def check_core_alteration(self, core_url: str) -> List[Alteration]:
self.get_archive_name()
alterations = []
temp_directory = uCMS.TempDir.create()
LOGGER.print_cms("info", "[+] Checking core alteration", "", 0)
try:
response = requests.get(core_url)
response.raise_for_status()
if response.status_code == 200:
zip_file = zipfile.ZipFile(io.BytesIO(response.content), "r")
zip_file.extractall(temp_directory)
zip_file.close()
except requests.exceptions.HTTPError as e:
LOGGER.print_cms(
"alert", "[-] Unable to find the original archive. Search manually !", "", 0
)
self.core.alterations = alterations
LOGGER.debug(str(e))
return self.core.alterations
clean_core_path = os.path.join(temp_directory, Path(self.get_archive_name()))
dcmp = dircmp(clean_core_path, self.dir_path, self.core.ignored_files)
uCMS.diff_files(dcmp, alterations, self.dir_path) # type: ignore # ignore for "dcmp" variable
self.core.alterations = alterations
if alterations is not None:
msg = "[+] For further analysis, archive downloaded here : " + clean_core_path
LOGGER.print_cms("info", msg, "", 0)
return self.core.alterations
def check_core_alteration(self, dir_path, version_core, core_url):
alterations = []
ignored = [
"modules", "CHANGELOG.txt", "COPYRIGHT.txt", "LICENSE.txt",
"MAINTAINERS.txt", "INSTALL.txt", "README.txt"
]
temp_directory = uCMS.TempDir.create()
log.print_cms("info", "[+] Checking core alteration", "", 0)
try:
response = requests.get(core_url)
response.raise_for_status()
if response.status_code == 200:
zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
zip_file.extractall(temp_directory)
zip_file.close()
except requests.exceptions.HTTPError as e:
msg = "[-] The original drupal archive has not been found. Search " \
"manually ! "
log.print_cms("alert", msg, "", 0)
return msg, e
clean_core_path = os.path.join(temp_directory,
"drupal-" + version_core)
dcmp = dircmp(clean_core_path, dir_path, ignored)
uCMS.diff_files(dcmp, alterations, dir_path)
return alterations, None
def check_core_alteration(self, dir_path, core_url):
alterations = []
ignored = [
".git", "cache", "plugins", "themes", "images", "license.txt",
"readme.html", "version.php"
]
temp_directory = uCMS.TempDir.create()
log.print_cms("info", "[+] Checking core alteration", "", 0)
try:
response = requests.get(core_url)
response.raise_for_status()
if response.status_code == 200:
zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
zip_file.extractall(temp_directory)
zip_file.close()
except requests.exceptions.HTTPError as e:
msg = "[-] The original WordPress archive has not been found. Search manually ! "
log.print_cms("alert", msg, "", 0)
return msg, e
clean_core_path = os.path.join(temp_directory, "wordpress")
dcmp = dircmp(clean_core_path, dir_path, ignored)
uCMS.diff_files(dcmp, alterations, dir_path)
if alterations is not None:
msg = "[+] For further analysis, archive downloaded here : " + clean_core_path
log.print_cms("info", msg, "", 1)
return alterations, None
def check_addon_alteration(self, addon: Addon, addon_path: str,
temp_directory: str) -> str:
addon_url = self.get_addon_url(addon)
LOGGER.print_cms("default", f"To download the addon: {addon_url}", "",
1)
altered = ""
try:
response = requests.get(addon_url)
response.raise_for_status()
if response.status_code == 200:
zip_file = zipfile.ZipFile(io.BytesIO(response.content), "r")
zip_file.extractall(temp_directory)
zip_file.close()
project_dir_hash = dirhash(addon_path, "sha1")
ref_dir = os.path.join(temp_directory, addon.name)
ref_dir_hash = dirhash(ref_dir, "sha1")
if project_dir_hash == ref_dir_hash:
altered = "NO"
LOGGER.print_cms("good",
f"Different from sources : {altered}", "",
1)
else:
altered = "YES"
LOGGER.print_cms("alert",
f"Different from sources : {altered}", "",
1)
dcmp = dircmp(addon_path, ref_dir,
self.ignored_files_addon)
uCMS.diff_files(dcmp, addon.alterations, addon_path)
addon.altered = altered
if addon.alterations is not None:
LOGGER.print_cms(
"info",
f"[+] For further analysis, archive downloaded here : {ref_dir}",
"",
1,
)
except requests.exceptions.HTTPError as e:
addon.notes = "The download link is not standard. Search manually !"
LOGGER.print_cms("alert", addon.notes, "", 1)
LOGGER.debug(str(e))
return addon.notes
return altered
def check_addon_alteration(self, addon, dir_path, temp_directory):
addon_url = "{}{}.{}.zip".format(self.download_addon_url,
addon["name"], addon["version"])
if addon["version"] == "trunk":
addon_url = "{}{}.zip".format(self.download_addon_url,
addon["name"])
log.print_cms("default", "To download the addon: " + addon_url, "", 1)
try:
response = requests.get(addon_url)
response.raise_for_status()
if response.status_code == 200:
zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
zip_file.extractall(temp_directory)
zip_file.close()
project_dir = os.path.join(dir_path, self.wp_content,
"plugins", addon["name"])
project_dir_hash = dirhash(project_dir, 'sha1')
ref_dir = os.path.join(temp_directory, addon["name"])
ref_dir_hash = dirhash(ref_dir, 'sha1')
if project_dir_hash == ref_dir_hash:
altered = "NO"
log.print_cms("good",
"Different from sources : " + altered, "", 1)
else:
altered = "YES"
log.print_cms("alert",
"Different from sources : " + altered, "", 1)
ignored = ["css", "img", "js", "fonts", "images"]
dcmp = dircmp(project_dir, ref_dir, ignored)
uCMS.diff_files(dcmp, addon["alterations"], project_dir)
addon["edited"] = altered
if addon["alterations"] is not None:
msg = "[+] For further analysis, archive downloaded here : " + ref_dir
log.print_cms("info", msg, "", 1)
except requests.exceptions.HTTPError as e:
msg = "The download link is not standard. Search manually !"
log.print_cms("alert", msg, "", 1)
addon["notes"] = msg
return msg, e
return altered, None
def check_addon_alteration(self, addon, addon_path, temp_directory):
addon_url = "{}{}-{}.zip".format(self.download_addon_url,
addon["name"], addon["version"])
if addon["version"] == "VERSION":
# TODO
return None, None
log.print_cms("default", "To download the addon : " + addon_url, "", 1)
altered = ""
try:
response = requests.get(addon_url)
response.raise_for_status()
if response.status_code == 200:
zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
zip_file.extractall(temp_directory)
zip_file.close()
project_dir_hash = dirhash(addon_path, 'sha1')
ref_dir = os.path.join(temp_directory, addon["name"])
ref_dir_hash = dirhash(ref_dir, 'sha1')
if project_dir_hash == ref_dir_hash:
altered = "NO"
log.print_cms("good",
"Different from sources : " + altered, "", 1)
else:
altered = "YES"
log.print_cms("alert",
"Different from sources : " + altered, "", 1)
ignored = ["tests"]
dcmp = dircmp(addon_path, ref_dir, ignored)
uCMS.diff_files(dcmp, addon["alterations"], addon_path)
addon["edited"] = altered
except requests.exceptions.HTTPError as e:
msg = "The download link is not standard. Search manually !"
log.print_cms("alert", msg, "", 1)
addon["notes"] = msg
return msg, e
return altered, None
