help="Exploit that must be run on the target application-specific container", metavar="EXPLOIT.py") parser.add_option("--spoiled", action="store_true", dest="spoiled", default=settings.spoiled_mode, help="This flag indicates that app-specific container must be reused (for batch mode only).\n Currently works if '--target' attribute is not specified", metavar="SPOILED") parser.add_option("--visible", action="store_true", dest="visible", default=settings.browser_visible, help="This flag indicates if browser is visible during the exploit execution") parser.add_option("--disposable", action="store_true", dest="disposable", default=False, help="This flag indicates whether the app-specific container image should be disposed after the run") (options, args) = parser.parse_args() ex = ExecutionEngine() settings.disposable = options.disposable if (options.visible): settings.browser_visible = options.visible if (options.mapped_port): settings.mapped_port_in = options.mapped_port if (options.verbose): settings.report_verbosity = "DEBUG" else: settings.report_verbosity = "INFO" if (options.results_filename): settings.results_filename = options.results_filename
def main(): ee = ExecutionEngine() ee.ExecuteTestCases("hello.csv")
if __name__ == "__main__": bugbox_exploits = os.listdir(settings.exploits_path+"bugbox/") bugbox_exploits.remove(".DS_Store") bugbox_exploits.remove(".DS_Storec") bugbox_exploits.remove("__init__.py") bugbox_exploits.remove("framework") for file in bugbox_exploits: if file.find(".pyc"): bugbox_exploits.remove(file) bugbox_exploits = [settings.exploits_path+"bugbox/"+filename for filename in bugbox_exploits] ex = ExecutionEngine() for exploit_path in bugbox_exploits: exploit_file = open(exploit_path) target = "" for line in exploit_file.readlines(): if (line.find("'Target'") != -1): target = line.split("\"")[-2] if (line.find("'Plugin'") != -1): target +="_"+line.split("\"")[-2] target = target.replace(" ", "_").replace(".","_").lower()
def executeComposition(compositionId): variables = request.get_json() sparql = SPARQLWrapper("http://localhost:3030/03Ap08") sparql.setQuery(""" Select ?url ?method ?returns ?inputs ?inputValues where { { <http://localhost:5000/""" + compositionId + """> <http://www.w3.org/ns/hydra/core#Collection> ?c . ?c <http://www.w3.org/ns/hydra/core#member> ?member. ?member <http://www.w3.org/ns/hydra/core#method> ?method . ?member <http://schema.org/url> ?url . ?member <http://www.w3.org/ns/hydra/core#returns> ?returns . {SELECT ?member (GROUP_CONCAT(?input;separator="|") AS ?inputs) (GROUP_CONCAT(?inputValue;separator="|") AS ?inputValues) WHERE { {?member <http://www.w3.org/ns/hydra/core#expects> ?expect. ?expect ?input ?inputValue} } group by ?member } } } """) sparql.method = 'GET' sparql.setReturnFormat(JSON) results = sparql.query().convert() dumpedresults = json.dumps(OrderedDict(results)) jsonresults = json.loads(dumpedresults, object_pairs_hook=OrderedDict) workflow = {} member = [] compoDesc = OrderedDict() for i in jsonresults["results"]["bindings"]: service = {} service['url'] = i["url"]["value"] service['method'] = i["method"]["value"] service['returns'] = i["returns"]["value"] expects = [] if ('|' in i["inputs"]["value"]): inputs = str(i["inputs"]["value"]) arr_inputs = inputs.split("|") input_val = str(i["inputValues"]["value"]) arr_input_val = input_val.split("|") for i in range(len(arr_inputs)): exp = {} exp[arr_inputs[i]] = arr_input_val[i] expects.append(exp) service['expects'] = expects else: exp = {} exp[i["inputs"]["value"]] = i["inputValues"]["value"] expects.append(exp) service['expects'] = expects member.append(service) compoDesc['Workflow'] = member sparql2 = SPARQLWrapper("http://localhost:3030/03Ap08") sparql2.setQuery(""" Select ?goal where { <http://localhost:5000/""" + compositionId + """> <http://www.w3.org/ns/hydra/core#Collection> ?coll . ?coll <http://schema.org/Text> ?goal } """) sparql2.method = 'GET' sparql2.setReturnFormat(JSON) results2 = sparql2.query().convert() dumpedresults2 = json.dumps(OrderedDict(results2)) jsonresults2 = json.loads(dumpedresults2, object_pairs_hook=OrderedDict) compoDesc['Goal'] = jsonresults2["results"]["bindings"][0]["goal"]["value"] jsonldexec = json.dumps(OrderedDict(compoDesc)) var_arr = [] sparql = SPARQLWrapper("http://localhost:3030/03Ap08") sparql.setQuery(""" SELECT ?input WHERE {<http://localhost:5000/""" + compositionId + """> <http://www.w3.org/ns/hydra/core#operation> ?op . ?op <http://www.w3.org/ns/hydra/core#expects> ?expects . ?expects ?input ?inval } """) sparql.method = 'GET' sparql.setReturnFormat(JSON) results = sparql.query().convert() dumpedresults = json.dumps(OrderedDict(results)) jsonresults = json.loads(dumpedresults) print(jsonresults) for i in jsonresults["results"]["bindings"]: #var = i["input"]["value"].split('#') var = i["input"]["value"].rsplit('/', 1)[-1] var_arr.append(var[1]) execution = ExecutionEngine() #variables = [["var_initDate", "26-03-2018 12:00:00"], ["var_endDate", "27-03-2018 12:00:00"]] execution.executeComposition(jsonldexec, var_arr, variables) return ''