def run_read(self):
api_result = self.api_read()
if not api_result:
msg = 'Failed to verify if root login is allowed, a SSH bruteforce'\
' attack might still be possible.'
return msg
else:
rows = [[
'Root login allowed',
], []]
if api_result['ssh_root_bruteforce']:
rows.append([
'A SSH Bruteforce attack is possible.',
])
if api_result['securetty_root_login']:
rows.append([
'Root user is allowed to login on CONSOLE.',
])
if not api_result['ssh_root_bruteforce'] and not api_result[
'securetty_root_login']:
rows.append([
'Root user is not allowed to login through SSH'
' nor console.',
])
result_table = table(rows)
result_table.draw(80)
return rows
def show_progress_on_request(self):
"""
When the user hits enter, show the progress
"""
while self._w3af.status.is_running():
# Define some variables...
user_press_enter = False
# TODO: This if is terrible! I need to remove it!
# read from sys.stdin with a 0.5 second timeout
if sys.platform != "win32":
# linux
rfds, wfds, efds = select.select([sys.stdin], [], [], 0.5)
if rfds:
if len(sys.stdin.readline()):
user_press_enter = True
else:
# windows
import msvcrt
time.sleep(0.3)
if msvcrt.kbhit():
if term.read(1) in ["\n", "\r", "\r\n", "\n\r"]:
user_press_enter = True
# If something was written to sys.stdin, read it
if user_press_enter:
# Get the information and print it to the user
status_information_str = self._w3af.status.get_long_status()
t = table([(status_information_str,)])
t.draw()
om.out.console("")
def run_read(self):
api_result = self.api_read()
if not api_result:
msg = 'Failed to verify if the remote host is running a honeypot.'
return msg
else:
rows = []
rows.append([
'Honeypot',
])
rows.append([])
if api_result['running_honeypot']:
rows.append([
'Is running a Honeypot!',
])
if api_result['is_a_honeypot']:
rows.append([
'Is a Honeypot!',
])
if not api_result['running_honeypot'] and not api_result[
'is_a_honeypot']:
rows.append([
'No honeypot detected.',
])
result_table = table(rows)
result_table.draw(80)
return rows
def show_progress_on_request(self):
"""
When the user hits enter, show the progress
"""
while self._w3af.status.is_running():
# Define some variables...
user_press_enter = False
# TODO: This if is terrible! I need to remove it!
# read from sys.stdin with a 0.5 second timeout
if sys.platform != 'win32':
# linux
rfds, wfds, efds = select.select([sys.stdin], [], [], 0.5)
if rfds:
if len(sys.stdin.readline()):
user_press_enter = True
else:
# windows
import msvcrt
time.sleep(0.3)
if msvcrt.kbhit():
if term.read(1) in ['\n', '\r', '\r\n', '\n\r']:
user_press_enter = True
# If something was written to sys.stdin, read it
if user_press_enter:
# Get the information and print it to the user
status_information_str = self._w3af.status.get_long_status()
t = table([(status_information_str, )])
t.draw()
om.out.console('')
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No TCP information was identified.'
else:
rows = []
rows.append([
'Id', 'Local Address', 'Remote Address', 'Status', 'User',
'Inode'
])
rows.append([])
for key in api_result:
local_address = api_result[key]['local_address']
rem_address = api_result[key]['rem_address']
st = api_result[key]['st']
uid = api_result[key]['uid']
inode = api_result[key]['inode']
rows.append([key, local_address, rem_address, st, uid, inode])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['gcc_version']:
return 'GCC version could not be identified.'
else:
rows = []
rows.append(['GCC Version', api_result['gcc_version']])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result["os"]:
return "Remote OS not identified."
else:
rows = []
rows.append(["Remote OS", api_result["os"]])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['os']:
return 'Remote OS not identified.'
else:
rows = []
rows.append(['Remote OS', api_result['os']])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
rows = []
rows.append(['Description', 'Value'])
rows.append([])
for key in api_result:
rows.append([key, str(api_result[key])])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
rows = []
rows.append(['Description', 'Value'])
rows.append([])
for key in api_result:
rows.append([key, str(api_result[key])])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No MySQL configuration directories were found.'
else:
rows = [['MySQL configuration directory'], []]
for directory in api_result['directory']:
rows.append([directory, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self, output_directory):
api_result = self.api_read(output_directory)
if not api_result:
return 'Failed to download the application source code.'
else:
rows = [['Remote file', 'Local file', ], []]
for url, (remote_filename, local_filename) in api_result.items():
rows.append([remote_filename, local_filename])
result_table = table(rows)
result_table.draw(140)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['apache_directory']:
return 'Apache configuration directory not found.'
else:
rows = [['Apache directories', ], []]
for key_name in api_result:
for path in api_result[key_name]:
rows.append([path, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'MySQL configuration files not found.'
