Ejemplo n.º 1
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            msg = 'Failed to verify if root login is allowed, a SSH bruteforce'\
                  ' attack might still be possible.'
            return msg
        else:

            rows = [[
                'Root login allowed',
            ], []]

            if api_result['ssh_root_bruteforce']:
                rows.append([
                    'A SSH Bruteforce attack is possible.',
                ])

            if api_result['securetty_root_login']:
                rows.append([
                    'Root user is allowed to login on CONSOLE.',
                ])

            if not api_result['ssh_root_bruteforce'] and not api_result[
                    'securetty_root_login']:
                rows.append([
                    'Root user is not allowed to login through SSH'
                    ' nor console.',
                ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 2
0
    def show_progress_on_request(self):
        """
        When the user hits enter, show the progress
        """
        while self._w3af.status.is_running():

            # Define some variables...
            user_press_enter = False

            # TODO: This if is terrible! I need to remove it!
            # read from sys.stdin with a 0.5 second timeout
            if sys.platform != "win32":
                # linux
                rfds, wfds, efds = select.select([sys.stdin], [], [], 0.5)
                if rfds:
                    if len(sys.stdin.readline()):
                        user_press_enter = True
            else:
                # windows
                import msvcrt

                time.sleep(0.3)
                if msvcrt.kbhit():
                    if term.read(1) in ["\n", "\r", "\r\n", "\n\r"]:
                        user_press_enter = True

            # If something was written to sys.stdin, read it
            if user_press_enter:

                # Get the information and print it to the user
                status_information_str = self._w3af.status.get_long_status()
                t = table([(status_information_str,)])
                t.draw()
                om.out.console("")
Ejemplo n.º 3
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            msg = 'Failed to verify if the remote host is running a honeypot.'
            return msg
        else:

            rows = []
            rows.append([
                'Honeypot',
            ])
            rows.append([])
            if api_result['running_honeypot']:
                rows.append([
                    'Is running a Honeypot!',
                ])
            if api_result['is_a_honeypot']:
                rows.append([
                    'Is a Honeypot!',
                ])
            if not api_result['running_honeypot'] and not api_result[
                    'is_a_honeypot']:
                rows.append([
                    'No honeypot detected.',
                ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 4
0
    def show_progress_on_request(self):
        """
        When the user hits enter, show the progress
        """
        while self._w3af.status.is_running():

            # Define some variables...
            user_press_enter = False

            # TODO: This if is terrible! I need to remove it!
            # read from sys.stdin with a 0.5 second timeout
            if sys.platform != 'win32':
                # linux
                rfds, wfds, efds = select.select([sys.stdin], [], [], 0.5)
                if rfds:
                    if len(sys.stdin.readline()):
                        user_press_enter = True
            else:
                # windows
                import msvcrt
                time.sleep(0.3)
                if msvcrt.kbhit():
                    if term.read(1) in ['\n', '\r', '\r\n', '\n\r']:
                        user_press_enter = True

            # If something was written to sys.stdin, read it
            if user_press_enter:

                # Get the information and print it to the user
                status_information_str = self._w3af.status.get_long_status()
                t = table([(status_information_str, )])
                t.draw()
                om.out.console('')
Ejemplo n.º 5
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No TCP information was identified.'
        else:
            rows = []
            rows.append([
                'Id', 'Local Address', 'Remote Address', 'Status', 'User',
                'Inode'
            ])
            rows.append([])

            for key in api_result:
                local_address = api_result[key]['local_address']
                rem_address = api_result[key]['rem_address']
                st = api_result[key]['st']
                uid = api_result[key]['uid']
                inode = api_result[key]['inode']

                rows.append([key, local_address, rem_address, st, uid, inode])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 6
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['gcc_version']:
            return 'GCC version could not be identified.'
        else:
            rows = []
            rows.append(['GCC Version', api_result['gcc_version']])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 7
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result["os"]:
            return "Remote OS not identified."
        else:
            rows = []
            rows.append(["Remote OS", api_result["os"]])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 8
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['os']:
            return 'Remote OS not identified.'
        else:
            rows = []
            rows.append(['Remote OS', api_result['os']])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 9
0
    def run_read(self):
        api_result = self.api_read()

        rows = []
        rows.append(['Description', 'Value'])
        rows.append([])
        for key in api_result:
            rows.append([key, str(api_result[key])])

