volatility.framework.interfaces.plugins module¶
Plugins are the functions of the volatility framework.
They are called and carry out some algorithms on data stored in layers using objects constructed from symbols.
-
class
FileConsumerInterface[source]¶ Bases:
objectClass for consuming files potentially produced by plugins.
We use the producer/consumer model to ensure we can avoid running out of memory by storing every file produced. The downside is, we can’t provide much feedback to the producer about what happened to their file (other than exceptions).
-
consume_file(file)[source]¶ Consumes a file as passed back to a UI by a plugin.
- Parameters
file (
FileInterface) – A FileInterface object with the data to write to a file- Return type
None
-
-
class
FileInterface(filename, data=None)[source]¶ Bases:
objectClass for storing Files in the plugin as a means to output a file or files when necessary.
-
class
PluginInterface(context, config_path, progress_callback=None)[source]¶ Bases:
volatility.framework.interfaces.configuration.ConfigurableInterfaceClass that defines the basic interface that all Plugins must maintain.
The constructor must only take a context and config_path, so that plugins can be launched automatically. As such all configuration information must be provided through the requirements and configuration information in the context it is passed.
- Parameters
-
build_configuration()¶ Constructs a HierarchicalDictionary of all the options required to build this component in the current context.
Ensures that if the class has been created, it can be recreated using the configuration built Inheriting classes must override this to ensure any dependent classes update their configurations too
- Return type
-
property
config¶ The Hierarchical configuration Dictionary for this Configurable object.
- Return type
-
property
context¶ The context object that this configurable belongs to/configuration is stored in.
- Return type
-
classmethod
get_requirements()[source]¶ Returns a list of Requirement objects for this plugin.
- Return type
-
classmethod
make_subconfig(context, base_config_path, **kwargs)¶ Convenience function to allow constructing a new randomly generated sub-configuration path, containing each element from kwargs.
- Parameters
context (
ContextInterface) – The context in which to store the new configurationbase_config_path (
str) – The base configuration path on which to build the new configurationkwargs – Keyword arguments that are used to populate the new configuration path
- Returns
The newly generated full configuration path
- Return type
-
produce_file(filedata)[source]¶ Adds a file to the plugin’s file store and returns the chosen filename for the file.
- Return type
None
-
abstract
run()[source]¶ Executes the functionality of the code.
Note
This method expects self.validate to have been called to ensure all necessary options have been provided
- Return type
- Returns
A TreeGrid object that can then be passed to a Renderer.
-
set_file_consumer(consumer)[source]¶ Sets the file consumer to be used by this plugin.
- Return type
None
-
classmethod
unsatisfied(context, config_path)¶ Returns a list of the names of all unsatisfied requirements.
Since a satisfied set of requirements will return [], it can be used in tests as follows:
unmet = configurable.unsatisfied(context, config_path) if unmet: raise RuntimeError("Unsatisfied requirements: {}".format(unmet)
- Return type
-
version= (0, 0, 0)¶