def AddGithubIssue(self, title='Bug report from OWTF', info=None, user=None):
# TODO: Has to be ported to use db and infact add to interface.
# Once db is implemented, better verbosity will be easy.
error_data = self.db.ErrorData()
for item in error_data:
if item.startswith('Message'):
title = item[len('Message:'):]
break
data = {'title':'[Auto-Generated] ' + title, 'body':''}
# For github markdown.
data['body'] = '#### OWTF Bug Report\n\n```' + \
'\n'.join(error_data) + '```\n'
if info:
data['body'] += "\n#### User Report\n\n"
data['body'] += info
if user:
data['body'] += "\n\n#### %s" % user
data = json.dumps(data) # Converted to string.
headers = {
"Content-Type": "application/json",
"Authorization":
"token " + self.config.Get("GITHUB_BUG_REPORTER_TOKEN")
}
request = urllib2.Request(
self.config.Get("GITHUB_API_ISSUES_URL"),
headers=headers,
data=data)
response = urllib2.urlopen(request)
decoded_resp = json.loads(response.read())
if response.code == 201:
cprint("Issue URL: " + decoded_resp["url"])
return True
else:
return False
def get(self, plugin_group=None, plugin_type=None, plugin_code=None):
try:
filter_data = dict(self.request.arguments)
if not plugin_group: # Check if plugin_group is present in url
self.write(self.get_component("db_plugin").GetAll(filter_data))
if plugin_group and (not plugin_type) and (not plugin_code):
filter_data.update({"group": plugin_group})
self.write(self.get_component("db_plugin").GetAll(filter_data))
if plugin_group and plugin_type and (not plugin_code):
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({"type": plugin_type, "group": plugin_group})
self.write(self.get_component("db_plugin").GetAll(filter_data))
if plugin_group and plugin_type and plugin_code:
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({"type": plugin_type, "group": plugin_group, "code": plugin_code})
results = self.get_component("db_plugin").GetAll(filter_data) # This combination will be unique, so have to return a dict
if results:
self.write(results[0])
else:
raise tornado.web.HTTPError(400)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def Authenticate(self):
self.TOR_Connection.send('AUTHENTICATE "{0}"\r\n'.format(self.password))
responce = self.TOR_Connection.recv(1024)
if responce.startswith('250'): #250 is the success responce
cprint("Successfully Authenticated to TOR control")
else:
self.core.Error.FrameworkAbort("Authentication Error : " + responce)
def Add(self, message, bugType='owtf'):
if bugType == 'owtf':
return self.AddOWTFBug(message)
else:
output = self.Padding + message + self.SubPadding
cprint(output)
self.LogError(message)
def GetTargetURLForID(self, ID):
target_obj = self.Core.DB.session.query(models.Target).get(ID)
if not target_obj:
cprint("Failing with ID:" + str(ID))
raise InvalidTargetReference(
"Target doesn't exist with ID: " + str(ID))
return(target_obj.target_url)
def post(self,
target_id=None,
transaction_id=None): # handles actual zest script creation
if not target_id: # does not make sense if no target id provided
raise tornado.web.HTTPError(400)
try:
if transaction_id:
Scr_Name = self.get_argument('name', '')
if not self.application.Core.zest.TargetScriptFromSingleTransaction(
transaction_id, Scr_Name, target_id
): #zest script creation from single transaction
self.write({"exists": "true"})
else: # multiple transactions
trans_list = self.get_argument('trans',
'') # get transaction ids
Scr_Name = self.get_argument('name', '') # get script name
transactions = json.loads(
trans_list) # convert to string from json
if not self.application.Core.zest.TargetScriptFromMultipleTransactions(
target_id, Scr_Name, transactions
): #zest script creation from multiple transactions
self.write({"exists": "true"})
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def Finish(self, status='Complete', report=True):
if getattr(self, "TOR_process", None) is not None:
self.TOR_process.terminate()
# TODO: Fix this for lions_2014
# if self.DB.Config.Get('SIMULATION'):
# exit()
try:
self.KillChildProcesses(multiprocessing.current_process().pid)
except:
pass
try:
self.PluginHandler.CleanUp()
except AttributeError: # DB not instantiated yet!
