{ "info": { "author": "Maximilian Krueger", "author_email": "maximilian.krueger@fau.de", "bugtrack_url": null, "classifiers": [], "description": "ForGeOSI\n--------\n![Image](http://max.fauiwg.de/forgeosi/logo256.png?raw=true)\n\n__ForGeOSI__ is a wrapper for [pyvbox](https://github.com/mjdorma/pyvbox), designed to be used in the education in computer forensics. It simplifies the creation of virtual machines and their automation, while providing a log and reasonable abstraction.\nThe automation of guest systems supports modern Windows Versions with Powershell 2 or newer, while any modern Linux system should be supported in theory, only Ubuntu 12.04 and Ubuntu 13.10 are tested though.\n\n##Requirements\nAs host, a Linux system with VirtualBox 4.3 and the VirtualBox API is expected, Python 2.7 is required, while my software in theory should support Python 3 as well, vboxapi has some hiccups, so it is not advised.\nFurther more, the following Python packets are required:\n* pyvbox\n* decorator\n* enum34\n* lxml\n\n\nThe Guest systems should be prepared with Guest Additions installed, further hints are given in the docstring documentation, standalone documentation can be generated with `pydoc forgeosi.py`\n\n##First Steps\nLets start a virtual machine, without cloning it\n\n```python\n>ipython\nIn [1]: import forgeosi\n\nIn [2]: print forgeosi.VboxInfo().list_vms()\nubuntu-lts-base\nxubuntu-lts-base\nwindows-8-base\n\nIn [3]: vbox = forgeosi.Vbox(mode=forgeosi.VboxMode.use, basename='ubuntu-lts-base')\n\nIn [4]: vbox.start(session_type=forgeosi.SessionType.gui)\n\nIn [5]: vbox.stop()\n```\n\nGenerate input, open webbrowser, send keyboard shortcut, get log\n\n```python\nIn [1]: import forgeosi\n\nIn [2]: vbox = forgeosi.Vbox(mode=forgeosi.VboxMode.use, basename='ubuntu-lts-base')\n\nIn [3]: vbox.start(session_type=forgeosi.SessionType.gui)\n#top secret password\nIn [4]: vbox.keyboard_input('12345\\n')\n#needed to access os-specific and Guest Additions functionality\nIn [5]: vbox.create_guest_session()\n\nIn [6]: vbox.os.open_browser('github.com')\n\nIn [7]: vbox.keyboard_combination(['alt','f4'])\n\nIn [8]: vbox.stop()\n\nIn [9]: print vbox.log.get_pretty_log()\nLogVM:\n\tosType: Ubuntu_64\n\tbasename: ubuntu-lts-base\n\tvmname: testvm\nLogRawKeyboard:\n\ttime_rate: 100\n\tkeyboard input: 12345\\n\n\tup_time: 0\n\ttime: 1395224126.58\n\treal_time: 1395224126.58\nLogProcess:\n\tup_time: 0\n\tstdout: \n\tprocess: \n\ttime_rate: 100\n\tpid: 1843\n\tkey_input: \n\tpath: /bin/bash\n\tstdin: \n\targuments: [\\'-c\\', \\'/usr/bin/firefox -new-tab github.com\\']\n\tstderr: \n\ttime: 1395224228.1\n\treal_time: 1395224228.1\nLogRawKeyboard:\n\ttime_rate: 100\n\tkeyboard input: makecode: alt\n\tup_time: 0\n\ttime: 1395224237.56\n\treal_time: 1395224237.56\nLogRawKeyboard:\n\ttime_rate: 100\n\tkeyboard input: makecode: f4\n\tup_time: 0\n\ttime: 1395224237.56\n\treal_time: 1395224237.56\nLogRawKeyboard:\n\ttime_rate: 100\n\tkeyboard input: breakcode: alt\n\tup_time: 0\n\ttime: 1395224237.56\n\treal_time: 1395224237.56\nLogRawKeyboard:\n\ttime_rate: 100\n\tkeyboard input: breakcode: f4\n\tup_time: 0\n\ttime: 1395224237.56\n\treal_time: 1395224237.56\n\n```\n\nExport virtual machine\n```python\nIn [1]: import forgeosi\n\nIn [2]: vbox = forgeosi.Vbox(mode=forgeosi.VboxMode.us, basename='ubuntu-lts-base')\n\nIn [3]: vbox.export(path='/tmp/image.vdi')\n```\n\n##Hacking\nThe basic architecture:\n* _forgeosi.py_\n\t* _VboxInfo_\n\t Helper to get info about the VirtualBox instance\n\t* _VboxConfig_\n\t Helper to configure the NAT Network feature\n\t* _Vbox_\n\t Main class containing everything generic to manage virtual machines\n* _lib/logger.py_\n Logger to provide a protocol of all actions\n* _lib/oslinux.py_\n Linux guest specific code\n* _lib/oswindow.py_\n Windows guest specific code\n* _lib/param.py_\n Types for typesave parameters\n\nFeel free to extend, I will accept pull requests on a reasonable base, especially additions to support a wider range of guest systems are welcome. \n\n##Testing\nThere are testcases to be found __test/__, but they are not portable\nand will need fixing to run on other systems. The tests further depend of following tools:\n* bash\n* Python 3\n* The Sleuth Kit ver 4.1 or higher, including fiwalk\n* idifference\n\n###Issues\nPlease report issues on [github](https://github.com/maxfragg/ForgeOSI/issues)\n\n###Documentation\nDocumentation can be found in __docs/__ after building with `doxygen doxygen.conf` or accessed [here](http://max.fauiwg.de/forgeosi/index.html)\n\n\n###Known bugs and limitations\n* Python 3 compatibility needs to be tested\n* raw-disk-export in the python API is broken, I'm using vboxmanage instead\n* Running programs in Windows guests with '-' in arguments, breaks things, be careful with that.\n* limited support for Windows hosts", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/maxfragg/forgeosi", "keywords": null, "license": "simplified BSD", "maintainer": null, "maintainer_email": null, "name": "forgeosi", "package_url": "https://pypi.org/project/forgeosi/", "platform": "cygwin,linux", "project_url": "https://pypi.org/project/forgeosi/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/maxfragg/forgeosi" }, "release_url": "https://pypi.org/project/forgeosi/1.0/", "requires_dist": null, "requires_python": null, "summary": "A forensic generator for operating system images", "version": "1.0" }, "last_serial": 1077641, "releases": { "1.0": [] }, "urls": [] }