def _initialize(self): # Flask application container reload hack. reload(_config) packages = None # Read packages that are to be loaded at runtime try: packages = _config.config['remote/packages'] except NoSectionError: sys.stderr.write('Exiting... You did not specify a [remote] section and a "packages" ' 'option in your canari.conf file!\n') exit(-1) # Is packages not blank if not packages: sys.stderr.write('Exiting... You did not specify any transform packages to load in your canari.conf file!\n') exit(-1) elif isinstance(packages, basestring): packages = [packages] # Create the static directory for static file loading if not os.path.exists('static'): os.mkdir('static', 0755) # Iterate through the list of packages to load for p in packages: # Copy all the image resource files in case they are used as entity icons self._copy_images(p) distribution = TransformDistribution(p) sys.stderr.write('Loading transform package %s\n' % repr(p)) for transform in distribution.remote_transforms: transform_name = transform.__name__ sys.stderr.write('Loading transform %s at /%s...\n' % (repr(transform_name), transform_name)) # Should the transform be publicly available? # Does it conform to V2 of the Canari transform signature standard? if get_transform_version(transform.dotransform) == 2: sys.stderr.write('ERROR: Plume does not support V2 Canari transforms (%s). Please update to V3.' ' See http://www.canariproject.com/4-3-transform-development-quick-start/ for' ' more details.\n' % repr(transform_name)) exit(-1) # Does the transform need to be executed as root? If so, is this running in mod_wsgi? Yes = Bad! elif os.name == 'posix' and hasattr(transform.dotransform, 'privileged') and \ os.geteuid() and __name__.startswith('_mod_wsgi_'): sys.stderr.write('WARNING: mod_wsgi does not allow applications to run with root privileges. ' 'Transform %s ignored...\n' % repr(transform_name)) continue # So everything is good, let's register our transform with the global transform registry. inputs = {} if hasattr(transform.dotransform, 'inputs'): for category, entity_type in transform.dotransform.inputs: inputs[entity_type._type_] = entity_type inputs[entity_type._v2type_] = entity_type self.transforms[transform_name] = (transform.dotransform, inputs)
def dotransform(self, transform, valid_input_entity_types): try: if "Content-Length" not in self.headers: self.send_error(500, "What?") return request_str = self.rfile.read(int(self.headers["Content-Length"])) msg = MaltegoMessage.parse(request_str).message e = msg.entity entity_type = e.type if valid_input_entity_types and entity_type not in valid_input_entity_types: self.send_error(400, "Unsupported input entity!") return for k, i in msg.parameters.iteritems(): if "." in k: config[k.replace(".", "/", 1)] = i else: config["plume/%s" % k] = i msg = ( transform( msg, request_str if hasattr(transform, "cmd") and callable(transform.cmd) else MaltegoTransformResponseMessage(), ) if get_transform_version(transform) == 2 else transform( msg, request_str if hasattr(transform, "cmd") and callable(transform.cmd) else MaltegoTransformResponseMessage(), config, ) ) if isinstance(msg, MaltegoTransformResponseMessage) or isinstance(msg, basestring): message(msg, self) return else: raise MaltegoException("Could not resolve message type returned by transform.") except MaltegoException, me: croak(str(me), self)
def dotransform(self, transform, valid_input_entity_types): try: if 'Content-Length' not in self.headers: self.send_error(500, 'What?') return request_str = self.rfile.read(int(self.headers['Content-Length'])) msg = MaltegoTransformRequestMessage.parse(request_str).message e = msg.entity entity_type = e.type if valid_input_entity_types and entity_type not in valid_input_entity_types: self.send_error(400, 'Unsupported input entity!') return for k, i in msg.parameters.iteritems(): if '.' in k: config[k.replace('.', '/', 1)] = i else: config['plume/%s' % k] = i msg = transform( msg, request_str if hasattr(transform, 'cmd') and callable(transform.cmd) else MaltegoTransformResponseMessage() ) if get_transform_version(transform) == 2 else transform( msg, request_str if hasattr(transform, 'cmd') and callable(transform.cmd) else MaltegoTransformResponseMessage(), config ) if isinstance(msg, MaltegoTransformResponseMessage) or isinstance(msg, basestring): message(msg, self) return else: raise MaltegoException('Could not resolve message type returned by transform.') except MaltegoException, me: croak(str(me), self)
def _initialize(self): # Flask application container reload hack. reload(_config) packages = None # Read packages that are to be loaded at runtime try: packages = _config.config['remote/packages'] except NoSectionError: sys.stderr.write( 'Exiting... You did not specify a [remote] section and a "packages" ' 'option in your canari.conf file!\n') exit(-1) # Is packages not blank if not packages: sys.stderr.write( 'Exiting... You did not specify any transform packages to load in your canari.conf file!\n' ) exit(-1) elif isinstance(packages, basestring): packages = [packages] # Create the static directory for static file loading if not os.path.exists('static'): os.mkdir('static', 0755) # Iterate through the list of packages to load for p in packages: # Copy all the image resource files in case they are used as entity icons self._copy_images(p) distribution = TransformDistribution(p) sys.stderr.write('Loading transform package %s\n' % repr(p)) for transform in distribution.remote_transforms: transform_name = transform.__name__ sys.stderr.write('Loading transform %s at /%s...\n' % (repr(transform_name), transform_name)) # Should the transform be publicly available? # Does it conform to V2 of the Canari transform signature standard? if get_transform_version(transform.dotransform) == 2: sys.stderr.write( 'ERROR: Plume does not support V2 Canari transforms (%s). Please update to V3.' ' See http://www.canariproject.com/4-3-transform-development-quick-start/ for' ' more details.\n' % repr(transform_name)) exit(-1) # Does the transform need to be executed as root? If so, is this running in mod_wsgi? Yes = Bad! elif os.name == 'posix' and hasattr(transform.dotransform, 'privileged') and \ os.geteuid() and __name__.startswith('_mod_wsgi_'): sys.stderr.write( 'WARNING: mod_wsgi does not allow applications to run with root privileges. ' 'Transform %s ignored...\n' % repr(transform_name)) continue # So everything is good, let's register our transform with the global transform registry. inputs = {} if hasattr(transform.dotransform, 'inputs'): for category, entity_type in transform.dotransform.inputs: inputs[entity_type._type_] = entity_type inputs[entity_type._v2type_] = entity_type self.transforms[transform_name] = (transform.dotransform, inputs)