def wget(filepath):
url = "%s%s" % (target.TARGET_GIT_URL, filepath)
filename = os.path.join(paths.GITHACK_DIST_TARGET_GIT_PATH, filepath)
data = request_data(url)
if data:
writeFile(filename, data)
if DEBUG:
logger.success("Get %s => %s" % (url, filepath))
def update_program():
git_repository = "https://github.com/orleven/srcscan.git"
success = False
path = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
if not os.path.exists(os.path.join(path, ".git")):
msg = "Have not a git repository. Please checkout the 'srcscan' repository "
msg += "from GitHub (e.g. 'git clone --depth 1 https://github.com/orleven/srcscan.git srcscan')"
logger.error(msg)
else:
msg = "Updating srcscan to the latest version from the gitHub repository."
logger.sysinfo(msg)
msg = "The srcscan will try to update itself using 'git' command."
logger.sysinfo(msg)
logger.sysinfo("Update in progress.")
try:
process = subprocess.Popen(
"git checkout . && git pull %s HEAD" % git_repository,
shell=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
cwd=path.encode(locale.getpreferredencoding())
) # Reference: http://blog.stastnarodina.com/honza-en/spot/python-unicodeencodeerror/
poll_process(process, True)
stdout, stderr = process.communicate()
success = not process.returncode
except (IOError, OSError) as ex:
success = False
logger.error(type(ex).__name__)
if success:
logger.success("The latest revision '%s'" % (get_revision_number()))
else:
if "Not a git repository" in stderr:
msg = "Not a valid git repository. Please checkout the 'orleven/srcscan' repository "
msg += "from GitHub (e.g. 'git clone --depth 1 https://github.com/orleven/srcscan.git srcscan')"
logger.error(msg)
else:
logger.error("Update could not be completed ('%s')" %
re.sub(r"\W+", " ", stderr).strip())
if not success:
if sys.platform == 'win32':
msg = "for Windows platform it's recommended "
msg += "to use a GitHub for Windows client for updating "
msg += "purposes (http://windows.github.com/) or just "
msg += "download the latest snapshot from "
msg += "https://github.com/orleven/srcscan"
else:
msg = "For Linux platform it's required "
msg += "to install a standard 'git' package (e.g.: 'sudo apt-get install git')"
logger.sysinfo(msg)
def checkdepends():
logger.info("Check Depends")
process = subprocess.Popen("git --version",
shell=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
if stderr:
logger.error(DEPENDS)
sys.exit(1)
logger.success("Check depends end")
def valid_git_repo():
logger.info("Valid Repository")
process = subprocess.Popen(
"cd %s && git reset" % (paths.GITHACK_DIST_TARGET_PATH),
shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
if stderr:
logger.info("Valid Repository Fail")
return False
logger.success("Valid Repository Success")
return True
def loadPlugin(url, poc=None):
"""load all plugins.
"""
if "://" not in url:
url = "http://" + url
url = url.strip("/")
logger.info("Target url: %s" % url)
plugin_path = os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))),"plugins")
if not os.path.isdir(plugin_path):
logger.warning("%s is not a directory! " % plugin_path)
raise EnvironmentError
logger.info("Plugin path: %s " % plugin_path)
items = os.listdir(plugin_path)
if poc:
logger.info('Loading plugins with "%s" key words.' % poc)
else:
poc=""
for item in items:
if item.endswith(".py") and not item.startswith('__'):
plugin_name = item[:-3]
if poc in plugin_name:
logger.info("Loading plugin: %s" % plugin_name)
module = importlib.import_module("plugins." + plugin_name)
try:
result = module.run(url)
if result:
logger.success(result)
else:
logger.error("Not Vulnerable %s " % plugin_name)
except:
logger.warning("ConnectionError ")
else:
continue
logger.info("Finished")
def job_success():
logger.p("", logger.GREEN)
logger.success("Clone Success. Dist File : %s" %
(paths.GITHACK_DIST_TARGET_PATH))
