def setConf():
"""User configuration management and instantiation.
Setting framework configuration based either on previously user saved
settings or default ones.
"""
logger.info("Setting configuration.")
CONF = getInstanceConfiguration()
CONF.setDebugStatus(args.debug)
host = CONF.getApiConInfoHost() if str(CONF.getApiConInfoHost()) != "None" else FARADAY_DEFAULT_HOST
port_xmlrpc = CONF.getApiConInfoPort() if str(CONF.getApiConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_XMLRPC
port_rest = CONF.getApiRestfulConInfoPort() if str(CONF.getApiRestfulConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_REST
host = args.host if args.host else host
port_xmlrpc = args.port_xmlrpc if args.port_xmlrpc else port_xmlrpc
port_rest = args.port_rest if args.port_rest else port_rest
logger.info("XMLRPC API Server listening on %s:%s" % (host, port_xmlrpc))
logger.info("RESTful API Server listening on %s:%s" % (host, port_rest))
CONF.setApiConInfoHost(host)
CONF.setApiConInfoPort(port_xmlrpc)
CONF.setApiRestfulConInfoPort(port_rest)
CONF.setAuth(args.disable_login)
def checkVersion():
try:
f = open(FARADAY_VERSION_FILE)
f_version = f.read().strip()
if not args.update:
if getInstanceConfiguration().getVersion() != None and getInstanceConfiguration().getVersion() != f_version:
logger.warning("You have different version of Faraday since your last run.\nRun ./faraday.py --update to update configuration!")
if query_yes_no('Do you want to close Faraday?', 'yes'):
sys.exit(-1)
getInstanceConfiguration().setVersion(f_version)
f.close()
except Exception as e:
getLogger("launcher").error("It seems that something's wrong with your version\nPlease contact customer support")
sys.exit(-1)
def checkVersion():
try:
f = open(CONST_VERSION_FILE)
f_version = f.read().strip()
if not args.update:
if getInstanceConfiguration().getVersion() != None and getInstanceConfiguration().getVersion() != f_version:
logger.warning("You have different version of Faraday since your last run.\nRun ./faraday.py --update to update configuration!")
if query_yes_no('Do you want to close Faraday?', 'yes'):
exit(-1)
getInstanceConfiguration().setVersion(f_version)
f.close()
doc = {"ver": getInstanceConfiguration().getVersion()}
if os.path.isfile(CONST_CONFIG):
os.remove(CONST_CONFIG)
with open(CONST_CONFIG, "w") as doc_file:
json.dump(doc, doc_file)
except Exception as e:
getLogger("launcher").error("It seems that something's wrong with your version\nPlease contact customer support")
exit(-1)
def setUpLogger():
from config.configuration import getInstanceConfiguration
CONF = getInstanceConfiguration()
logger = logging.getLogger('faraday')
level = logging.INFO
if CONF.getDebugStatus():
level = logging.DEBUG
logger.setLevel(level)
fh = logging.handlers.RotatingFileHandler(LOG_FILE, maxBytes=5*1024*1024, backupCount=5)
fh.setFormatter(formatter)
logger.addHandler(fh)
def checkUpdates():
import requests
uri = getInstanceConfiguration().getUpdatesUri()
resp = u"OK"
try:
resp = requests.get(uri, timeout=1, verify=True)
resp = resp.text.strip()
except Exception as e:
logger.error(e)
if not resp == u'OK':
logger.info("You have available updates. Run ./faraday.py --update to catchup!")
else:
logger.info("No updates available, enjoy Faraday")
def checkCouchUrl():
import requests
try:
requests.get(getInstanceConfiguration().getCouchURI(), timeout=5)
except requests.exceptions.SSLError:
print """
SSL certificate validation failed.
You can use the --cert option in Faraday
to set the path of the cert
"""
sys.exit(-1)
except Exception as e:
# Non fatal error
pass
def setConf():
"""User configuration management and instantiation.
Setting framework configuration based either on previously user saved
settings or default ones.
"""
logger.info("Setting configuration.")
CONF = getInstanceConfiguration()
CONF.setDebugStatus(args.debug)
CONF.setApiConInfo(args.host, args.port)
CONF.setAuth(args.disable_login)
def startFaraday():
"""Application startup.
Starts a MainApplication with the previously parsed arguments, and handles
a profiler if requested.
Returns application status.