pass
finally:
if getattr(self, "ProxyMode", None) is not None:
try:
cprint("Stopping inbound proxy processes and "
"cleaning up, Please wait!")
self.KillChildProcesses(self.ProxyProcess.pid)
self.ProxyProcess.terminate()
# No signal is generated during closing process by
# terminate()
self.TransactionLogger.poison_q.put('done')
self.TransactionLogger.join()
except: # It means the proxy was not started.
pass
exit()
def GetTargetURLForID(self, ID):
target_obj = self.db.session.query(models.Target).get(ID)
if not target_obj:
cprint("Failing with ID: %s" % str(ID))
raise InvalidTargetReference("Target doesn't exist with ID: %s" %
str(ID))
return target_obj.target_url
def GetIPFromHostname(self, hostname):
ip = ''
# IP validation based on @marcwickenden's pull request, thanks!
for sck in [socket.AF_INET, socket.AF_INET6]:
try:
socket.inet_pton(sck, hostname)
ip = hostname
break
except socket.error:
continue
if not ip:
try:
ip = socket.gethostbyname(hostname)
except socket.gaierror:
raise UnresolvableTargetException(
"Unable to resolve : " + hostname);
ipchunks = ip.strip().split("\n")
alternative_IPs = []
if len(ipchunks) > 1:
ip = ipchunks[0]
cprint(
hostname + " has several IP addresses: (" +
", ".join(ipchunks)[0:-3] + "). Choosing first: " + ip + "")
alternative_IPs = ipchunks[1:]
self.Set('alternative_ips', alternative_IPs)
ip = ip.strip()
self.Set('INTERNAL_IP', self.Core.IsIPInternal(ip))
cprint("The IP address for " + hostname + " is: '" + ip + "'")
return ip
def Finish(self, status='Complete', report=True):
if getattr(self, "TOR_process", None) is not None:
self.TOR_process.terminate()
# TODO: Fix this for lions_2014
# if self.DB.Config.Get('SIMULATION'):
# exit()
try:
self.KillChildProcesses(multiprocessing.current_process().pid)
except:
pass
try:
self.PluginHandler.CleanUp()
except AttributeError: # DB not instantiated yet!
pass
finally:
if getattr(self, "ProxyMode", None) is not None:
try:
cprint(
"Stopping inbound proxy processes and "
"cleaning up, Please wait!")
self.KillChildProcesses(self.ProxyProcess.pid)
self.ProxyProcess.terminate()
# No signal is generated during closing process by
# terminate()
self.TransactionLogger.poison_q.put('done')
self.TransactionLogger.join()
except: # It means the proxy was not started.
pass
exit()
def AddGithubIssue(self, title='Bug report from OWTF', info=None, user=None):
# TODO: Has to be ported to use db and infact add to interface.
# Once db is implemented, better verbosity will be easy.
error_data = self.db.ErrorData()
for item in error_data:
if item.startswith('Message'):
title = item[len('Message:'):]
break
data = {'title': '[Auto-Generated] %s' % title, 'body': ''}
# For github markdown.
data['body'] = '#### OWTF Bug Report\n\n```\n%s```\n' % error_data
if info:
data['body'] += "\n#### User Report\n\n"
data['body'] += info
if user:
data['body'] += "\n\n#### %s" % user
data = json.dumps(data) # Converted to string.