        result_table = table(rows)
        result_table.draw(80)
        return rows
Ejemplo n.º 10
0
    def run_read(self):
        api_result = self.api_read()

        rows = []
        rows.append(['Description', 'Value'])
        rows.append([])
        for key in api_result:
            rows.append([key, str(api_result[key])])

        result_table = table(rows)
        result_table.draw(80)
        return rows
Ejemplo n.º 11
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No MySQL configuration directories were found.'
        else:
            rows = [['MySQL configuration directory'], []]
            for directory in api_result['directory']:
                rows.append([directory, ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 12
0
    def run_read(self, output_directory):
        api_result = self.api_read(output_directory)

        if not api_result:
            return 'Failed to download the application source code.'
        else:
            rows = [['Remote file', 'Local file', ], []]

            for url, (remote_filename, local_filename) in api_result.items():
                rows.append([remote_filename, local_filename])

            result_table = table(rows)
            result_table.draw(140)
            return rows
Ejemplo n.º 13
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['apache_directory']:
            return 'Apache configuration directory not found.'
        else:
            rows = [['Apache directories', ], []]
            for key_name in api_result:
                for path in api_result[key_name]:
                    rows.append([path, ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 14
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'MySQL configuration files not found.'
        else:
            rows = [['MySQL configuration file', 'Content'], []]
            for filename in api_result:
                rows.append([filename, api_result[filename]])
                rows.append([])

            result_table = table(rows[:-1])
            result_table.draw(80)
            return rows
Ejemplo n.º 15
0
    def run_read(self, output_directory):
        api_result = self.api_read(output_directory)

        if not api_result:
            return 'Failed to download the application source code.'
        else:
            rows = [['Remote file', 'Local file', ], []]

            for url, (remote_filename, local_filename) in api_result.items():
                rows.append([remote_filename, local_filename])

            result_table = table(rows)
            result_table.draw(140)
            return rows
Ejemplo n.º 16
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'MySQL configuration files not found.'
        else:
            rows = [['MySQL configuration file', 'Content'], []]
            for filename in api_result:
                rows.append([filename, api_result[filename]])
                rows.append([])

            result_table = table(rows[:-1])
            result_table.draw(80)
            return rows
Ejemplo n.º 17
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['kernel_version']:
            return 'Failed to identify kernel version.'
        else:
            rows = []
            rows.append(['Kernel version', ])
            rows.append([])
            rows.append([api_result['kernel_version'], ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 18
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'ARP cache not found.'
        else:
            rows = []
            rows.append(['IP address', 'HW address', 'Device'])
            rows.append([])
            for ip_address in api_result:
                hw_addr, device = api_result[ip_address]
                rows.append([ip_address, hw_addr, device])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 19
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['apache_config']:
            return 'Apache configuration files not found.'
        else:
            rows = []
            rows.append(['Apache configuration files'])
            rows.append([])
            for key_name in api_result:
                for filename, file_content in api_result[key_name].items():
                    rows.append([filename, ])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 20
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['apache_config']:
            return 'Apache configuration files not found.'
        else:
            rows = []
            rows.append(['Apache configuration files'])
            rows.append([])
            for key_name in api_result:
                for filename, file_content in api_result[key_name].items():
                    rows.append([filename, ])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 21
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No hashes were found.'
        else:
            rows = []
            rows.append(['User', 'Hash'])
            rows.append([])
            for user, uhash in api_result.items():
                rows.append([user, uhash])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 22
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['hostname']:
            return 'Host name could not be identified.'
        else:
            rows = []
            rows.append(['Hostname', ])
            rows.append([])
            for hostname in api_result['hostname']:
                rows.append([hostname, ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 23
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['apache_ssl_certificate'] and not api_result['apache_ssl_key']:
            return 'Apache SSL key and Certificate not found.'
        else:
            rows = []
            rows.append(['Description', 'Value'])
            rows.append([])
            for key_name in api_result:
                for desc, value in api_result[key_name].iteritems():
                    rows.append([desc, value])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 24
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['file'] and not api_result['version']:
            return 'Apache mod_security configuration files not found.'
        else:
            rows = []
            rows.append(['Description', 'Value'])
            rows.append([])
            for key_name in api_result:
                for k, v in api_result[key_name].items():
                    rows.append([key_name, k])
            result_table = table(rows)
            result_table.draw(90)
            return rows
Ejemplo n.º 25
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No MySQL configuration directories were found.'
        else:
            rows = [['MySQL configuration directory'], []]
            for directory in api_result['directory']:
                rows.append([
                    directory,
                ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 26
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No firefox files were identified.'
        else:
            rows = []
            rows.append(['Firefox file', 'Read access'])
            rows.append([])
            for filename in api_result:
                rows.append([filename, 'Yes'])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 27
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return "No hashes were found."
        else:
            rows = []
            rows.append(["User", "Hash"])
            rows.append([])
            for user, uhash in api_result.items():
                rows.append([user, uhash])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 28
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No email files could be read.'
        else:
            rows = []
            rows.append(['Email files'])
            rows.append([])
            for filename in api_result:
                rows.append([filename, ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 29
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['file'] and not api_result['version']:
            return 'Apache mod_security configuration files not found.'
        else:
            rows = []
            rows.append(['Description', 'Value'])
            rows.append([])
            for key_name in api_result:
                for k, v in api_result[key_name].items():
                    rows.append([key_name, k])
            result_table = table(rows)
            result_table.draw(90)
            return rows
Ejemplo n.º 30
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No log files not found.'
        else:
            rows = []
            rows.append(['Log files'])
            rows.append([])
            for filename in api_result:
                rows.append([filename, ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 31
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No firefox files were identified.'
        else:
            rows = []
            rows.append(['Firefox file', 'Read access'])
            rows.append([])
            for filename in api_result:
                rows.append([filename, 'Yes'])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 32
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return "ARP cache not found."
        else:
            rows = []
            rows.append(["IP address", "HW address", "Device"])
            rows.append([])
            for ip_address in api_result:
                hw_addr, device = api_result[ip_address]
                rows.append([ip_address, hw_addr, device])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 33
0
    def run_read(self, recursion_level):