"""
from model.application import MainApplication
logger.info("All done. Opening environment.")
#TODO: Handle args in CONF and send only necessary ones.
# Force OSX to run no gui
if sys.platform == "darwin":
args.gui = "no-gui"
main_app = MainApplication(args)
if not args.disable_excepthook:
logger.warning("Main application ExceptHook enabled.")
main_app.enableExceptHook()
if args.profile:
logger.info("Starting main application with profiler.")
start = startProfiler(
main_app.start,
args.profile_output,
args.profile_depth)
else:
logger.info("Starting main application.")
start = main_app.start
from colorama import Fore, Back, Style
import string
couchURL = getInstanceConfiguration().getCouchURI()
if couchURL:
url = "%s/reports/_design/reports/index.html" % couchURL
print(Fore.WHITE + Style.BRIGHT + \
"\n*" + string.center("faraday ui is ready", 53 - 6) )
print(Fore.WHITE + Style.BRIGHT + \
"""Make sure you got couchdb up and running.\nIf couchdb is up, point your browser to: \n[%s]""" % url)
else:
print(Fore.WHITE + Style.BRIGHT + \
"""Please config Couchdb for fancy HTML5 Dashboard""")
print(Fore.RESET + Back.RESET + Style.RESET_ALL)
exit_status = start()
return exit_status
def checkUpdates():
import requests
uri = getInstanceConfiguration().getUpdatesUri()
resp = u"OK"
try:
f = open(CONST_VERSION_FILE)
parameter = {"version": f.read().strip()}
f.close
resp = requests.get(uri, params=parameter, timeout=1, verify=True)
resp = resp.text.strip()
except Exception as e:
logger.error(e)
if not resp == u'OK':
logger.info("You have available updates. Run ./faraday.py --update to catchup!")
else:
logger.info("No updates available, enjoy Faraday")
def main(args):
parser = optparse.OptionParser()
setupOptions(parser)
options, args = parser.parse_args(args[1:])
if checkDependencies():
CONF = getInstanceConfiguration()
CONF.setDebugStatus(False)
if options.debug:
CONF.setDebugStatus(True)
if options.host and options.port:
CONF.setApiConInfo(options.host, int(options.port))
print "[+] setting api_conn_info = ", CONF.getApiConInfo()
main_app = MainApplication()
if options.disablelogin:
CONF.setAuth(False)
if not options.disableexcepthook:
main_app.enableExceptHook()
if options.profile:
print "%s will be started with a profiler attached. Performance may be affected." % CONF.getAppname()
start = profile(main_app.start, filename=options.profile_output, entries=int(options.profile_depth))
else:
start = main_app.start
exit_status = start()
os._exit(exit_status)
else:
print "%s cannot start!\nDependecies are not met." % CONF.getAppname()
def _createWorkspaceFolder(self, name):
CONF = getInstanceConfiguration()
self._report_path = os.path.join(CONF.getReportPath(), name)
self._report_ppath = os.path.join(self._report_path, "process")
self._report_upath = os.path.join(self._report_path, "unprocessed")
if not os.path.exists(CONF.getReportPath()):
os.mkdir(CONF.getReportPath())
if not os.path.exists(self._report_path):
os.mkdir(self._report_path)
if not os.path.exists(self._report_ppath):
os.mkdir(self._report_ppath)
if not os.path.exists(self._report_upath):
os.mkdir(self._report_upath)
def __init__(self):
core.PluginBase.__init__(self)
self.id = "Sentinel"
self.name = "Sentinel Online Plugin"
self.plugin_version = "0.0.1"
self.version = "1.0.0"
self.baseURL = "https://sentinel.whitehatsec.com/api/"
self.vulnURL = "https://source.whitehatsec.com/site_vuln_detail.html?site_id="
self.addSetting("Api_key", str, "")
self.addSetting("Enable", str, "0")
self.faraday_config = 'http://' + getInstanceConfiguration().getApiConInfoHost() + ':' + str(getInstanceConfiguration().getApiConInfoPort()) + '/'
self.faraday_api = xmlrpclib.ServerProxy(self.faraday_config)
self.format = "?format=json&display_all=1&key="
self._command_regex = re.compile(
r'^(sudo sentinel|sentinel).*?')
