예제 #1
0
def fortify_list(config, fortify_user, fortify_password, application):
    fortify_config = FortifyConfig()
    try:
        if not fortify_user or not fortify_password:
            Logger.console.info("No Fortify username or password provided. Checking fortify.ini for secret")
            if fortify_config.secret:
                Logger.console.info("Fortify secret found in fortify.ini")
                fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, token=fortify_config.secret)
            else:
                Logger.console.info("Fortify secret not found in fortify.ini")
                fortify_user = click.prompt('Fortify user')
                fortify_password = click.prompt('Fortify password', hide_input=True)
                fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
                                               fortify_password=fortify_password)
                fortify_config.write_secret(fortify_client.token)
                Logger.console.info("Fortify secret written to fortify.ini")
            if application:
                reauth = fortify_client.list_application_versions(application)
                if reauth == -1 and fortify_config.secret:
                    Logger.console.info("Fortify secret invalid...reauthorizing")
                    fortify_user = click.prompt('Fortify user')
                    fortify_password = click.prompt('Fortify password', hide_input=True)
                    fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
                                                   fortify_password=fortify_password)
                    fortify_config.write_secret(fortify_client.token)
                    Logger.console.info("Fortify secret written to fortify.ini")
                    Logger.console.info("Attempting to rerun 'fortify list --application'")
                    fortify_client.list_application_versions(application)
            else:
                reauth = fortify_client.list_versions()
                if reauth == -1 and fortify_config.secret:
                    Logger.console.info("Fortify secret invalid...reauthorizing")
                    fortify_user = click.prompt('Fortify user')
                    fortify_password = click.prompt('Fortify password', hide_input=True)
                    fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
                                                   fortify_password=fortify_password)
                    fortify_config.write_secret(fortify_client.token)
                    Logger.console.info("Fortify secret written to fortify.ini")
                    Logger.console.info("Attempting to rerun 'fortify list'")
                    fortify_client.list_versions()
        else:
            fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
                                           fortify_password=fortify_password)
            fortify_config.write_secret(fortify_client.token)
            Logger.console.info("Fortify secret written to fortify.ini")
            if application:
                fortify_client.list_application_versions(application)
            else:
                fortify_client.list_versions()

    except:
        Logger.console.critical("Unable to complete command 'fortify list'")
예제 #2
0
파일: agent.py 프로젝트: xuezs/webbreaker
 def __init__(self, agent_json):
     self.pid = os.getpid()
     self.fqdn = socket.getfqdn()
     data = self.__read_json__(agent_json)
     try:
         self.payload = self.__formatted_elk_payload__(scan=data['fortify_build_id'], host=self.fqdn,
                                                       version=__version__,
                                                       notifiers=data['git_emails'], git_url=data['git_url'],
                                                       fortify_url=data['fortify_pv_url'])
         self.payload['start'] = datetime.now().isoformat()
         self.fortify_config = FortifyConfig()
         self.check_count = 0
         self.timeout = 15
     except (KeyError, AttributeError, UnboundLocalError) as e:
         self.log("Agent was either misconfigured or unable to initialize {0}\n".format(e))
예제 #3
0
def upload(config, fortify_user, fortify_password, application, version,
           scan_name):
    fortify_config = FortifyConfig()
    # Fortify only accepts fpr scan files
    x = 'fpr'
    if application:
        fortify_config.application_name = application
    if not scan_name:
        scan_name = version
    try:
        if not fortify_user or not fortify_password:
            Logger.console.info(
                "No Fortify username or password provided. Checking fortify.ini for secret"
            )
            if fortify_config.secret:
                Logger.console.info("Fortify secret found in fortify.ini")
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    token=fortify_config.secret,
                    scan_name=version,
                    extension=x)
            else:
                Logger.console.info("Fortify secret not found in fortify.ini")
                fortify_user = click.prompt('Fortify user')
                fortify_password = click.prompt('Fortify password',
                                                hide_input=True)
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    fortify_username=fortify_user,
                    fortify_password=fortify_password,
                    scan_name=version,
                    extension=x)
                fortify_config.write_secret(fortify_client.token)
                Logger.console.info("Fortify secret written to fortify.ini")
        else:
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version,
                extension=x)
            fortify_config.write_secret(fortify_client.token)
            Logger.console.info("Fortify secret written to fortify.ini")