else:
rows = [['MySQL configuration file', 'Content'], []]
for filename in api_result:
rows.append([filename, api_result[filename]])
rows.append([])
result_table = table(rows[:-1])
result_table.draw(80)
return rows
def run_read(self, output_directory):
api_result = self.api_read(output_directory)
if not api_result:
return 'Failed to download the application source code.'
else:
rows = [['Remote file', 'Local file', ], []]
for url, (remote_filename, local_filename) in api_result.items():
rows.append([remote_filename, local_filename])
result_table = table(rows)
result_table.draw(140)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'MySQL configuration files not found.'
else:
rows = [['MySQL configuration file', 'Content'], []]
for filename in api_result:
rows.append([filename, api_result[filename]])
rows.append([])
result_table = table(rows[:-1])
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['kernel_version']:
return 'Failed to identify kernel version.'
else:
rows = []
rows.append(['Kernel version', ])
rows.append([])
rows.append([api_result['kernel_version'], ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'ARP cache not found.'
else:
rows = []
rows.append(['IP address', 'HW address', 'Device'])
rows.append([])
for ip_address in api_result:
hw_addr, device = api_result[ip_address]
rows.append([ip_address, hw_addr, device])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['apache_config']:
return 'Apache configuration files not found.'
else:
rows = []
rows.append(['Apache configuration files'])
rows.append([])
for key_name in api_result:
for filename, file_content in api_result[key_name].items():
rows.append([filename, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['apache_config']:
return 'Apache configuration files not found.'
else:
rows = []
rows.append(['Apache configuration files'])
rows.append([])
for key_name in api_result:
for filename, file_content in api_result[key_name].items():
rows.append([filename, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No hashes were found.'
else:
rows = []
rows.append(['User', 'Hash'])
rows.append([])
for user, uhash in api_result.items():
rows.append([user, uhash])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['hostname']:
return 'Host name could not be identified.'
else:
rows = []
rows.append(['Hostname', ])
rows.append([])
for hostname in api_result['hostname']:
rows.append([hostname, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['apache_ssl_certificate'] and not api_result['apache_ssl_key']:
return 'Apache SSL key and Certificate not found.'
else:
rows = []
rows.append(['Description', 'Value'])
rows.append([])
for key_name in api_result:
for desc, value in api_result[key_name].iteritems():
rows.append([desc, value])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['file'] and not api_result['version']:
return 'Apache mod_security configuration files not found.'
else:
rows = []
rows.append(['Description', 'Value'])
rows.append([])
for key_name in api_result:
for k, v in api_result[key_name].items():
rows.append([key_name, k])
result_table = table(rows)
result_table.draw(90)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No MySQL configuration directories were found.'
else:
rows = [['MySQL configuration directory'], []]
for directory in api_result['directory']:
rows.append([
directory,
])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No firefox files were identified.'
else:
rows = []
rows.append(['Firefox file', 'Read access'])
rows.append([])
for filename in api_result:
rows.append([filename, 'Yes'])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return "No hashes were found."
else:
rows = []
rows.append(["User", "Hash"])
rows.append([])
for user, uhash in api_result.items():
rows.append([user, uhash])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No email files could be read.'
else:
rows = []
rows.append(['Email files'])
rows.append([])
for filename in api_result:
rows.append([filename, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['file'] and not api_result['version']:
return 'Apache mod_security configuration files not found.'
else:
rows = []
rows.append(['Description', 'Value'])
rows.append([])
for key_name in api_result:
for k, v in api_result[key_name].items():
rows.append([key_name, k])
result_table = table(rows)
result_table.draw(90)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No log files not found.'
else:
rows = []
rows.append(['Log files'])
rows.append([])
for filename in api_result:
rows.append([filename, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No firefox files were identified.'
else:
rows = []
rows.append(['Firefox file', 'Read access'])
rows.append([])
for filename in api_result:
rows.append([filename, 'Yes'])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return "ARP cache not found."
else:
rows = []
rows.append(["IP address", "HW address", "Device"])
rows.append([])
for ip_address in api_result:
hw_addr, device = api_result[ip_address]
rows.append([ip_address, hw_addr, device])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self, recursion_level):
api_result = self.api_read(recursion_level)
if not api_result:
return 'No files found.'
else:
rows = [['Filename', 'Interesting'], []]
for filename in api_result:
interesting = api_result[filename] and 'X' or ''
rows.append([filename, interesting])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'Domain name not found.'
else:
rows = []
rows.append(['Domain name', ])
rows.append([])
for domain in api_result.values():
rows.append([domain, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
rows = []
rows.append(['Description', 'Hours', 'Minutes', 'Seconds'])
rows.append([])
for key in api_result:
hours = api_result[key]['hours']
minutes = api_result[key]['minutes']
seconds = api_result[key]['seconds']
rows.append([key, hours, minutes, seconds])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['apache_run_user']:
return 'Apache run user not found.'
