def command_profiles(parser, P, cmdParams, auditParams): if P.targets: parser.error("too many arguments") profiles = sorted(get_available_profiles()) if not profiles: print "No available profiles!" else: print "--------------------" print " " + colorize("Available profiles", "yellow") print "--------------------" print for name in profiles: try: p = RawConfigParser() p.read(get_profile(name)) desc = p.get("golismero", "description") except Exception: desc = None if desc: print "+ %s: %s" % (colorize(name, "cyan"), desc) else: print "+ %s" % colorize(name, "cyan") if path.sep == "/": print exit(0)
def command_load(parser, P, cmdParams, auditParams): if not auditParams.is_new_audit(): parser.error("audit database already exists") if not P.imports: parser.error("missing input filename") if len(P.imports) > 1: parser.error("only one input filename allowed") import sqlite3 filename = P.imports[0] if P.verbose != 0: print "Loading from file: %s" % colorize(filename, "cyan") with open(filename, 'rU') as f: data = f.read() if P.verbose != 0: print "Creating database: %s" % \ colorize(auditParams.audit_db, "yellow") db = sqlite3.connect(auditParams.audit_db) try: try: cursor = db.cursor() try: cursor.executescript(data) del data db.commit() finally: cursor.close() finally: db.close() except: parser.error("error loading database dump: " + str(sys.exc_value)) exit(0)
def recv_msg(self, message): if not isinstance(message, Message): raise TypeError("Expected Message, got %r instead" % type(message)) print "-" * 79 print "Message:" print " Timestamp: %s" % time.ctime(message.timestamp) print " Audit: %s" % message.audit_name print " Plugin: %s" % message.plugin_id print " Type: %s" % MessageType.get_name_from_value( message.message_type) print " Code: %s" % MessageCode.get_name_from_value_and_type( message.message_code, message.message_type) print " Priority: %s" % MessagePriority.get_name_from_value( message.priority) print " Payload: %r" % (message.message_info, ) print if message.message_type == MessageType.MSG_TYPE_CONTROL: if message.message_code == MessageCode.MSG_CONTROL_STOP_AUDIT: if get_audit_count() == 1: Config._context.send_msg( message_type=MessageType.MSG_TYPE_CONTROL, message_code=MessageCode.MSG_CONTROL_STOP, message_info=True, priority=MessagePriority.MSG_PRIORITY_LOW) elif message.message_code == MessageCode.MSG_CONTROL_LOG: (text, level, is_error) = message.message_info if is_error: print colorize(text, "magenta") else: print colorize(text, "cyan") elif message.message_code == MessageCode.MSG_CONTROL_ERROR: (description, traceback) = message.message_info print colorize(description, "magenta") print colorize(traceback, "magenta") elif message.message_code == MessageCode.MSG_CONTROL_WARNING: for w in message.message_info: formatted = warnings.formatwarning(w.message, w.category, w.filename, w.lineno, w.line) print colorize(formatted, "yellow")
def recv_info(self, info): # Don't print anything if console output is disabled. if Console.level < Console.STANDARD: return # Filter out info we've already seen. if info.identity in self.already_seen_info: return self.already_seen_info.add(info.identity) # Print newly discovered vulnerabilities. if info.data_type == Data.TYPE_VULNERABILITY: text = "%s Vulnerability '%s' dicovered by plugin '%s'. Risk level: %s" % ( colorize("<!>", info.risk), colorize(info.vulnerability_type, info.risk), colorize(self.get_plugin_name(info.plugin_id), info.risk), colorize(str(info.risk), info.risk)) Console.display(text)
def command_dump(parser, P, cmdParams, auditParams): if auditParams.is_new_audit(): parser.error("missing audit database") if not P.reports: parser.error("missing output filename") if P.verbose != 0: print "Loading database: %s" % \ colorize(auditParams.audit_db, "yellow") with PluginTester(autoinit=False, autodelete=False) as t: t.orchestrator_config.verbose = 0 t.audit_config.audit_name = auditParams.audit_name t.audit_config.audit_db = auditParams.audit_db t.init_environment() Console.use_colors = cmdParams.color for filename in P.reports: if P.verbose != 0: print "Dumping to file: %s" % colorize(filename, "cyan") t.audit.database.dump(filename) exit(0)
