def run(PluginInfo):
Content = []
config = ServiceLocator.get_component("config")
OWTFLogger.log(
"WARNING: This plugin requires a small selenium installation, please run '%s' if you have issues"
% config.FrameworkConfigGet('INSTALL_SCRIPT'))
plugin_params = ServiceLocator.get_component("plugin_params")
args = {
'Description': DESCRIPTION,
'Mandatory': {
'BASE_URL':
'The URL to be pre-pended to the tests',
'CATEGORY':
'Category to use (i.e. ' + ', '.join(sorted(CATEGORIES)) + ')'
},
'Optional': {
'REPEAT_DELIM': config.FrameworkConfigGet('REPEAT_DELIM_DESCRIP')
}
}
for Args in plugin_params.GetArgs(args, PluginInfo):
plugin_params.SetConfig(Args)
InputFile = config.FrameworkConfigGet("SELENIUM_URL_VECTORS_" +
Args['CATEGORY'])
URLLauncher = ServiceLocator.get_component(
"selenium_handler").CreateURLLauncher({
'BASE_URL': Args['BASE_URL'],
'INPUT_FILE': InputFile
})
URLLauncher.Run()
return Content
def run(PluginInfo):
# ServiceLocator.get_component("config").Show()
config = ServiceLocator.get_component("config")
OWTFLogger.log("WARNING: This plugin requires a small selenium installation, please run '" + config.Get('INSTALL_SCRIPT') + "' if you have issues")
Content = DESCRIPTION + " Results:<br />"
plugin_params = ServiceLocator.get_component("plugin_params")
for Args in plugin_params.GetArgs({
'Description': DESCRIPTION,
'Mandatory': {
'BASE_URL': 'The URL to be pre-pended to the tests',
'CATEGORY': 'Category to use (i.e. ' + ', '.join(sorted(CATEGORIES)) + ')'
},
'Optional': {
'REPEAT_DELIM': config.Get(
'REPEAT_DELIM_DESCRIP')
}}, PluginInfo):
plugin_params.SetConfig(Args)
# print "Args="+str(Args)
InputFile = config.Get("SELENIUM_URL_VECTORS_" + Args['CATEGORY'])
URLLauncher = ServiceLocator.get_component("selenium_handler").CreateURLLauncher(
{'BASE_URL': Args['BASE_URL'], 'INPUT_FILE': InputFile})
URLLauncher.Run()
return Content
def run(PluginInfo):
plugin_helper = ServiceLocator.get_component("plugin_helper")
resource = ServiceLocator.get_component("resource")
Content = plugin_helper.RequestLinkList(
'Passive Analysis Results',
resource.GetResources('PassiveRobotsAnalysisHTTPRequests'), PluginInfo)
Content += plugin_helper.ResourceLinkList(
'Online Resources',
resource.GetResources('PassiveRobotsAnalysisLinks'))
# Try to retrieve the robots.txt file from all defined resources
Count = 0
for Name, Resource in resource.GetResources('PassiveRobots'):
URL = Resource # Just for clarity
# Preparing link chunks for disallowed entries
LinkStart, LinkFinish = URL.split('/robots.txt')
LinkStart = LinkStart.strip()
LinkFinish = LinkFinish.strip()
# Use the cache if possible for speed
Transaction = ServiceLocator.get_component("requester").GetTransaction(
True, URL)
if Transaction is not None and Transaction.Found:
Content += plugin_helper.ProcessRobots(
PluginInfo, Transaction.GetRawResponseBody(), LinkStart,
LinkFinish, 'robots%s.txt' % str(Count))
Count += 1
else: # Not found or unknown request error
Message = "Could not be retrieved using resource: %s" % Resource
OWTFLogger.log(Message)
Content += plugin_helper.TransactionTableForURLList(True, [URL])
return Content
def run(PluginInfo):