headers = {
"Content-Type": "application/json",
"Authorization":
"token " + self.config.Get("GITHUB_BUG_REPORTER_TOKEN")
}
request = urllib2.Request(self.config.Get("GITHUB_API_ISSUES_URL"),
headers=headers,
data=data)
response = urllib2.urlopen(request)
decoded_resp = json.loads(response.read())
if response.code == 201:
cprint("Issue URL: %s" % decoded_resp["url"])
return True
else:
return False
def get(self, target_id=None, transaction_id=None): # get handles zest consoles functions
if not target_id: # does not make sense if no target id provided
raise tornado.web.HTTPError(400)
try:
args = self.request.arguments
if(not any(args)): # check if arguments is empty then load zest console
target_scripts, record_scripts = self.get_component("zest").GetAllScripts(target_id)
tdict = {}
tdict["target_scripts"] = target_scripts
tdict["recorded_scripts"] = record_scripts
self.write(tdict)
elif 'script' in args and 'record' in args and 'run' not in args: # get zest script content
if args['record'][0] == "true": # record script
content = self.get_component("zest").GetRecordScriptContent(args['script'][0])
else: # target script
content = self.get_component("zest").GetTargetScriptContent(target_id, args['script'][0])
self.write({"content": content})
elif 'script' in args and 'record'in args and 'run' in args: # runner handling
if args['run'][0] == "true":
if args['record'][0] == "true": # run record script
result = self.get_component("zest").RunRecordScript(args['script'][0])
else: # run target script
result = self.get_component("zest").RunTargetScript(target_id, args['script'][0])
self.write({"result": result})
else:
if ('script' not in args) and ('record' in args): # Recorder handling
if (args['record'][0] == "true") and ('file' in args):
if not self.get_component("zest").StartRecorder(args['file'][0]):
self.write({"exists": "true"})
else:
self.get_component("zest").StopRecorder()
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, target_id=None, plugin_group=None, plugin_type=None, plugin_code=None):
try:
filter_data = dict(self.request.arguments)
if not plugin_group: # First check if plugin_group is present in url
self.write(self.get_component("plugin_output").GetAll(filter_data, target_id=int(target_id)))
if plugin_group and (not plugin_type):
filter_data.update({"plugin_group": plugin_group})
self.write(self.get_component("plugin_output").GetAll(filter_data, target_id=int(target_id)))
if plugin_type and plugin_group and (not plugin_code):
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({"plugin_type": plugin_type, "plugin_group": plugin_group})
self.write(self.get_component("plugin_output").GetAll(filter_data, target_id=int(target_id)))
if plugin_type and plugin_group and plugin_code:
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({"plugin_type": plugin_type, "plugin_group": plugin_group, "plugin_code": plugin_code})
results = self.get_component("plugin_output").GetAll(filter_data, target_id=int(target_id))
if results:
self.write(results[0])
else:
raise tornado.web.HTTPError(400)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
except exceptions.InvalidParameterType as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, target_id=None, plugin_group=None, plugin_type=None, plugin_code=None):
try:
filter_data = dict(self.request.arguments)
if not plugin_group: # First check if plugin_group is present in url
self.get_component("plugin_output").DeleteAll(filter_data, target_id=int(target_id))
if plugin_group and (not plugin_type):
filter_data.update({"plugin_group": plugin_group})
self.get_component("plugin_output").DeleteAll(filter_data, target_id=int(target_id))
if plugin_type and plugin_group and (not plugin_code):
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({"plugin_type": plugin_type, "plugin_group": plugin_group})
self.get_component("plugin_output").DeleteAll(filter_data, target_id=int(target_id))
if plugin_type and plugin_group and plugin_code:
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({
"plugin_type": plugin_type,
"plugin_group": plugin_group,
"plugin_code": plugin_code
})
self.get_component("plugin_output").DeleteAll(filter_data, target_id=int(target_id))
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
except exceptions.InvalidParameterType as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def GetIPFromHostname(self, hostname):
ip = ''