def recv_msg(self, message): if not isinstance(message, Message): raise TypeError("Expected Message, got %r instead" % type(message)) print "-" * 79 print "Message:" print " Timestamp: %s" % time.ctime(message.timestamp) print " Audit: %s" % message.audit_name print " Plugin: %s" % message.plugin_id print " Type: %s" % MessageType.get_name_from_value(message.message_type) print " Code: %s" % MessageCode.get_name_from_value_and_type(message.message_code, message.message_type) print " Priority: %s" % MessagePriority.get_name_from_value(message.priority) print " Payload: %r" % (message.message_info,) print if message.message_type == MessageType.MSG_TYPE_CONTROL: if message.message_code == MessageCode.MSG_CONTROL_STOP_AUDIT: if get_audit_count() == 1: Config._context.send_msg( message_type = MessageType.MSG_TYPE_CONTROL, message_code = MessageCode.MSG_CONTROL_STOP, message_info = True, priority = MessagePriority.MSG_PRIORITY_LOW ) elif message.message_code == MessageCode.MSG_CONTROL_LOG: (text, level, is_error) = message.message_info if is_error: print colorize(text, "magenta") else: print colorize(text, "cyan") elif message.message_code == MessageCode.MSG_CONTROL_ERROR: (description, traceback) = message.message_info print colorize(description, "magenta") print colorize(traceback, "magenta") elif message.message_code == MessageCode.MSG_CONTROL_WARNING: for w in message.message_info: formatted = warnings.formatwarning(w.message, w.category, w.filename, w.lineno, w.line) print colorize(formatted, "yellow")
def command_dump(parser, P, cmdParams, auditParams): if auditParams.is_new_audit(): parser.error("missing audit database") if not P.reports: parser.error("missing output filename") if P.verbose != 0: print "Loading database: %s" % \ colorize(auditParams.audit_db, "yellow") import sqlite3 for filename in P.reports: if P.verbose != 0: print "Dumping to file: %s" % colorize(filename, "cyan") db = sqlite3.connect(auditParams.audit_db) try: with open(filename, 'w') as f: for line in db.iterdump(): f.write(line + "\n") finally: db.close() exit(0)
def recv_info(self, info): # Don't print anything if console output is disabled. if Console.level < Console.STANDARD: return # Filter out info we've already seen. if info.identity in self.already_seen_info: return self.already_seen_info.add(info.identity) # Print newly discovered vulnerabilities. if info.data_type == Data.TYPE_VULNERABILITY: text = "%s Vulnerability '%s' dicovered by plugin '%s'. Risk level: %s" % ( colorize("<!>", info.risk), colorize(info.vulnerability_type, info.risk), colorize(self.get_plugin_name(info.plugin_id), info.risk), colorize(str(info.risk), info.risk) ) Console.display(text)
def run(self, info): # Don't print anything if console output is disabled. if Console.level < Console.MINIMAL: return # Ignore everything but vulnerabilities. if info.data_type != Data.TYPE_VULNERABILITY: return # Filter out info we've already seen. if info.identity in self.already_seen_info[Config.audit_name]: return self.already_seen_info[Config.audit_name].add(info.identity) # Print newly discovered vulnerabilities. text = "<!> %s vulnerability dicovered by %s. Level: %s" text %= (colorize(info.display_name, info.level), colorize(self.get_plugin_name(info.plugin_id, None), "blue"), colorize(info.level, info.level)) Console.display(text)
def recv_info(self, info): # Don't print anything if console output is disabled. if Console.level < Console.STANDARD: return # Ignore everything but vulnerabilities. if info.data_type != Data.TYPE_VULNERABILITY: return # Filter out info we've already seen. if info.identity in self.already_seen_info[Config.audit_name]: return self.already_seen_info[Config.audit_name].add(info.identity) # Print newly discovered vulnerabilities. text = "<!> %s vulnerability dicovered by %s. Level: %s" text %= ( colorize(info.display_name, info.level), colorize(self.get_plugin_name(info.plugin_id, None), "blue"), colorize(info.level, info.level) ) Console.display(text)