# Vuln search box to be built in core and resued in different plugins:
resource = ServiceLocator.get_component("resource").GetResources(
'PassiveMethods')
Content = ServiceLocator.get_component("plugin_helper").ResourceLinkList(
'Online Resources', resource)
OWTFLogger.log("Passive links generated for target")
return Content
def run(PluginInfo):
urls = ServiceLocator.get_component("url_manager").GetURLsToVisit()
for url in urls: # This will return only unvisited urls
ServiceLocator.get_component("requester").GetTransaction(
True, url) # Use cache if possible
Content = "%s URLs were visited" % str(len(urls))
OWTFLogger.log(Content)
return ServiceLocator.get_component("plugin_helper").HtmlString(Content)
def run(PluginInfo):
#ServiceLocator.get_component("config").Show()
urls = ServiceLocator.get_component("url_manager").GetURLsToVisit()
for url in urls: # This will return only unvisited urls
ServiceLocator.get_component("requester").GetTransaction(True, url) # Use cache if possible
Content = str(len(urls))+" URLs were visited"
OWTFLogger.log(Content)
return ServiceLocator.get_component("plugin_helper").HtmlString(Content)
def pnh_log_file(self):
self.path = self.config.FrameworkConfigGet('PNH_EVENTS_FILE')
self.mode = "w"
try:
if os.path.isfile(self.path):
pass
else:
with FileOperations.open(self.path, self.mode, owtf_clean=False):
pass
except IOError as e:
OWTFLogger.log("I/O error ({0}): {1}".format(e.errno, e.strerror))
raise
def run(PluginInfo):
plugin_helper = ServiceLocator.get_component("plugin_helper")
target = ServiceLocator.get_component("target")
requester = ServiceLocator.get_component("requester")
top_url = target.Get('top_url')
url = "%s/robots.txt" % top_url
test_result = []
# Use transaction cache if possible for speed
http_transaction = requester.GetTransaction(True, url, "GET")
if http_transaction is not None and http_transaction.Found:
test_result += plugin_helper.ProcessRobots(
PluginInfo, http_transaction.GetRawResponseBody(), top_url, '')
else: # robots.txt NOT found
OWTFLogger.log("robots.txt was NOT found")
test_result += plugin_helper.TransactionTableForURLList(True, [url])
return test_result
def run(PluginInfo):
plugin_helper = ServiceLocator.get_component("plugin_helper")
target = ServiceLocator.get_component("target")
requester = ServiceLocator.get_component("requester")
top_url = target.Get('top_url')
url = top_url + "/robots.txt"
test_result = []
# Use transaction cache if possible for speed
http_transaction = requester.GetTransaction(True, url, "GET")
if http_transaction is not None and http_transaction.Found:
test_result += plugin_helper.ProcessRobots(
PluginInfo,
http_transaction.GetRawResponseBody(),
top_url,
'')
else: # robots.txt NOT found
OWTFLogger.log("robots.txt was NOT found")
test_result += plugin_helper.TransactionTableForURLList(True, [url])
return test_result
def run(PluginInfo):
plugin_helper = ServiceLocator.get_component("plugin_helper")
resource = ServiceLocator.get_component("resource")
TestResult = ''
Count = 1
Content = plugin_helper.RequestLinkList('Passive Analysis Results', resource.GetResources('PassiveRobotsAnalysisHTTPRequests'), PluginInfo)
