Example #1
0
 def test_xml_bomb(self):
     xml = ('<!DOCTYPE xmlbomb ['
            '<!ENTITY a "1234567890" >'
            '<!ENTITY b "&a;&a;&a;&a;&a;&a;&a;&a;">'
            '<!ENTITY c "&b;&b;&b;&b;&b;&b;&b;&b;">'
            '<!ENTITY d "&c;&c;&c;&c;&c;&c;&c;&c;">'
            ']>'
            '<bomb>&c;</bomb>')
     with self.assertRaises(GvmError):
         validate_xml_string(xml)
Example #2
0
 def test_invalid_tag(self):
     with self.assertRaises(GvmError):
         validate_xml_string('<foo&bar/>')
Example #3
0
def main():
    do_not_run_as_root()

    parser = create_parser(description=HELP_TEXT, logfilename='gvm-cli.log')

    parser.add_protocol_argument()

    parser.add_argument('-X', '--xml', help='XML request to send')
    parser.add_argument('-r',
                        '--raw',
                        help='Return raw XML',
                        action='store_true',
                        default=False)
    parser.add_argument(
        '--pretty',
        help='Pretty format the returned xml',
        action='store_true',
        default=False,
    )
    parser.add_argument('--duration',
                        action='store_true',
                        help='Measure command execution time')
    parser.add_argument('infile',
                        nargs='?',
                        help='File to read XML commands from.')

    args = parser.parse_args()

    # If timeout value is -1, then the socket has no timeout for this session
    if args.timeout == -1:
        args.timeout = None

    if args.xml is not None:
        xml = args.xml
    else:
        try:
            xml = _load_infile(args.infile)
        except IOError as e:
            print(e, file=sys.stderr)
            sys.exit(1)

    # If no command was given, program asks for one
    if len(xml) == 0:
        xml = input()

    try:
        validate_xml_string(xml)
    except GvmError as e:
        print(e, file=sys.stderr)
        sys.exit(1)

    connection = create_connection(**vars(args))

    if args.raw:
        transform = None
    else:
        transform = CheckCommandTransform()

    if args.protocol == PROTOCOL_OSP:
        protocol_class = Osp
    else:
        protocol_class = Gmp

    try:
        with protocol_class(connection, transform=transform) as protocol:

            if args.protocol == PROTOCOL_GMP:
                # Ask for password if none are given
                authenticate(protocol, args.gmp_username, args.gmp_password)

            if args.duration:
                starttime = time.time()

            result = protocol.send_command(xml)

            if args.duration:
                duration = time.time() - starttime
                print(f'Elapsed time: {duration} seconds')
            elif args.pretty:
                pretty_print(result)
            else:
                print(result)

    except Exception as e:  # pylint: disable=broad-except
        logger.error(e)
        sys.exit(1)
    sys.exit(0)
Example #4
0
 def test_missing_closing_tag(self):
     with self.assertRaises(GvmError):
         validate_xml_string('<foo>')
Example #5
0
def main():
    do_not_run_as_root()

    parser = create_parser(description=HELP_TEXT, logfilename='gvm-cli.log')

    parser.add_protocol_argument()

    parser.add_argument('-X', '--xml', help='XML request to send')
    parser.add_argument('-r',
                        '--raw',
                        help='Return raw XML',
                        action='store_true',
                        default=False)
    parser.add_argument('infile',
                        nargs='?',
                        help='File to read XML commands from.')

    args = parser.parse_args()

    # If timeout value is -1, then the socket has no timeout for this session
    if args.timeout == -1:
        args.timeout = None

    if args.xml is not None:
        xml = args.xml
    else:
        try:
            xml = _load_infile(args.infile)
        except IOError as e:
            print(e, file=sys.stderr)
            sys.exit(1)

    # If no command was given, program asks for one
    if len(xml) == 0:
        xml = input()

    try:
        validate_xml_string(xml)
    except GvmError as e:
        print(e, file=sys.stderr)
        sys.exit(1)

    connection = create_connection(**vars(args))

    if args.raw:
        transform = None
    else:
        transform = CheckCommandTransform()

    if args.protocol == PROTOCOL_OSP:
        protocol = Osp(connection, transform=transform)
    else:
        protocol = Gmp(connection, transform=transform)

        # Ask for password if none are given
        if args.gmp_username and not args.gmp_password:
            args.gmp_password = getpass.getpass('Enter password for ' +
                                                args.gmp_username + ': ')

        if args.gmp_username:
            protocol.authenticate(args.gmp_username, args.gmp_password)

    try:
        result = protocol.send_command(xml)

        print(result)
    except Exception as e:  # pylint: disable=broad-except
        print(e, file=sys.stderr)
        sys.exit(1)

    protocol.disconnect()

    sys.exit(0)