Beispiel #1
    def initialise_framework(self, Options):
        self.ProxyMode = Options["ProxyMode"]
        cprint("Loading framework please wait..")

        self.Timer = timer.Timer(self.Config.Get('DATE_TIME_FORMAT')) # Requires user config
        if Options['ListPlugins']:
            return False # No processing required, just list available modules
        self.DB = db.DB(self) # DB is initialised from some Config settings, must be hooked at this point
        Command = self.GetCommand(Options['argv'])

        self.DB.Run.StartRun(Command) # Log owtf run options, start time, etc
        if self.Config.Get('SIMULATION'):
            cprint("WARNING: In Simulation mode plugins are not executed only plugin sequence is simulated")
        else: # Reporter process is not needed unless a real run
        self.StartProxy(Options) # Proxy mode is started in that function
        self.Start_TOR_Mode(Options)# TOR mode will start only if the Options are set
        # Proxy Check
        ProxySuccess, Message = self.Requester.ProxyCheck()
        if not ProxySuccess: # Regardless of interactivity settings if the proxy check fails = no point to move on
            self.Error.FrameworkAbort(Message) # Abort if proxy check failed
        # Each Plugin adds its own results to the report, the report is updated on the fly after each plugin completes (or before!)
        self.Error.SetCommand(self.AnonymiseCommand(Command)) # Set anonymised invoking command for error dump info
        return True
Beispiel #2
    def __init__(self, root_dir, owtf_pid):
        [*] Tightly coupled, cohesive framework components
        [*] Order is important

        + IO decorated so as to abort on any permission errors
        + Attach error handler and config
        + Required folders created
        + All other components are attached to core: shell, db etc...
        + Required booleans and attributes are initialised
        + If modules have Init calls, they are run
          Init procedures can exist only if the component can do some
          initialisation only after addition of all components
        # ------------------------ IO decoration ------------------------ #

        # ------------------------ Error & Config ------------------------ #
        self.Error = error_handler.ErrorHandler(self)
        self.Config = config.Config(root_dir, owtf_pid, self)

        # ----------------------- Directory creation ----------------------- #
        self.pnh_log_file()  # <-- This is not supposed to be here

        # -------------------- Component attachment -------------------- #
        # (Order is important, if there is a dependency on some other
        # other component please mention in a comment)
        # Shell might be needed in some places
        self.Shell = blocking_shell.Shell(self)
        # As soon as you have config create logger for MainProcess
        # Plugin Helper needs access to automate Plugin tasks
        self.PluginHelper = plugin_helper.PluginHelper(self)
        # Reporter needs access to Core to access Config, etc
        self.Reporter = reporter.Reporter(self)
        self.Selenium = selenium_handler.Selenium(self)
        self.InteractiveShell = interactive_shell.InteractiveShell(self)
        self.SET = set_handler.SETHandler(self)
        self.SMTP = smtp.SMTP(self)
        self.SMB = smb.SMB(self)
        # DB needs Config for some settings
        self.DB = db.DB(self)
        self.DB.Init()  # Seperate Init because of self reference
        # Timer requires DB
        self.Timer = timer.Timer(self.DB.Config.Get('DATE_TIME_FORMAT'))
        # Zest related components
        self.zest = zest.Zest(self)
        self.zap_api_handler = zap.ZAP_API(self)

        # -------------------- Booleans and attributes -------------------- #
        self.IsIPInternalRegexp = re.compile(
        self.TOR_process = None

        # --------------------------- Init calls --------------------------- #
        # Nothing as of now
Beispiel #3
 def Start(self, Options):
     self.PluginHandler = plugin_handler.PluginHandler(self, Options)
     self.PluginParams = plugin_params.PluginParams(self, Options)
     self.Timer = timer.Timer(self.Config.Get('DATE_TIME_FORMAT'))
     if Options['ListPlugins']:
         return False  # No processing required, just list available modules
     self.DB = db.DB(
     )  # DB is initialised from some Config settings, must be hooked at this point
     Command = self.GetCommand(Options['argv'])
     self.DB.Run.StartRun(Command)  # Log owtf run options, start time, etc
     if self.Config.Get('SIMULATION'):
             "WARNING: In Simulation mode plugins are not executed only plugin sequence is simulated"
     self.Requester = requester.Requester(self, Options['Proxy'])
     # Proxy Check
     ProxySuccess, Message = self.Requester.ProxyCheck()
     if not ProxySuccess:  # Regardless of interactivity settings if the proxy check fails = no point to move on
         self.Error.FrameworkAbort(Message)  # Abort if proxy check failed
     # Each Plugin adds its own results to the report, the report is updated on the fly after each plugin completes (or before!)
         Command))  # Set anonymised invoking command for error dump info
     Status = self.PluginHandler.ProcessPlugins()
     if Status['AllSkipped']:
         self.Finish('Complete: Nothing to do')
     elif not Status['SomeSuccessful'] and Status['SomeAborted']:
         return False
     elif not Status[
             'SomeSuccessful']:  # Not a single plugin completed successfully, major crash or something
         return False
     return True  # Scan was successful