def check_core_alteration(self, core_url: str) -> List[Alteration]: self.get_archive_name() alterations = [] temp_directory = uCMS.TempDir.create() LOGGER.print_cms("info", "[+] Checking core alteration", "", 0) try: response = requests.get(core_url) response.raise_for_status() if response.status_code == 200: zip_file = zipfile.ZipFile(io.BytesIO(response.content), "r") zip_file.extractall(temp_directory) zip_file.close() except requests.exceptions.HTTPError as e: LOGGER.print_cms( "alert", "[-] Unable to find the original archive. Search manually !", "", 0 ) self.core.alterations = alterations LOGGER.debug(str(e)) return self.core.alterations clean_core_path = os.path.join(temp_directory, Path(self.get_archive_name())) dcmp = dircmp(clean_core_path, self.dir_path, self.core.ignored_files) uCMS.diff_files(dcmp, alterations, self.dir_path) # type: ignore # ignore for "dcmp" variable self.core.alterations = alterations if alterations is not None: msg = "[+] For further analysis, archive downloaded here : " + clean_core_path LOGGER.print_cms("info", msg, "", 0) return self.core.alterations
def check_core_alteration(self, dir_path, version_core, core_url): alterations = [] ignored = [ "modules", "CHANGELOG.txt", "COPYRIGHT.txt", "LICENSE.txt", "MAINTAINERS.txt", "INSTALL.txt", "README.txt" ] temp_directory = uCMS.TempDir.create() log.print_cms("info", "[+] Checking core alteration", "", 0) try: response = requests.get(core_url) response.raise_for_status() if response.status_code == 200: zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r') zip_file.extractall(temp_directory) zip_file.close() except requests.exceptions.HTTPError as e: msg = "[-] The original drupal archive has not been found. Search " \ "manually ! " log.print_cms("alert", msg, "", 0) return msg, e clean_core_path = os.path.join(temp_directory, "drupal-" + version_core) dcmp = dircmp(clean_core_path, dir_path, ignored) uCMS.diff_files(dcmp, alterations, dir_path) return alterations, None
def check_core_alteration(self, dir_path, core_url): alterations = [] ignored = [ ".git", "cache", "plugins", "themes", "images", "license.txt", "readme.html", "version.php" ] temp_directory = uCMS.TempDir.create() log.print_cms("info", "[+] Checking core alteration", "", 0) try: response = requests.get(core_url) response.raise_for_status() if response.status_code == 200: zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r') zip_file.extractall(temp_directory) zip_file.close() except requests.exceptions.HTTPError as e: msg = "[-] The original WordPress archive has not been found. Search manually ! " log.print_cms("alert", msg, "", 0) return msg, e clean_core_path = os.path.join(temp_directory, "wordpress") dcmp = dircmp(clean_core_path, dir_path, ignored) uCMS.diff_files(dcmp, alterations, dir_path) if alterations is not None: msg = "[+] For further analysis, archive downloaded here : " + clean_core_path log.print_cms("info", msg, "", 1) return alterations, None
def check_addon_alteration(self, addon: Addon, addon_path: str, temp_directory: str) -> str: addon_url = self.get_addon_url(addon) LOGGER.print_cms("default", f"To download the addon: {addon_url}", "", 1) altered = "" try: response = requests.get(addon_url) response.raise_for_status() if response.status_code == 200: zip_file = zipfile.ZipFile(io.BytesIO(response.content), "r") zip_file.extractall(temp_directory) zip_file.close() project_dir_hash = dirhash(addon_path, "sha1") ref_dir = os.path.join(temp_directory, addon.name) ref_dir_hash = dirhash(ref_dir, "sha1") if project_dir_hash == ref_dir_hash: altered = "NO" LOGGER.print_cms("good", f"Different from sources : {altered}", "", 1) else: altered = "YES" LOGGER.print_cms("alert", f"Different from sources : {altered}", "", 1) dcmp = dircmp(addon_path, ref_dir, self.ignored_files_addon) uCMS.diff_files(dcmp, addon.alterations, addon_path) addon.altered = altered if addon.alterations is not None: LOGGER.print_cms( "info", f"[+] For further analysis, archive downloaded here : {ref_dir}", "", 1, ) except requests.exceptions.HTTPError as e: addon.notes = "The download link is not standard. Search manually !" LOGGER.print_cms("alert", addon.notes, "", 1) LOGGER.debug(str(e)) return addon.notes return altered
def check_addon_alteration(self, addon, dir_path, temp_directory): addon_url = "{}{}.{}.zip".format(self.download_addon_url, addon["name"], addon["version"]) if addon["version"] == "trunk": addon_url = "{}{}.zip".format(self.download_addon_url, addon["name"]) log.print_cms("default", "To download the addon: " + addon_url, "", 1) try: response = requests.get(addon_url) response.raise_for_status() if response.status_code == 200: zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r') zip_file.extractall(temp_directory) zip_file.close() project_dir = os.path.join(dir_path, self.wp_content, "plugins", addon["name"]) project_dir_hash = dirhash(project_dir, 'sha1') ref_dir = os.path.join(temp_directory, addon["name"]) ref_dir_hash = dirhash(ref_dir, 'sha1') if project_dir_hash == ref_dir_hash: altered = "NO" log.print_cms("good", "Different from sources : " + altered, "", 1) else: altered = "YES" log.print_cms("alert", "Different from sources : " + altered, "", 1) ignored = ["css", "img", "js", "fonts", "images"] dcmp = dircmp(project_dir, ref_dir, ignored) uCMS.diff_files(dcmp, addon["alterations"], project_dir) addon["edited"] = altered if addon["alterations"] is not None: msg = "[+] For further analysis, archive downloaded here : " + ref_dir log.print_cms("info", msg, "", 1) except requests.exceptions.HTTPError as e: msg = "The download link is not standard. Search manually !" log.print_cms("alert", msg, "", 1) addon["notes"] = msg return msg, e return altered, None
def check_addon_alteration(self, addon, addon_path, temp_directory): addon_url = "{}{}-{}.zip".format(self.download_addon_url, addon["name"], addon["version"]) if addon["version"] == "VERSION": # TODO return None, None log.print_cms("default", "To download the addon : " + addon_url, "", 1) altered = "" try: response = requests.get(addon_url) response.raise_for_status() if response.status_code == 200: zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r') zip_file.extractall(temp_directory) zip_file.close() project_dir_hash = dirhash(addon_path, 'sha1') ref_dir = os.path.join(temp_directory, addon["name"]) ref_dir_hash = dirhash(ref_dir, 'sha1') if project_dir_hash == ref_dir_hash: altered = "NO" log.print_cms("good", "Different from sources : " + altered, "", 1) else: altered = "YES" log.print_cms("alert", "Different from sources : " + altered, "", 1) ignored = ["tests"] dcmp = dircmp(addon_path, ref_dir, ignored) uCMS.diff_files(dcmp, addon["alterations"], addon_path) addon["edited"] = altered except requests.exceptions.HTTPError as e: msg = "The download link is not standard. Search manually !" log.print_cms("alert", msg, "", 1) addon["notes"] = msg return msg, e return altered, None