Ejemplo n.º 1
0
def gen():
    pluginManager = PluginManager()
    pluginManager.find_plugins( OrchestratorConfig() )
    for plugin_type in categories:
        with open(path.join(here, plugin_type + ".rst"), "w") as f:
            name = get_plugin_type_display_name(plugin_type)
            print >>f, name
            print >>f, "*" * len(name)
            print >>f, ""
            print >>f, get_plugin_type_description(plugin_type)
            print >>f, ""
            plugins = pluginManager.get_plugins(plugin_type)
            if plugins:
                for plugin_id in sorted(plugins.keys()):
                    plugin_info = plugins[plugin_id]
                    display_name = "%s (*%s*)" % (plugin_info.display_name, plugin_id[plugin_id.rfind("/")+1:])
                    description = plugin_info.description
                    description = description.replace("\r\n", "\n")
                    description = description.replace("\n", "\n\n")
                    print >>f, display_name
                    print >>f, "=" * len(display_name)
                    print >>f, ""
                    print >>f, description
                    print >>f, ""
                    if plugin_info.plugin_args:
                        width_key = 17
                        width_value = 17
                        for key, value in plugin_info.plugin_args.iteritems():
                            if key in plugin_info.plugin_passwd_args:
                                value = "\\*" * 16
                            width_key = max(width_key, len(key))
                            width_value = max(width_value, len(value))
                        print >>f, "%s %s" % (("=" * width_key), ("=" * width_value))
                        print >>f, ("**Argument name**%s **Default value**%s" % ((" " * (width_key - 17)), (" " * (width_value - 17)))).rstrip()
                        print >>f, "%s %s" % (("-" * width_key), ("-" * width_value))
                        for key, value in plugin_info.plugin_args.iteritems():
                            value = value.replace("\r\n", "\n")
                            value = value.replace("\n", " ")
                            if key in plugin_info.plugin_passwd_args:
                                value = "\\*" * 16
                            pad_key = (" " * (width_key - len(key)))
                            pad_value = (" " * (width_value - len(value)))
                            print >>f, ("%s%s %s%s" % (key, pad_key, value, pad_value)).rstrip()
                        print >>f, ("%s %s" % (("=" * width_key), ("=" * width_value))).rstrip()
                        print >>f, ""
            else:
                print >>f, "There are currently no plugins in this category."
                print >>f, ""
        with open(path.join(here, plugin_type + ".rst"), "rU") as f:
            data = f.read()
        with open(path.join(here, plugin_type + ".rst"), "wb") as f:
            f.write(data)
    with open("index.rst", "wb") as f:
        f.write(index)
        for plugin_type in categories:
            f.write("   %s\n" % plugin_type)
Ejemplo n.º 2
0
def command_info(parser, P, cmdParams, auditParams):

    # Fail if we don't have arguments.
    if not P.targets:
        parser.error("too few arguments")

    # Load the plugins list.
    try:
        manager = PluginManager()
        manager.find_plugins(cmdParams)
    except Exception, e:
        parser.error("error loading plugins list: %s" % str(e))
Ejemplo n.º 3
0
def command_info(parser, P, cmdParams, auditParams):

    # Fail if we don't have arguments.
    if not P.targets:
        parser.error("too few arguments")

    # Load the plugins list.
    try:
        manager = PluginManager()
        manager.find_plugins(cmdParams)
    except Exception, e:
        parser.error("error loading plugins list: %s" % str(e))
Ejemplo n.º 4
0
def command_run(parser, P, cmdParams, auditParams):

    # For the SCAN command, assume targets are URLs whenever feasible.
    if P.command == "SCAN":
        guessed_urls = []
        for target in auditParams.targets:
            if not "://" in target:
                guessed_urls.append("http://" + target)
        auditParams.targets.extend(guessed_urls)

    # For all other commands, disable the testing plugins.
    else:
        auditParams.plugin_load_overrides.append((False, "testing"))

        # For the IMPORT command, targets are import files.
        if P.command == "IMPORT":
            auditParams.imports = auditParams.targets  # magic
            del auditParams.targets  # magic

        # For the REPORT command, targets are report files.
        elif P.command == "REPORT":
            auditParams.reports = auditParams.targets  # magic
            del auditParams.targets  # magic

        # If we reached this point, we have an internal error!
        else:
            raise RuntimeError("Unsupported command: %s" % P.command)

