Esempio n. 1
0
    def verify_file(self, filename):
        option_files = glob.glob(str(BASE_DIR) + '/storages/**/options.json',
                                 recursive=True)

        # loop though all options avalible
        for option in option_files:
            json_option = utils.reading_json(option)
            stdout_path = json_option.get('WORKSPACES') + "/" + filename

            if utils.not_empty_file(stdout_path):
                return json_option.get('WORKSPACES'), os.path.normpath(
                    filename)

            # get real path
            p = Path(filename)
            ws = p.parts[0]
            if ws != utils.url_encode(ws):
                # just replace the first one
                filename_encode = filename.replace(ws, utils.url_encode(ws), 1)
                stdout_path_encode = json_option.get(
                    'WORKSPACES') + filename_encode
                if utils.not_empty_file(stdout_path_encode):
                    return json_option.get('WORKSPACES'), os.path.normpath(
                        filename_encode)

        return False, False
Esempio n. 2
0
    def post(self):
        current_path = os.path.dirname(os.path.realpath(__file__))
        # global options
        data = Configurations.parser.parse_args()
        options = data['options']

        utils.just_write(current_path + '/storages/options.json', options, is_json=True)

        if options.get('FORCE') == "False":
            old_log = options['WORKSPACE'] + '/log.json'
            if utils.not_empty_file(old_log) and utils.reading_json(old_log):
                utils.print_info(
                    "It's already done. use '-f' options to force rerun the module")

                raw_activities = utils.reading_json(
                    options['WORKSPACE'] + '/log.json')
                utils.just_write(current_path + '/storages/activities.json',
                                 raw_activities, is_json=True)

                return options

        
        utils.print_info("Cleasning activities log")
        #Create skeleton activities
        commands = utils.reading_json(current_path + '/storages/commands.json')
        raw_activities = {}
        for k,v in commands.items():
            raw_activities[k] = []
        utils.just_write(current_path + '/storages/activities.json',
                         raw_activities, is_json=True)

        return options
Esempio n. 3
0
    def post(self):
        # global options
        data = Configurations.parser.parse_args()
        options = data['options']

        # @TODO add another authen level when settings things from remote
        # check if credentials is the same on the config file or not
        if not self.verify(options):
            return {"error": "Can't not verify to setup config"}

        # write each workspace seprated folder
        ws_name = utils.get_workspace(options)
        utils.make_directory(current_path + '/storages/{0}/'.format(ws_name))
        if not os.path.isdir(current_path + '/storages/{0}/'.format(ws_name)):
            return {
                "error":
                "Can not create workspace directory with name {0} ".format(
                    ws_name)
            }

        activities_path = current_path + '/storages/{0}/activities.json'.format(
            ws_name)
        options_path = current_path + '/storages/{0}/options.json'.format(
            ws_name)

        # consider this is settings db
        utils.just_write(options_path, options, is_json=True)

        if options.get('FORCE') == "False":
            old_log = options['WORKSPACE'] + '/log.json'
            if utils.not_empty_file(old_log) and utils.reading_json(old_log):
                utils.print_info(
                    "It's already done. use '-f' options to force rerun the module"
                )

                raw_activities = utils.reading_json(options['WORKSPACE'] +
                                                    '/log.json')

                utils.just_write(activities_path, raw_activities, is_json=True)

                return options

        utils.print_info("Cleaning activities log")

        # Create skeleton activities based on commands.json
        commands = utils.reading_json(current_path + '/storages/commands.json')

        raw_activities = {}
        for k, v in commands.items():
            raw_activities[k] = []
        utils.just_write(activities_path, raw_activities, is_json=True)

        return options
Esempio n. 4
0
    def get(self, filename):
        # @TODO potential LFI here
        std_file = os.path.normpath(filename)
        stdout_path = self.options['WORKSPACES'] + std_file
        if not utils.not_empty_file(stdout_path):
            return 'Custom 404 here', 404
        
        content = utils.just_read(stdout_path).replace("\n\n", "\n")
        # content = utils.just_read(stdout_path)

        try:
            #convert console output to html
            conv = Ansi2HTMLConverter(
                scheme='mint-terminal')
            # conv = Ansi2HTMLConverter()
            html = conv.convert(content)
            response = make_response(html)
            response.headers['content-type'] = 'text/html'
            return response
        except:
            return content
Esempio n. 5
0
    def get(self, workspace):
        # module = request.args.get('module')
        ws_name = os.path.basename(os.path.normpath(workspace))
        # print(ws_name)
        # change to current workspace instead of get from running target
        self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
        self.options['OUTPUT'] = ws_name

        reports = []

        for k in self.commands.keys():
            if "report" in self.commands[k].keys():
                report = utils.replace_argument(
                    self.options, self.commands[k].get("report"))

                report_item = {"module": k, "report": report}
                if utils.not_empty_file(report_item['report']):
                    report_item['report'] = report.replace(self.options['WORKSPACE'], ws_name)
                    reports.append(report_item)

        return {'reports': reports}
Esempio n. 6
0
    def get(self, workspace):
        # module = request.args.get('module')
        ws_name = os.path.basename(os.path.normpath(workspace))
        # print(ws_name)
        # change to current workspace instead of get from running target
        self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
        self.options['OUTPUT'] = ws_name

        reports = []

        for k in self.commands.keys():
            if "report" in self.commands[k].keys():
                report = utils.replace_argument(self.options,
                                                self.commands[k].get("report"))

                report_item = {"module": k, "report": report}
                if utils.not_empty_file(report_item['report']):
                    report_item['report'] = report.replace(
                        self.options['WORKSPACE'], ws_name)
                    reports.append(report_item)

        return {'reports': reports}
Esempio n. 7
0
    def post(self, workspace=None):
        # global options
        data = Authentication.parser.parse_args()
        username = data['username']
        password = data['password']

        # if no workspace specific
        if not workspace:
            if self.get_options(username, password):
                # cause we don't have real db so it's really hard to manage JWT
                # just change the secret if you want to revoke old token
                expires = datetime.timedelta(days=365)
                token = create_access_token(username, expires_delta=expires)
                return {'access_token': token}
            else:
                return {'error': "Credentials Incorrect"}
        elif workspace == 'None':
            pass

        current_path = os.path.dirname(os.path.realpath(__file__))

        options_path = current_path + \
            '/storages/{0}/options.json'.format(workspace)

        if not utils.not_empty_file(options_path):
            return {'error': "Workspace not found"}

        options = utils.reading_json(options_path)

        if username == options.get('USERNAME'):
            if password == options.get('PASSWORD'):
                # cause we don't have real db so it's really hard to manage JWT
                # just change the secret if you want to revoke old token
                expires = datetime.timedelta(days=365)
                token = create_access_token(username, expires_delta=expires)
                return {'access_token': token}

        return {'error': "Credentials Incorrect"}
Esempio n. 8
0
    def get(self, workspace):
        module = request.args.get('module')
        ws_name = os.path.basename(os.path.normpath(workspace))
        # print(ws_name)
        # change to current workspace instead of get from running target
        self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
        self.options['OUTPUT'] = ws_name

        reports = {}
        for key, value in self.commands.items():
            raw_report = self.commands[key].get('report')
            reports[key] = "N/A"
            if raw_report:
                real_report = utils.replace_argument(
                    self.options, self.commands[key].get('report'))
                if utils.not_empty_file(real_report):
                    reports[key] = real_report.replace(
                        self.options['WORKSPACES'], '')

        if module is not None:
            reports = reports.get(module)

        return {'reports': reports}
Esempio n. 9
0
    def get(self, workspace):
        # module = request.args.get('module')
        ws_name = os.path.basename(os.path.normpath(workspace))
        options_path = str(BASE_DIR.joinpath('storages/{0}/options.json'.format(ws_name)))
        self.options = utils.reading_json(options_path)

        if not self.options:
            return {"error": "Workspace {0} not found".format(ws_name)}

        # get commands
        commands_path = str(BASE_DIR.joinpath('commands.json'))
        self.commands = utils.reading_json(commands_path)

        # change to current workspace instead of get from running target
        self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
        self.options['OUTPUT'] = ws_name

        final_reports = []

        # reports = {}
        for key in self.commands.keys():
            final_reports.append({
                "module": key,
                "reports": []
            })

        for k in self.commands.keys():
            if "report" in self.commands[k].keys():
                report = utils.replace_argument(self.options, self.commands[k].get("report"))
                # print(report)
                if type(report) == str:
                    if utils.not_empty_file(report):
                        report_path = report.replace(
                            self.options.get('WORKSPACE'), ws_name)

                        report_item = {
                            "path": report_path,
                            "type": "html",
                        }
                        for i in range(len(final_reports)):
                            if final_reports[i].get('module') == k:
                                final_reports[i]["reports"].append(
                                    report_item)
                        # final_reports[k]["reports"].append(report_item)
                elif type(report) == list:
                    for item in report:
                        report_path = utils.replace_argument(self.options, item.get("path"))
                        if utils.not_empty_file(report_path):
                            report_path = report_path.replace(
                                self.options.get('WORKSPACE'), ws_name)

                            report_item = {
                                "path": report_path,
                                "type": item.get("type"),
                            }
                            for i in range(len(final_reports)):
                                if final_reports[i].get('module') == k:
                                    final_reports[i]["reports"].append(report_item)

        # just clean up
        clean_reports = []
        for i in range(len(final_reports)):
            if final_reports[i].get('reports'):
                clean_reports.append(final_reports[i])

        return {'reports': clean_reports}