def list_scans():
"""
:return: A JSON containing a list of:
- Scan resource URL (eg. /scans/1)
- Scan target
- Scan status
"""
data = []
for scan_id, scan_info in SCANS.iteritems():
if scan_info is None:
continue
target_urls = scan_info.target_urls
status = scan_info.w3af_core.status.get_simplified_status()
errors = True if scan_info.exception is not None else False
data.append({'id': scan_id,
'href': '/scans/%s' % scan_id,
'target_urls': target_urls,
'status': status,
'errors': errors})
return jsonify({'items': data})
def list_scans():
"""
:return: A JSON containing a list of:
- Scan resource URL (eg. /scans/1)
- Scan target
- Scan status
"""
data = []
for scan_id, scan_info in SCANS.iteritems():
if scan_info is None:
continue
target_urls = scan_info.target_urls
status = scan_info.w3af_core.status.get_simplified_status()
errors = True if scan_info.exception is not None else False
data.append({'id': scan_id,
'href': '/scans/%s' % scan_id,
'target_urls': target_urls,
'status': status,
'errors': errors})
return jsonify({'items': data})
def tearDown(self):
"""
Since the API does not support concurrent scans we need to cleanup
everything before starting a new scan/test.
"""
for scan_id, scan_info in SCANS.iteritems():
if scan_info is not None:
scan_info.w3af_core.stop()
scan_info.w3af_core.cleanup()
SCANS[scan_id] = None
def tearDown(self):
"""
Since the API does not support concurrent scans we need to cleanup
everything before starting a new scan/test.
"""
for scan_id, scan_info in SCANS.iteritems():
if scan_info is not None:
scan_info.w3af_core.stop()
scan_info.w3af_core.cleanup()
SCANS[scan_id] = None
def list_kb(scan_id):
"""
List vulnerabilities stored in the KB (for a specific scan)
Filters:
* /scans/0/kb/?name= returns only vulnerabilities which contain the
specified string in the vulnerability name. (contains)
* /scans/0/kb/?url= returns only vulnerabilities for a specific URL
(startswith)
If more than one filter is specified they are combined using AND.
:return: A JSON containing a list of:
- KB resource URL (eg. /scans/0/kb/3)
- The KB id (eg. 3)
- The vulnerability name
- The vulnerability URL
- Location A
- Location B
"""
scanData = scanGetWithScanId(scan_id)
if scanData != None and scanData.scanResult != None:
return jsonify({'items': scanData.scanResult})
scan_info = get_scan_info_from_id(scan_id)
if scan_info is None:
abort(404, 'Scan not found')
data = []
print 'hostname', urlparse(scanGetUrl(scan_id)).hostname
hostname = urlparse(scanGetUrl(scan_id)).hostname
for finding_id, finding in enumerate(kb.kb.get_all_findings()):
if finding.get_url() == None:
continue;
if matches_filter(finding, request) and urlparse(finding.get_url().url_string).hostname==hostname:
data.append(finding_to_json(finding, scan_id, finding_id))
for id, scan_info in SCANS.iteritems():
if scan_info is None:
continue
target_urls = scan_info.target_urls
status = scan_info.w3af_core.status.get_simplified_status()
errors = True if scan_info.exception is not None else False
if (errors == False and scan_id == id and status == 'Stopped'):
scanData.scanResult = data
return jsonify({'items': data})
