def gen(): pluginManager = PluginManager() pluginManager.find_plugins( OrchestratorConfig() ) for plugin_type in categories: with open(path.join(here, plugin_type + ".rst"), "w") as f: name = get_plugin_type_display_name(plugin_type) print >>f, name print >>f, "*" * len(name) print >>f, "" print >>f, get_plugin_type_description(plugin_type) print >>f, "" plugins = pluginManager.get_plugins(plugin_type) if plugins: for plugin_id in sorted(plugins.keys()): plugin_info = plugins[plugin_id] display_name = "%s (*%s*)" % (plugin_info.display_name, plugin_id[plugin_id.rfind("/")+1:]) description = plugin_info.description description = description.replace("\r\n", "\n") description = description.replace("\n", "\n\n") print >>f, display_name print >>f, "=" * len(display_name) print >>f, "" print >>f, description print >>f, "" if plugin_info.plugin_args: width_key = 17 width_value = 17 for key, value in plugin_info.plugin_args.iteritems(): if key in plugin_info.plugin_passwd_args: value = "\\*" * 16 width_key = max(width_key, len(key)) width_value = max(width_value, len(value)) print >>f, "%s %s" % (("=" * width_key), ("=" * width_value)) print >>f, ("**Argument name**%s **Default value**%s" % ((" " * (width_key - 17)), (" " * (width_value - 17)))).rstrip() print >>f, "%s %s" % (("-" * width_key), ("-" * width_value)) for key, value in plugin_info.plugin_args.iteritems(): value = value.replace("\r\n", "\n") value = value.replace("\n", " ") if key in plugin_info.plugin_passwd_args: value = "\\*" * 16 pad_key = (" " * (width_key - len(key))) pad_value = (" " * (width_value - len(value))) print >>f, ("%s%s %s%s" % (key, pad_key, value, pad_value)).rstrip() print >>f, ("%s %s" % (("=" * width_key), ("=" * width_value))).rstrip() print >>f, "" else: print >>f, "There are currently no plugins in this category." print >>f, "" with open(path.join(here, plugin_type + ".rst"), "rU") as f: data = f.read() with open(path.join(here, plugin_type + ".rst"), "wb") as f: f.write(data) with open("index.rst", "wb") as f: f.write(index) for plugin_type in categories: f.write(" %s\n" % plugin_type)
def command_info(parser, P, cmdParams, auditParams): # Fail if we don't have arguments. if not P.targets: parser.error("too few arguments") # Load the plugins list. try: manager = PluginManager() manager.find_plugins(cmdParams) except Exception, e: parser.error("error loading plugins list: %s" % str(e))
def command_run(parser, P, cmdParams, auditParams): # For the SCAN command, assume targets are URLs whenever feasible. if P.command == "SCAN": guessed_urls = [] for target in auditParams.targets: if not "://" in target: guessed_urls.append("http://" + target) auditParams.targets.extend(guessed_urls) # For all other commands, disable the testing plugins. else: auditParams.plugin_load_overrides.append((False, "testing")) # For the IMPORT command, targets are import files. if P.command == "IMPORT": auditParams.imports = auditParams.targets # magic del auditParams.targets # magic # For the REPORT command, targets are report files. elif P.command == "REPORT": auditParams.reports = auditParams.targets # magic del auditParams.targets # magic # If we reached this point, we have an internal error! else: raise RuntimeError("Unsupported command: %s" % P.command) # Expand wildcards for filenames on Windows. # On other platforms this is not needed, # as the shell already does it for us. if os.path.sep == "\\": auditParams._imports = expand_wildcards(auditParams._imports) auditParams._reports = expand_wildcards(auditParams._reports) try: # Load the plugins. manager = PluginManager() manager.find_plugins(cmdParams) # Sanitize the plugin arguments. try: if P.raw_plugin_args: P.plugin_args = parse_plugin_args(manager, P.raw_plugin_args) except KeyError, e: ##raise # XXX DEBUG parser.error("error parsing plugin arguments: %s" % str(e)) # Prompt for passwords. for plugin_id in P.plugin_args.keys(): plugin_info = manager.get_plugin_by_id(plugin_id) target_args = P.plugin_args[plugin_id] for key, value in target_args.items(): if not value and key in plugin_info.plugin_passwd_args: if len(plugin_info.plugin_passwd_args) > 1: msg = "Enter password for %s (%s): " msg %= (plugin_info.display_name, key) else: msg = "Enter password for %s: " msg %= plugin_info.display_name target_args[key] = getpass(msg) # Save the plugin arguments for the Orchestrator and the Audit. cmdParams.plugin_args = P.plugin_args auditParams.plugin_args = P.plugin_args # Check the parameters. cmdParams.check_params() auditParams.check_params() # Set the plugin arguments before loading the UI plugin. for plugin_id, plugin_args in cmdParams.plugin_args.iteritems(): status = manager.set_plugin_args(plugin_id, plugin_args) if status != 0: # should never happen, but just in case... if status == 1: msg = "Unknown plugin: %s" elif status == 2: msg = "Invalid arguments for plugin: %s" else: msg = "Error setting arguments for plugin: %s" parser.error(msg % plugin_id) # Load the UI plugin. ui_plugin_id = "ui/" + cmdParams.ui_mode ui_plugin = manager.load_plugin_by_id(ui_plugin_id)