    # Expand wildcards for filenames on Windows.
    # On other platforms this is not needed,
    # as the shell already does it for us.
    if os.path.sep == "\\":
        auditParams._imports = expand_wildcards(auditParams._imports)
        auditParams._reports = expand_wildcards(auditParams._reports)

    try:

        # Load the plugins.
        manager = PluginManager()
        manager.find_plugins(cmdParams)

        # Sanitize the plugin arguments.
        try:
            if P.raw_plugin_args:
                P.plugin_args = parse_plugin_args(manager, P.raw_plugin_args)
        except KeyError, e:
            ##raise # XXX DEBUG
            parser.error("error parsing plugin arguments: %s" % str(e))

        # Prompt for passwords.
        for plugin_id in P.plugin_args.keys():
            plugin_info = manager.get_plugin_by_id(plugin_id)
            target_args = P.plugin_args[plugin_id]
            for key, value in target_args.items():
                if not value and key in plugin_info.plugin_passwd_args:
                    if len(plugin_info.plugin_passwd_args) > 1:
                        msg = "Enter password for %s (%s): "
                        msg %= (plugin_info.display_name, key)
                    else:
                        msg = "Enter password for %s: "
                        msg %= plugin_info.display_name
                    target_args[key] = getpass(msg)

        # Save the plugin arguments for the Orchestrator and the Audit.
        cmdParams.plugin_args = P.plugin_args
        auditParams.plugin_args = P.plugin_args

        # Check the parameters.
        cmdParams.check_params()
        auditParams.check_params()

        # Set the plugin arguments before loading the UI plugin.
        for plugin_id, plugin_args in cmdParams.plugin_args.iteritems():
            status = manager.set_plugin_args(plugin_id, plugin_args)
            if status != 0:  # should never happen, but just in case...
                if status == 1:
                    msg = "Unknown plugin: %s"
                elif status == 2:
                    msg = "Invalid arguments for plugin: %s"
                else:
                    msg = "Error setting arguments for plugin: %s"
                parser.error(msg % plugin_id)

        # Load the UI plugin.
        ui_plugin_id = "ui/" + cmdParams.ui_mode
        ui_plugin = manager.load_plugin_by_id(ui_plugin_id)
Ejemplo n.º 5
0
                parser.error("Default plugins folder not found, aborting!")
        cmdParams.plugins_folder = plugins_folder


    #--------------------------------------------------------------------------
    # List plugins and quit.

    if P.command == "PLUGINS":

        # Fail if we have arguments.
        if P.targets:
            parser.error("too many arguments")

        # Load the plugins list.
        try:
            manager = PluginManager()
            manager.find_plugins(cmdParams)
        except Exception, e:
            parser.error("error loading plugins list: %s" % str(e))

        # Show the list of plugins.
        print colorize("-------------", "red")
        print colorize(" Plugin list",  "red")
        print colorize("-------------", "red")

        # Import plugins...
        import_plugins = manager.get_plugins("import")
        if import_plugins:
            print
            print colorize("-= Import plugins =-", "yellow")
            for name in sorted(import_plugins.keys()):
Ejemplo n.º 6
0
def command_run(parser, P, cmdParams, auditParams):

    # For the SCAN command, assume targets are URLs whenever feasible.
    if P.command == "SCAN":
        guessed_urls = []
        for target in auditParams.targets:
            if not "://" in target:
                guessed_urls.append("http://" + target)
        auditParams.targets.extend(guessed_urls)

    # For all other commands, disable the testing plugins.
    else:
        auditParams.plugin_load_overrides.append( (False, "testing") )

        # For the IMPORT command, targets are import files.
        if P.command == "IMPORT":
            auditParams.imports = auditParams.targets   # magic
            del auditParams.targets                     # magic

        # For the REPORT command, targets are report files.
        elif P.command == "REPORT":
            auditParams.reports = auditParams.targets   # magic
            del auditParams.targets                     # magic

        # If we reached this point, we have an internal error!
        else:
            raise RuntimeError("Unsupported command: %s" % P.command)

    # Expand wildcards for filenames on Windows.
    # On other platforms this is not needed,
    # as the shell already does it for us.
    if os.path.sep == "\\":
        auditParams._imports = expand_wildcards(auditParams._imports)
        auditParams._reports = expand_wildcards(auditParams._reports)

    try:

        # Load the plugins.
        manager = PluginManager()
        manager.find_plugins(cmdParams)

        # Sanitize the plugin arguments.
        try:
            if P.raw_plugin_args:
                P.plugin_args = parse_plugin_args(manager, P.raw_plugin_args)
        except KeyError, e:
            ##raise # XXX DEBUG
            parser.error("error parsing plugin arguments: %s" % str(e))

        # Prompt for passwords.
        for plugin_id in P.plugin_args.keys():
            plugin_info = manager.get_plugin_by_id(plugin_id)
            target_args = P.plugin_args[plugin_id]
            for key, value in target_args.items():
                if not value and key in plugin_info.plugin_passwd_args:
                    if len(plugin_info.plugin_passwd_args) > 1:
                        msg = "Enter password for %s (%s): "
                        msg %= (plugin_info.display_name, key)
                    else:
                        msg = "Enter password for %s: "
                        msg %= plugin_info.display_name
                    target_args[key] = getpass(msg)

        # Save the plugin arguments for the Orchestrator and the Audit.
        cmdParams.plugin_args   = P.plugin_args
        auditParams.plugin_args = P.plugin_args

        # Check the parameters.
        cmdParams.check_params()
        auditParams.check_params()

        # Set the plugin arguments before loading the UI plugin.
        for plugin_id, plugin_args in cmdParams.plugin_args.iteritems():
            status = manager.set_plugin_args(plugin_id, plugin_args)
            if status != 0:     # should never happen, but just in case...
                if status == 1:
                    msg = "Unknown plugin: %s"
                elif status == 2:
                    msg = "Invalid arguments for plugin: %s"
                else:
                    msg = "Error setting arguments for plugin: %s"
                parser.error(msg % plugin_id)

        # Load the UI plugin.
        ui_plugin_id = "ui/" + cmdParams.ui_mode
        ui_plugin = manager.load_plugin_by_id(ui_plugin_id)
Ejemplo n.º 7
0
def gen():
    pluginManager = PluginManager()
    pluginManager.find_plugins(OrchestratorConfig())
    for plugin_type in categories:
        with open(path.join(here, plugin_type + ".rst"), "w") as f:
            name = get_plugin_type_display_name(plugin_type)
            print >> f, name
            print >> f, "*" * len(name)
            print >> f, ""
            print >> f, get_plugin_type_description(plugin_type)
            print >> f, ""
            plugins = pluginManager.get_plugins(plugin_type)
            if plugins:
                for plugin_id in sorted(plugins.keys()):
                    plugin_info = plugins[plugin_id]
                    display_name = "%s (*%s*)" % (
                        plugin_info.display_name,
                        plugin_id[plugin_id.rfind("/") + 1:])
                    description = plugin_info.description
                    description = description.replace("\r\n", "\n")
                    description = description.replace("\n", "\n\n")
                    print >> f, display_name
                    print >> f, "=" * len(display_name)
                    print >> f, ""
                    print >> f, description
                    print >> f, ""
                    if plugin_info.plugin_args:
                        width_key = 17
                        width_value = 17
                        for key, value in plugin_info.plugin_args.iteritems():
                            if key in plugin_info.plugin_passwd_args:
                                value = "\\*" * 16
                            width_key = max(width_key, len(key))
                            width_value = max(width_value, len(value))
                        print >> f, "%s %s" % (("=" * width_key),
                                               ("=" * width_value))
                        print >> f, (
                            "**Argument name**%s **Default value**%s" %
                            ((" " * (width_key - 17)),
                             (" " * (width_value - 17)))).rstrip()
                        print >> f, "%s %s" % (("-" * width_key),
                                               ("-" * width_value))
                        for key, value in plugin_info.plugin_args.iteritems():
                            value = value.replace("\r\n", "\n")
                            value = value.replace("\n", " ")
                            if key in plugin_info.plugin_passwd_args:
                                value = "\\*" * 16
                            pad_key = (" " * (width_key - len(key)))
                            pad_value = (" " * (width_value - len(value)))
                            print >> f, (
                                "%s%s %s%s" %
                                (key, pad_key, value, pad_value)).rstrip()
                        print >> f, ("%s %s" % (("=" * width_key),
                                                ("=" * width_value))).rstrip()
                        print >> f, ""
            else:
                print >> f, "There are currently no plugins in this category."
                print >> f, ""
        with open(path.join(here, plugin_type + ".rst"), "rU") as f:
            data = f.read()
        with open(path.join(here, plugin_type + ".rst"), "wb") as f:
            f.write(data)
    with open("index.rst", "wb") as f:
        f.write(index)
        for plugin_type in categories:
            f.write("   %s\n" % plugin_type)