# IP validation based on @marcwickenden's pull request, thanks!
for sck in [socket.AF_INET, socket.AF_INET6]:
try:
socket.inet_pton(sck, hostname)
ip = hostname
break
except socket.error:
continue
if not ip:
try:
ip = socket.gethostbyname(hostname)
except socket.gaierror:
raise UnresolvableTargetException("Unable to resolve: '%s'" %
hostname)
ipchunks = ip.strip().split("\n")
alternative_IPs = []
if len(ipchunks) > 1:
ip = ipchunks[0]
cprint(hostname + " has several IP addresses: (" +
", ".join(ipchunks)[0:-3] + "). Choosing first: " + ip + "")
alternative_IPs = ipchunks[1:]
self.Set('alternative_ips', alternative_IPs)
ip = ip.strip()
self.Set('INTERNAL_IP', is_internal_ip(ip))
logging.info("The IP address for %s is: '%s'" % (hostname, ip))
return ip
def Add(self, message, bugType='owtf'):
if bugType == 'owtf':
return self.AddOWTFBug(message)
else:
output = self.Padding + message + self.SubPadding
cprint(output)
self.LogError(message)
def get(self, target_id=None, transaction_id=None): # get handles zest consoles functions
if not target_id: # does not make sense if no target id provided
raise tornado.web.HTTPError(400)
try:
args = self.request.arguments
if(not any(args)): # check if arguments is empty then load zest console
target_scripts, record_scripts = self.get_component("zest").GetAllScripts(target_id)
tdict = {}
tdict["target_scripts"] = target_scripts
tdict["recorded_scripts"] = record_scripts
self.write(tdict)
elif 'script' in args and 'record' in args and 'run' not in args: # get zest script content
if args['record'][0] == "true": # record script
content = self.get_component("zest").GetRecordScriptContent(args['script'][0])
else: # target script
content = self.get_component("zest").GetTargetScriptContent(target_id, args['script'][0])
self.write({"content": content})
elif 'script' in args and 'record'in args and 'run' in args: # runner handling
if args['run'][0] == "true":
if args['record'][0] == "true": # run record script
result = self.get_component("zest").RunRecordScript(args['script'][0])
else: # run target script
result = self.get_component("zest").RunTargetScript(target_id, args['script'][0])
self.write({"result": result})
else:
if 'script' not in args and 'record' in args: # Recorder handling
if args['record'][0] == "true" and 'file' in args:
if not self.get_component("zest").StartRecorder(args['file'][0]):
self.write({"exists": "true"})
else:
self.get_component("zest").StopRecorder()
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, plugin_group=None, plugin_type=None, plugin_code=None):
try:
filter_data = dict(self.request.arguments)
if not plugin_group: # Check if plugin_group is present in url
self.write(self.get_component("db_plugin").GetAll(filter_data))
if plugin_group and (not plugin_type) and (not plugin_code):
filter_data.update({"group": plugin_group})
self.write(self.get_component("db_plugin").GetAll(filter_data))
if plugin_group and plugin_type and (not plugin_code):
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({"type": plugin_type, "group": plugin_group})
self.write(self.get_component("db_plugin").GetAll(filter_data))
if plugin_group and plugin_type and plugin_code:
if plugin_type not in self.get_component("db_plugin").GetTypesForGroup(plugin_group):
raise tornado.web.HTTPError(400)
filter_data.update({"type": plugin_type, "group": plugin_group, "code": plugin_code})
# This combination will be unique, so have to return a dict
results = self.get_component("db_plugin").GetAll(filter_data)
if results:
self.write(results[0])
else:
raise tornado.web.HTTPError(400)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def intialise_proxy_manager(options):
""" Proxy Manager initialization.
:param dict options: Proxy manager configuration parameters.
"""
proxy_manager = None
if options['Botnet_mode'] is not None:
proxy_manager = Proxy_manager()
answer = "Yes"
proxies = []
if options['Botnet_mode'][0] == "miner":
miner = Proxy_Miner()
proxies = miner.start_miner()
if options['Botnet_mode'][0] == "list": # load proxies from list
proxies = proxy_manager.load_proxy_list(
options['Botnet_mode'][1]
)
answer = raw_input(
"[#] Do you want to check the proxy list? [Yes/no] : "
)
if answer.upper() in ["", "YES", "Y"]:
proxy_q = multiprocessing.Queue()
proxy_checker = multiprocessing.Process(
target=Proxy_Checker.check_proxies,
args=(proxy_q, proxies,)
)
logging.info("Checking Proxies...")
start_time = time.time()
proxy_checker.start()
proxies = proxy_q.get()
proxy_checker.join()
proxy_manager.proxies = proxies
proxy_manager.number_of_proxies = len(proxies)
if options['Botnet_mode'][0] == "miner":
logging.info("Writing proxies to disk(~/.owtf/proxy_miner/proxies.txt)")
miner.export_proxies_to_file("proxies.txt", proxies)
if answer.upper() in ["", "YES", "Y"]:
logging.info(
"Proxy Check Time: %s",
time.strftime(
'%H:%M:%S',
time.localtime(time.time() - start_time - 3600)
)
)
cprint("Done")
if proxy_manager.number_of_proxies is 0:
ServiceLocator.get_component("error_handler").FrameworkAbort("No Alive proxies.")
proxy = proxy_manager.get_next_available_proxy()
# check proxy var... http:// sock://
options['OutboundProxy'] = []
options['OutboundProxy'].append(proxy["proxy"][0])
options['OutboundProxy'].append(proxy["proxy"][1])
def intialise_proxy_manager(options):
""" Proxy Manager initialization.