#------------------------------------------------------------------------------ def command_plugins(parser, P, cmdParams, auditParams): # Fail if we have arguments. if P.targets: parser.error("too many arguments") # Load the plugins list. try: manager = PluginManager() manager.find_plugins(cmdParams) except Exception, e: parser.error("error loading plugins list: %s" % str(e)) # Show the list of plugins. print colorize("-------------", "red") print colorize(" Plugin list", "red") print colorize("-------------", "red") # Import plugins... import_plugins = manager.get_plugins("import") if import_plugins: print print colorize("-= Import plugins =-", "yellow") for name in sorted(import_plugins.keys()): info = import_plugins[name] print "\n%s:\n %s" % \ (colorize(name[7:], "cyan"), info.description) # Testing plugins... testing_plugins = manager.get_plugins("testing")
def __colorize(self, txt, level_or_color): if self.__color: return colorize(txt, level_or_color) return txt
if P.command == "PLUGINS": # Fail if we have arguments. if P.targets: parser.error("too many arguments") # Load the plugins list. try: manager = PluginManager() manager.find_plugins(cmdParams) except Exception, e: parser.error("error loading plugins list: %s" % str(e)) # Show the list of plugins. print colorize("-------------", "red") print colorize(" Plugin list", "red") print colorize("-------------", "red") # Import plugins... import_plugins = manager.get_plugins("import") if import_plugins: print print colorize("-= Import plugins =-", "yellow") for name in sorted(import_plugins.keys()): info = import_plugins[name] print "\n%s:\n %s" % (colorize(name[7:], "cyan"), info.description) # Testing plugins... testing_plugins = manager.get_plugins("testing") if testing_plugins:
def recv_msg(self, message): # Process status messages if message.message_type == MessageType.MSG_TYPE_STATUS: if message.message_code == MessageCode.MSG_STATUS_PLUGIN_BEGIN: m_plugin_name = self.get_plugin_name(message.plugin_name) m_plugin_name = colorize(m_plugin_name, "info") m_text = "[*] %s: Started." % m_plugin_name Console.display(m_text) elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_END: m_plugin_name = self.get_plugin_name(message.plugin_name) m_plugin_name = colorize(m_plugin_name, "info") m_text = "[*] %s: Finished." % m_plugin_name Console.display(m_text) elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_STEP: if Console.level >= Console.VERBOSE: m_id, m_progress = message.message_info m_plugin_name = self.get_plugin_name(message.plugin_name) m_plugin_name = colorize(m_plugin_name, "info") if m_progress is not None: m_progress_h = int(m_progress) m_progress_l = int( (m_progress - float(m_progress_h)) * 100) m_progress_txt = colorize( "%i.%.2i%%" % (m_progress_h, m_progress_l), "middle") m_progress_txt = m_progress_txt + " percent done..." else: m_progress_txt = "Working..." m_text = "[*] %s: %s" % (m_plugin_name, m_progress_txt) Console.display(m_text) # Process control messages elif message.message_type == MessageType.MSG_TYPE_CONTROL: # When an audit is finished, check if there are more running audits. # If there aren't any, stop the Orchestrator. if message.message_code == MessageCode.MSG_CONTROL_STOP_AUDIT: if get_audit_count() == 1: # this is the last one Config._context.send_msg( # XXX FIXME hide this from plugins! message_type=MessageType.MSG_TYPE_CONTROL, message_code=MessageCode.MSG_CONTROL_STOP, message_info= True, # True for finished, False for user cancel priority=MessagePriority.MSG_PRIORITY_LOW) # Show log messages # (The verbosity is sent by Logger) elif message.message_code == MessageCode.MSG_CONTROL_LOG: (text, level, is_error) = message.message_info if Console.level >= level: try: m_plugin_name = self.get_plugin_name( message.plugin_name) except Exception: m_plugin_name = "GoLismero" m_plugin_name = colorize(m_plugin_name, 'info') text = colorize(text, 'middle') if is_error: text = "[!] %s: %s" % (m_plugin_name, text) Console.display_error(text) else: text = "[*] %s: %s" % (m_plugin_name, text) Console.display(text) # Show plugin errors # (Only the description in standard level, # full traceback in more verbose level) if message.message_code == MessageCode.MSG_CONTROL_ERROR: (description, traceback) = message.message_info try: m_plugin_name = self.get_plugin_name(message.plugin_name) except Exception: m_plugin_name = "GoLismero" text = "[!] Plugin '%s' error: %s " % (m_plugin_name, str(description)) text = colorize(text, 'critical') traceback = colorize(traceback, 'critical') Console.display_error(text) Console.display_error_more_verbose(traceback) # Show plugin warnings # (Only the description in verbose level, # full traceback in more verbose level) elif message.message_code == MessageCode.MSG_CONTROL_WARNING: for w in message.message_info: if Console.level >= Console.MORE_VERBOSE: formatted = warnings.formatwarning( w.message, w.category, w.filename, w.lineno, w.line) elif Console.level >= Console.VERBOSE: formatted = w.message else: formatted = None if formatted: m_plugin_name = self.get_plugin_name( message.plugin_name) text = "[!] Plugin '%s' warning: %s " % ( m_plugin_name, str(formatted)) text = colorize(text, 'low') Console.display_error(text)
def recv_msg(self, message): # Process status messages if message.message_type == MessageType.MSG_TYPE_STATUS: if message.message_code == MessageCode.MSG_STATUS_PLUGIN_BEGIN: m_plugin_name = self.get_plugin_name(message.plugin_name) m_plugin_name = colorize(m_plugin_name, "info") m_text = "[*] %s: Started." % m_plugin_name Console.display(m_text) elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_END: m_plugin_name = self.get_plugin_name(message.plugin_name) m_plugin_name = colorize(m_plugin_name, "info") m_text = "[*] %s: Finished." % m_plugin_name Console.display(m_text) elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_STEP: if Console.level >= Console.VERBOSE: m_id, m_progress = message.message_info m_plugin_name = self.get_plugin_name(message.plugin_name) m_plugin_name = colorize(m_plugin_name, "info") if m_progress is not None: m_progress_h = int(m_progress) m_progress_l = int((m_progress - float(m_progress_h)) * 100) m_progress_txt = colorize("%i.%.2i%%" % (m_progress_h, m_progress_l), "middle") m_progress_txt = m_progress_txt + " percent done..." else: m_progress_txt = "Working..." m_text = "[*] %s: %s" % (m_plugin_name, m_progress_txt) Console.display(m_text) # Process control messages elif message.message_type == MessageType.MSG_TYPE_CONTROL: # When an audit is finished, check if there are more running audits. # If there aren't any, stop the Orchestrator. if message.message_code == MessageCode.MSG_CONTROL_STOP_AUDIT: if get_audit_count() == 1: # this is the last one Config._context.send_msg( # XXX FIXME hide this from plugins! message_type = MessageType.MSG_TYPE_CONTROL, message_code = MessageCode.MSG_CONTROL_STOP, message_info = True, # True for finished, False for user cancel priority = MessagePriority.MSG_PRIORITY_LOW ) # Show log messages # (The verbosity is sent by Logger) elif message.message_code == MessageCode.MSG_CONTROL_LOG: (text, level, is_error) = message.message_info if Console.level >= level: try: m_plugin_name = self.get_plugin_name(message.plugin_name) except Exception: m_plugin_name = "GoLismero" m_plugin_name = colorize(m_plugin_name, 'info') text = colorize(text, 'middle') if is_error: text = "[!] %s: %s" % (m_plugin_name, text) Console.display_error(text) else: text = "[*] %s: %s" % (m_plugin_name, text) Console.display(text) # Show plugin errors # (Only