Content += plugin_helper.ResourceLinkList('Online Resources', resource.GetResources('PassiveRobotsAnalysisLinks'))
# Try to retrieve the robots.txt file from all defined resources
for Name, Resource in resource.GetResources('PassiveRobots'):
URL = Resource # Just for clarity
# Preparing link chunks for disallowed entries
LinkStart, LinkFinish = URL.split('/robots.txt')
LinkStart = LinkStart.strip()
LinkFinish = LinkFinish.strip()
# Use the cache if possible for speed
Transaction = ServiceLocator.get_component("requester").GetTransaction(True, URL)
if Transaction is not None and Transaction.Found:
Content += plugin_helper.ProcessRobots(PluginInfo, Transaction.GetRawResponseBody(), LinkStart, LinkFinish, 'robots'+str(Count)+'.txt')
Count += 1
else: # Not found or unknown request error
Message = "Could not be retrieved using resource: " + Resource
OWTFLogger.log(Message)
Content += plugin_helper.TransactionTableForURLList(True, [URL])
return Content
def run(PluginInfo):
Content = []
Iteration = 1 # Iteration counter initialisation
plugin_params = ServiceLocator.get_component("plugin_params")
config = ServiceLocator.get_component("config")
args = {
'Description': DESCRIPTION,
'Mandatory': {
'RHOST':
config.FrameworkConfigGet('RHOST_DESCRIP'),
'SBD_PORT':
config.FrameworkConfigGet('SBD_PORT_DESCRIP'),
'SBD_PASSWORD':
config.FrameworkConfigGet('SBD_PASSWORD_DESCRIP'),
'COMMAND_PREFIX':
'The command string to be pre-pended to the tests (i.e. /usr/lib/firefox... http...)',
},
'Optional': {
'TEST':
'The test to be included between prefix and suffix',
'COMMAND_SUFFIX':
'The URL to be appended to the tests (i.e. ...whatever)',
'ISHELL_REUSE_CONNECTION':
config.FrameworkConfigGet('ISHELL_REUSE_CONNECTION_DESCRIP'),
'ISHELL_EXIT_METHOD':
config.FrameworkConfigGet('ISHELL_EXIT_METHOD_DESCRIP'),
'ISHELL_DELAY_BETWEEN_COMMANDS':
config.FrameworkConfigGet('ISHELL_DELAY_BETWEEN_COMMANDS_DESCRIP'),
'ISHELL_COMMANDS_BEFORE_EXIT':
config.FrameworkConfigGet('ISHELL_COMMANDS_BEFORE_EXIT_DESCRIP'),
'ISHELL_COMMANDS_BEFORE_EXIT_DELIM':
config.FrameworkConfigGet(
'ISHELL_COMMANDS_BEFORE_EXIT_DELIM_DESCRIP'),
'REPEAT_DELIM':
config.FrameworkConfigGet('REPEAT_DELIM_DESCRIP')
}
}
for Args in plugin_params.GetArgs(args, PluginInfo):
plugin_params.SetConfig(
Args) # Sets the auxiliary plugin arguments as config
REUSE_CONNECTION = (Args['ISHELL_REUSE_CONNECTION'] == 'yes')
DELAY_BETWEEN_COMMANDS = Args['ISHELL_DELAY_BETWEEN_COMMANDS']
if (Iteration == 1) or (not REUSE_CONNECTION):
ServiceLocator.get_component("interactive_shell").Open(
{
'ConnectVia':
config.GetResources('RCE_SBD_Connection'),
'InitialCommands':
None,
'ExitMethod':
Args['ISHELL_EXIT_METHOD'],
'CommandsBeforeExit':
Args['ISHELL_COMMANDS_BEFORE_EXIT'],
'CommandsBeforeExitDelim':
Args['ISHELL_COMMANDS_BEFORE_EXIT_DELIM'],
'RHOST':
Args['RHOST'],
'RPORT':
Args['SBD_PORT']
}, PluginInfo)
else:
OWTFLogger.log("Reusing initial connection..")
Content += ServiceLocator.get_component("interactive_shell").Run(
Args['COMMAND_PREFIX'] + Args['TEST'] + Args['COMMAND_SUFFIX'],
PluginInfo)
OWTFLogger.log("Sleeping " + DELAY_BETWEEN_COMMANDS +
" second(s) (increases reliability)..")
