コード例 #1
0
def taskstatus(task_id):
    """
    Requests the status of a Celery task.
    :param task_id: Task's id to be requested.
    :return: Response object containing the status of the request
    """
    task = getTaskStatus(task_id)
    status = ""
    if task.state == 'PENDING':

        status = task.state
        body = {'state': task.state, 'current': 0, 'total': 1}
    elif task.state != 'FAILURE':

        status = "IN_PROGRESS"
        status = task.info.get('status', '')
        body = {
            'state': task.state,
            'current': task.info.get('current', 0),
            'total': task.info.get('total', 1),
        }
        if 'result' in task.info:
            body['result'] = task.info['result']
    else:
        # something went wrong in the background job
        body = {
            'state': task.state,
            'current': 1,
            'total': 1,
            'status': str(task.info),  # this is the exception raised
        }

    response = Response(True, "Task status", status, task_id)
    response.setBody(body)
    return jsonify(response.dictionary())
コード例 #2
0
def removeBoxByName():
    """
  Removes a box by name from Vagrant.
  :return: Response object containing the status of the request
  """
    box_name = request.get_json()['box_name']
    task = celery.send_task('VagrantManager.removeBoxByName', args=[box_name])
    response = Response(True, "Sent to task queue", task.state, task.id)
    return jsonify(response.dictionary())
コード例 #3
0
def addBoxByOVAFile():
    """
  Adds a box by using an OVA file.
  :return: Response object containing the status of the request
  """
    file_name = request.get_json()['file_name']
    task = celery.send_task('VagrantManager.addBoxByOVAFile', args=[file_name])
    response = Response(True, "Sent to task queue", task.state, task.id)
    return jsonify(response.dictionary())
コード例 #4
0
def runVagrantUp(scenario_name):
    """
  Executes the vagrant up command for each machine in the scenario.
  :param scenario_name: String with the scenario name
  :return: True if the vagrant up commands were successfully executed
  """
    task = celery.send_task('VagrantManager.runVagrantUp',
                            args=[scenario_name])
    response = Response(True, "Sent to task queue", "Pending", task.id)
    return jsonify(response.dictionary())
コード例 #5
0
 def createVagrantFiles(self, scenario_json):
     """
     Creates a vagrant file per machine in a scenario.
     :param scenario_json: JSON containing the scenario data
     :return: Response object containing request info
     """
     response = Response()
     self.console_manager.printRed('Creating vagrant file')
     for machine_name in scenario_json["machines"]:
         #Names
         scenario_name = scenario_json['scenario_name']
         machine_uuid = scenario_json["machines"][machine_name]["uuid"]
         #Paths
         machine_path = self.getScenariosPath(
         ) / scenario_name / "Machines" / machine_uuid
         #Machine JSON
         machine = scenario_json["machines"][machine_name]
         #Generate vagrant files
         self.console_manager.printBlue(
             self.vagrant_file.generateVagrantFile(machine, machine_path,
                                                   machine_uuid))
     response.setResponse(True)
     return response.dictionary()
コード例 #6
0
 def createSaltFiles(self, scenario_json):
     """
     Creates the salt files per each machine in a scenario.
     :param scenario_json: JSON containing the scenario data
     :return: Response object containing request info
     """
     response = Response()
     self.console_manager.printRed('Creating saltstack files')
     for machine_name in scenario_json["machines"]:
         # Names
         scenario_name = scenario_json['scenario_name']
         machine_uuid = scenario_json["machines"][machine_name]["uuid"]
         #Paths
         machine_path = self.getScenariosPath(
         ) / scenario_name / "Machines" / machine_uuid
         keys_path = machine_path / 'salt' / 'keys'
         conf_path = machine_path / 'salt' / 'conf'
         #Generate salt files
         self.salt_manager.generateKeys(keys_path, machine_uuid)
         self.console_manager.printBlue(
             self.salt_manager.generateMinionConfigFile(
                 conf_path, machine_uuid))
     response.setResponse(True)
     return response.dictionary()
コード例 #7
0
 def getAll(self):
     """
     Gets the available exploits
     :return: Response object containing the status of the request
     """
     # Variables
     exploits_dict = {
         "exploits":
         [self.exploits_dict[e].name for e in self.exploits_dict]
     }
     response = Response()
     response.setResponse(True)
     response.setBody(exploits_dict)
     return response.dictionary()
コード例 #8
0
    def sendCommand(self,
                    scenario_name,
                    machine_name,
                    command,
                    default_timeout=5,
                    show_output=True):
        """
        Sends a command to a virtual machine.
        :param scenario_name: Scenario's name string
        :param machine_name: Machine's name string
        :param command: Command to be executed
        :param default_timeout: Timeout for executing the command
        :param show_output: Boolean to show an output
        :return: Response object containing the status of the request
        """
        response = Response()
        scenario = db_manager.getScenario(scenario_name)
        return_code = ''
        if scenario:
            scenario_json = scenario[0]
            #First we need to move to the directory of the given machine
            machine_uuid = scenario_json["machines"][machine_name]["uuid"]
            machine_path = file_manager.getScenariosPath(
            ) / scenario_name / "Machines" / machine_uuid
            #using "vagrant ssh -c 'command' <machine>" will only try to execute that command and return, CHANGE THIS
            connect_command = "vagrant ssh -c '{}' {}".format(
                command, machine_uuid)
            sshProcess = subprocess.Popen(connect_command,
                                          cwd=machine_path,
                                          stdin=subprocess.PIPE,
                                          stdout=subprocess.PIPE,
                                          universal_newlines=True,
                                          shell=True,
                                          bufsize=0)
            #wait for the execution to finish, process running on different shell
            sshProcess.wait()
            sshProcess.stdin.close()
            return_code = sshProcess.returncode

            if show_output:
                for line in sshProcess.stdout:
                    if line == "END\n":
                        break
                    print(line, end="")

                for line in sshProcess.stdout:
                    if line == "END\n":
                        break
                    print(line, end="")
        else:
            response.setResponse(False)
            response.setReason('Scenario doesn\'t exist')
        return return_code
コード例 #9
0
 def getAll(self):
     """
     Gets the available scenarios
     :return: Response object containing the status of the request
     """
     # Variables
     scenarios_dict = {
         "scenarios": [
             self.scenarios_dict[s].scenario_name
             for s in self.scenarios_dict
         ]
     }
     response = Response()
     response.setResponse(True)
     response.setBody(scenarios_dict)
     return response.dictionary()
コード例 #10
0
 def getAll(self):
     """
     Gets the available exploits
     :return: Response object containing the status of the request
     """
     # Variables
     vulnerabilities_dict = {
         "vulnerabilities": [
             self.vulnerabilities_dict[v].name
             for v in self.vulnerabilities_dict
         ]
     }
     response = Response()
     response.setResponse(True)
     response.setBody(vulnerabilities_dict)
     return response.dictionary()
コード例 #11
0
 def getSystemInfo(self):
     """
     Gets the system info.
     :return: Response object containing request info
     """
     cpu_count_logical = psutil.cpu_count(logical=True)
     cpu_count = psutil.cpu_count(logical=False)
     memory = psutil.virtual_memory()
     mem = getattr(memory, 'total')
     memory_bytes = int(mem)
     gigabytes = float(1024**3)
     total_ram = ceil(memory_bytes / gigabytes)
     info = {
         'cpu_count_logical': cpu_count,
         'cpu_count': cpu_count,
         'total_ram': total_ram
     }
     response = Response()
     response.setResponse(True)
     response.setBody(info)
     return response.dictionary()
コード例 #12
0
    def getAvailableBoxes(self):
        """
        Gets the available boxes in the Vagrant context
        :return: A list of string with the available boxes
        """
        # Variables
        response = Response()
        boxes = {}
        boxNum = 0
        boxlist = subprocess.check_output("vagrant box list", shell=True)
        boxlist = str(boxlist)
        boxlist = re.sub(r"(^[b']|'|\s(.*?)\\n)", " ", boxlist)
        boxlist = boxlist.split(" ")
        boxlist = filter(None, boxlist)

        print("Loading available Vanilla VMs")