the description in standard level, # full traceback in more verbose level) if message.message_code == MessageCode.MSG_CONTROL_ERROR: (description, traceback) = message.message_info try: m_plugin_name = self.get_plugin_name(message.plugin_name) except Exception: m_plugin_name = "GoLismero" text = "[!] Plugin '%s' error: %s " % (m_plugin_name, str(description)) text = colorize(text, 'critical') traceback = colorize(traceback, 'critical') Console.display_error(text) Console.display_error_more_verbose(traceback) # Show plugin warnings # (Only the description in verbose level, # full traceback in more verbose level) elif message.message_code == MessageCode.MSG_CONTROL_WARNING: for w in message.message_info: if Console.level >= Console.MORE_VERBOSE: formatted = warnings.formatwarning(w.message, w.category, w.filename, w.lineno, w.line) elif Console.level >= Console.VERBOSE: formatted = w.message else: formatted = None if formatted: m_plugin_name = self.get_plugin_name(message.plugin_name) text = "[!] Plugin '%s' warning: %s " % (m_plugin_name, str(formatted)) text = colorize(text, 'low') Console.display_error(text)
def recv_msg(self, message): # Process status messages. if message.message_type == MessageType.MSG_TYPE_STATUS: # A plugin has started. if message.message_code == MessageCode.MSG_STATUS_PLUGIN_BEGIN: # Create a simple ID for the plugin execution. id_dict = self.current_plugins[Config.audit_name][ message.plugin_id] simple_id = len(id_dict) id_dict[message.ack_identity] = simple_id # Show this event in extra verbose mode. if Console.level >= Console.MORE_VERBOSE: # Show a message to the user. m_plugin_name = self.get_plugin_name( message.plugin_id, message.ack_identity) m_plugin_name = colorize("[*] " + m_plugin_name, "informational") m_text = "%s: Started." % m_plugin_name Console.display(m_text) # A plugin has ended. elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_END: # Show this event in extra verbose mode. if Console.level >= Console.MORE_VERBOSE: # Show a message to the user. m_plugin_name = self.get_plugin_name( message.plugin_id, message.ack_identity) m_plugin_name = colorize("[*] " + m_plugin_name, "informational") m_text = "%s: Finished." % m_plugin_name Console.display(m_text) # Free the simple ID for the plugin execution. try: del self.current_plugins[Config.audit_name][ message.plugin_id][message.ack_identity] except KeyError: pass # A plugin has advanced. elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_STEP: # Show this event in verbose mode. if Console.level >= Console.VERBOSE: # Get the plugin name. m_plugin_name = self.get_plugin_name( message.plugin_id, message.ack_identity) m_plugin_name = colorize("[*] " + m_plugin_name, "informational") # Get the progress percentage. m_progress = message.message_info if m_progress is not None: m_progress_h = int(m_progress) m_progress_l = int( (m_progress - float(m_progress_h)) * 100) m_progress_txt = colorize( "%i.%.2i%%" % (m_progress_h, m_progress_l), "middle") m_progress_txt = m_progress_txt + " percent done..." else: m_progress_txt = "Working..." # Show it to the user. m_text = "%s: %s" % (m_plugin_name, m_progress_txt) Console.display(m_text) # The audit has moved to another execution stage. elif message.message_code == MessageCode.MSG_STATUS_STAGE_UPDATE: # Show this event in verbose mode. if Console.level >= Console.VERBOSE: # Show the new stage name. m_stage = get_stage_display_name(message.message_info) m_stage = colorize(m_stage, "high") m_plugin_name = colorize("[*] GoLismero", "informational") m_text = "%s: Current stage: %s" m_text %= (m_plugin_name, m_stage) Console.display(m_text) # If on maximum verbosity level and entering report stage, # log the current report mode. if (Console.level >= Console.MORE_VERBOSE and message.message_info == "report"): if Config.audit_config.only_vulns: m_report_type = "Brief" else: m_report_type = "Full" m_report_type = colorize(m_report_type, "yellow") m_text = "%s: Report type: %s" m_text %= (m_plugin_name, m_report_type) Console.display(m_text) # When an audit is aborted, check if there are more running audits. # If there aren't any, stop the Orchestrator. elif message.message_code == MessageCode.MSG_STATUS_AUDIT_ABORTED: (audit_name, description, traceback) = message.message_info try: m_plugin_name = self.get_plugin_name( message.plugin_id, message.ack_identity) m_plugin_name = colorize("[!] " + m_plugin_name, 'critical') text = "%s: Error: %s " % (m_plugin_name, str(description)) traceback = colorize(traceback, 'critical') Console.display_error(text) Console.display_error_more_verbose(traceback) finally: self.audit_is_dead(audit_name) # Process control messages. elif message.message_type == MessageType.MSG_TYPE_CONTROL: # When an audit is finished, check if there are more running audits. # If there aren't any, stop the Orchestrator. if message.message_code == MessageCode.MSG_CONTROL_STOP_AUDIT: self.audit_is_dead(message.audit_name) # Show log messages. The verbosity is sent by Logger. elif message.message_code == MessageCode.MSG_CONTROL_LOG: (text, level, is_error) = message.message_info if Console.level >= level: m_plugin_name = self.get_plugin_name( message.plugin_id, message.ack_identity) if is_error: text = colorize_traceback(text) m_plugin_name = colorize("[!] " + m_plugin_name, 'critical') text = "%s: %s" % (m_plugin_name, text) Console.display_error(text) else: m_plugin_name = colorize("[*] " + m_plugin_name, 'informational') text = "%s: %s" % (m_plugin_name, text) Console.display(text) # Show plugin errors. # Only the description in standard level, # full traceback in more verbose level. if message.message_code == MessageCode.MSG_CONTROL_ERROR: (description, traceback) = message.message_info m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize("[!] " + m_plugin_name, 'critical') text = "%s: Error: %s " % (m_plugin_name, str(description)) traceback = colorize_traceback(traceback) Console.display_error(text) Console.display_error_more_verbose(traceback) # Show plugin warnings. # Only in more verbose level. elif message.message_code == MessageCode.MSG_CONTROL_WARNING: for w in message.message_info: if Console.level >= Console.MORE_VERBOSE: formatted = warnings.formatwarning( w.message, w.category, w.filename, w.lineno, w.line) m_plugin_name = self.get_plugin_name( message.plugin_id, message.ack_identity) m_plugin_name = colorize("[!] " + m_plugin_name, 'low') text = "%s: Error: %s " % (m_plugin_name, str(formatted)) Console.display_error(text)
def recv_msg(self, message): # Process status messages. if message.message_type == MessageType.MSG_TYPE_STATUS: # A plugin has started. if message.message_code == MessageCode.MSG_STATUS_PLUGIN_BEGIN: # Create a simple ID for the plugin execution. id_dict = self.current_plugins[Config.audit_name][message.plugin_id] simple_id = len(id_dict) id_dict[message.ack_identity] = simple_id # Show a message to the user. m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize(m_plugin_name, "informational") m_text = "[*] %s: Started." % m_plugin_name Console.display(m_text) # A plugin has ended. elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_END: # Show a message to the user. m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize(m_plugin_name, "informational") m_text = "[*] %s: Finished." % m_plugin_name Console.display(m_text) # Free the simple ID for the plugin execution. del self.current_plugins[Config.audit_name][message.plugin_id][message.ack_identity] # A plugin has advanced. elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_STEP: # Don't show this event in quiet mode. if Console.level >= Console.VERBOSE: # Get the plugin name. m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize(m_plugin_name, "informational") # Get the progress percentage. m_progress = message.message_info if m_progress is not None: m_progress_h = int(m_progress) m_progress_l = int((m_progress - float(m_progress_h)) * 100) m_progress_txt = colorize("%i.