        api_result = self.api_read(recursion_level)

        if not api_result:
            return 'No files found.'
        else:
            rows = [['Filename', 'Interesting'], []]
            for filename in api_result:
                interesting = api_result[filename] and 'X' or ''
                rows.append([filename, interesting])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 34
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'Domain name not found.'
        else:
            rows = []
            rows.append(['Domain name', ])
            rows.append([])
            for domain in api_result.values():
                rows.append([domain, ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 35
0
    def run_read(self):
        api_result = self.api_read()

        rows = []
        rows.append(['Description', 'Hours', 'Minutes', 'Seconds'])
        rows.append([])
        for key in api_result:
            hours = api_result[key]['hours']
            minutes = api_result[key]['minutes']
            seconds = api_result[key]['seconds']
            rows.append([key, hours, minutes, seconds])

        result_table = table(rows)
        result_table.draw(80)
        return rows
Ejemplo n.º 36
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['apache_run_user']:
            return 'Apache run user not found.'
        else:
            rows = []
            rows.append(['Apache run user'])
            rows.append([])
            for key_name in api_result:
                for user in api_result[key_name]:
                    rows.append([user, ])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 37
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result["version"]:
            return "Apache version not found."
        else:
            rows = []
            rows.append(["Version"])
            rows.append([])
            for key_name in api_result:
                for version in api_result[key_name]:
                    rows.append([version])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 38
0
    def run_read(self):
        api_result = self.api_read()

        rows = []
        rows.append(['Description', 'Hours', 'Minutes', 'Seconds'])
        rows.append([])
        for key in api_result:
            hours = api_result[key]['hours']
            minutes = api_result[key]['minutes']
            seconds = api_result[key]['seconds']
            rows.append([key, hours, minutes, seconds])

        result_table = table(rows)
        result_table.draw(80)
        return rows
Ejemplo n.º 39
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['ssh_version']:
            return 'SSH version could not be identified.'
        else:
            rows = []
            rows.append(['SSH version'])
            rows.append([])

            rows.append([api_result['ssh_version'], ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 40
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result['apache_root_directory']:
            return 'Apache root directory not found.'
        else:
            rows = []
            rows.append(['Apache root directories'])
            rows.append([])
            for key_name in api_result:
                for directory in api_result[key_name]:
                    rows.append([directory, ])
            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 41
0
    def run_read(self):
        api_result = self.api_read()

        rows = []
        rows.append(['Running inside Virtual Machine', ])
        rows.append([])

        if api_result['running_vm']:
            rows.append(['The remote host is a virtual machine.', ])
        else:
            rows.append(['The remote host is NOT a virtual machine.', ])

        result_table = table(rows)
        result_table.draw(80)
        return rows
Ejemplo n.º 42
0
    def run_read(self, recursion_level):

        api_result = self.api_read(recursion_level)

        if not api_result:
            return 'No files found.'
        else:
            rows = [['Filename', 'Interesting'], []]
            for filename in api_result:
                interesting = api_result[filename] and 'X' or ''
                rows.append([filename, interesting])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 43
0
    def run_read(self):

        api_res = self.api_read()
        if not api_res:
            return 'No vulnerability was found.'

