def do_contributors(self, args): """ Display a list of Mercury contributors. """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("contributors") return contributors = map(lambda m: Module.get(m).author, Module.all()) contribution = [ (c[0], len(list(c[1]))) for c in itertools.groupby(sorted(flatten(contributors))) ] self.stdout.write("Core Contributors:\n") for contributor in [ 'MWR InfoSecurity (@mwrlabs)', 'Luander ([email protected])', 'Rodrigo Chiossi ([email protected])' ]: self.stdout.write(" %s\n" % contributor) self.stdout.write("\nModule Contributors:\n") for contributor in sorted(contribution, key=lambda c: -c[1]): self.stdout.write(" %s\n" % contributor[0])
def do_help(self, args): """ usage: help [COMMAND OR MODULE] Displays help information. """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("help") return if len(argv) > 0: if self.__module_name(argv[0]) in Module.all( ) or self.__module_name("." + argv[0]) in Module.all(): self.do_run(" ".join([argv[0], "--help"])) else: try: func = getattr(self, 'help_' + argv[0]) except AttributeError: try: doc = getattr(self, 'do_' + argv[0]).__doc__ if doc: self.stdout.write( "%s\n" % wrap(textwrap.dedent(str(doc)).strip(), width=console.get_size()[0])) return except AttributeError: pass self.stdout.write("%s\n" % str(self.nohelp) % (argv[0], )) return func() else: cmd.Cmd.do_help(self, args)
def __modules(self): """ Gets a full list of all module identifiers. """ if self.__base == "": return Module.all() else: return filter(lambda m: m.startswith(self.__base), Module.all())
def __vulnerabilities(self): """ Find all vulnerability definition modules under 'vulnerabilities'. """ return filter( lambda m: m.startswith(self.vulnerabilities) and hasattr( Module.get(m), '_vulnerability_definition') and Module.get(m). _vulnerability_definition, Module.all())
def do_reload(self, args): """ usage: reload Load a fresh copy of all modules from disk. """ Module.reload() self.stdout.write("Done.\n\n")
def do_reload(self, args): """ usage: reload Load a fresh copy of all modules from disk. """ Module.reload() print "Done.\n"
def do_module(self, args): """ module [COMMAND] (inside Mercury) Run the Mercury Module and Repository Manager. The Repository Manager handles Mercury modules and module repositories. """ ModuleManager().run(shlex.split(args, comments=True)) Module.reload()
def __modules(self, permissions=None): """ Gets a full list of all module identifiers. """ if permissions == "any": required_perms = None else: required_perms = self.permissions() if self.__base == "": return Module.all(required_perms) else: return filter(lambda m: m.startswith(self.__base), Module.all(required_perms))
def __vulnerabilities(self): """ Find all vulnerability definition modules under 'vulnerabilities'. """ return filter(lambda m: m.startswith(self.vulnerabilities) and hasattr(Module.get(m), '_vulnerability_definition') and Module.get(m)._vulnerability_definition, Module.all())
def do_list(self, args): """ usage: list [FILTER] Displays a list of the available modules, optionally filtered by name. Examples: mercury> list activity.forintent activity.info ... snip ... mercury> list debug information.debuggable mercury> """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("list") return term = len(argv) > 0 and argv[0] or None print console.format_dict(dict(map(lambda m: [m, Module.get(m).name], filter(lambda m: term == None or m.find(term.lower()) >= 0, self.__modules()))))
def do_help(self, args): """ usage: help [COMMAND OR MODULE] Displays help information. """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("help") return if len(argv) > 0: if self.__module_name(argv[0]) in Module.all() or self.__module_name("." + argv[0]) in Module.all(): self.do_run(" ".join([argv[0], "--help"])) else: try: func = getattr(self, 'help_' + argv[0]) except AttributeError: try: doc = getattr(self, 'do_' + argv[0]).__doc__ if doc: self.stdout.write("%s\n" % wrap(textwrap.dedent(str(doc)).strip(), width=console.get_size()[0])) return except AttributeError: pass self.stdout.write("%s\n" % str(self.nohelp) % (argv[0],)) return func() else: cmd.Cmd.do_help(self, args)
