Closed
Conversation
Rustdesk doesn't support Mac as a server and the original android path was not supported as a relative path.
Closed
Contributor
Author
|
IDK, what happened with the checks, but this is a complete disaster and i barely know what exactly went wrong. Although linting should make some sort of indication. |
jd-gui
reviewed
Feb 4, 2025
|
|
||
|
|
||
| RemoteAccessLogRecord = create_extended_descriptor([UserRecordDescriptorExtension])( | ||
| "remoteaccess/restdesk/log", GENERIC_LOG_RECORD_FIELDS |
There was a problem hiding this comment.
Typo here on the record descriptor, should be remoteaccess/rustdesk/log
|
@Peter-The-Great Should also use pep8 for formatting as the linter is expecting blank lines and some lines are too long. Have reformatted and attached the two code files here if you like |
Contributor
Author
|
Alright i have just added the PEP 8 code Style to the code and fixed the typo. |
Horofic
requested changes
Feb 11, 2025
| @@ -0,0 +1,115 @@ | |||
| import logging | |||
Member
There was a problem hiding this comment.
Suggested change
| import logging | |
| from __future__ import annotations | |
Comment on lines
+17
to
+18
|
|
||
| log = logging.getLogger(__name__) |
Member
There was a problem hiding this comment.
Suggested change
| log = logging.getLogger(__name__) |
| SERVER_GLOBS = [ | ||
| # Windows >= Windows 7 | ||
| "sysvol/Windows/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/*.log", | ||
|
|
Comment on lines
+39
to
+50
| USER_GLOBS = [ | ||
| # Windows | ||
| "AppData/Roaming/Rustdesk/log/*.log", | ||
|
|
||
| # Linux | ||
| ".local/share/logs/RustDesk/server/*.log", | ||
|
|
||
| # Android | ||
| "storage/emulated/0/RustDesk/logs/*.log", | ||
|
|
||
| # Mac | ||
| "Library/Logs/RustDesk/*.log", |
Member
There was a problem hiding this comment.
Suggested change
| USER_GLOBS = [ | |
| # Windows | |
| "AppData/Roaming/Rustdesk/log/*.log", | |
| # Linux | |
| ".local/share/logs/RustDesk/server/*.log", | |
| # Android | |
| "storage/emulated/0/RustDesk/logs/*.log", | |
| # Mac | |
| "Library/Logs/RustDesk/*.log", | |
| USER_GLOBS = [ | |
| # Windows | |
| "AppData/Roaming/Rustdesk/log/*.log", | |
| # Linux | |
| ".local/share/logs/RustDesk/server/*.log", | |
| # Android | |
| "storage/emulated/0/RustDesk/logs/*.log", | |
| # Mac | |
| "Library/Logs/RustDesk/*.log", |
|
|
||
| assert records[0].ts == datetime(2025, 1, 1, 13, 4, 8, 350802, tzinfo=timezone.utc) | ||
| assert records[0].message == "DEBUG src\\server\\connection.rs:983 #1362 Connection opened from REDACTED IP:6074." | ||
| assert records[0].source == "sysvol/Windows/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/TestRustdesk.log" |
Member
There was a problem hiding this comment.
Suggested change
| assert records[0].source == "sysvol/Windows/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/TestRustdesk.log" | |
| assert ( | |
| records[0].source | |
| == "sysvol/Windows/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/TestRustdesk.log" | |
| ) |
Comment on lines
+59
to
+62
| user = None | ||
| for log_glob in self.SERVER_GLOBS: | ||
| for log_file in self.target.fs.path().glob(log_glob): | ||
| self.log_files.add((log_file, user)) |
Member
There was a problem hiding this comment.
Suggested change
| user = None | |
| for log_glob in self.SERVER_GLOBS: | |
| for log_file in self.target.fs.path().glob(log_glob): | |
| self.log_files.add((log_file, user)) | |
| for log_glob in self.SERVER_GLOBS: | |
| for log_file in self.target.fs.path().glob(log_glob): | |
| self.log_files.add((log_file, None)) |
| def __init__(self, target): | ||
| super().__init__(target) | ||
|
|
||
| self.log_files: set[tuple[TargetPath, UserDetails]] = set() |
Member
There was a problem hiding this comment.
Suggested change
| self.log_files: set[tuple[TargetPath, UserDetails]] = set() | |
| self.log_files: set[tuple[TargetPath, UserDetails | None]] = set() |
|
|
||
| def test_rustdesk_plugin_log(target_win_users: Target, fs_win: VirtualFilesystem) -> None: | ||
| fs_win.map_file( | ||
| "sysvol/Windows/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/TestRustdesk.log", |
Member
There was a problem hiding this comment.
Suggested change
| "sysvol/Windows/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/TestRustdesk.log", | |
| "Windows/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/TestRustdesk.log", |
|
|
||
| ts, level, source, message = match.groups() | ||
|
|
||
| timestamp = datetime.fromisoformat(ts) |
Member
There was a problem hiding this comment.
