Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lightweight client #20

Open
c-goosen opened this issue Oct 7, 2015 · 1 comment
Open

Lightweight client #20

c-goosen opened this issue Oct 7, 2015 · 1 comment

Comments

@c-goosen
Copy link

c-goosen commented Oct 7, 2015

Is it possible to write a more lightweight client that implements a tripwire type detection. Im thinking in terms of a periodic scan of the file system, comparing hashes and then passing suspect files via the network to a laikaboss host. webscan.py still requires a lot of libraries to be installed.

@marnao
Copy link
Contributor

marnao commented Oct 7, 2015

Yes! It's an undocumented feature and admittedly has not been thoroughly tested, but we provide a cross platform interface that uses JSON for serialization rather than python's pickle. We are also planning to add more interface types in the future that are even more lightweight (JSON is pretty heavy for serialization).

Here is an example python client the uses JSON for serialization. You could easily extend this example to work on other platforms/languages. The only hard requirement is ZeroMQ for message transport.

#!/usr/bin/python

import zmq
import base64
import json
import sys

REQ_TYPE_PICKLE = '1'
REQ_TYPE_PICKLE_ZLIB = '2'
REQ_TYPE_JSON = '3'
REQ_TYPE_JSON_ZLIB = '4'

fn = sys.argv[1]
uniqID = sys.argv[2]

request = { 'source' : 'python-json-client',
             'buffer' : base64.b64encode(open(fn).read()),
             'filename' : fn,
             'uniqID' : uniqID,
             'extMetaData' : { 'testing' : uniqID }
           }

jRequest = json.dumps(request)


ctx = zmq.Context()

client = ctx.socket(zmq.REQ)
poll = zmq.Poller()
poll.register(client, zmq.POLLIN)

client.connect('tcp://localhost:5558')

# The first field tells the server to expect json. If you had a 1 in here it would expect a python pickled object
# The second field is a blank delimter field, required by zmq
# You could compress the JSON with zlib if you choose-- just choose REQ_TYPE_JSON_ZLIB instead
client.send_multipart([REQ_TYPE_JSON, '', jRequest])

socks = dict(poll.poll(None))

if socks.get(client) == zmq.POLLIN:
    # Recieve reply
    reply = client.recv()

result = json.loads(reply)

print json.dumps(result, indent=4, separators=(',', ': '), ensure_ascii=False)

Does this help?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants