Ejemplo n.º 1
0
    def _handle_error_count_exceeded(self, error):
        """
        Handle the case where we exceeded MAX_ERROR_COUNT
        """
        # Create a detailed exception message
        msg = ('w3af found too many consecutive errors while performing'
               ' HTTP requests. In most cases this means that the remote web'
               ' server is not reachable anymore, the network is down, or'
               ' a WAF is blocking our tests. The last exception message'
               ' was "%s" (%s.%s).')

        reason_msg = get_exception_reason(error)
        args = (error, error.__class__.__module__, error.__class__.__name__)

        # If I got a reason, it means that it is a known exception.
        if reason_msg is not None:
            # Stop using ExtendedUrllib instance
            e = ScanMustStopByKnownReasonExc(msg % args, reason=reason_msg)

        else:
            last_errors = []
            last_n_responses = list(self._last_responses)[-MAX_ERROR_COUNT:]

            for response_meta in last_n_responses:
                last_errors.append(response_meta.message)

            e = ScanMustStopByUnknownReasonExc(msg % args, errs=last_errors)

        self._stop_exception = e
        # pylint: disable=E0702
        raise self._stop_exception
Ejemplo n.º 2
0
    def _handle_error_on_increment(self, error, last_errors):
        """
        Handle the error
        """
        #
        # Create a detailed exception message
        #
        msg = (
            'w3af found too many consecutive errors while performing'
            ' HTTP requests. In most cases this means that the remote web'
            ' server is not reachable anymore, the network is down, or'
            ' a WAF is blocking our tests. The last error message was "%s".')

        reason_msg = self.get_exception_reason(error)

        # If I got a reason, it means that it is a known exception.
        if reason_msg is not None:
            # Stop using ExtendedUrllib instance
            e = ScanMustStopByKnownReasonExc(msg % error, reason=reason_msg)

        else:
            e = ScanMustStopByUnknownReasonExc(msg % error, errs=last_errors)

        self._stop_exception = e
        # pylint: disable=E0702
        raise self._stop_exception
Ejemplo n.º 3
0
    def _handle_error_on_increment(self, error, parsed_traceback, last_errors):
        """
        Handle the error
        """
        # Stop using ExtendedUrllib instance
        self._error_stopped = True

        #
        # Create a detailed exception message
        #
        msg = (
            'w3af found too many consecutive errors while performing'
            ' HTTP requests. In most cases this means that the remote web'
            ' server is not reachable anymore, the network is down, or'
            ' a WAF is blocking our tests. The last error message was "%s".')

        if parsed_traceback:
            tback_str = ''
            for path, line, call in parsed_traceback[-3:]:
                tback_str += '    %s:%s at %s\n' % (path, line, call)

            msg += ' The last calls in the traceback are: \n%s' % tback_str

        reason_msg = None

        if isinstance(error, URLTimeoutError):
            # New exception type raised by keepalive handler
            reason_msg = error.message
            reason_err = error.message

        # Exceptions may be of type httplib.HTTPException or socket.error
        # We're interested on handling them in different ways
        elif isinstance(error, urllib2.URLError):
            reason_err = error.reason

            # Known reason errors. See errno module for more info on these
            # errors.
            EUNKNSERV = -2  # Name or service not known error
            EINVHOSTNAME = -5  # No address associated with hostname
            known_errors = (EUNKNSERV, ECONNREFUSED, EHOSTUNREACH, ECONNRESET,
                            ENETDOWN, ENETUNREACH, EINVHOSTNAME, ETIMEDOUT,
                            ENOSPC)

            if isinstance(reason_err, socket.error):
                if isinstance(reason_err, socket.sslerror):
                    reason_msg = 'SSL Error: %s' % error.reason
                elif reason_err[0] in known_errors:
                    reason_msg = str(reason_err)

        elif isinstance(error, ssl.SSLError):
            reason_msg = 'SSL Error: %s' % error.message

        elif isinstance(error, httplib.HTTPException):
            #
            #    Here we catch:
            #
            #    BadStatusLine, ResponseNotReady, CannotSendHeader,
            #    CannotSendRequest, ImproperConnectionState,
            #    IncompleteRead, UnimplementedFileMode, UnknownTransferEncoding,
            #    UnknownProtocol, InvalidURL, NotConnected.
            #
            #    TODO: Maybe we're being TOO generic in this isinstance?
            #
            reason_msg = '%s: %s' % (error.__class__.__name__, error.args)
            reason_err = error.message

        # If I got a reason, it means that it is a known exception.
        if reason_msg is not None:
            raise ScanMustStopByKnownReasonExc(msg % error, reason=reason_err)

        else:
            errors = [] if parsed_traceback else last_errors
            raise ScanMustStopByUnknownReasonExc(msg % error, errs=errors)