Beispiel #1
0
def wget(filepath):
    url = "%s%s" % (target.TARGET_GIT_URL, filepath)
    filename = os.path.join(paths.GITHACK_DIST_TARGET_GIT_PATH, filepath)
    data = request_data(url)
    if data:
        writeFile(filename, data)
        if DEBUG:
            logger.success("Get %s => %s" % (url, filepath))
Beispiel #2
0
def update_program():
    git_repository = "https://github.com/orleven/srcscan.git"
    success = False
    path = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
    if not os.path.exists(os.path.join(path, ".git")):
        msg = "Have not a git repository. Please checkout the 'srcscan' repository "
        msg += "from GitHub (e.g. 'git clone --depth 1 https://github.com/orleven/srcscan.git srcscan')"
        logger.error(msg)
    else:
        msg = "Updating srcscan to the latest version from the gitHub repository."
        logger.sysinfo(msg)

        msg = "The srcscan will try to update itself using 'git' command."
        logger.sysinfo(msg)

        logger.sysinfo("Update in progress.")

    try:
        process = subprocess.Popen(
            "git checkout . && git pull %s HEAD" % git_repository,
            shell=True,
            stdout=subprocess.PIPE,
            stderr=subprocess.PIPE,
            cwd=path.encode(locale.getpreferredencoding())
        )  # Reference: http://blog.stastnarodina.com/honza-en/spot/python-unicodeencodeerror/
        poll_process(process, True)
        stdout, stderr = process.communicate()
        success = not process.returncode
    except (IOError, OSError) as ex:
        success = False
        logger.error(type(ex).__name__)

    if success:
        logger.success("The latest revision '%s'" % (get_revision_number()))
    else:
        if "Not a git repository" in stderr:
            msg = "Not a valid git repository. Please checkout the 'orleven/srcscan' repository "
            msg += "from GitHub (e.g. 'git clone --depth 1 https://github.com/orleven/srcscan.git srcscan')"
            logger.error(msg)
        else:
            logger.error("Update could not be completed ('%s')" %
                         re.sub(r"\W+", " ", stderr).strip())

    if not success:
        if sys.platform == 'win32':
            msg = "for Windows platform it's recommended "
            msg += "to use a GitHub for Windows client for updating "
            msg += "purposes (http://windows.github.com/) or just "
            msg += "download the latest snapshot from "
            msg += "https://github.com/orleven/srcscan"
        else:
            msg = "For Linux platform it's required "
            msg += "to install a standard 'git' package (e.g.: 'sudo apt-get install git')"

        logger.sysinfo(msg)
Beispiel #3
0
def checkdepends():
    logger.info("Check Depends")
    process = subprocess.Popen("git --version",
                               shell=True,
                               stdout=subprocess.PIPE,
                               stderr=subprocess.PIPE)
    stdout, stderr = process.communicate()
    if stderr:
        logger.error(DEPENDS)
        sys.exit(1)
    logger.success("Check depends end")
Beispiel #4
0
def valid_git_repo():
    logger.info("Valid Repository")
    process = subprocess.Popen(
        "cd %s && git reset" % (paths.GITHACK_DIST_TARGET_PATH),
        shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    stdout, stderr = process.communicate()
    if stderr:
        logger.info("Valid Repository Fail")
        return False
    logger.success("Valid Repository Success")
    return True
Beispiel #5
0
def loadPlugin(url, poc=None):
    """load all plugins.
    """
    if "://" not in url:
        url = "http://" + url
    url = url.strip("/")
    logger.info("Target url: %s" % url)

    plugin_path = os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))),"plugins")
    if not os.path.isdir(plugin_path):
        logger.warning("%s is not a directory! " % plugin_path)
        raise EnvironmentError
    logger.info("Plugin path: %s " % plugin_path)
    
    items = os.listdir(plugin_path)
    if poc:
        logger.info('Loading plugins with "%s" key words.' % poc)
    else:
        poc=""
    for item in items:
        if item.endswith(".py") and not item.startswith('__'):
            plugin_name = item[:-3]
            if poc in plugin_name:
                logger.info("Loading plugin: %s" % plugin_name)

                module = importlib.import_module("plugins." + plugin_name)

                try:
                    result = module.run(url)
                    if result:
                        logger.success(result)
                    else:
                        logger.error("Not Vulnerable %s " % plugin_name)
                except:
                    logger.warning("ConnectionError ")
            else:
                continue

    logger.info("Finished")
Beispiel #6
0
def job_success():
    logger.p("", logger.GREEN)
    logger.success("Clone Success. Dist File : %s" %
                   (paths.GITHACK_DIST_TARGET_PATH))