def do_list(self, args): """ usage: list [FILTER] Displays a list of the available modules, optionally filtered by name. Examples: mercury> list activity.forintent activity.info ... snip ... mercury> list debug information.debuggable mercury> """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("list") return term = len(argv) > 0 and argv[0] or None self.stdout.write( console.format_dict( dict( map( lambda m: [m, Module.get(m).name], filter( lambda m: term == None or m.find(term.lower()) >= 0, self.__modules())))) + "\n")
def __namespaces(self, global_scope=False): """ Gets a full list of all namespace identifiers, either globally or in the current namespace scope. """ if global_scope: return set(map(lambda m: self.__module("." + m).namespace(), Module.all())) else: return set(map(lambda m: self.__module("." + m).namespace(), self.__modules()))
def do_list(self, args): """ usage: list [FILTER] Displays a list of the available modules, optionally filtered by name. Examples: mercury> list activity.forintent activity.info ... snip ... mercury> list debug information.debuggable mercury> optional arguments: --unsupported include a list of the modules that are not available on your device """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("list") return if "--unsupported" in argv: argv.remove("--unsupported") term = len(argv) > 0 and argv[0] or None s_modules = filter(lambda m: term == None or m.find(term.lower()) >= 0, self.__modules()) u_modules = filter(lambda m: (term == None or m.find(term.lower()) >= 0) and not m in s_modules, self.__modules("any")) else: term = len(argv) > 0 and argv[0] or None s_modules = filter(lambda m: term == None or m.find(term.lower()) >= 0, self.__modules()) u_modules = [] self.stdout.write(console.format_dict(dict(map(lambda m: [m, Module.get(m).name], s_modules))) + "\n") if len(u_modules) > 0: self.stdout.write("\nUnsupported Modules:\n\n") self.stdout.write(console.format_dict(dict(map(lambda m: [m, Module.get(m).name], u_modules))) + "\n")
def do_contributors(self, args): """ Display a list of Mercury contributors. """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("contributors") return contributors = map(lambda m: Module.get(m).author, Module.all()) contribution = [(c[0], len(list(c[1]))) for c in itertools.groupby(sorted(flatten(contributors)))] self.stdout.write("Core Contributors:\n") for contributor in ['MWR InfoSecurity (@mwrlabs)', 'Luander ([email protected])', 'Rodrigo Chiossi ([email protected])']: self.stdout.write(" %s\n"%contributor) self.stdout.write("\nModule Contributors:\n") for contributor in sorted(contribution, key=lambda c: -c[1]): self.stdout.write(" %s\n"%contributor[0])
def __module(self, key): """ Gets a module instance, by identifier, and initialises it with the required session parameters. """ module = None try: module = Module.get(self.__module_name(key)) except KeyError: pass if module == None: try: module = Module.get(key) except KeyError: pass if module == None: raise KeyError(key) else: return module(self.__reflector, self.stdout, self.stderr)
def __namespaces(self, global_scope=False): """ Gets a full list of all namespace identifiers, either globally or in the current namespace scope. """ if global_scope: return set( map(lambda m: self.__module("." + m).namespace(), Module.all())) else: return set( map(lambda m: self.__module("." + m).namespace(), self.__modules()))
def execute(self, arguments): """ Implementation of the Module execute() method. Each included vulnerability test is executed in turn, and printed out as 'Vulnerable', 'Not Vulnerable', or 'Exception'. """ for vulnerability in self.__vulnerabilities(): try: check = Module.get(vulnerability)(self._Module__reflector, self.stdout, self.stderr) result = check.isVulnerable(arguments) self.stdout.write("%s - %s\n" % (check.label, result and "[color red]Vulnerable[/color]" or "[color green]Not Vulnerable[/color]")) except: self.stdout.write("%s - %s\n" % (check.label, "[color blue]Exception[/color]"))
def __setBase(self, base): """ Changes the user's namespace. Changing to: 'str' - selects the 'str' namespace, within the currently active namespace '.str' - selects the 'str' namespace, in the root namespace '..' - goes back on namespace '' - goes back to the root namespace """ if base == "": self.__base = base else: if base == "..": path = self.__base.split(".") try: path.pop(-2) except IndexError: pass target = ".".join(path) elif base.startswith("."): target = base[1:] + "." else: target = self.__base + base + "." if True in map(lambda m: m.startswith(target), Module.all()): self.__base = target else: self.stderr.write("no such namespace: %s\n" % base) if base == "": self.prompt = "mercury> " else: self.prompt = "mercury#{}> ".format( self.__base[0:len(self.__base) - 1]) return True
def __setBase(self, base): """ Changes the user's namespace. Changing to: 'str' - selects the 'str' namespace, within the currently active namespace '.str' - selects the 'str' namespace, in the root namespace '..' - goes back on namespace '' - goes back to the root namespace """ if base == "": self.__base = base else: if base == "..": path = self.__base.split(".") try: path.pop(-2) except IndexError: pass target = ".".join(path) elif base.startswith("."): target = base[1:] + "." else: target = self.__base + base + "." if True in map(lambda m: m.startswith(target), Module.all()): self.__base = target else: self.stderr.write("no such namespace: %s\n"%base) if base == "": self.prompt = "mercury> " else: self.prompt = "mercury#{}> ".format(self.__base[0:len(self.__base)-1]) return True
def execute(self, arguments): """ Implementation of the Module execute() method. Each included vulnerability test is executed in turn, and printed out as 'Vulnerable', 'Not Vulnerable', or 'Exception'. """ for vulnerability in self.__vulnerabilities(): try: check = Module.get(vulnerability)(self._Module__reflector, self.stdout, self.stderr) label = hasattr(check, 'label') and check.label or check.fqmn() result = check.isVulnerable(arguments) self.stdout.write( "%s - %s\n" % (label, result and "[color red]Vulnerable[/color]" or "[color green]Not Vulnerable[/color]")) except: self.stdout.write("%s - %s\n" % (label, "[color blue]Exception[/color]"))
def do_list(self, args): """ usage: list [FILTER] Displays a list of the available modules, optionally filtered by name. Examples: mercury> list activity.forintent activity.info ... snip ... mercury> list debug information.debuggable mercury> """ argv = shlex.split(args, comments=True) if len(argv) == 1 and (argv[0] == "-h" or argv[0] == "--help"): self.do_help("list") return term = len(argv) > 0 and argv[0] or None # recalculate the sizing, depending on the size of the user's terminal window width = { 'gutter': 2, 'total': console.getSize()[0] } width['label'] = width['total'] / 3 width['desc'] = width['total'] - (width['gutter'] + width['label']) for module in filter(lambda m: term == None or m.find(term.lower()) >= 0, self.__modules()): name = wrap(Module.get(module).name, width['desc']).split("\n") if len(module[len(self.__base):]) > width['label']: self.stdout.write(("{:<%d}\n" % width['label']).format(module[len(self.__base):])) self.stdout.write(("{:<%d} {:<%d}\n" % (width['label'], width['desc'])).format("", name.pop(0))) else: self.stdout.write(("{:<%d} {:<%d}\n" % (width['label'], width['desc'])).format(module[len(self.__base):], name.pop(0))) for line in name: self.stdout.write(("{:<%d} {:<%d}\n" % (width['label'], width['desc'])).format("", line))
def __init__(self, *args, **kwargs): Module.__init__(self, *args, **kwargs) self.add_arguments_with = None self.execute_with = None
def testItShouldGetAModuleFromTheModuleLoader(self): Module._Module__loader = ModuleTestCase.MockModuleLoader() assert Module.get("an.example.module") == None
def testItShouldReturnNoneIfTheModuleLoaderHasNoModule(self): Module._Module__loader = ModuleTestCase.MockModuleLoader("aModule") assert Module.get("an.example.module") == "aModule"
def testItShouldListAllFromTheModuleLoader(self): Module._Module__loader = ModuleTestCase.MockModuleLoader() assert Module.all() == [ "an.example.module", "an.other.module", "module.in.other.namespace" ]
def testItShouldListAllFromTheModuleLoader(self): Module._Module__loader = ModuleTestCase.MockModuleLoader() assert Module.all() == ["an.example.module", "an.other.module", "module.in.other.namespace"]