vagd.virts.qegd

Classes

Qegd

Module Contents

class vagd.virts.qegd.Qegd(binary: str, img: str = DEFAULT_IMG, user: str = DEFAULT_USER, forward: Dict[str, int] = None, packages: List[str] = None, arm: bool = False, qemu: str = DEFAULT_QEMU_CMD, cpu: str = DEFAULT_QEMU_CPU, memory: str = DEFAULT_QEMU_MEMORY, machine: str = DEFAULT_QEMU_MACHINE, cores: str = DEFAULT_QEMU_CORES, bios: str = None, detach: bool = False, custom: str = '', **kwargs)

Bases: vagd.virts.shgd.Shgd

QEMU Virtualization for pwntools

Parameters:

binary – binary for VM debugging
img – qemu image to use (requires ssh)
user – user inside qemu image
ports – forwarded ports
packages – packages to install on vm
arm – emulate arm in qemu
qemu – qemu cmd
cpu – value for :code -cpu
memory – value for :code -m
cores – value for :code -smp
machine – value for :code -machine
bios – value for :code -bios
custom – custom qemu arguments
detach – run qemu in new terminal
kwargs – parameters to pass through to super

SSH from cmd

vagd ssh
# or
ssh -o "StrictHostKeyChecking=no" -i ~/.share/local/vagd/keyfile -p $(cat .vagd/qemu.lock) ubuntu@0.0.0.0

Kill from cmd:

vagd clean
# or
kill $(pgrep qemu)

Qemu images are cached in the home directory: ~/.share/local/vagd/qemu-imgs/

current used images are stored in the local directory: ./.vagd/current.img
These should be deleted automatically, but if a machine gets improperly stopped
(shutdown host while vm is running) it might remain and use up space. You can find remaining images with:

find ~/ -name current.img
rm <path/current.img>

DEFAULT_IMG

QEMU_DIR

IMGS_DIR

DEFAULT_USER = 'vagd'

DEFAULT_HOST = '0.0.0.0'

TYPE = 'qegd'

DEFAULT_PORT = 2222

DEFAULT_QEMU_CMD = 'qemu-system-x86_64'

DEFAULT_QEMU_ARM_CMD = 'qemu-system-aarch64'

DEFAULT_QEMU_MACHINE_PREFIX = '-machine'

DEFAULT_QEMU_MACHINE = 'accel=kvm,type=q35'

DEFAULT_QEMU_ARM_MACHINE = 'virt'

DEFAULT_QEMU_CPU_PREFIX = '-cpu'

DEFAULT_QEMU_CPU = 'host'

DEFAULT_QEMU_ARM_CPU = 'cortex-a72'

DEFAULT_QEMU_CORES_PREFIX = '-smp'

DEFAULT_QEMU_CORES = '2'

DEFAULT_QEMU_BIOS_PREFIX = '-bios'

DEFAULT_QEMU_ARM_BIOS = '/usr/share/edk2/aarch64/QEMU_EFI.fd'

DEFAULT_QEMU_MEMORY_PREFIX = '-m'

DEFAULT_QEMU_MEMORY = '2G'

_img: str

_local_img: str

_user: str

_host: str

_port: int

_forward: Dict[str, int]

_qemu: str

_cpu: str

_cores: str

_memory: str

_bios: str

_machine: str

_detach: bool

_custom

static _is_local(url) → bool: check if provided url is local or remote :param url: url to check :return: if the url is local or remote

CURRENT_IMG

_set_local_img(): get local image for qemu machine

METADATA_FILE

_METADATA = Multiline-String

Show Value

"""instance-id: iid-local01
local-hostname: cloudimg
"""

USER_DATA_FILE

_USER_DATA = Multiline-String

Show Value

"""#cloud-config
users:
  - default
  - name: {user}
    groups: sudo
    shell: /bin/bash
    sudo: ['ALL=(ALL) NOPASSWD:ALL']
    ssh_authorized_keys:
      - {pubkey}
"""

SEED_FILE

_GENERATE_SEED_IMG

_setup_seed(): create seed.img with config data like ssh keypair in .qemu

_QEMU_PORT_FORWARDING = ',hostfwd={type}::{guest}-:{host}'

_QEMU_START

_QEMU_PIPE = '&> /dev/null; '

_QEMU_SUFFIX = 'rm {lock} {current}'

_QEMU_ARM_START = ''

LOCKFILE

_qemu_start(): start qemu machine

_new_vm() → None: create new vm

_vm_setup() → None: setup qemu machine