def setConf(): """ User configuration management and instantiation. Setting framework configuration based either on previously user saved settings or default ones. """ logger.info("Setting configuration.") CONF = getInstanceConfiguration() CONF.setDebugStatus(args.debug) if args.debug: set_logging_level(logging.DEBUG) host = CONF.getApiConInfoHost() if str(CONF.getApiConInfoHost()) != "None" else FARADAY_DEFAULT_HOST port_xmlrpc = CONF.getApiConInfoPort() if str(CONF.getApiConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_XMLRPC port_rest = CONF.getApiRestfulConInfoPort() if str( CONF.getApiRestfulConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_REST host = args.host if args.host else host port_xmlrpc = args.port_xmlrpc if args.port_xmlrpc else port_xmlrpc port_rest = args.port_rest if args.port_rest else port_rest CONF.setApiConInfoHost(host) CONF.setApiConInfoPort(port_xmlrpc) CONF.setApiRestfulConInfoPort(port_rest)
def main(): """ Main function for launcher. """ global args args = get_parser_args() setup_folders(CONST_FARADAY_FOLDER_LIST) print_banner() logger.info("Dependencies met.") check_configuration(args.gui) setConf() CONF = getInstanceConfiguration() cert_path = CONF.getCertPath() if args.cert_path: if not os.path.isfile(args.cert_path): logger.error("Certificate Path Don't exists [%s]", args.cert_path) sys.exit(1) cert_path = os.path.abspath(args.cert_path) if cert_path: os.environ[REQUESTS_CA_BUNDLE_VAR] = cert_path if args.login: # We only call terminal login when user provides login flag login(cert_path) start_faraday_client()
#!/usr/bin/env python """ Faraday Penetration Test IDE Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) See the file 'doc/LICENSE' for the license information """ from __future__ import absolute_import from faraday_client.config.configuration import getInstanceConfiguration from faraday_client.managers.reports_managers import ReportManager CONF = getInstanceConfiguration() class UiFactory: @staticmethod def create(model_controller, plugin_manager, workspace_manager, plugin_controller, gui="gtk"): if gui == "gtk": from faraday_client.gui.gtk.application import GuiApp # pylint:disable=import-outside-toplevel else: from faraday_client.gui.nogui.application import GuiApp # pylint:disable=import-outside-toplevel return GuiApp(model_controller, plugin_manager, workspace_manager, plugin_controller)
def login(ask_for_credentials, cert_path): """ Sets the username and passwords from the command line. If --login flag is set then username and password is set """ CONF = getInstanceConfiguration() server_url = CONF.getAPIUrl() try: if not server_url: server_url = input("\nPlease enter the Faraday Server URL (Press enter for http://localhost:5985): ") \ or "http://localhost:5985" else: if ask_for_credentials: server_url = input(f"\nPlease enter the Faraday Server URL (Press enter for last used: {server_url}): ") \ or server_url parsed_url = urlparse(server_url) if not all([parsed_url.scheme, parsed_url.netloc]): logger.error("Invalid URL: %s", server_url) sys.exit(1) try: if parsed_url.scheme == "https": logger.debug("Validate server ssl certificate [%s]", server_url) login_url = urljoin(server_url, "/_api/login") test_server_response = requests.get(login_url) if test_server_response.status_code != 200: logger.error("Faraday server returned invalid response: %s", test_server_response.status_code) sys.exit(1) except requests.exceptions.SSLError as e: logger.error("Invalid SSL Certificate, use --cert CERTIFICATE for custom certificate") print(f"{Fore.RED}Invalid SSL Certificate, use --cert CERTIFICATE_PATH for custom certificate") sys.exit(1) except requests.exceptions.ConnectionError as e: logger.error("Connection to Faraday server FAILED: %s - use --login to set a new server", server_url) sys.exit(1) CONF.setAPIUrl(server_url) if not ask_for_credentials: session_cookies = CONF.getFaradaySessionCookies() if session_cookies and server_url: if is_authenticated(server_url, session_cookies): logger.debug("Valid Previous session cookie found") if parsed_url.scheme == "https" and cert_path: CONF.setCerPath(cert_path) else: CONF.setCerPath(None) return True print(f"""\nPlease provide your valid Faraday credentials for {server_url}\nYou have 3 attempts.""") MAX_ATTEMPTS = 3 for attempt in range(1, MAX_ATTEMPTS + 1): api_username = input("Username (press enter for faraday): ") or "faraday" api_password = getpass.getpass('Password: '******'roles' in user_info: if 'client' in user_info['roles']: print(f"You can't login as a client. You have {MAX_ATTEMPTS - attempt} attempt(s) left.") continue logger.info('Login successful: {0}'.format(api_username)) CONF.saveConfig() break print(f'Login failed, please try again. You have {MAX_ATTEMPTS - attempt} more attempts') else: logger.fatal(f'Invalid credentials, {MAX_ATTEMPTS} attempts failed. Quitting Faraday...') sys.exit(-1) except KeyboardInterrupt: sys.exit(0)