time.sleep(int(DELAY_BETWEEN_COMMANDS))
if not REUSE_CONNECTION:
ServiceLocator.get_component("interactive_shell").Close(PluginInfo)
Iteration += 1 # Increase Iteration counter
if not ServiceLocator.get_component("interactive_shell").IsClosed(
): # Ensure clean exit if reusing connection
ServiceLocator.get_component("interactive_shell").Close(PluginInfo)
return Content
def run(PluginInfo):
# ServiceLocator.get_component("config").Show()
Content = DESCRIPTION + " Results:<br />"
Iteration = 1 # Iteration counter initialisation
plugin_params = ServiceLocator.get_component("plugin_params")
config = ServiceLocator.get_component("config")
for Args in plugin_params.GetArgs(
{
'Description': DESCRIPTION,
'Mandatory': {
'RHOST':
config.Get('RHOST_DESCRIP'),
'SBD_PORT':
config.Get('SBD_PORT_DESCRIP'),
'SBD_PASSWORD':
config.Get('SBD_PASSWORD_DESCRIP'),
'COMMAND_PREFIX':
'The command string to be pre-pended to the tests (i.e. /usr/lib/firefox... http...)',
},
'Optional': {
'TEST':
'The test to be included between prefix and suffix',
'COMMAND_SUFIX':
'The URL to be appended to the tests (i.e. ...whatever)',
'ISHELL_REUSE_CONNECTION':
config.Get('ISHELL_REUSE_CONNECTION_DESCRIP'),
'ISHELL_EXIT_METHOD':
config.Get('ISHELL_EXIT_METHOD_DESCRIP'),
'ISHELL_DELAY_BETWEEN_COMMANDS':
config.Get('ISHELL_DELAY_BETWEEN_COMMANDS_DESCRIP'),
'ISHELL_COMMANDS_BEFORE_EXIT':
config.Get('ISHELL_COMMANDS_BEFORE_EXIT_DESCRIP'),
'ISHELL_COMMANDS_BEFORE_EXIT_DELIM':
config.Get('ISHELL_COMMANDS_BEFORE_EXIT_DELIM_DESCRIP'),
'REPEAT_DELIM':
config.Get('REPEAT_DELIM_DESCRIP')
}
}, PluginInfo):
plugin_params.SetConfig(
Args) # Sets the auxiliary plugin arguments as config
REUSE_CONNECTION = (Args['ISHELL_REUSE_CONNECTION'] == 'yes')
#print "REUSE_CONNECTION=" + str(REUSE_CONNECTION)
DELAY_BETWEEN_COMMANDS = Args['ISHELL_DELAY_BETWEEN_COMMANDS']
#print "Args="+str(Args)
#print "'ISHELL_COMMANDS_BEFORE_EXIT_DELIM'=" + Args['ISHELL_COMMANDS_BEFORE_EXIT_DELIM']
#break
if Iteration == 1 or not REUSE_CONNECTION:
ServiceLocator.get_component("interactive_shell").Open(
{
'ConnectVia':
config.GetResources('RCE_SBD_Connection'),
'InitialCommands':
None
#[ Args['BROWSER_PATH'] + ' about:blank']
,
'ExitMethod':
Args['ISHELL_EXIT_METHOD'],
'CommandsBeforeExit':
Args['ISHELL_COMMANDS_BEFORE_EXIT'],
'CommandsBeforeExitDelim':
Args['ISHELL_COMMANDS_BEFORE_EXIT_DELIM'],
'RHOST':
Args['RHOST'],
'RPORT':
Args['SBD_PORT']
},
PluginInfo)
else:
OWTFLogger.log("Reusing initial connection..")
ServiceLocator.get_component("interactive_shell").Run(
Args['COMMAND_PREFIX'] + Args['TEST'] + Args['COMMAND_SUFIX'])
OWTFLogger.log("Sleeping " + DELAY_BETWEEN_COMMANDS +
" second(s) (increases reliability)..")