:param dict options: Proxy manager configuration parameters.
"""
proxy_manager = None
if options['Botnet_mode'] is not None:
proxy_manager = Proxy_manager()
answer = "Yes"
proxies = []
if options['Botnet_mode'][0] == "miner":
miner = Proxy_Miner()
proxies = miner.start_miner()
if options['Botnet_mode'][0] == "list": # load proxies from list
proxies = proxy_manager.load_proxy_list(
options['Botnet_mode'][1])
answer = raw_input(
"[#] Do you want to check the proxy list? [Yes/no] : ")
if answer.upper() in ["", "YES", "Y"]:
proxy_q = multiprocessing.Queue()
proxy_checker = multiprocessing.Process(
target=Proxy_Checker.check_proxies,
args=(
proxy_q,
proxies,
))
logging.info("Checking Proxies...")
start_time = time.time()
proxy_checker.start()
proxies = proxy_q.get()
proxy_checker.join()
proxy_manager.proxies = proxies
proxy_manager.number_of_proxies = len(proxies)
if options['Botnet_mode'][0] == "miner":
logging.info(
"Writing proxies to disk(~/.owtf/proxy_miner/proxies.txt)")
miner.export_proxies_to_file("proxies.txt", proxies)
if answer.upper() in ["", "YES", "Y"]:
logging.info(
"Proxy Check Time: %s",
time.strftime(
'%H:%M:%S',
time.localtime(time.time() - start_time - 3600)))
cprint("Done")
if proxy_manager.number_of_proxies is 0:
ServiceLocator.get_component("error_handler").FrameworkAbort(
"No Alive proxies.")
proxy = proxy_manager.get_next_available_proxy()
# check proxy var... http:// sock://
options['OutboundProxy'] = []
options['OutboundProxy'].append(proxy["proxy"][0])
options['OutboundProxy'].append(proxy["proxy"][1])
def delete(self, target_id=None):
if not target_id:
raise tornado.web.HTTPError(400)
try:
self.application.Core.DB.Target.DeleteTarget(ID=target_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, worker_id=None, action=None):
if (not worker_id) or action:
raise tornado.web.HTTPError(400)
try:
self.application.Core.WorkerManager.delete_worker(int(worker_id))
except exceptions.InvalidWorkerReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, worker_id=None, action=None):
if (not worker_id) or action:
raise tornado.web.HTTPError(400)
try:
self.application.Core.WorkerManager.delete_worker(int(worker_id))
except exceptions.InvalidWorkerReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def check(self):
# Check whether the repository is a git repo, because update process is using git
if not os.path.exists(os.path.join(self.root_dir, '.git')):
cprint("Not a git repository. Please checkout OWTF repo from GitHub (eg:- git clone https://github.com/7a/owtf owtf)")
return False
else:
self.prepare()
return True
def get(self, target_id=None):
try:
# Empty criteria ensure all transactions
filter_data = dict(self.request.arguments)
self.write(self.application.Core.DB.URL.GetAll(filter_data, target_id=target_id))
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, target_id=None):
if not target_id:
raise tornado.web.HTTPError(400)
try:
self.application.Core.DB.Target.DeleteTarget(ID=target_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def Authenticate(self):
self.TOR_Connection.send('AUTHENTICATE "%s"\r\n' % self.password)
response = self.TOR_Connection.recv(1024)
if response.startswith('250'): # 250 is the success response
cprint("Successfully Authenticated to TOR control")
else:
self.error_handler.FrameworkAbort("Authentication Error : %s" %
response)
def delete(self, worker_id=None, action=None):