%.2i%%" % (m_progress_h, m_progress_l), "middle") m_progress_txt = m_progress_txt + " percent done..." else: m_progress_txt = "Working..." # Show it to the user. m_text = "[*] %s: %s" % (m_plugin_name, m_progress_txt) Console.display(m_text) # Process control messages. elif message.message_type == MessageType.MSG_TYPE_CONTROL: # When an audit is finished, check if there are more running audits. # If there aren't any, stop the Orchestrator. if message.message_code == MessageCode.MSG_CONTROL_STOP_AUDIT: try: del self.already_seen_info[Config.audit_name] except KeyError: pass # may happen when generating reports only if get_audit_count() == 1: # this is the last one Config._context.send_msg( # XXX FIXME hide this from plugins! message_type = MessageType.MSG_TYPE_CONTROL, message_code = MessageCode.MSG_CONTROL_STOP, message_info = True, # True for finished, False for user cancel priority = MessagePriority.MSG_PRIORITY_LOW ) # Show log messages. The verbosity is sent by Logger. elif message.message_code == MessageCode.MSG_CONTROL_LOG: (text, level, is_error) = message.message_info if Console.level >= level: try: m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) except Exception: m_plugin_name = "GoLismero" m_plugin_name = colorize(m_plugin_name, 'informational') text = colorize(text, 'middle') if is_error: text = "[!] %s: %s" % (m_plugin_name, text) Console.display_error(text) else: text = "[*] %s: %s" % (m_plugin_name, text) Console.display(text) # Show plugin errors. # Only the description in standard level, # full traceback in more verbose level. if message.message_code == MessageCode.MSG_CONTROL_ERROR: (description, traceback) = message.message_info try: m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) except Exception: m_plugin_name = "GoLismero" text = "[!] Plugin '%s' error: %s " % (m_plugin_name, str(description)) text = colorize(text, 'critical') traceback = colorize(traceback, 'critical') Console.display_error(text) Console.display_error_more_verbose(traceback) # Show plugin warnings. # Only the description in verbose level, # full traceback in more verbose level. elif message.message_code == MessageCode.MSG_CONTROL_WARNING: for w in message.message_info: if Console.level >= Console.MORE_VERBOSE: formatted = warnings.formatwarning(w.message, w.category, w.filename, w.lineno, w.line) elif Console.level >= Console.VERBOSE: formatted = w.message else: formatted = None if formatted: m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) text = "[!] Plugin '%s' warning: %s " % (m_plugin_name, str(formatted)) text = colorize(text, 'low') Console.display_error(text)
def recv_msg(self, message): # Process status messages. if message.message_type == MessageType.MSG_TYPE_STATUS: # A plugin has started. if message.message_code == MessageCode.MSG_STATUS_PLUGIN_BEGIN: # Create a simple ID for the plugin execution. id_dict = self.current_plugins[Config.audit_name][message.plugin_id] simple_id = len(id_dict) id_dict[message.ack_identity] = simple_id # Show this event in verbose mode. if Console.level >= Console.VERBOSE: # Show a message to the user. m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize("[*] " + m_plugin_name, "informational") m_text = "%s: Started." % m_plugin_name Console.display(m_text) # A plugin has ended. elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_END: # Show this event in verbose mode. if Console.level >= Console.VERBOSE: # Show a message to the user. m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize("[*] " + m_plugin_name, "informational") m_text = "%s: Finished." % m_plugin_name Console.display(m_text) # Free the simple ID for the plugin execution. try: del self.current_plugins[Config.audit_name][message.plugin_id][message.ack_identity] except KeyError: pass # A plugin has advanced. elif message.message_code == MessageCode.MSG_STATUS_PLUGIN_STEP: # Show this event in verbose mode. if Console.level >= Console.VERBOSE: # Get the plugin name. m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize("[*] " + m_plugin_name, "informational") # Get the progress percentage. m_progress = message.message_info if m_progress is not None: m_progress_h = int(m_progress) m_progress_l = int((m_progress - float(m_progress_h)) * 100) m_progress_txt = colorize("%i.%.2i%%" % (m_progress_h, m_progress_l), "middle") m_progress_txt = m_progress_txt + " percent done..." else: m_progress_txt = "Working..." # Show it to the user. m_text = "%s: %s" % (m_plugin_name, m_progress_txt) Console.display(m_text) # The audit has moved to another execution stage. elif message.message_code == MessageCode.MSG_STATUS_STAGE_UPDATE: # Show this event in verbose mode. if Console.level >= Console.VERBOSE: # Show the new stage name. m_stage = get_stage_display_name(message.message_info) m_stage = colorize(m_stage, "high") m_plugin_name = colorize("[*] GoLismero", "informational") m_text = "%s: Current stage: %s" m_text %= (m_plugin_name, m_stage) Console.display(m_text) # If on maximum verbosity level and entering report stage, # log the current report mode. if ( Console.level >= Console.MORE_VERBOSE and message.message_info == "report" ): if Config.audit_config.only_vulns: m_report_type = "Brief" else: m_report_type = "Full" m_report_type = colorize(m_report_type, "yellow") m_text = "%s: Report type: %s" m_text %= (m_plugin_name, m_report_type) Console.display(m_text) # When an audit is aborted, check if there are more running audits. # If there aren't any, stop the Orchestrator. elif message.message_code == MessageCode.MSG_STATUS_AUDIT_ABORTED: (audit_name, description, traceback) = message.message_info try: m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize("[!] " + m_plugin_name, 'critical') text = "%s: Error: %s " % (m_plugin_name, str(description)) traceback = colorize(traceback, 'critical') Console.display_error(text) Console.display_error_more_verbose(traceback) finally: self.audit_is_dead(audit_name) # Process control messages. elif message.message_type == MessageType.MSG_TYPE_CONTROL: # When an audit is finished, check if there are more running audits. # If there aren't any, stop the Orchestrator. if message.message_code == MessageCode.MSG_CONTROL_STOP_AUDIT: self.audit_is_dead(message.audit_name) # Show log messages. The verbosity is sent by Logger. elif message.message_code == MessageCode.MSG_CONTROL_LOG: (text, level, is_error) = message.message_info if Console.level >= level: m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) if is_error: text = colorize_traceback(text) m_plugin_name = colorize("[!] " + m_plugin_name, 'critical') text = "%s: %s" % (m_plugin_name, text) Console.display_error(text) else: m_plugin_name = colorize("[*] " + m_plugin_name, 'informational') text = "%s: %s" % (m_plugin_name, text) Console.display(text) # Show plugin errors. # Only the description in standard level, # full traceback in more verbose level. if message.message_code == MessageCode.MSG_CONTROL_ERROR: (description, traceback) = message.message_info m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize("[!] " + m_plugin_name, 'critical') text = "%s: Error: %s " % (m_plugin_name, str(description)) traceback = colorize_traceback(traceback) Console.display_error(text) Console.display_error_more_verbose(traceback) # Show plugin warnings. # Only in more verbose level. elif message.message_code == MessageCode.MSG_CONTROL_WARNING: for w in message.message_info: if Console.level >= Console.MORE_VERBOSE: formatted = warnings.formatwarning(w.message, w.category, w.filename, w.lineno, w.line) m_plugin_name = self.get_plugin_name(message.plugin_id, message.ack_identity) m_plugin_name = colorize("[!] " + m_plugin_name, 'low') text = "%s: Error: %s " % (m_plugin_name, str(formatted)) Console.display_error(text)