time.sleep(int(DELAY_BETWEEN_COMMANDS))
if not REUSE_CONNECTION:
ServiceLocator.get_component("interactive_shell").Close(PluginInfo)
#Content += ServiceLocator.get_component("plugin_helper").DrawCommandDump('Test Command', 'Output', ServiceLocator.get_component("config").GetResources('LaunchExploit_'+Args['CATEGORY']+"_"+Args['SUBCATEGORY']), PluginInfo, "") # No previous output
Iteration += 1 # Increase Iteration counter
if not ServiceLocator.get_component("interactive_shell").IsClosed(
): # Ensure clean exit if reusing connection
ServiceLocator.get_component("interactive_shell").Close(PluginInfo)
return Content
def run(PluginInfo):
# ServiceLocator.get_component("config").Show()
Content = DESCRIPTION + " Results:<br />"
Iteration = 1 # Iteration counter initialisation
plugin_params = ServiceLocator.get_component("plugin_params")
config = ServiceLocator.get_component("config")
for Args in plugin_params.GetArgs({
'Description': DESCRIPTION,
'Mandatory': {
'RHOST': config.Get('RHOST_DESCRIP'),
'SBD_PORT': config.Get('SBD_PORT_DESCRIP'),
'SBD_PASSWORD': config.Get('SBD_PASSWORD_DESCRIP'),
'COMMAND_PREFIX': 'The command string to be pre-pended to the tests (i.e. /usr/lib/firefox... http...)',
},
'Optional': {
'TEST': 'The test to be included between prefix and suffix',
'COMMAND_SUFIX': 'The URL to be appended to the tests (i.e. ...whatever)',
'ISHELL_REUSE_CONNECTION': config.Get(
'ISHELL_REUSE_CONNECTION_DESCRIP'),
'ISHELL_EXIT_METHOD': config.Get(
'ISHELL_EXIT_METHOD_DESCRIP'),
'ISHELL_DELAY_BETWEEN_COMMANDS': config.Get(
'ISHELL_DELAY_BETWEEN_COMMANDS_DESCRIP'),
'ISHELL_COMMANDS_BEFORE_EXIT': config.Get(
'ISHELL_COMMANDS_BEFORE_EXIT_DESCRIP'),
'ISHELL_COMMANDS_BEFORE_EXIT_DELIM': config.Get(
'ISHELL_COMMANDS_BEFORE_EXIT_DELIM_DESCRIP'),
'REPEAT_DELIM': config.Get('REPEAT_DELIM_DESCRIP')
}}, PluginInfo):
plugin_params.SetConfig(Args) # Sets the auxiliary plugin arguments as config
REUSE_CONNECTION = (Args['ISHELL_REUSE_CONNECTION'] == 'yes')
#print "REUSE_CONNECTION=" + str(REUSE_CONNECTION)
DELAY_BETWEEN_COMMANDS = Args['ISHELL_DELAY_BETWEEN_COMMANDS']
#print "Args="+str(Args)
#print "'ISHELL_COMMANDS_BEFORE_EXIT_DELIM'=" + Args['ISHELL_COMMANDS_BEFORE_EXIT_DELIM']
#break
if Iteration == 1 or not REUSE_CONNECTION:
ServiceLocator.get_component("interactive_shell").Open({
'ConnectVia': config.GetResources('RCE_SBD_Connection')
, 'InitialCommands': None
#[ Args['BROWSER_PATH'] + ' about:blank']
, 'ExitMethod': Args['ISHELL_EXIT_METHOD']
, 'CommandsBeforeExit': Args[
'ISHELL_COMMANDS_BEFORE_EXIT']
, 'CommandsBeforeExitDelim': Args[
'ISHELL_COMMANDS_BEFORE_EXIT_DELIM']
, 'RHOST': Args['RHOST']
, 'RPORT': Args['SBD_PORT']
}, PluginInfo)
else:
OWTFLogger.log("Reusing initial connection..")
ServiceLocator.get_component("interactive_shell").Run(
Args['COMMAND_PREFIX'] + Args['TEST'] + Args['COMMAND_SUFIX'])
OWTFLogger.log("Sleeping " + DELAY_BETWEEN_COMMANDS + " second(s) (increases reliability)..")
time.sleep(int(DELAY_BETWEEN_COMMANDS))
if not REUSE_CONNECTION:
ServiceLocator.get_component("interactive_shell").Close(PluginInfo)
#Content += ServiceLocator.get_component("plugin_helper").DrawCommandDump('Test Command', 'Output', ServiceLocator.get_component("config").GetResources('LaunchExploit_'+Args['CATEGORY']+"_"+Args['SUBCATEGORY']), PluginInfo, "") # No previous output
Iteration += 1 # Increase Iteration counter
if not ServiceLocator.get_component("interactive_shell").IsClosed(): # Ensure clean exit if reusing connection
ServiceLocator.get_component("interactive_shell").Close(PluginInfo)
return Content
def run(PluginInfo):
#ServiceLocator.get_component("config").Show()
#Vuln search box to be built in core and resued in different plugins:
Content = ServiceLocator.get_component("plugin_helper").ResourceLinkList('Online Resources', ServiceLocator.get_component("resource").GetResources('PassiveMethods'))
OWTFLogger.log("Passive links generated for target")
return Content