def main(args):
parser = argparse.ArgumentParser()
setupOptions(parser)
args = parser.parse_args(args[1:])
# TODO: make all the necessary things to handle each option entered...
if checkDependencies():
CONF = getInstanceConfiguration()
CONF.setDebugStatus(False)
if args.debug:
CONF.setDebugStatus(True)
if args.host and args.port:
CONF.setApiConInfo(args.host, int(args.port))
print "[+] setting api_conn_info = ", CONF.getApiConInfo()
main_app = MainApplication(args)
if args.disablelogin:
CONF.setAuth(False)
if not args.disableexcepthook:
main_app.enableExceptHook()
# something interesting to do when profiling is mixing
# the cProfile output with kcachegrind like this:
# http://stackoverflow.com/questions/1896032/using-cprofile-results-with-kcachegrind
if args.profile:
print "%s will be started with a profiler\
attached. Performance may be affected." % CONF.getAppname()
start = profile(main_app.start,
filename=args.profile_output,
entries=int(args.profile_depth))
else:
start = main_app.start
exit_status = start()
#os._exit(exit_status)
else:
print "%s cannot start!\nDependecies are not met." % CONF.getAppname()
import os
import shutil
import mockito
import threading
from urlparse import urlparse
import traceback
from couchdbkit import Server, ChangesStream, Database
from couchdbkit.resource import ResourceNotFound
from utils.logs import getLogger
from managers.all import ViewsManager
#from persistence.change import change_factory
from config.configuration import getInstanceConfiguration
CONF = getInstanceConfiguration()
class DBTYPE(object):
COUCHDB = 1
FS = 2
class ConnectorContainer(object):
def __init__(self, name, connector, type):
self._connector = connector
self.type = type
self._name = name
def getType(self):
return self.type
def __get_osint():
try:
return getInstanceConfiguration().getOsint()
except:
return ''
from dialogs import FaradayPluginsDialog
from mainwidgets import Sidebar
from mainwidgets import WorkspaceSidebar
from mainwidgets import HostsSidebar
from mainwidgets import ConsoleLog
from mainwidgets import Terminal
from mainwidgets import Statusbar
from gui.loghandler import GUIHandler
from utils.logs import addHandler
from utils.common import checkSSL
from plugins import fplugin_utils
CONF = getInstanceConfiguration()
class GuiApp(Gtk.Application, FaradayUi):
"""
Creates the application and has the necesary callbacks to FaradayUi
As far as the GUI goes, this handles only the menu, everything is else is
appWindow's resposibility. All logic by the main window should be done
here. Some of the logic on the dialogs is implemented in the dialogs own
class. Some dialogs are shown by the appwindow to handle errors coming
from other threads outside GTK's.
Please respect the following structure:
TOP: __init__
UPPER-MIDDLE: all logic mostly not inherited fom Gtk.Application
LOWER-MIDDLE: all do_ starting, gtk related methods
def doLoginLoop(force_login=False):
"""
Sets the username and passwords from the command line.
If --login flag is set then username and password is set
"""
try:
CONF = getInstanceConfiguration()
old_server_url = CONF.getAPIUrl()
api_username = CONF.getAPIUsername()
api_password = CONF.getAPIPassword()
if old_server_url and api_username and api_password and not force_login:
return
if old_server_url is None:
new_server_url = raw_input(
"\nPlease enter the Faraday Server URL (Press enter for http://localhost:5985): "
) or "http://localhost:5985"
else:
new_server_url = raw_input(
"\nPlease enter the Faraday Server URL (Press enter for last used: {}): "
.format(old_server_url)) or old_server_url
CONF.setAPIUrl(new_server_url)
print(
"""\nTo login please provide your valid Faraday credentials.\nYou have 3 attempts."""
)
for attempt in range(1, 4):
api_username = raw_input(
"Username (press enter for faraday): ") or "faraday"
api_password = getpass.getpass('Password: '******'username' not in user_info):
print(
'Login failed, please try again. You have %d more attempts'
% (3 - attempt))
continue
logger.info('Login successful: {0}'.format(api_username))
break
print('Login failed, please try again. You have %d more attempts' %
(3 - attempt))
else:
logger.fatal(
'Invalid credentials, 3 attempts failed. Quitting Faraday...')
sys.exit(-1)
except KeyboardInterrupt:
sys.exit(0)
def __get_osint():
try:
return getInstanceConfiguration().getOsint()
except:
return ''
