def run(self, target, arguments, sqlsession, fast_mode=False): """ Run the security check. It consists in running commands with context requirements matching with the target's context. :param Target target: Target :param ArgumentsParser arguments: Arguments from command-line :param Session sqlsession: SQLAlchemy session :param SmartModulesLoader smartmodules_loader: Loader of SmartModules :param bool fast_mode: Set to true to disable prompts :return: Status :rtype: bool """ if not self.tool.installed: return False i = 1 command_outputs = list() for command in self.commands: if command.context_requirements.check_target_compliance(target): if not command.context_requirements.is_empty: logger.info('Command #{num:02} matches requirements: ' \ '{context}'.format(num=i, context=command.context_requirements)) cmdline = command.get_cmdline(self.tool.tool_dir, target, arguments) if fast_mode: logger.info('Run command #{num:02}'.format(num=i)) mode = 'y' else: mode = Output.prompt_choice( 'Run command {num}? [Y/n/f/q] '.format( num='' if len(self.commands) == 1 else \ '#{num:02} '.format(num=i)), choices={ 'y': 'Yes', 'n': 'No', #'t': 'New tab', #'w': 'New window', 'f': 'Switch to fast mode (do not prompt anymore)', 'q': 'Quit the program', }, default='y') if mode == 'q': logger.warning('Exit !') sys.exit(0) elif mode == 'n': logger.info('Skipping this command') continue else: if mode == 'f': logger.info('Switch to fast mode') arguments.args.fast_mode = True Output.begin_cmd(cmdline) process = ProcessLauncher(cmdline) if mode == 'y' or mode == 'f': output = process.start() # elif mode == 't': # output = process.start_in_new_tab() # logger.info('Command started in new tab') # else: # output = process.start_in_new_window(self.name) # logger.info('Command started in new window') Output.delimiter() print() output = StringUtils.interpret_ansi_escape_clear_lines( output) outputraw = StringUtils.remove_ansi_escape(output) command_outputs.append( CommandOutput(cmdline=cmdline, output=output, outputraw=outputraw)) # Run smartmodule method on output postcheck = SmartPostcheck( target.service, sqlsession, self.tool.name, '{0}\n{1}'.format(cmdline, outputraw)) postcheck.run() else: logger.info('Command #{num:02} does not match requirements: ' \ '{context}'.format(num=i, context=command.context_requirements)) logger.debug('Context string: {rawstr}'.format( rawstr=command.context_requirements)) i += 1 # Add outputs in database if command_outputs: results_requester = ResultsRequester(sqlsession) results_requester.add_result(target.service.id, self.name, self.category, command_outputs) return True
def run(self, target, smartmodules_loader, results_requester, fast_mode=False): """ Run the check, i.e. run the commands for which Target's specific options and authentication level are matching the required context. :param target : Target object :param smartmodules_loader: :param results_requester: ResultsRequester object :param fast_mode: Boolean indicating whether prompts must be displayed or not :return: """ if not self.tool.installed: return False i = 1 command_outputs = list() for command in self.commands: if target.is_matching_context(command.context): if command.context: logger.info( 'Command #{num:02} is matching current target\'s context: {context}' .format(num=i, context=command.context)) cmdline = command.get_cmdline(self.tool.tool_dir, target) #if i == 1: logger.info('Check: {descr}'.format(descr=self.description)) #logger.info('Command #{num:02}: {cmd}'.format(num=i, cmd=cmd_short)) if fast_mode: logger.info('Run command #{num:02}'.format(num=i)) mode = 'y' else: mode = Output.prompt_choice( 'Run command #{num:02} ? [Y/n/t/w/q] '.format(num=i), choices={ 'y': 'Yes', 'n': 'No', 't': 'New tab', 'w': 'New window', 'q': 'Quit the program' }, default='y') if mode == 'q': logger.warning('Exit !') sys.exit(0) elif mode == 'n': logger.info('Skipping this command') continue else: Output.begin_cmd(cmdline) process = ProcessLauncher(cmdline) if mode == 'y': output = process.start() elif mode == 't': output = process.start_in_new_tab() logger.info('Command started in new tab') else: output = process.start_in_new_window(self.name) logger.info('Command started in new window') Output.delimiter() print() command_outputs.append( CommandOutput(cmdline=cmdline, output=output)) if self.postrun: smartmodules_loader.call_postcheck_method( self.postrun, target.service, output) else: logger.info( 'Command #{num:02} is not matching current target\'s context: {context}' .format(num=i, context=command.context)) i += 1 if i == 1: logger.warning('This check is skipped') else: # Add output(s) in db results_requester.add_result(target.service.id, self.name, self.category, command_outputs)