def startFaraday():
"""Application startup.
Starts a MainApplication with the previously parsed arguments, and handles
a profiler if requested.
Returns application status.
"""
from faraday.client.model.application import MainApplication # pylint:disable=import-outside-toplevel
logger.info("All done. Opening environment.")
# TODO: Handle args in CONF and send only necessary ones.
main_app = MainApplication(args)
if not args.disable_excepthook:
logger.info("Main application ExceptHook enabled.")
main_app.enableExceptHook()
logger.info("Starting main application.")
start = main_app.start
serverURL = getInstanceConfiguration().getServerURI()
if serverURL:
url = "%s/_ui" % serverURL
print(Fore.WHITE + Style.BRIGHT + "\n* " + "Faraday UI is ready")
print(
Fore.WHITE + Style.BRIGHT + "Point your browser to: \n[%s]" % url)
print(Fore.RESET + Back.RESET + Style.RESET_ALL)
exit_status = start()
return exit_status
def setConf():
"""
User configuration management and instantiation.
Setting framework configuration based either on previously user saved
settings or default ones.
"""
logger.info("Setting configuration.")
CONF = getInstanceConfiguration()
CONF.setDebugStatus(args.debug)
if args.debug:
set_logging_level(logging.DEBUG)
host = CONF.getApiConInfoHost() if str(CONF.getApiConInfoHost()) != "None" else FARADAY_DEFAULT_HOST
port_xmlrpc = CONF.getApiConInfoPort() if str(CONF.getApiConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_XMLRPC
port_rest = CONF.getApiRestfulConInfoPort() if str(
CONF.getApiRestfulConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_REST
host = args.host if args.host else host
port_xmlrpc = args.port_xmlrpc if args.port_xmlrpc else port_xmlrpc
port_rest = args.port_rest if args.port_rest else port_rest
CONF.setApiConInfoHost(host)
CONF.setApiConInfoPort(port_xmlrpc)
CONF.setApiRestfulConInfoPort(port_rest)
def doLoginLoop(force_login=False):
"""
Sets the username and passwords from the command line.
If --login flag is set then username and password is set
"""
try:
CONF = getInstanceConfiguration()
old_server_url = CONF.getAPIUrl()
api_username = CONF.getAPIUsername()
api_password = CONF.getAPIPassword()
if old_server_url and api_username and api_password and not force_login:
return
if old_server_url is None:
new_server_url = input(
"\nPlease enter the Faraday Server URL (Press enter for http://localhost:5985): ") or "http://localhost:5985"
else:
new_server_url = input(
"\nPlease enter the Faraday Server URL (Press enter for last used: {}): ".format(old_server_url)) or old_server_url
CONF.setAPIUrl(new_server_url)
print("""\nTo login please provide your valid Faraday credentials.\nYou have 3 attempts.""")
for attempt in range(1, 4):
api_username = input("Username (press enter for faraday): ") or "faraday"
api_password = getpass.getpass('Password: '******'username' not in user_info):
print('Login failed, please try again. You have %d more attempts' % (3 - attempt))
continue
logger.info('Login successful: {0}'.format(api_username))
break
print('Login failed, please try again. You have %d more attempts' % (3 - attempt))
else:
logger.fatal('Invalid credentials, 3 attempts failed. Quitting Faraday...')
sys.exit(-1)
except KeyboardInterrupt:
sys.exit(0)
def _createWorkspaceFolder(self, name):
CONF = getInstanceConfiguration()
self._report_path = os.path.join(CONF.getReportPath(), name)
self._report_ppath = os.path.join(self._report_path, "process")
self._report_upath = os.path.join(self._report_path, "unprocessed")
if not os.path.exists(CONF.getReportPath()):
os.mkdir(CONF.getReportPath())
if not os.path.exists(self._report_path):
os.mkdir(self._report_path)
if not os.path.exists(self._report_ppath):
os.mkdir(self._report_ppath)
if not os.path.exists(self._report_upath):
os.mkdir(self._report_upath)
def __init__(self):
core.PluginBase.__init__(self)
self.id = "Sentinel"
self.name = "Sentinel Online Plugin"
self.plugin_version = "0.0.1"
self.version = "1.0.0"
self.baseURL = "https://sentinel.whitehatsec.com/api/"
self.vulnURL = "https://source.whitehatsec.com/site_vuln_detail.html?site_id="
self.addSetting("Api_key", str, "")
self.addSetting("Enable", str, "0")
self.faraday_config = 'http://' + getInstanceConfiguration().getApiConInfoHost() + ':' + str(getInstanceConfiguration().getApiConInfoPort()) + '/'
self.faraday_api = xmlrpclib.ServerProxy(self.faraday_config)
self.format = "?format=json&display_all=1&key="
self._command_regex = re.compile(
r'^(sudo sentinel|sentinel).*?')
def login(forced_login):
CONF = getInstanceConfiguration()
server_uri = CONF.getServerURI()
api_username = CONF.getAPIUsername()
api_password = CONF.getAPIPassword()
if forced_login:
doLoginLoop(forced_login)
return
if server_uri and api_username and api_password:
session_cookie = try_login_user(server_uri, api_username, api_password)
if session_cookie:
CONF.setDBSessionCookies(session_cookie)
logger.info('Login successful: {0}'.format(api_username))
return
doLoginLoop()
def checkUpdates():
uri = getInstanceConfiguration().getUpdatesUri()
resp = u"OK"
try:
getInstanceConfiguration().setVersion(f_version)
getInstanceConfiguration().setAppname("Faraday - Penetration Test IDE Community")
parameter = {"version": getInstanceConfiguration().getVersion()}
resp = requests.get(uri, params=parameter, timeout=1, verify=True)
resp = resp.text.strip()
except Exception as e:
logger.error(e)
version = getInstanceConfiguration().getVersion()
if 'b' in version.split("+")[0]:
return
if not resp == u'OK':
logger.info("You have available updates. Run ./faraday.py --update to catchup!")
else:
logger.info("No updates available, enjoy Faraday.")
'''
Faraday Penetration Test IDE
Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
See the file 'doc/LICENSE' for the license information
'''
import time
from faraday.client.gui.gui_app import FaradayUi
from faraday.client.gui.nogui.eventwatcher import EventWatcher
import faraday.client.model.guiapi
from faraday.utils.logs import getLogger
from faraday.config.configuration import getInstanceConfiguration
CONF = getInstanceConfiguration()
class GuiApp(FaradayUi):
def __init__(self, model_controller, plugin_manager, workspace_manager, plugin_controller):
FaradayUi.__init__(self,
model_controller,
plugin_manager,
workspace_manager,
plugin_controller)
self._stop = False
faraday.client.model.guiapi.setMainApp(self)
self.event_watcher = EventWatcher()
faraday.client.model.guiapi.notification_center.registerWidget(self.event_watcher)
def run(self, args):
def __get_osint():
try:
return getInstanceConfiguration().getOsint()
except:
return ''
