def config(config_file, inventory_file, path):
with open(config_file, "w") as output:
output.write(
common.template('ansible.cfg.j2', {'inventory': inventory_file},
path + '/templates'))
output.close()
print("Created Ansible configuration file: %s" % config_file)
class Meta:
label = 'baseplugin'
stacked_on = 'scan'
argument_formatter = common.SmartFormatter
epilog = template('help_epilog.tpl')
def create(topology, fname, path):
with open(fname, "w") as output:
output.write(
common.template('Vagrantfile.j2', topology,
get_template_path(topology, path)))
output.close()
print("Created Vagrantfile: %s" % fname)
def url_scan(self, url, opts, functionality, enabled_functionality):
url = common.validate_url(url, self.out)
if self.can_enumerate_plugins or self.can_enumerate_themes:
scanning_method = opts['method']
if not scanning_method:
scanning_method, url = self.determine_scanning_method(
url, opts['verb'], opts['timeout'])
else:
scanning_method = None
enumerating_all = opts['enumerate'] == 'a'
if enumerating_all:
self.out.echo(
common.template('scan_begin.tpl', {
'noun': 'all',
'url': url
}))
result = {}
for enumerate in enabled_functionality:
if not enumerating_all:
self.out.echo(
common.template('scan_begin.tpl', {
'noun': enumerate,
'url': url
}))
enum = functionality[enumerate]
# Get the arguments for the function.
kwargs = dict(enum['kwargs'])
kwargs['url'] = url
if enumerate in ['themes', 'plugins']:
kwargs['scanning_method'] = scanning_method
# Call to the respective functions occurs here.
finds, is_empty = enum['func'](**kwargs)
result[enumerate] = {'finds': finds, 'is_empty': is_empty}
return result
def url_scan(self, url, opts, functionality, enabled_functionality):
url = common.validate_url(url, self.out)
if self.can_enumerate_plugins or self.can_enumerate_themes:
scanning_method = opts['method']
if not scanning_method:
scanning_method, url = self.determine_scanning_method(url,
opts['verb'], opts['timeout'])
else:
scanning_method = None
enumerating_all = opts['enumerate'] == 'a'
if enumerating_all:
self.out.echo(common.template('scan_begin.tpl', {'noun': 'all', 'url':
url}))
result = {}
for enumerate in enabled_functionality:
if not enumerating_all:
self.out.echo(common.template('scan_begin.tpl', {'noun': enumerate,
'url': url}))
enum = functionality[enumerate]
# Get the arguments for the function.
kwargs = dict(enum['kwargs'])
kwargs['url'] = url
if enumerate in ['themes', 'plugins']:
kwargs['scanning_method'] = scanning_method
# Call to the respective functions occurs here.
finds, is_empty = enum['func'](**kwargs)
result[enumerate] = {'finds': finds, 'is_empty': is_empty}
return result
def stats(self):
plugins = plugins_get()
version = version_get()
print(template("stats_plugin.mustache", {"version": version, "plugins": plugins}))
def dump(topology,path):
template_path = get_template_path(topology,path)
print("\nVagrantfile using templates from %s" % os.path.relpath(template_path))
print("======================================================")
print(common.template('Vagrantfile.j2',topology,template_path))
class Meta:
label = 'scan'
description = 'cms scanning functionality.'
stacked_on = 'base'
stacked_type = 'nested'
epilog = "\n"
argument_formatter = common.SmartFormatter
arguments = [
(['-u', '--url'], dict(action='store', help='')),
(['--debug-requests'],
dict(action='store_true',
help="""Prints every
HTTP request made and the response returned from the server
for debugging purposes. Disables threading and loading
bars.""",
default=False)),
(['--enumerate', '-e'],
dict(action='store',
help='R|' + common.template('help_enumerate.tpl'),
choices=common.enum_list(common.Enumerate),
default='a')),
(['--method'],
dict(action='store',
help='R|' + common.template('help_method.tpl'),
choices=common.enum_list(common.ScanningMethod))),
(['--threads', '-t'],
dict(action='store',
help='''Number of
threads. Default 4.''',
default=4,
type=int)),
(['--number', '-n'],
dict(action='store',
help='''Number of
words to attempt from the plugin/theme dictionary. Default
is 1000. Use -n 'all' to use all available.''',
default=1000)),
(['--verb'],
dict(action='store',
help="""The HTTP verb to use;
the default option is head, except for version enumeration
requests, which are always get because we need to get the hash
from the file's contents""",
default='head',
choices=common.enum_list(common.Verb))),
(['--plugins-base-url'],
dict(action='store',
help="""Location
where the plugins are stored by the CMS. Default is the CMS'
default location. First %%s in string will be replaced with
the url, and the second one will be replaced with the module
name. E.g. '%%ssites/all/modules/%%s/'""")),
(['--themes-base-url'],
dict(action='store',
help='''Same as
above, but for themes.''')),
(['-U', '--url-file'],
dict(action='store',
help='''A file which
contains a list of URLs.''')),
(['--output', '-o'],
dict(action='store',
help='Output format',
choices=common.enum_list(common.ValidOutputs),
default='standard')),
(['--error-log'],
dict(action='store',
help='''A file to store the
errors on.''',
default='-')),
(['--timeout'],
dict(action='store',
help="""How long to wait
for an HTTP response before timing out (in seconds).""",
default=15,
type=int)),
(['--timeout-host'],
dict(action='store',
help="""Maximum time
to spend per host (in seconds).""",
default=450,
type=int)),
]
class Meta:
label = 'base'
description = __doc__
epilog = template("help_epilog.tpl")
def stats(self):
plugins = plugins_get()
for plugin in plugins:
print template('stats_plugin.tpl', {'plugin': plugin})
def stats(self):
plugins = plugins_get()
for plugin in plugins:
print(template('stats_plugin.tpl', {'plugin': plugin}))
