def setConf():
"""
User configuration management and instantiation.
Setting framework configuration based either on previously user saved
settings or default ones.
"""
logger.info("Setting configuration.")
CONF = getInstanceConfiguration()
CONF.setDebugStatus(args.debug)
if args.debug:
set_logging_level(logging.DEBUG)
host = CONF.getApiConInfoHost() if str(CONF.getApiConInfoHost()) != "None" else FARADAY_DEFAULT_HOST
port_xmlrpc = CONF.getApiConInfoPort() if str(CONF.getApiConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_XMLRPC
port_rest = CONF.getApiRestfulConInfoPort() if str(
CONF.getApiRestfulConInfoPort()) != "None" else FARADAY_DEFAULT_PORT_REST
host = args.host if args.host else host
port_xmlrpc = args.port_xmlrpc if args.port_xmlrpc else port_xmlrpc
port_rest = args.port_rest if args.port_rest else port_rest
CONF.setApiConInfoHost(host)
CONF.setApiConInfoPort(port_xmlrpc)
CONF.setApiRestfulConInfoPort(port_rest)
def main():
"""
Main function for launcher.
"""
global args
args = get_parser_args()
setup_folders(CONST_FARADAY_FOLDER_LIST)
print_banner()
logger.info("Dependencies met.")
check_configuration(args.gui)
setConf()
CONF = getInstanceConfiguration()
cert_path = CONF.getCertPath()
if args.cert_path:
if not os.path.isfile(args.cert_path):
logger.error("Certificate Path Don't exists [%s]", args.cert_path)
sys.exit(1)
cert_path = os.path.abspath(args.cert_path)
if cert_path:
os.environ[REQUESTS_CA_BUNDLE_VAR] = cert_path
if args.login:
# We only call terminal login when user provides login flag
login(cert_path)
start_faraday_client()
#!/usr/bin/env python
"""
Faraday Penetration Test IDE
Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
See the file 'doc/LICENSE' for the license information
"""
from __future__ import absolute_import
from faraday_client.config.configuration import getInstanceConfiguration
from faraday_client.managers.reports_managers import ReportManager
CONF = getInstanceConfiguration()
class UiFactory:
@staticmethod
def create(model_controller,
plugin_manager,
workspace_manager,
plugin_controller,
gui="gtk"):
if gui == "gtk":
from faraday_client.gui.gtk.application import GuiApp # pylint:disable=import-outside-toplevel
else:
from faraday_client.gui.nogui.application import GuiApp # pylint:disable=import-outside-toplevel
return GuiApp(model_controller, plugin_manager, workspace_manager,
plugin_controller)
def login(ask_for_credentials, cert_path):
"""
Sets the username and passwords from the command line.
If --login flag is set then username and password is set
"""
CONF = getInstanceConfiguration()
server_url = CONF.getAPIUrl()
try:
if not server_url:
server_url = input("\nPlease enter the Faraday Server URL (Press enter for http://localhost:5985): ") \
or "http://localhost:5985"
else:
if ask_for_credentials:
server_url = input(f"\nPlease enter the Faraday Server URL (Press enter for last used: {server_url}): ") \
or server_url
parsed_url = urlparse(server_url)
if not all([parsed_url.scheme, parsed_url.netloc]):
logger.error("Invalid URL: %s", server_url)
sys.exit(1)
try:
if parsed_url.scheme == "https":
logger.debug("Validate server ssl certificate [%s]", server_url)
login_url = urljoin(server_url, "/_api/login")
test_server_response = requests.get(login_url)
if test_server_response.status_code != 200:
logger.error("Faraday server returned invalid response: %s", test_server_response.status_code)
sys.exit(1)
except requests.exceptions.SSLError as e:
logger.error("Invalid SSL Certificate, use --cert CERTIFICATE for custom certificate")
print(f"{Fore.RED}Invalid SSL Certificate, use --cert CERTIFICATE_PATH for custom certificate")
sys.exit(1)
except requests.exceptions.ConnectionError as e:
logger.error("Connection to Faraday server FAILED: %s - use --login to set a new server", server_url)
sys.exit(1)
CONF.setAPIUrl(server_url)
if not ask_for_credentials:
session_cookies = CONF.getFaradaySessionCookies()
if session_cookies and server_url:
if is_authenticated(server_url, session_cookies):
logger.debug("Valid Previous session cookie found")
if parsed_url.scheme == "https" and cert_path:
CONF.setCerPath(cert_path)
else:
CONF.setCerPath(None)
return True
print(f"""\nPlease provide your valid Faraday credentials for {server_url}\nYou have 3 attempts.""")
MAX_ATTEMPTS = 3
for attempt in range(1, MAX_ATTEMPTS + 1):
api_username = input("Username (press enter for faraday): ") or "faraday"
api_password = getpass.getpass('Password: '******'roles' in user_info:
if 'client' in user_info['roles']:
print(f"You can't login as a client. You have {MAX_ATTEMPTS - attempt} attempt(s) left.")
continue
logger.info('Login successful: {0}'.format(api_username))
CONF.saveConfig()
break
print(f'Login failed, please try again. You have {MAX_ATTEMPTS - attempt} more attempts')
else:
logger.fatal(f'Invalid credentials, {MAX_ATTEMPTS} attempts failed. Quitting Faraday...')
sys.exit(-1)
except KeyboardInterrupt:
sys.exit(0)
