You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is it possible to write a more lightweight client that implements a tripwire type detection. Im thinking in terms of a periodic scan of the file system, comparing hashes and then passing suspect files via the network to a laikaboss host. webscan.py still requires a lot of libraries to be installed.
The text was updated successfully, but these errors were encountered:
Yes! It's an undocumented feature and admittedly has not been thoroughly tested, but we provide a cross platform interface that uses JSON for serialization rather than python's pickle. We are also planning to add more interface types in the future that are even more lightweight (JSON is pretty heavy for serialization).
Here is an example python client the uses JSON for serialization. You could easily extend this example to work on other platforms/languages. The only hard requirement is ZeroMQ for message transport.
#!/usr/bin/python
import zmq
import base64
import json
import sys
REQ_TYPE_PICKLE = '1'
REQ_TYPE_PICKLE_ZLIB = '2'
REQ_TYPE_JSON = '3'
REQ_TYPE_JSON_ZLIB = '4'
fn = sys.argv[1]
uniqID = sys.argv[2]
request = { 'source' : 'python-json-client',
'buffer' : base64.b64encode(open(fn).read()),
'filename' : fn,
'uniqID' : uniqID,
'extMetaData' : { 'testing' : uniqID }
}
jRequest = json.dumps(request)
ctx = zmq.Context()
client = ctx.socket(zmq.REQ)
poll = zmq.Poller()
poll.register(client, zmq.POLLIN)
client.connect('tcp://localhost:5558')
# The first field tells the server to expect json. If you had a 1 in here it would expect a python pickled object
# The second field is a blank delimter field, required by zmq
# You could compress the JSON with zlib if you choose-- just choose REQ_TYPE_JSON_ZLIB instead
client.send_multipart([REQ_TYPE_JSON, '', jRequest])
socks = dict(poll.poll(None))
if socks.get(client) == zmq.POLLIN:
# Recieve reply
reply = client.recv()
result = json.loads(reply)
print json.dumps(result, indent=4, separators=(',', ': '), ensure_ascii=False)
Is it possible to write a more lightweight client that implements a tripwire type detection. Im thinking in terms of a periodic scan of the file system, comparing hashes and then passing suspect files via the network to a laikaboss host. webscan.py still requires a lot of libraries to be installed.
The text was updated successfully, but these errors were encountered: