def test_pickleable_shells(self):
pool = Pool(1)
xurllib = ExtendedUrllib()
original_shell = Shell(MockVuln(), xurllib, pool)
kb.append('a', 'b', original_shell)
unpickled_shell = kb.get('a', 'b')[0]
self.assertEqual(original_shell, unpickled_shell)
self.assertEqual(unpickled_shell.worker_pool, None)
self.assertEqual(unpickled_shell._uri_opener, None)
pool.terminate()
pool.join()
def setUp(self):
pool = Pool(3)
self.plugin = clamav()
self.plugin.set_worker_pool(pool)
kb.kb.clear('clamav', 'malware')
def __init__(self, consumer_plugins, w3af_core, thread_name='Consumer',
create_pool=True):
'''
:param base_consumer_plugins: Instances of base_consumer plugins in a list
:param w3af_core: The w3af core that we'll use for status reporting
:param thread_name: How to name the current thread
:param create_pool: True to create a worker pool for this consumer
'''
super(BaseConsumer, self).__init__()
self.in_queue = QueueSpeed()
self._out_queue = Queue.Queue()
self._consumer_plugins = consumer_plugins
self._w3af_core = w3af_core
self._tasks_in_progress_counter = 0
if create_pool:
self._threadpool = Pool(10, worker_names=thread_name)
def test_pickleable_shells(self):
pool = Pool(1)
xurllib = ExtendedUrllib()
original_shell = Shell(MockVuln(), xurllib, pool)
kb.append('a', 'b', original_shell)
unpickled_shell = kb.get('a', 'b')[0]
self.assertEqual(original_shell, unpickled_shell)
self.assertEqual(unpickled_shell.worker_pool, None)
self.assertEqual(unpickled_shell._uri_opener, None)
pool.terminate()
pool.join()
class FakeCore(object):
worker_pool = Pool(1)
uri_opener = ExtendedUrllib()
class BaseConsumer(Process):
'''
Consumer thread that takes fuzzable requests from a Queue that's populated
by the crawl plugins and identified vulnerabilities by performing various
requests.
'''
def __init__(self, consumer_plugins, w3af_core, thread_name='Consumer',
create_pool=True):
'''
:param base_consumer_plugins: Instances of base_consumer plugins in a list
:param w3af_core: The w3af core that we'll use for status reporting
:param thread_name: How to name the current thread
:param create_pool: True to create a worker pool for this consumer
'''
super(BaseConsumer, self).__init__()
self.in_queue = QueueSpeed()
self._out_queue = Queue.Queue()
self._consumer_plugins = consumer_plugins
self._w3af_core = w3af_core
self._tasks_in_progress_counter = 0
if create_pool:
self._threadpool = Pool(10, worker_names=thread_name)
def run(self):
'''
Consume the queue items, sending them to the plugins which are then going
to find vulnerabilities, new URLs, etc.
'''
while True:
work_unit = self.in_queue.get()
if work_unit == POISON_PILL:
# Close the pool and wait for everyone to finish
self._threadpool.close()
self._threadpool.join()
del self._threadpool
self._teardown()
# Finish this consumer and everyone consuming the output
self._out_queue.put(POISON_PILL)
self.in_queue.task_done()
break
else:
self._consume(work_unit)
self.in_queue.task_done()
def _teardown(self):
raise NotImplementedError
def _consume(self, work_unit):
raise NotImplementedError
def _task_done(self, result):
'''
The task_in_progress_counter is needed because we want to know if the
consumer is processing something and let it finish. It is mainly used
in the has_pending_work().
For example:
* You can have pending work if there are items in the input_queue
* You can have pending work if there are still items to be read from
the output_queue by one of the consumers that reads our output.
* You can have pending work when there are no items in input_queue
and no items in output_queue but the threadpool inside the consumer
is processing something. This situation is handled by the
self._tasks_in_progress_counter attribute and the _add_task and
_task_done methods.
So, for each _add_task() there has to be a _task_done() even if the
task ends in an error or exception.
Recommendation: Do NOT set the callback for apply_async to call
_task_done, the Python2.7 pool implementation won't call it if the
function raised an exception and you'll end up with tasks in progress
that finished with an exception.
'''
self._tasks_in_progress_counter -= 1
assert self._tasks_in_progress_counter >= 0, 'You can not _task_done()' \
' more than you _add_task().'
def _add_task(self):
'''
@see: _task_done()'s documentation.
'''
self._tasks_in_progress_counter += 1
def in_queue_put(self, work):
if work is not None:
return self.in_queue.put(work)
def in_queue_put_iter(self, work_iter):
if work_iter is not None:
for work in work_iter:
self.in_queue_put(work)
def has_pending_work(self):
'''
@see: _task_done() documentation
:return: True if the in_queue_size is != 0 OR if one of the pool workers
is still doing something that might impact on out_queue.
'''
if self.in_queue_size() > 0 \
or self.out_queue.qsize() > 0:
return True
if self._tasks_in_progress_counter > 0:
return True
return False
@property
def out_queue(self):
#
# This output queue can contain one of the following:
# * POISON_PILL
# * (plugin_name, fuzzable_request, AsyncResult)
# * An exception
return self._out_queue
def in_queue_size(self):
return self.in_queue.qsize()
def join(self):
'''
Poison the loop and wait for all queued work to finish this might take
some time to process.
'''
self.in_queue_put(POISON_PILL)
self.in_queue.join()
def terminate(self):
'''
Remove all queued work from in_queue and poison the loop so the consumer
exits. Should be very fast and called only if we don't care about the
queued work anymore (ie. user clicked stop in the UI).
'''
while not self.in_queue.empty():
self.in_queue.get()
self.in_queue.task_done()
self.join()
def get_result(self, timeout=0.5):
'''
:return: The first result from the output Queue.
'''
return self._out_queue.get(timeout=timeout)
def handle_exception(self, phase, plugin_name, fuzzable_request, _exception):
'''
Get the exception information, and put it into the output queue
then, the strategy will get the items from the output queue and
handle the exceptions.
:param plugin_name: The plugin that generated the exception
:param fuzzable_request: The fuzzable request that was sent as input to
the plugin when the exception was raised
:param _exception: The exception object
'''
except_type, except_class, tb = sys.exc_info()
enabled_plugins = pprint_plugins(self._w3af_core)
status = w3af_core_status(self._w3af_core)
status.set_running_plugin(phase, plugin_name, log=False)
status.set_current_fuzzable_request(phase, fuzzable_request)
exception_data = ExceptionData(status, _exception, tb,
enabled_plugins)
self._out_queue.put(exception_data)
