: {0} - {1}'.format(
self.check_xml_attrib('creator/program'),
self.check_xml_attrib('creator/version'))))
findings.append(
fmt.bullet(
'Command Line: {0}'.format(
self.check_xml_attrib(
'creator/execution_environment/command_line'))))
findings.append(
fmt.bullet(
'Start Time: {0}'.format(
self.check_xml_attrib(
'creator/execution_environment/start_time'))))
findings.append(
fmt.bullet(
'Elapsed Time: {0}'.format(
self.check_xml_attrib('report/elapsed_seconds'))))
# Retrieve results from each of the scanner runs
feature_files = self.xml.find('feature_files')
if feature_files is not None:
feature_iter = feature_files.iter()
findings.append(fmt.heading5('Scanner Results'))
for f in feature_iter:
if f.tag == 'feature_file':
name = next(feature_iter)"""Formats a single task in detail.
Args:
task (dict): The task to format data for
show_files (bool): Whether we want to print out log file paths
Returns:
list: Formatted task data
"""
report = []
saved_paths = task.get('saved_paths') or []
status = task.get('status') or 'No task status'
report.append(fmt.heading2(task.get('name')))
line = '{0:s} {1:s}'.format(fmt.bold('Status:'), status)
report.append(fmt.bullet(line))
report.append(fmt.bullet('Task Id: {0:s}'.format(task.get('id'))))
report.append(
fmt.bullet('Executed on worker {0:s}'.format(task.get('worker_name'))))
if task.get('report_data'):
report.append('')
report.append(fmt.heading3('Task Reported Data'))
report.extend(task.get('report_data').splitlines())
if show_files:
report.append('')
report.append(fmt.heading3('Saved Task Files:'))
for path in saved_paths:
report.append(fmt.bullet(fmt.code(path)))
report.append('')
return reportturbinia
Automation and Scaling of Digital Forensics Tools
Package Health Score
84 / 100Popular turbinia functions
- turbinia.client.TurbiniaStats
- turbinia.config
- turbinia.config.LoadConfig
- turbinia.config.TURBINIA_PROJECT
- turbinia.evidence
- turbinia.evidence.Evidence
- turbinia.evidence.GoogleCloudDisk
- turbinia.evidence.RawDisk
- turbinia.evidence.ReportText
- turbinia.jobs.interface.TurbiniaJob
- turbinia.jobs.manager
- turbinia.jobs.manager.JobsManager
- turbinia.jobs.manager.JobsManager.RegisterJob
- turbinia.lib.text_formatter
- turbinia.lib.text_formatter.bold
- turbinia.lib.text_formatter.bullet
- turbinia.lib.text_formatter.heading4
- turbinia.message.TurbiniaRequest
- turbinia.TurbiniaException
- turbinia.workers.TurbiniaTask