def search_all_transactions(session, criteria, target_id=None, include_raw_data=True): """Search all transactions.Three things needed + Total number of transactions + Filtered transaction dicts + Filtered number of transactions :param criteria: Filter criteria :type criteria: `dict` :param target_id: target ID :type target_id: `int` :param include_raw_data: True/False to include raw data :type include_raw_data: `bool` :return: Results :rtype: `dict` """ total = get_count( session.query(models.Transaction).filter_by(target_id=target_id)) filtered_transaction_objs = transaction_gen_query(session, criteria, target_id).all() filtered_number = get_count( transaction_gen_query(session, criteria, target_id, for_stats=True)) results = { "records_total": total, "records_filtered": filtered_number, "data": get_transaction_dicts(filtered_transaction_objs, include_raw_data) } return results
def search_all_urls(session, criteria, target_id=None): """Search all URLs based on criteria and target ID .note:: Three things needed + Total number of urls + Filtered url + Filtered number of url :param criteria: Filter criteria :type criteria: `dict` :param target_id: Target ID :type target_id: `int` :return: Search result dict :rtype: `dict` """ total = get_count(session.query(models.Url).filter_by(target_id=target_id)) filtered_url_objs = url_gen_query(session, criteria, target_id).all() filtered_number = get_count( url_gen_query(session, criteria, target_id, for_stats=True)) results = { "records_total": total, "records_filtered": filtered_number, "data": derive_url_dicts(filtered_url_objs) } return results
def search_by_regex_name(session, regex_name, stats=False, target_id=None): """Allows searching of the grep_outputs table using a regex name .note:: What this function returns : + regex_name + grep_outputs - list of unique matches + transaction_ids - list of one transaction id per unique match + match_percent :param regex_name: Name of regex :type regex_name: `str` :param stats: true/false :type stats: `bool` :param target_id: target ID :type target_id: `int` :return: List of results :rtype: `list` """ # Get the grep outputs and only unique values grep_outputs = session.query(models.GrepOutput.output).filter_by( name=regex_name, target_id=target_id).group_by(models.GrepOutput.output).all() grep_outputs = [i[0] for i in grep_outputs] # Get one transaction per match transaction_ids = [] for grep_output in grep_outputs: transaction_ids.append( session.query(models.Transaction.id).join( models.Transaction.grep_outputs).filter( models.GrepOutput.output == grep_output, models.GrepOutput.target_id == target_id).limit(1).all()[0] [0]) # Calculate stats if needed if stats: # Calculate the total number of matches num_matched_transactions = get_count( session.query(models.Transaction).join( models.Transaction.grep_outputs).filter( models.GrepOutput.name == regex_name, models.GrepOutput.target_id == target_id).group_by( models.Transaction)) # Calculate total number of transactions in scope num_transactions_in_scope = get_count( session.query(models.Transaction).filter_by(scope=True, target_id=target_id)) # Calculate matched percentage if int(num_transactions_in_scope): match_percent = int( (num_matched_transactions / float(num_transactions_in_scope)) * 100) else: match_percent = 0 else: match_percent = None return [ regex_name, [json.loads(i) for i in grep_outputs], transaction_ids, match_percent ]
def plugin_count_output(session): """Get count stats :return: Count stats :rtype: `dict` """ from owtf.managers.worker import worker_manager complete_count = get_count(session.query(models.PluginOutput)) left_count = get_count(session.query(models.Work)) left_count += worker_manager.get_busy_workers() results = {'complete_count': complete_count, 'left_count': left_count} return results
def add_work(session, target_list, plugin_list, force_overwrite=False): """Add work to the worklist :param target_list: target list :type target_list: `list` :param plugin_list: plugin list :type plugin_list: `list` :param force_overwrite: True/False, user choice :type force_overwrite: `bool` :return: None :rtype: None """ if any(plugin['group'] == 'auxiliary' for plugin in plugin_list): # No sorting if aux plugins are run sorted_plugin_list = plugin_list else: sorted_plugin_list = group_sort_order(plugin_list) for target in target_list: for plugin in sorted_plugin_list: # Check if it already in worklist if get_count(session.query(models.Work).filter_by(target_id=target["id"], plugin_key=plugin["key"])) == 0: # Check if it is already run ;) before adding is_run = plugin_already_run(session=session, plugin_info=plugin, target_id=target["id"]) if (force_overwrite is True) or (force_overwrite is False and is_run is False): # If force overwrite is true then plugin output has # to be deleted first if force_overwrite is True: delete_all_poutput(session=session, filter_data={"plugin_key": plugin["key"]}, target_id=target["id"]) work_model = models.Work(target_id=target["id"], plugin_key=plugin["key"]) session.add(work_model) session.commit()
def search_target_configs(session, filter_data=None, session_id=None): """Three things needed + Total number of targets + Filtered target dicts + Filtered number of targets :param filter_data: Filter data :type filter_data: `dict` :param session_id: session id :type session_id: `int` :return: results :rtype: `dict` """ total = get_count(session.query(models.Target).filter(models.Target.sessions.any(id=session_id))) filtered_target_objs = target_gen_query(session, filter_data, session_id).all() filtered_number = get_count(target_gen_query(session, filter_data, session_id, for_stats=True)) results = { "records_total": total, "records_filtered": filtered_number, "data": get_target_configs(filtered_target_objs) } return results
def num_transactions(session, scope=True, target_id=None): """Return number of transactions in scope by default :param scope: In/out scope :type scope: `bool` :param target_id: ID of the target :type target_id: `int` :return: Number of transactions in scope :rtype: `int` """ count = get_count( session.query(models.Transaction).filter_by(scope=scope, target_id=target_id)) return count
def plugin_output_exists(session, plugin_key, target_id): """Check if output exists :param plugin_key: plugin key :type plugin_key: `str` :param target_id: Target id :type target_id: `int` :return: True if count > 0 :rtype: `bool` """ count = get_count( session.query(models.PluginOutput).filter_by(target_id=target_id, plugin_key=plugin_key)) return count > 0
def search_all_work(session, criteria): """Search the worklist .note:: Three things needed + Total number of work + Filtered work dicts + Filtered number of works :param criteria: Filter criteria :type criteria: `dict` :return: Results of the search query :rtype: `dict` """ total = get_count(session.query(models.Work)) filtered_work_objs = worklist_generate_query(session, criteria).all() filtered_number = worklist_generate_query(session, criteria, for_stats=True).count() results = { "records_total": total, "records_filtered": filtered_number, "data": _derive_work_dicts(filtered_work_objs) } return results