        rows = [['Vuln Type', 'Remote Location', 'Vuln Param', 'Lineno'], []]
        for vulnty, files in api_res.iteritems():
            for f in files:
                rows.append(
                    [vulnty, str(f['loc']), f['vulnsrc'], str(f['lineno'])])

        restable = table(rows)
        restable.draw(100)
        return rows
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return "No MySQL configuration directories were found."
        else:
            rows = []
            rows.append(["MySQL configuration directory"])
            rows.append([])
            for directory in api_result["directory"]:
                rows.append([directory])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 45
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No user configuration files found.'
        else:
            rows = []
            rows.append(['User configuration files', ])
            rows.append([])
            for filename in api_result:
                rows.append([filename, ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 46
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No CPU information found.'
        else:
            rows = []
            rows.append(['Description', 'Value'])
            rows.append([])
            for name in api_result:
                rows.append([name, api_result[name]])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 47
0
    def run_read(self, local_temp_dir, pixy_location):
        api_result = self.api_read(local_temp_dir, pixy_location)

        if not api_result:
            return 'No vulnerabilities were identified.'
        else:
            rows = []
            rows.append(['Vulnerability type', 'Location'])
            rows.append([])
            for vuln_type in api_result:
                for vuln_location in api_result[vuln_type]:
                    rows.append([vuln_type, vuln_location])

            result_table = table(rows)
            result_table.draw(100)
            return rows
Ejemplo n.º 48
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'Kerberos config files not found.'
        else:
            rows = []
            rows.append(['Kerberos file', 'Read access'])
            rows.append([])
            for filename in api_result:
                rows.append([filename, 'Yes'])
                rows.append([])

            result_table = table(rows[:-1])
            result_table.draw(80)
            return rows
Ejemplo n.º 49
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No SMB configuration files were identified.'
        else:
            rows = []
            rows.append(['SMB configuration files'])
            rows.append([])
            for filename in api_result:
                rows.append([filename, ])

            result_table = table(rows)
            result_table.draw(80)

            return rows
Ejemplo n.º 50
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'Hosts files not found.'
        else:
            rows = []
            rows.append(['Host file', 'Content'])
            rows.append([])
            for file in api_result:
                rows.append([file, api_result[file]])
                rows.append([])

            result_table = table(rows[:-1])
            result_table.draw(160)
            return rows
Ejemplo n.º 51
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'Rootkit hunter failed to run.'
        else:
            rows = []
            rows.append(['Description', 'Value'])
            rows.append([])
            for key in api_result:
                for value in api_result[key]:
                    rows.append([key, value])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 52
0
    def run_is_open_port(self, target, ports):
        api_result = self.api_is_open_port(target, ports)

        if not api_result:
            return 'No open ports were found'
        else:
            rows = []
            rows.append(['Host', 'Open TCP ports'])
            rows.append([])
            for host in api_result:
                port_list = '\n'.join([str(port) for port in api_result[host]])
                rows.append([host, port_list])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 53
0
    def run_read(self):
        api_result = self.api_read()

        if not api_result:
            return 'No log files not found.'
        else:
            rows = []
            rows.append(['Log files'])
            rows.append([])
            for filename in api_result:
                rows.append([
                    filename,
                ])

            result_table = table(rows)
            result_table.draw(80)
            return rows
Ejemplo n.º 54
0
    def run_read(self):

        api_res = self.api_read()
        if not api_res:
            return 'No vulnerability was found.'

        rows = [['Vuln Type', 'Remote Location', 'Vuln Param', 'Lineno'], []]
        for vulnty, files in api_res.iteritems():
            for f in files:
                rows.append(
                    [vulnty,
                     str(f['loc']), f['vulnsrc'],
                     str(f['lineno'])])

        restable = table(rows)
        restable.draw(100)
        return rows