if (not worker_id) or action:
raise tornado.web.HTTPError(400)
try:
self.get_component("worker_manager").delete_worker(int(worker_id))
except exceptions.InvalidWorkerReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, target_id=None):
if not target_id:
raise tornado.web.HTTPError(400)
try:
self.get_component("target").DeleteTarget(ID=target_id)
except InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, worker_id=None, action=None):
if (not worker_id) or action:
raise tornado.web.HTTPError(400)
try:
self.get_component("worker_manager").delete_worker(int(worker_id))
except exceptions.InvalidWorkerReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, target_id=None):
try:
# Empty criteria ensure all transactions
filter_data = dict(self.request.arguments)
self.write(self.get_component("url_manager").GetAll(filter_data, target_id=int(target_id)))
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, target_id=None):
if not target_id:
raise tornado.web.HTTPError(400)
try:
self.get_component("target").DeleteTarget(ID=target_id)
except InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def Open_connection(self):
try:
s = socket.socket()
s.connect((self.ip, self.TOR_control_port))
cprint("Connected to TOR control")
return s
except Exception as error:
self.core.Error.FrameworkAbort("Can't connect to the TOR Control port daemon : " + error.strerror)
def get(self, target_id=None):
try:
# Empty criteria ensure all transactions
filter_data = dict(self.request.arguments)
self.write(self.get_component("url_manager").GetAll(filter_data, target_id=int(target_id)))
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def patch(self, target_id=None):
if not target_id or not self.request.arguments:
raise tornado.web.HTTPError(400)
try:
patch_data = dict(self.request.arguments)
self.get_component("target").UpdateTarget(patch_data, ID=target_id)
except InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, target_id=None, transaction_id=None):
try:
if transaction_id:
self.get_component("transaction").DeleteTransaction(int(transaction_id), int(target_id))
else:
raise tornado.web.HTTPError(400)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, target_id=None, transaction_id=None):
try:
if not transaction_id or not target_id:
raise tornado.web.HTTPError(400)
else:
self.get_component("zap_api").ForwardRequest(target_id, transaction_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, target_id=None, transaction_id=None):
try:
if not transaction_id or not target_id:
raise tornado.web.HTTPError(400)
else:
self.application.Core.zap_api_handler.ForwardRequest(target_id, transaction_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def count_not_installed_tools(self):
"""Count the number of missing tools by checking their paths."""
count = 0
for key, value in self.core.Config.GetConfig()['string'].items():
setting = self.core.Config.StripKey(key)
if self.is_tool(setting) and not self.is_installed(value):
cprint("WARNING: Tool path not found for: " + str(value))
count += 1
return count
def get(self, target_id=None, transaction_id=None):
try:
if not transaction_id or not target_id:
raise tornado.web.HTTPError(400)
else:
self.get_component("zap_api").ForwardRequest(target_id, transaction_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def count_not_installed_tools(self):
"""Count the number of missing tools by checking their paths."""