else:
rows = []
rows.append(['Apache run user'])
rows.append([])
for key_name in api_result:
for user in api_result[key_name]:
rows.append([user, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result["version"]:
return "Apache version not found."
else:
rows = []
rows.append(["Version"])
rows.append([])
for key_name in api_result:
for version in api_result[key_name]:
rows.append([version])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
rows = []
rows.append(['Description', 'Hours', 'Minutes', 'Seconds'])
rows.append([])
for key in api_result:
hours = api_result[key]['hours']
minutes = api_result[key]['minutes']
seconds = api_result[key]['seconds']
rows.append([key, hours, minutes, seconds])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['ssh_version']:
return 'SSH version could not be identified.'
else:
rows = []
rows.append(['SSH version'])
rows.append([])
rows.append([api_result['ssh_version'], ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result['apache_root_directory']:
return 'Apache root directory not found.'
else:
rows = []
rows.append(['Apache root directories'])
rows.append([])
for key_name in api_result:
for directory in api_result[key_name]:
rows.append([directory, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
rows = []
rows.append(['Running inside Virtual Machine', ])
rows.append([])
if api_result['running_vm']:
rows.append(['The remote host is a virtual machine.', ])
else:
rows.append(['The remote host is NOT a virtual machine.', ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self, recursion_level):
api_result = self.api_read(recursion_level)
if not api_result:
return 'No files found.'
else:
rows = [['Filename', 'Interesting'], []]
for filename in api_result:
interesting = api_result[filename] and 'X' or ''
rows.append([filename, interesting])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_res = self.api_read()
if not api_res:
return 'No vulnerability was found.'
rows = [['Vuln Type', 'Remote Location', 'Vuln Param', 'Lineno'], []]
for vulnty, files in api_res.iteritems():
for f in files:
rows.append(
[vulnty, str(f['loc']), f['vulnsrc'], str(f['lineno'])])
restable = table(rows)
restable.draw(100)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return "No MySQL configuration directories were found."
else:
rows = []
rows.append(["MySQL configuration directory"])
rows.append([])
for directory in api_result["directory"]:
rows.append([directory])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No user configuration files found.'
else:
rows = []
rows.append(['User configuration files', ])
rows.append([])
for filename in api_result:
rows.append([filename, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No CPU information found.'
else:
rows = []
rows.append(['Description', 'Value'])
rows.append([])
for name in api_result:
rows.append([name, api_result[name]])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self, local_temp_dir, pixy_location):
api_result = self.api_read(local_temp_dir, pixy_location)
if not api_result:
return 'No vulnerabilities were identified.'
else:
rows = []
rows.append(['Vulnerability type', 'Location'])
rows.append([])
for vuln_type in api_result:
for vuln_location in api_result[vuln_type]:
rows.append([vuln_type, vuln_location])
result_table = table(rows)
result_table.draw(100)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'Kerberos config files not found.'
else:
rows = []
rows.append(['Kerberos file', 'Read access'])
rows.append([])
for filename in api_result:
rows.append([filename, 'Yes'])
rows.append([])
result_table = table(rows[:-1])
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No SMB configuration files were identified.'
else:
rows = []
rows.append(['SMB configuration files'])
rows.append([])
for filename in api_result:
rows.append([filename, ])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'Hosts files not found.'
else:
rows = []
rows.append(['Host file', 'Content'])
rows.append([])
for file in api_result:
rows.append([file, api_result[file]])
rows.append([])
result_table = table(rows[:-1])
result_table.draw(160)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'Rootkit hunter failed to run.'
else:
rows = []
rows.append(['Description', 'Value'])
rows.append([])
for key in api_result:
for value in api_result[key]:
rows.append([key, value])
result_table = table(rows)
result_table.draw(80)
return rows
def run_is_open_port(self, target, ports):
api_result = self.api_is_open_port(target, ports)
if not api_result:
return 'No open ports were found'
else:
rows = []
rows.append(['Host', 'Open TCP ports'])
rows.append([])
for host in api_result:
port_list = '\n'.join([str(port) for port in api_result[host]])
rows.append([host, port_list])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_result = self.api_read()
if not api_result:
return 'No log files not found.'
else:
rows = []
rows.append(['Log files'])
rows.append([])
for filename in api_result:
rows.append([
filename,
])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self):
api_res = self.api_read()
if not api_res:
return 'No vulnerability was found.'
rows = [['Vuln Type', 'Remote Location', 'Vuln Param', 'Lineno'], []]
for vulnty, files in api_res.iteritems():
for f in files:
rows.append(
[vulnty,
str(f['loc']), f['vulnsrc'],
str(f['lineno'])])
restable = table(rows)
restable.draw(100)
return rows