        reauth = fortify_client.upload_scan(file_name=scan_name)

        if reauth == -2:
            # The given application doesn't exist
            Logger.console.critical(
                "Fortify Application {} does not exist. Unable to upload scan."
                .format(application))

        if reauth == -1 and fortify_config.secret:
            Logger.console.info("Fortify secret invalid...reauthorizing")
            fortify_user = click.prompt('Fortify user')
            fortify_password = click.prompt('Fortify password',
                                            hide_input=True)
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version,
                extension=x)
            fortify_config.write_secret(fortify_client.token)

            Logger.console.info("Fortify secret written to fortify.ini")
            Logger.console.info("Attempting to re-run 'fortify upload'")
            app_error = fortify_client.upload_scan(file_name=scan_name)

            if app_error == -2:
                # The given application doesn't exist
                Logger.console.critical(
                    "Fortify Application {} does not exist. Unable to upload scan."
                    .format(application))
    except:
        Logger.console.critical("Unable to complete command 'fortify upload'")
예제 #4
0
def fortify_scan(config, fortify_user, fortify_password, application, version,
                 build_id):
    fortify_config = FortifyConfig()
    if application:
        fortify_config.application_name = application

    if not fortify_user or not fortify_password:
        Logger.console.info(
            "No Fortify username or password provided. Checking fortify.ini for secret"
        )
        if fortify_config.token or fortify_config.has_auth_creds():
            Logger.console.info("Fortify secret found in fortify.ini")
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                token=fortify_config.token,
                scan_name=version,
                fortify_username=fortify_config.username,
                fortify_password=fortify_config.password)
            fortify_config.write_token(fortify_client.token)
        else:
            Logger.console.info("Fortify secret not found in fortify.ini")
            fortify_user, fortify_password = fortify_prompt()
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version)
            fortify_config.write_token(fortify_client.token)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify secret written to fortify.ini")

        pv_url = fortify_client.build_pv_url()

        if pv_url == -1:
            Logger.console.info("Fortify secret invalid...reauthorizing")
            if fortify_config.has_auth_creds():
                fortify_user = fortify_config.username
                fortify_password = fortify_config.password
            else:
                fortify_user, fortify_password = fortify_prompt()
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            fortify_config.write_token(fortify_client.token)
            Logger.console.info("Fortify secret written to fortify.ini")
            Logger.console.info("Attempting to rerun 'fortify scan'")
            pv_url = fortify_client.build_pv_url()

        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")

