Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

drakplayground: Transfer files from guest os to host. #823

Open
tfrist opened this issue Sep 19, 2023 · 2 comments
Open

drakplayground: Transfer files from guest os to host. #823

tfrist opened this issue Sep 19, 2023 · 2 comments
Labels
enhancement New feature or request

Comments

@tfrist
Copy link

tfrist commented Sep 19, 2023

Hi,

I know there is a way to copy file from the host onto the guest, using drakplayground 0 and then executing copy(host_file_path) method.
Is it possible to go the reverse direction? copy files from the guest to the host.
Thanks.
@psrok1
Copy link
Member

psrok1 commented Sep 20, 2023
edited

It is not offered by current version of drakplayground, but you can hack current methods to get the injector instance and call read_file:

*** Welcome to drakrun playground ***
Your VM is now ready and running with internet connection.
You can connect to it using VNC (password can be found in /etc/drakrun/scripts/cfg.template)
Run help() to list available commands.

[2023-09-20 11:46:59,901][DEBUG] Using selector: EpollSelector
In [1]: copy
Out[1]: <bound method DrakmonShell.copy of <drakrun.playground.DrakmonShell object at 0x7f6a52bd8130>>

In [2]: copy.__self__.injector
Out[2]: <drakrun.injector.Injector at 0x7f6a52bd80a0>

In [3]: copy.__self__.injector.read_file("C:\\Windows\\system32\\ntdll.dll", "./ntdll.dll")
Out[3]: CompletedProcess(args=['injector', '-o', 'json', '-d', 'vm-0', '-r', PosixPath('/var/lib/drakrun/profiles/kernel.json'), '-i', '1800', '-k', '0x187000', '-m', 'readfile', '--timeout', '55', '-e', 'C:\\Windows\\system32\\ntdll.dll', '-B', './ntdll.dll'], returncode=0, stdout=b'{"Plugin": "inject", "TimeStamp": "1695203326.029329", "Method": "ReadFile", "Status": "Success", "ProcessName": "C:\\\\Windows\\\\system32\\\\ntdll.dll", "Arguments": "", "InjectedPid": 0, "InjectedTid": 0}\n', stderr=b'DRAKVUF injector v1.1-git20230913113759+b38d7ed-1 Copyright (C) 2014-2023 Tamas K Lengyel\n')

I will leave the issue open as it is good feature request, I'm also missing that option.

@psrok1 psrok1 added the enhancement New feature or request label Sep 20, 2023
@psrok1 psrok1 changed the title Transfer files from guest os to host. drakplayground: Transfer files from guest os to host. Sep 20, 2023
@tfrist
Copy link
Author

tfrist commented Sep 20, 2023
edited

Great idea.
I wrote a method in playground.py as below:

def copy1(self, remote, local): ####################################################
    remote = Path(remote)       
    self.injector.read_file(self.desktop / remote.name, local)

and added it in main() as:

with DrakmonShell(args.vm_id, args.dns) as shell, graceful_exit(
    start_dnsmasq(args.vm_id, args.dns)
):
    helpers = {
        "help": shell.help,
        "copy": shell.copy,
        "copy1":shell.copy1, #################################
        "mount": shell.mount,
        "drakvuf": shell.drakvuf,
        "vm": shell.vm,
        "run": shell.run,
    }

Finally, I can copy file from guest using copy1(), like copy1("log.txt", "/home/log.txt"). and it worked as expected!
Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tfrist @psrok1