It looks like the ts parsed from the log file is not a valid ISO format timestamp because of the space between the timestamp and +01:00. This causes the tests to fail currently.
Comment on lines
+92
to
+115
| line = line.strip() | ||
|
|
||
| try: | ||
| # Still needs to be checked for Rustdesk implementation | ||
| match = re.match(r"\[(.*?)\] (\w+) \[(.*?)\] (.*)", line) | ||
| if not match: | ||
| raise ValueError("Line does not match expected format") | ||
|
|
||
| ts, level, source, message = match.groups() | ||
|
|
||
| timestamp = datetime.fromisoformat(ts) | ||
| message = re.sub(r"\s\s+", " ", f"{level} {source} {message}") | ||
|
|
||
| yield self.RemoteAccessLogRecord( | ||
| ts=timestamp, | ||
| message=message, | ||
| source=log_file, | ||
| _target=self.target, | ||
| _user=user, | ||
| ) | ||
|
|
||
| except ValueError as e: | ||
| self.target.log.warning("Could not parse log line in file %s: '%s'", log_file, line) | ||
| self.target.log.debug("", exc_info=e) |
Member
There was a problem hiding this comment.
Suggested change
| line = line.strip() | |
| try: | |
| # Still needs to be checked for Rustdesk implementation | |
| match = re.match(r"\[(.*?)\] (\w+) \[(.*?)\] (.*)", line) | |
| if not match: | |
| raise ValueError("Line does not match expected format") | |
| ts, level, source, message = match.groups() | |
| timestamp = datetime.fromisoformat(ts) | |
| message = re.sub(r"\s\s+", " ", f"{level} {source} {message}") | |
| yield self.RemoteAccessLogRecord( | |
| ts=timestamp, | |
| message=message, | |
| source=log_file, | |
| _target=self.target, | |
| _user=user, | |
| ) | |
| except ValueError as e: | |
| self.target.log.warning("Could not parse log line in file %s: '%s'", log_file, line) | |
| self.target.log.debug("", exc_info=e) | |
| if line := line.strip(): | |
| try: | |
| # Still needs to be checked for Rustdesk implementation | |
| match = re.match(r"\[(.*?)\] (\w+) \[(.*?)\] (.*)", line) | |
| if not match: | |
| raise ValueError("Line does not match expected format") | |
| ts, level, source, message = match.groups() | |
| timestamp = datetime.fromisoformat(ts) | |
| message = re.sub(r"\s\s+", " ", f"{level} {source} {message}") | |
| yield self.RemoteAccessLogRecord( | |
| ts=timestamp, | |
| message=message, | |
| source=log_file, | |
| _target=self.target, | |
| _user=user, | |
| ) | |
| except ValueError as e: | |
| self.target.log.warning("Could not parse log line in file %s: '%s'", log_file, line) | |
| self.target.log.debug("", exc_info=e) |
Horofic
requested changes
Feb 11, 2025
|
|
||
| @export(record=RemoteAccessLogRecord) | ||
| def logs(self) -> Iterator[RemoteAccessLogRecord]: | ||
| """Parse Rustdesk log files. |
Member
There was a problem hiding this comment.
Suggested change
| """Parse Rustdesk log files. | |
| """Parse RustDesk log files. |
| def logs(self) -> Iterator[RemoteAccessLogRecord]: | ||
| """Parse Rustdesk log files. | ||
|
|
||
| Rustdesk is remote access software that allows users to connect to a remote computer. |
Member
There was a problem hiding this comment.
Suggested change
| Rustdesk is remote access software that allows users to connect to a remote computer. | |
| RustDesk is a remote desktop application can be used by adversaries to get (persistent) access to a machine. |
| The project is open source and can be found at: https://github.com/rustdesk/rustdesk/ | ||
|
|
||
| The log files are stored in different locations, based on the Target OS and client type. | ||
| Unlike Anydesk, Rustdesk does have a carry a time zone designator (TZD). |
Member
There was a problem hiding this comment.
Suggested change
| Unlike Anydesk, Rustdesk does have a carry a time zone designator (TZD). | |
| Unlike AnyDesk, RustDesk does carry a time zone designator (TZD). |
Contributor
Author
|
Looks cool guys, thanks for adding this to the main branch. Havent really been up to date with the pull request, but cool to see the progress being made on it. |
Member
@Peter-The-Great this PR is not merged into main yet. I have requested some changes for the code in this PR that can work into this PR. After everything is reviewed and approved, this PR will be merged into main. |
Contributor
|
Created a new PR with these suggested changes: #1104 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds support to inspect
Rustdesklogs on supported targets (#983). I have tested the Plugin on a both a Linux and Windows machine and they do appear to work. However, if there is any issue with the plugin, just let me know right away and I will try to look in to it.