count = 0
for key, value in self.core.Config.GetConfig()['string'].items():
setting = self.core.Config.StripKey(key)
if self.is_tool(setting) and not self.is_installed(value):
cprint("WARNING: Tool path not found for: " + str(value))
count += 1
return count
def renew_ip(self):
self.TOR_Connection.send("signal NEWNYM\r\n")
responce = self.TOR_Connection.recv(1024)
if responce.startswith('250'):
cprint("TOR : IP renewed")
return True
else:
cprint("[TOR]Warning: IP can't renewed")
return False
def patch(self, target_id=None):
if not target_id or not self.request.arguments:
raise tornado.web.HTTPError(400)
try:
patch_data = dict(self.request.arguments)
self.get_component("target").UpdateTarget(patch_data, ID=target_id)
except InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def patch(self, target_id=None):
if not target_id or not self.request.arguments:
raise tornado.web.HTTPError(400)
try:
patch_data = dict(self.request.arguments)
self.application.Core.DB.Target.UpdateTarget(patch_data, ID=target_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, target_id=None, transaction_id=None):
try:
if transaction_id:
self.get_component("transaction").DeleteTransaction(int(transaction_id), int(target_id))
else:
raise tornado.web.HTTPError(400)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, target_id=None):
try:
# Empty criteria ensure all transactions
filter_data = dict(self.request.arguments)
self.write(
self.application.Core.DB.URL.GetAll(filter_data,
target_id=target_id))
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def delete(self, target_id=None, transaction_id=None):
try:
if transaction_id:
self.application.Core.DB.Transaction.DeleteTransaction(
int(transaction_id), target_id=int(target_id))
else:
raise tornado.web.HTTPError(400)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, target_id=None, transaction_id=None):
try:
if not transaction_id or not target_id:
raise tornado.web.HTTPError(400)
else:
self.application.Core.zap_api_handler.ForwardRequest(
target_id, transaction_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def patch(self, target_id=None):
if not target_id or not self.request.arguments:
raise tornado.web.HTTPError(400)
try:
patch_data = dict(self.request.arguments)
self.application.Core.DB.Target.UpdateTarget(patch_data,
ID=target_id)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def check(self):
# Check whether the repository is a git repo, because update process is using git
if not os.path.exists(os.path.join(self.root_dir, '.git')):
cprint(
"Not a git repository. Please checkout OWTF repo from GitHub (eg:- git clone https://github.com/owtf/owtf owtf)"
)
return False
else:
self.prepare()
return True
def delete(self, target_id=None, transaction_id=None):
try:
if transaction_id:
self.application.Core.DB.Transaction.DeleteTransaction(
int(transaction_id),
target_id=int(target_id))
else:
raise tornado.web.HTTPError(400)
except exceptions.InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def get(self, worker_id=None, action=None):
if not worker_id:
self.write(self.application.Core.WorkerManager.get_worker_details())
try:
if worker_id and (not action):
self.write(self.application.Core.WorkerManager.get_worker_details(int(worker_id)))
if worker_id and action:
getattr(self.application.Core.WorkerManager, action + '_worker')(int(worker_id))
except exceptions.InvalidWorkerReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def LoadTargets(self, options):
scope = self.PrepareURLScope(options['Scope'], options['PluginGroup'])
added_targets = []
for target in scope:
try:
self.Core.DB.Target.AddTarget(target)
added_targets.append(target)
except DBIntegrityException:
cprint(target + " already exists in DB")
except UnresolvableTargetException as e:
cprint(e.parameter)
return(added_targets)
def get(self, target_id=None):
try:
# If no target_id, means /target is accessed with or without filters
if not target_id:
# Get all filter data here, so that it can be passed
filter_data = dict(self.request.arguments)
self.write(self.get_component("target").GetTargetConfigs(filter_data))
else:
self.write(self.get_component("target").GetTargetConfigForID(target_id))
except InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def KillChildProcesses(self, parent_pid, sig=signal.SIGINT):
ps_command = subprocess.Popen(
"ps -o pid --ppid %d --noheaders" % parent_pid,
shell=True,
stdout=subprocess.PIPE)
ps_output = ps_command.stdout.read()
for pid_str in ps_output.split("\n")[:-1]:
self.KillChildProcesses(int(pid_str), sig)
try:
os.kill(int(pid_str), sig)
except:
cprint("unable to kill it")
def get(self, target_id=None):
try:
# If no target_id, means /target is accessed with or without filters
if not target_id:
# Get all filter data here, so that it can be passed
filter_data = dict(self.request.arguments)
self.write(self.get_component("target").GetTargetConfigs(filter_data))
else:
self.write(self.get_component("target").GetTargetConfigForID(target_id))
except InvalidTargetReference as e:
cprint(e.parameter)
raise tornado.web.HTTPError(400)
def post(self, target_id=None):
if (target_id) or (not self.get_argument("target_url", default=None)): # How can one post using an id xD
raise tornado.web.HTTPError(400)
try:
self.get_component("target").AddTargets(dict(self.request.arguments)["target_url"])
self.set_status(201) # Stands for "201 Created"
except exceptions.DBIntegrityException as e:
cprint(e.parameter)
raise tornado.web.HTTPError(409)
except exceptions.UnresolvableTargetException as e:
cprint(e.parameter)
raise tornado.web.HTTPError(409)
