def startScan(
scanParams
): # start scan method, the server needs to provide urls to scan
configScanBoundary = ScanBoundary.deserialize(scanParams)
msg = ScanPageMessage(pageEntity=configScanBoundary.getPageEntity())
print("Inserting ScanPageMessage to queue")
ProducerConsumerQueue.getInstance().getIncomeQueue().put(msg)
def startScan(self, pageEntity=None):
self.__pages.append(pageEntity)
flag = False
while not flag:
try:
forms, links = self.vulnUtils.get_injection_points(
pageEntity=pageEntity)
pageEntity.setPageHash(
self.vulnUtils.getPageHash(pageEntity.getURL()))
flag = True
except DifferentHashesException as e:
print("in startScan->getInjectionPoints\n" + e.message)
self.vulnUtils.updateAuthenticationMethod()
except UnexplainedDifferentHashesException:
raise UnexplainedDifferentHashesException(
"No login required yet different hash detected in url: " +
pageEntity.getURL())
print("url is being scanned : " + pageEntity.getURL())
if self.__scanType == "ALL":
self.__scanForRXSS(pageEntity=pageEntity, forms=forms, links=links)
self.__scanForSqlInjection(pageEntity=pageEntity,
forms=forms,
links=links)
elif self.__scanType == "SQLI":
self.__scanForSqlInjection(pageEntity=pageEntity,
forms=forms,
links=links)
elif self.__scanType == "RXSS":
self.__scanForRXSS(pageEntity=pageEntity, forms=forms, links=links)
self.vulnUtils.free_pending_parameters(pageEntity.getURL())
nextPageMessage = NextPageMessage()
print("Insert Next Page message to queue")
ProducerConsumerQueue.getInstance().getOutQueue().put(nextPageMessage)
return
def run(self):
while True:
if not ProducerConsumerQueue.getInstance().getOutQueue().empty():
item = ProducerConsumerQueue.getInstance().getOutQueue().get()
if isinstance(item, NextPageMessage):
print("Done Scanning Current Page, Get Next Page")
sio.emit('next_page')
if isinstance(item, SecondOrderCompletedMessage):
print("Done Scanning SQLI - Second Order")
sio.emit('second_order_completed')
def startSqliSecondOrderScan(self):
self.vulnUtils.reset_scanned_parameters()
if self.__scanType == "ALL" or self.__scanType == "SQLI":
sqli_algo = SQLIAlgorithm()
sqli_algo.start_second_order_scan(pages=self.__pages,
vulnUtils=self.vulnUtils)
secondOrderCompletedMessage = SecondOrderCompletedMessage()
print("Insert SQLI - Second Order scan complete message to queue")
ProducerConsumerQueue.getInstance().getOutQueue().put(
secondOrderCompletedMessage)
def configNewScan(
configScanBoundary
): # set up a scan, needs to create a new db in the logic service
print("config database")
configBoundary = ConfigScanBoundary.deserialize(configScanBoundary)
credentialsEntity = CredentialsEntity(configBoundary.getLoginInfo())
msg = ConfigDatabaseMessage(tableName=configBoundary.getTableName(),
scanType=configBoundary.getScanType(),
credentialsEntity=credentialsEntity)
print("Inserting ConfigDatabaseMessage to queue")
ProducerConsumerQueue.getInstance().getIncomeQueue().put(msg)
return
def run(self):
while True:
if not ProducerConsumerQueue.getInstance().getIncomeQueue().empty(
):
item = ProducerConsumerQueue.getInstance().getIncomeQueue(
).get()
if isinstance(item, ConfigDatabaseMessage):
self.configNewScan(
tableName=item.getTableName(),
scanType=item.getScanType(),
credentialsEntity=item.getCredentialsEntity())
elif isinstance(item, ScanPageMessage):
self.startScan(pageEntity=item.getPageEntity())
elif isinstance(item, StartSecondOrderScanMessage):
self.startSqliSecondOrderScan()
def startSecondOrderScan():
print("Inserting CrawlerCompletedMessage to queue")
msg = StartSecondOrderScanMessage()
ProducerConsumerQueue.getInstance().getIncomeQueue().put(msg)