def set_filter(self, vuln): new_liststore = gtk.ListStore(str, str) for pname in sorted(self.w3af.plugins.get_plugin_list("attack")): exploit = self.w3af.plugins.get_plugin_inst("attack", pname) thisvulns = get_exploitable_vulns(exploit) markedname = ("<b>%s</b>" % pname) if vuln in thisvulns else pname new_liststore.append([markedname, pname]) self.set_model(new_liststore) self.liststore = new_liststore
def _launch_exploit_all(dlg, w3af, enabled_plugins, stopOnFirst): ''' A generator that will perform the exploitation of all the vulnerabilities. :param dlg: The dialog where I'm going to write the messages :param w3af: the core :param enabled_plugins: Which plugins are to be used. :param stopOnFirst: if the exploit should stop in the first exploited vuln. ''' for exploitname in enabled_plugins: dlg.add_message(_("\nExploiting %r...\n") % exploitname) exploit = w3af.plugins.get_plugin_inst("attack", exploitname) vulns = get_exploitable_vulns(exploit) dlg.add_message(_(" %d vulnerabilites to exploit\n") % len(vulns)) yield True for vuln in vulns: # Let GTK handle events, I want a responsive GUI! yield True # check if o dlg.add_message( ("Checking suitability for vuln %r...\n") % vuln.get_name()) try: canexploit = exploit.can_exploit(vuln.get_id()) except w3afException, e: dlg.add_message(_("\nERROR: ")) dlg.add_message(str(e) + '\n') dlg.done() dlg.dialog_run() yield False except w3afMustStopException, wmse: dlg.add_message(_("\nERROR: ")) dlg.add_message(str(wmse) + '\n') dlg.done() dlg.dialog_run() yield False if not canexploit: dlg.add_message(_(" nop\n")) yield True continue dlg.add_message(_(" ok\n")) # exploitable, go for it! dlg.add_message(_("Exploiting...\n")) try: exploit.exploit() except w3afException, e: dlg.add_message(str(e) + '\n') yield True continue
def set_filter(self, exploit): '''Sets a new filter and update the list. :param active: which types should be shown. ''' vulns = get_exploitable_vulns(exploit) # Store the vulnerability ids for later self.applicable = [v.get_uniq_id() for v in vulns] # Make bold all the vulnerabilities in the list store which are in # self.applicable . In other words, bold the ones which can be # exploited (identified by uniq_id for row in self.liststore: show, name, uniq_id, icon = row if uniq_id in self.applicable: row[0] = make_bold(name) else: row[0] = name