class CheckerProcess(Process): def __init__(self, team_id, checks, db_host, db_port, db_name, check_delay): super(CheckerProcess, self).__init__() self.team_id = team_id self.db = MongoDBWrapper(db_host, int(db_port), db_name) self.check_delay = int(check_delay) self.shutdown_event = Event() self.checks = [] for check in checks: check_db_data = self.db.get_specific_check(check.check_id, check.check_class.check_type) if len(check_db_data) > 0: check_data = check_db_data[0] if issubclass(check.check_class, InjectCheck): check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name, check_data['time_to_check']) self.checks.append(Checker(check.check_id, check_obj, check_obj.time_to_run)) elif issubclass(check.check_class, (ServiceCheck, AttackerCheck)): check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name) self.checks.append(Checker(check.check_id, check_obj, datetime.now())) random.shuffle(self.checks, random.random) def run(self): while not self.shutdown_event.is_set(): self.run_checks() def run_checks(self): indices_to_remove = [] for i in range(0, len(self.checks)): check = self.checks[i] check_obj = copy(check.object) now = datetime.now() print check.time_to_run, '<', now, '=', check.time_to_run < now if check.time_to_run < now: check_process = Process(target=check_obj.run_check) check_process.start() check_process.join(check_obj.timeout) if check_process.is_alive(): check_process.terminate() score = check_obj.score if issubclass(type(check_obj), InjectCheck): self.db.complete_inject_check(check.id, self.team_id, datetime.now(), score) #self.checks[:] = [obj for obj in self.checks if not obj == check] indices_to_remove.append(i) elif issubclass(type(check_obj), ServiceCheck): self.db.complete_service_check(check.id, self.team_id, datetime.now(), score) check.timestamp = datetime.now() + timedelta(seconds=self.check_delay) elif issubclass(type(check_obj), AttackerCheck): self.db.complete_attacker_check(check.id, self.team_id, datetime.now(), score) check.timestamp = datetime.now() + timedelta(seconds=self.check_delay) self.db.calculate_scores_for_team(self.team_id) if self.shutdown_event.is_set(): break indices_to_remove.sort(reverse=True) for i in indices_to_remove: del self.checks[i]
def __init__(self, team_id, checks, db_host, db_port, db_name, check_delay): super(CheckerProcess, self).__init__() self.team_id = team_id self.db = MongoDBWrapper(db_host, int(db_port), db_name) self.check_delay = int(check_delay) self.shutdown_event = Event() self.checks = [] for check in checks: check_db_data = self.db.get_specific_check(check.check_id, check.check_class.check_type) if len(check_db_data) > 0: check_data = check_db_data[0] if issubclass(check.check_class, InjectCheck): check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name, check_data['time_to_check']) self.checks.append(Checker(check.check_id, check_obj, check_obj.time_to_run)) elif issubclass(check.check_class, (ServiceCheck, AttackerCheck)): check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name) self.checks.append(Checker(check.check_id, check_obj, datetime.now())) random.shuffle(self.checks, random.random)
def create_app(_config_dir=None, _config_filename='settings.cfg', _configspec_filename='configspec.cfg'): # Create Flask app global app app = Flask("CheshireCat") if _config_dir is not None: default_config_dirs.insert(0, _config_dir) configspec_path = get_first_file_that_exists(default_config_dirs, _configspec_filename) config_path = get_first_file_that_exists(default_config_dirs, _config_filename) if configspec_path is None: raise FileNotFound('configspec', default_config_dirs, _configspec_filename) if config_path is None: raise FileNotFound('config', default_config_dirs, _config_filename) # Load configuration file configspec = ConfigObj(configspec_path, list_values=False) config = ConfigObj(config_path, configspec=configspec) test = config.validate(Validator(), copy=True) for key in config['CORE']: app.config[key] = config['CORE'][key] # Change the session interface to be more secure and portalble than the default # which is provided by Werkzeug. # These break the engine currently. I don't know why. #app.session_interface = RedisSignedSessionInterface() #app.session_interface = ItsdangerousSessionInterface() # Flask-Login manages user sessions for us, but we need to set it up first, so # we'll do so here. global login_manager login_manager = LoginManager() login_manager.init_app(app) # Initialize our database dbconfig = config['CORE']['DATABASE'] db = MongoDBWrapper(dbconfig['HOST'], int(dbconfig['PORT']), dbconfig['DB_NAME']) db.init_db() if len(db.get_all_users_with_role('administrator')) == 0: db.create_user('admin', hash_password('admin'), '*****@*****.**', 'administrator') # Initialize CheshireCat # Import the views, to apply the decorators which use the global app object. from . import views