        for boxName in boxlist:
            boxNum = boxNum + 1
            boxes[boxNum] = boxName
            print("[ " + str(boxNum) + " ]" + boxName)
        response.setResponse(True)
        response.setBody(boxes)
        return response.dictionary()
コード例 #13
0
 def deleteOne(self, exploit_name):
     """
     Deletes an exploit from the database.
     :param exploit_name: Exploit's name string
     :return: Response object containing the status of the request
     """
     response = Response()
     if exploit_name in self.exploits_dict:
         deleted_exploit = self.exploits_dict.pop(exploit_name)
         self.db_manager.deleteExploit(exploit_name)
         response.setResponse(True)
         response.setBody(deleted_exploit.dictionary())
     else:
         response.setResponse(False)
         response.setReason('Exploit doesn\'t exist')
         response.setBody(dict())
     return response.dictionary()
コード例 #14
0
 def editOne(self, exploit_json):
     """
     Edits a current scenario with a JSON file
     :param exploit_json: JSON file with the exploit's data
     :return: Response object containing the status of the request
     """
     response = Response()
     print(exploit_json)
     exploit_name = exploit_json["name"]
     if exploit_name in self.exploits_dict:
         exploit_json = Exploit().objectFromDictionary(exploit_json)
         self.exploits_dict[exploit_name] = exploit_json
         self.db_manager.editExploit(exploit_json.dictionary().copy())
         response.setResponse(True)
         response.setBody(self.exploits_dict[exploit_name].dictionary())
     else:
         response.setReason('Exploit doesn\'t exist')
         response.setResponse(False)
         response.setBody(dict())
     return response.dictionary()
コード例 #15
0
 def getOne(self, exploit_name):
     """
     Gets the scenario as a JSON file
     :param exploit_name: Exploit's name string
     :return: Response object containing the status of the request
     """
     response = Response()
     if exploit_name in self.exploits_dict:
         response.setResponse(True)
         response.setBody(self.exploits_dict[exploit_name].dictionary())
     else:
         response.setResponse(False)
         response.setReason('Exploit doesn\'t exist')
         response.setBody(dict())
     return response.dictionary()
コード例 #16
0
 def newEmpty(self, exploit_name):
     """
     Creates a new exploit which includes the folders and the exploit JSON file
     :param exploit_name: String with the exploit name
     :return: Response object containing the status of the request
     """
     response = Response()
     if exploit_name not in self.exploits_dict:
         exploit = Exploit(exploit_name)
         self.exploits_dict[exploit_name] = exploit
         self.db_manager.insertExploit(exploit.dictionary().copy())
         response.setResponse(True)
         response.setBody(exploit.dictionary())
     else:
         response.setResponse(False)
         response.setReason('Exploit already exist')
         response.setBody(dict())
     return response.dictionary()
コード例 #17
0
 def getOne(self, vulnerability_name):
     """
     Gets the scenario as a JSON file
     :param vulnerability_name: VUlnerability's name string
     :return: Response object containing the status of the request
     """
     response = Response()
     if vulnerability_name in self.vulnerabilities_dict:
         response.setResponse(True)
         response.setBody(
             self.vulnerabilities_dict[vulnerability_name].dictionary())
     else:
         response.setResponse(False)
         response.setReason('Vulnerability doesn\'t exist')
         response.setBody(dict())
     return response.dictionary()
コード例 #18
0
 def getOne(self, scenario_name):
     """
     Gets the scenario as a JSON file
     :param scenario_name: String with the scenario name
     :return: Response object containing the status of the request
     """
     response = Response()
     if scenario_name in self.scenarios_dict:
         response.setResponse(True)
         response.setBody(self.scenarios_dict[scenario_name].dictionary())
     else:
         response.setResponse(False)
         response.setReason('Scenario doesn\'t exist')
         response.setBody(dict())
     return response.dictionary()
コード例 #19
0
    def editOne(self, scenario_json):
        """
        Edits a current scenario with a JSON file
        :param scenario_json: JSON file with the new scenario
        :return: Response object containing the status of the request
        """
        response = Response()
        print(scenario_json)
        scenario_name = scenario_json["scenario_name"]
        if scenario_name in self.scenarios_dict:

            if "machines" in scenario_json:
                for machine in scenario_json["machines"]:

                    if scenario_json["machines"][machine]["uuid"] == "":
                        new_uuid = uuid.uuid4()
                        new_uuid = str(new_uuid).replace('-', '')
                        print("Unique id: ", new_uuid)
                        scenario_json['machines'][machine]['uuid'] = new_uuid

            scenario_json = Scenario(scenario_name).objectFromDictionary(
                scenario_json)

            self.scenarios_dict[scenario_name] = scenario_json
            #self._saveScenarioAsJSON(new_scenario)
            self.db_manager.editScenario(scenario_json.dictionary().copy())
            response.setResponse(True)
            response.setBody(self.scenarios_dict[scenario_name].dictionary())
        else:
            response.setReason('Scenario doesn\'t exist')
            response.setResponse(False)

            response.setBody(dict())
        return response.dictionary()
コード例 #20
0
 def deleteOne(self, scenario_name):
     """
     Deletes one scenario from the database.
     :param scenario_name: Scenario's name string
     :return: Response object containing the status of the request
     """
     response = Response()
     if scenario_name in self.scenarios_dict:
         deleted_scenario = self.scenarios_dict.pop(scenario_name)
         #self.file_manager.deleteScenariosFolder(scenario_name)
         self.db_manager.deleteScenario(scenario_name)
         response.setResponse(True)
         response.setBody(deleted_scenario.dictionary())
     else:
         response.setResponse(False)
         response.setReason('Scenario doesn\'t exist')
         response.setBody(dict())
     return response.dictionary()
コード例 #21
0
 def newEmpty(self, vulnerability_name):
     """
     Creates a new vulnerability which includes the folders and the vulnerability JSON file
     :param vulnerability_name: String with the vulnerability name
     :return: Response object containing the status of the request
     """
     response = Response()
     if vulnerability_name not in self.vulnerabilities_dict:
         vulnerability = Vulnerability(vulnerability_name)
         self.vulnerabilities_dict[vulnerability_name] = vulnerability
         self.db_manager.insertVulnerability(
             vulnerability.dictionary().copy())
         response.setResponse(True)
         response.setBody(vulnerability.dictionary())
     else:
         response.setResponse(False)
         response.setReason('Vulnerability already exist')
         response.setBody(dict())
     return response.dictionary()
コード例 #22
0
    def newEmpty(self, scenario_name):
        """
        Creates a new scenario which includes the folders and the scenario JSON file
        :param scenario_name: String with the scenario name
        :return: Response object containing the status of the request
        """
        #Folder creation moved to FileManager
        response = Response()
        if scenario_name not in self.scenarios_dict:
            #self.file_manager.createScenarioFolders(scenario_name)
            scenario = Scenario(scenario_name)
            self.scenarios_dict[scenario_name] = scenario
            #self._saveScenarioAsJSON(scenario)
            self.db_manager.insertScenario(scenario.dictionary().copy())
            response.setResponse(True)
            response.setBody(scenario.dictionary())
        else:
            response.setResponse(False)
            response.setReason('Scenario already exist')
            response.setBody(dict())

        return response.dictionary()
コード例 #23
0
    def vagrantMachineCommand(self, scenario_name, machine_name, command):
        """
        Runs the given vagrant command on the desired machine, if allowed. 
        :param scenario_name: Name of scenario containing the machine
        :param machine_name: String with the machine name
        :return: Response object containing the status of the request
        """
        response = Response()
        scenario = db_manager.getScenario(scenario_name)
        if scenario:
            scenario_json = scenario[0]
            machine_uuid = scenario_json["machines"][machine_name]["uuid"]

            allowed_commands = ['suspend', 'halt', 'resume', 'status']
            if command not in allowed_commands:
                response = Response(False, "Given command not allowed")
                return response.dictionary()

            else:
                try:
                    machine_path = file_manager.getScenariosPath(
                    ) / scenario_name / "Machines" / machine_uuid
                    if command != 'status':
                        os.chdir(machine_path)
                        subprocess.run(['vagrant', command])
                    machine_state = VagrantManager.vagrantStatus(
                        machine_uuid, machine_path)
                    response = Response(True,
                                        body={machine_name: machine_state})
                    return response.dictionary()
                except OSError:
                    error_message = "OS ERROR while running %s command on %s machine " % command, machine_name
                    print(error_message)
                    response = Response(False, error_message)
                    return response.dictionary()
        else:
            response.setResponse(False)
            response.setReason('Scenario doesn\'t exist')
        return response.dictionary()
コード例 #24
0
 def createSaltStackFolder(self, scenario_json):
     """
     Creates a folder for each machine in the scenario
     :param scenario_json: String with the scenario name
     :return: True if machine folders are created successfully
     """
     # Response message for the requester
     response = Response()
     self.console_manager.printRed('Creating saltstack folders: ')
     try:
         machines = scenario_json['machines']
         scenario_name = scenario_json['scenario_name']
         machine_names = machines.keys()
         machines_path = self.getScenariosPath(
         ) / scenario_name / "Machines"
         for machine_name in machine_names:
             machine_uuid = scenario_json["machines"][machine_name]["uuid"]
             saltstack_path = machines_path / machine_uuid / 'salt'
             keys_path = saltstack_path / 'keys'
             etc_path = saltstack_path / 'conf'
             paths = [saltstack_path, keys_path, etc_path]
             for path in paths:
                 if os.path.isdir(path):
                     self.console_manager.printGreen(
                         "Folder already exists")
                 else:
                     os.makedirs(path)
     except KeyError as key_not_found:
         self.console_manager.printGreen(''.join(
             [key_not_found, " has not been defined"]))
         response.setResponse(False)
         response.setReason(key_not_found, " has not been defined")
     except OSError:
         self.console_manager.printGreen("OS Error")
         response.setResponse(False)
         response.setReason("OS Error")
     except:
         self.console_manager.printGreen(''.join(
             ["Unexpected error:", sys.exc_info()[0]]))
     response.setResponse(True)
     return response.dictionary()
コード例 #25
0
 def createSharedFolders(self, scenario_json):
     """
     Creates the shared folder within a scenario.
     :param scenario_json: JSON containing the scenario data
     :return: Response object containing request info
     """
     response = Response()
     self.console_manager.printRed('Creating shared folders: ')
     try:
         machines = scenario_json['machines']
         scenario_name = scenario_json['scenario_name']
         machine_names = machines.keys()
         machines_path = self.getScenariosPath(
         ) / scenario_name / "Machines"
         for machine_name in machine_names:
             machine_uuid = scenario_json["machines"][machine_name]["uuid"]
             shared_folder_path = machines_path / machine_uuid / "host_shared_folder"
             if os.path.isdir(shared_folder_path):
                 self.console_manager.printGreen("Folder already exists")
             else:
                 os.makedirs(shared_folder_path)
     except KeyError as key_not_found:
         self.console_manager.printGreen(''.join(
             [key_not_found, " has not been defined"]))
         response.setResponse(False)
         response.setReason(key_not_found, " has not been defined")
     except OSError:
         self.console_manager.printGreen("OS Error")
         response.setResponse(False)
         response.setReason("OS Error")
     except:
         self.console_manager.printGreen(''.join(
             ["Unexpected error:", sys.exc_info()[0]]))
     response.setResponse(True)
     return response.dictionary()
コード例 #26
0
 def editOne(self, vulnerability_json):
     """
     Edits a current scenario with a JSON file
     :param vulnerability_json: JSON file new vulnerability
     :return: Response object containing the status of the request
     """
     response = Response()
     print(vulnerability_json)
     vulnerability_name = vulnerability_json["name"]
     if vulnerability_name in self.vulnerabilities_dict:
         vulnerability_json = Vulnerability().objectFromDictionary(
             vulnerability_json)
         self.vulnerabilities_dict[vulnerability_name] = vulnerability_json
         self.db_manager.editVulnerability(
             vulnerability_json.dictionary().copy())
         response.setResponse(True)
         response.setBody(
             self.vulnerabilities_dict[vulnerability_name].dictionary())
     else:
         response.setReason('Vulnerability doesn\'t exist')
         response.setResponse(False)
         response.setBody(dict())
     return response.dictionary()
コード例 #27
0
 def testNetworkPing(self,
                     scenario_name,
                     machine_name,
                     destination_machine_name,
                     count=1):
     """
     Tests connection between the host and a virtual machine.
     :param scenario_name: Scenario's name string
     :param machine_name: Machine's name string
     :param destination_machine_name: Machine's to be pinged
     :param count: Counter used in the ping command
     :return: Response object containing the status of the request
     """
     response = Response()
     scenario = db_manager.getOne(scenario_name)
     if scenario:
         scenario_data = scenario[0]
         try:
             machines = scenario_data['machines']
             machine_to_ping = machines[destination_machine_name]
             machine_to_ping_network_settings = machine_to_ping[
                 'network_settings']
             destination_ip = machine_to_ping_network_settings['ip_address']
             ping_command = "ping -c {} {}".format(count, destination_ip)
             return_code = self.sendCommand(scenario_name, machine_name,
                                            ping_command)
             if return_code == 0:
                 print("Ping Successfully")
                 response.setResponse(True)
                 response.setReason("Ping Successfully")
             elif return_code == 1:
                 print("No answer from %s" % destination_machine_name)
                 response.setResponse(False)
                 response.setReason("No answer from %s" %
                                    destination_machine_name)
             else:
                 print("Another error has occurred")
                 response.setResponse(False)
                 response.setReason("Another error has occurred")
         except KeyError:
             print("Machines not defined for this Scenario")
             response.setResponse(False)
             response.setReason("Machines not defined for this Scenario")
     else:
         print("Scenario %s not found" % scenario_name)
         response.setResponse(False)
         response.setReason("Scenario %s not found" % scenario_name)
     return response.dictionary()
コード例 #28
0
 def deleteOne(self, vulnerability_name):
     """
     Deletes a vulnerability from the database.
     :param vulnerability_name: Vulnerability's name string
     :return: Response object containing the status of the request
     """
     response = Response()
     if vulnerability_name in self.vulnerabilities_dict:
         deleted_vulnerability = self.vulnerabilities_dict.pop(
             vulnerability_name)
         self.db_manager.deleteVulnerability(vulnerability_name)
         response.setResponse(True)
         response.setBody(deleted_vulnerability.dictionary())
     else:
         response.setResponse(False)
         response.setReason('Vulnerability doesn\'t exist')
         response.setBody(dict())
     return response.dictionary()