    else:
        fortify_client = FortifyClient(
            fortify_url=fortify_config.ssc_url,
            project_template=fortify_config.project_template,
            application_name=fortify_config.application_name,
            fortify_username=fortify_user,
            fortify_password=fortify_password,
            scan_name=version)
        fortify_config.write_token(fortify_client.token)
        fortify_config.write_username(fortify_user)
        fortify_config.write_password(fortify_password)
        Logger.console.info("Fortify secret written to fortify.ini")
        pv_url = fortify_client.build_pv_url()
        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")
예제 #5
0
def fortify_list(config, fortify_user, fortify_password, application):
    fortify_config = FortifyConfig()
    try:
        if not fortify_user or not fortify_password:
            Logger.console.info(
                "No Fortify username or password provided. Checking fortify.ini for secret"
            )
            if fortify_config.token or fortify_config.has_auth_creds():
                Logger.console.info("Fortify secret found in fortify.ini")
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    token=fortify_config.token,
                    fortify_username=fortify_config.username,
                    fortify_password=fortify_config.password)
                fortify_config.write_token(fortify_client.token)
            else:
                Logger.console.info("Fortify secret not found in fortify.ini")
                fortify_user, fortify_password = fortify_prompt()
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    fortify_username=fortify_user,
                    fortify_password=fortify_password)
                fortify_config.write_token(fortify_client.token)
                fortify_config.write_username(fortify_user)
                fortify_config.write_password(fortify_password)
                Logger.console.info("Fortify secret written to fortify.ini")
            if application:
                reauth = fortify_client.list_application_versions(application)
                if reauth == -1 and fortify_config.token:
                    Logger.console.info(
                        "Fortify secret invalid...reauthorizing")
                    if fortify_config.has_auth_creds():
                        fortify_user = fortify_config.username
                        fortify_password = fortify_config.password
                    else:
                        fortify_user, fortify_password = fortify_prompt()
                    fortify_client = FortifyClient(
                        fortify_url=fortify_config.ssc_url,
                        fortify_username=fortify_user,
                        fortify_password=fortify_password)
                    fortify_config.write_username(fortify_user)
                    fortify_config.write_password(fortify_password)
                    fortify_config.write_token(fortify_client.token)
                    Logger.console.info(
                        "Fortify secret written to fortify.ini")
                    Logger.console.info(
                        "Attempting to rerun 'fortify list --application'")
                    fortify_client.list_application_versions(application)
            else:
                reauth = fortify_client.list_versions()
                if reauth == -1 and fortify_config.token:
                    Logger.console.info(
                        "Fortify secret invalid...reauthorizing")
                    if fortify_config.has_auth_creds():
                        fortify_user = fortify_config.username
                        fortify_password = fortify_config.password
                    else:
                        fortify_user, fortify_password = fortify_prompt()
                    fortify_client = FortifyClient(
                        fortify_url=fortify_config.ssc_url,
                        fortify_username=fortify_user,
                        fortify_password=fortify_password)
                    fortify_config.write_username(fortify_user)
                    fortify_config.write_password(fortify_password)
                    fortify_config.write_token(fortify_client.token)
                    Logger.console.info(
                        "Fortify secret written to fortify.ini")
                    Logger.console.info("Attempting to rerun 'fortify list'")
                    fortify_client.list_versions()
        else:
            fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url,
                                           fortify_username=fortify_user,
                                           fortify_password=fortify_password)
            fortify_config.write_token(fortify_client.token)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify secret written to fortify.ini")
            if application:
                fortify_client.list_application_versions(application)
            else:
                fortify_client.list_versions()
    except (AttributeError, UnboundLocalError) as e:
        Logger.console.critical("Unable to complete command 'fortify list'")
예제 #6
0
def credentials(config, fortify, webinspect, clear, username, password):
    if fortify:
        fortify_config = FortifyConfig()
        if clear:
            fortify_config.clear_credentials()
        else:
            if username and password:
                try:
                    fortify_client = FortifyClient(
                        fortify_url=fortify_config.ssc_url,
                        fortify_username=username,
                        fortify_password=password)
                    fortify_config.write_username(username)
                    fortify_config.write_password(password)
                    sys.stdout.write(str("Credentials stored successfully\n"))
                except ValueError as e:
                    sys.stdout.write(
                        str("Unable to validate Fortify credentials. Credentials were not stored\n"
                            ))

            else:
                username, password = fortify_prompt()
                try:
                    fortify_client = FortifyClient(
                        fortify_url=fortify_config.ssc_url,
                        fortify_username=username,
                        fortify_password=password)
                    fortify_config.write_username(username)
                    fortify_config.write_password(password)
                    sys.stdout.write(str("Credentials stored successfully\n"))
                except ValueError as e:
                    sys.stdout.write(
                        str("Unable to validate Fortify credentials. Credentials were not stored\n"
                            ))
    elif webinspect:
        if clear:
            sys.stdout.write(
                str("There are currently no stored credentials for WebInspect\n"
                    ))
        else:
            sys.stdout.write(
                str("There are currently no stored credentials for WebInspect\n"
                    ))
    else:
        sys.stdout.write(
            str("Please specify either the --fortify or --webinspect flag\n"))
예제 #7
0
def fortify_scan(config, fortify_user, fortify_password, application, version,
                 build_id):
    fortify_config = FortifyConfig()
    if application:
        fortify_config.application_name = application