parser.error("Default plugins folder not found, aborting!") cmdParams.plugins_folder = plugins_folder #-------------------------------------------------------------------------- # List plugins and quit. if P.command == "PLUGINS": # Fail if we have arguments. if P.targets: parser.error("too many arguments") # Load the plugins list. try: manager = PluginManager() manager.find_plugins(cmdParams) except Exception, e: parser.error("error loading plugins list: %s" % str(e)) # Show the list of plugins. print colorize("-------------", "red") print colorize(" Plugin list", "red") print colorize("-------------", "red") # Import plugins... import_plugins = manager.get_plugins("import") if import_plugins: print print colorize("-= Import plugins =-", "yellow") for name in sorted(import_plugins.keys()):
def command_run(parser, P, cmdParams, auditParams): # For the SCAN command, assume targets are URLs whenever feasible. if P.command == "SCAN": guessed_urls = [] for target in auditParams.targets: if not "://" in target: guessed_urls.append("http://" + target) auditParams.targets.extend(guessed_urls) # For all other commands, disable the testing plugins. else: auditParams.plugin_load_overrides.append( (False, "testing") ) # For the IMPORT command, targets are import files. if P.command == "IMPORT": auditParams.imports = auditParams.targets # magic del auditParams.targets # magic # For the REPORT command, targets are report files. elif P.command == "REPORT": auditParams.reports = auditParams.targets # magic del auditParams.targets # magic # If we reached this point, we have an internal error! else: raise RuntimeError("Unsupported command: %s" % P.command) # Expand wildcards for filenames on Windows. # On other platforms this is not needed, # as the shell already does it for us. if os.path.sep == "\\": auditParams._imports = expand_wildcards(auditParams._imports) auditParams._reports = expand_wildcards(auditParams._reports) try: # Load the plugins. manager = PluginManager() manager.find_plugins(cmdParams) # Sanitize the plugin arguments. try: if P.raw_plugin_args: P.plugin_args = parse_plugin_args(manager, P.raw_plugin_args) except KeyError, e: ##raise # XXX DEBUG parser.error("error parsing plugin arguments: %s" % str(e)) # Prompt for passwords. for plugin_id in P.plugin_args.keys(): plugin_info = manager.get_plugin_by_id(plugin_id) target_args = P.plugin_args[plugin_id] for key, value in target_args.items(): if not value and key in plugin_info.plugin_passwd_args: if len(plugin_info.plugin_passwd_args) > 1: msg = "Enter password for %s (%s): " msg %= (plugin_info.display_name, key) else: msg = "Enter password for %s: " msg %= plugin_info.display_name target_args[key] = getpass(msg) # Save the plugin arguments for the Orchestrator and the Audit. cmdParams.plugin_args = P.plugin_args auditParams.plugin_args = P.plugin_args # Check the parameters. cmdParams.check_params() auditParams.check_params() # Set the plugin arguments before loading the UI plugin. for plugin_id, plugin_args in cmdParams.plugin_args.iteritems(): status = manager.set_plugin_args(plugin_id, plugin_args) if status != 0: # should never happen, but just in case... if status == 1: msg = "Unknown plugin: %s" elif status == 2: msg = "Invalid arguments for plugin: %s" else: msg = "Error setting arguments for plugin: %s" parser.error(msg % plugin_id) # Load the UI plugin. ui_plugin_id = "ui/" + cmdParams.ui_mode ui_plugin = manager.load_plugin_by_id(ui_plugin_id)
def gen(): pluginManager = PluginManager() pluginManager.find_plugins(OrchestratorConfig()) for plugin_type in categories: with open(path.join(here, plugin_type + ".rst"), "w") as f: name = get_plugin_type_display_name(plugin_type) print >> f, name print >> f, "*" * len(name) print >> f, "" print >> f, get_plugin_type_description(plugin_type) print >> f, "" plugins = pluginManager.get_plugins(plugin_type) if plugins: for plugin_id in sorted(plugins.keys()): plugin_info = plugins[plugin_id] display_name = "%s (*%s*)" % ( plugin_info.display_name, plugin_id[plugin_id.rfind("/") + 1:]) description = plugin_info.description description = description.replace("\r\n", "\n") description = description.replace("\n", "\n\n") print >> f, display_name print >> f, "=" * len(display_name) print >> f, "" print >> f, description print >> f, "" if plugin_info.plugin_args: width_key = 17 width_value = 17 for key, value in plugin_info.plugin_args.iteritems(): if key in plugin_info.plugin_passwd_args: value = "\\*" * 16 width_key = max(width_key, len(key)) width_value = max(width_value, len(value)) print >> f, "%s %s" % (("=" * width_key), ("=" * width_value)) print >> f, ( "**Argument name**%s **Default value**%s" % ((" " * (width_key - 17)), (" " * (width_value - 17)))).rstrip() print >> f, "%s %s" % (("-" * width_key), ("-" * width_value)) for key, value in plugin_info.plugin_args.iteritems(): value = value.replace("\r\n", "\n") value = value.replace("\n", " ") if key in plugin_info.plugin_passwd_args: value = "\\*" * 16 pad_key = (" " * (width_key - len(key))) pad_value = (" " * (width_value - len(value))) print >> f, ( "%s%s %s%s" % (key, pad_key, value, pad_value)).rstrip() print >> f, ("%s %s" % (("=" * width_key), ("=" * width_value))).rstrip() print >> f, "" else: print >> f, "There are currently no plugins in this category." print >> f, "" with open(path.join(here, plugin_type + ".rst"), "rU") as f: data = f.read() with open(path.join(here, plugin_type + ".rst"), "wb") as f: f.write(data) with open("index.rst", "wb") as f: f.write(index) for plugin_type in categories: f.write(" %s\n" % plugin_type)