    if not fortify_user or not fortify_password:
        Logger.console.info(
            "No Fortify username or password provided. Checking fortify.ini for secret"
        )
        if fortify_config.has_auth_creds():
            Logger.console.info("Fortify credentials found in fortify.ini")
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                scan_name=version,
                fortify_username=fortify_config.username,
                fortify_password=fortify_config.password)
        else:
            Logger.console.info("Fortify credentials not found in fortify.ini")
            fortify_user, fortify_password = fortify_prompt()
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify credentials stored")

        pv_url = fortify_client.build_pv_url()

        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")

    else:
        fortify_client = FortifyClient(
            fortify_url=fortify_config.ssc_url,
            project_template=fortify_config.project_template,
            application_name=fortify_config.application_name,
            fortify_username=fortify_user,
            fortify_password=fortify_password,
            scan_name=version)
        fortify_config.write_username(fortify_user)
        fortify_config.write_password(fortify_password)
        Logger.console.info("Fortify credentials stored")
        pv_url = fortify_client.build_pv_url()
        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")
예제 #8
0
def upload(config, fortify_user, fortify_password, application, version,
           scan_name):
    fortify_config = FortifyConfig()
    # Fortify only accepts fpr scan files
    x = 'fpr'
    if application:
        fortify_config.application_name = application
    if not scan_name:
        scan_name = version
    try:
        if not fortify_user or not fortify_password:
            Logger.console.info(
                "No Fortify username or password provided. Checking fortify.ini for secret"
            )
            if fortify_config.has_auth_creds():
                Logger.console.info("Fortify credentials found in fortify.ini")
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    scan_name=version,
                    extension=x,
                    fortify_username=fortify_config.username,
                    fortify_password=fortify_config.password)
            else:
                Logger.console.info(
                    "Fortify credentials not found in fortify.ini")
                fortify_user, fortify_password = fortify_prompt()
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    fortify_username=fortify_user,
                    fortify_password=fortify_password,
                    scan_name=version,
                    extension=x)
                fortify_config.write_username(fortify_user)
                fortify_config.write_password(fortify_password)
                Logger.console.info("Fortify credentials stored")
        else:
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version,
                extension=x)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify credentials stored")

        reauth = fortify_client.upload_scan(file_name=scan_name)

        if reauth == -2:
            # The given application doesn't exist
            Logger.console.critical(
                "Fortify Application {} does not exist. Unable to upload scan."
                .format(application))

    except:
        Logger.console.critical("Unable to complete command 'fortify upload'")
예제 #9
0
def fortify_list(config, fortify_user, fortify_password, application):
    fortify_config = FortifyConfig()
    try:
        if not fortify_user or not fortify_password:
            Logger.console.info(
                "No Fortify username or password provided. Checking fortify.ini for credentials"
            )
            if fortify_config.has_auth_creds():
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    fortify_username=fortify_config.username,
                    fortify_password=fortify_config.password)
            else:
                Logger.console.info("Fortify credentials not found")
                fortify_user, fortify_password = fortify_prompt()
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    fortify_username=fortify_user,
                    fortify_password=fortify_password)
                fortify_config.write_username(fortify_user)
                fortify_config.write_password(fortify_password)
                Logger.console.info("Fortify credentials stored")
            if application:
                fortify_client.list_application_versions(application)

            else:
                fortify_client.list_versions()
        else:
            fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url,
                                           fortify_username=fortify_user,
                                           fortify_password=fortify_password)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify credentials stored")
            if application:
                fortify_client.list_application_versions(application)
            else:
                fortify_client.list_versions()
    except (AttributeError, UnboundLocalError) as e:
        Logger.console.critical("Unable to complete command 'fortify list'")