def onTreeviewSelect(self, event=None):
"""Called when a line is selected on the treeview
Open the selected object view on the view frame.
Args:
_event: not used but mandatory
"""
selection = self.selection()
if len(selection) == 1:
item = super().onTreeviewSelect(event)
if isinstance(item, str):
mongoInstance = MongoCalendar.getInstance()
self.saveState(mongoInstance.calendarName)
if str(item) == "waves":
objView = WaveView(self, self.appli.viewframe, self.appli,
WaveController(Wave()))
objView.openInsertWindow()
elif str(item) == "commands":
objView = CommandView(
self, self.appli.viewframe, self.appli,
CommandController(
Command({"indb": mongoInstance.calendarName})))
objView.openInsertWindow()
elif str(item) == "ips":
objView = MultipleIpView(self, self.appli.viewframe,
self.appli, IpController(Ip()))
objView.openInsertWindow()
elif "intervals" in str(item):
wave = Wave.fetchObject({
"_id":
ObjectId(IntervalView.treeviewListIdToDb(item))
})
objView = IntervalView(
self, self.appli.viewframe, self.appli,
IntervalController(Interval().initialize(wave.wave)))
objView.openInsertWindow()
elif "scopes" in str(item):
wave = Wave.fetchObject(
{"_id": ObjectId(ScopeView.treeviewListIdToDb(item))})
objView = MultipleScopeView(
self, self.appli.viewframe, self.appli,
ScopeController(Scope().initialize(wave.wave)))
objView.openInsertWindow()
else:
self.openModifyWindowOf(item)
elif len(selection) > 1:
# Multi select:
multiView = MultiSelectionView(self, self.appli.viewframe,
self.appli)
for widget in self.appli.viewframe.winfo_children():
widget.destroy()
multiView.form.clear()
multiView.openModifyWindow()
def prepareCalendar(self, dbName, pentest_type, start_date, end_date, scope, settings, pentesters):
"""
Initiate a pentest database with wizard info
Args:
dbName: the database name
pentest_type: a pentest type choosen from settings pentest_types. Used to select commands that will be launched by default
start_date: a begining date and time for the pentest
end_date: ending date and time for the pentest
scope: a list of scope valid string (IP, network IP or host name)
settings: a dict of settings with keys:
* "Add domains whose IP are in scope": if 1, will do a dns lookup on new domains and check if found IP is in scope
* "Add domains who have a parent domain in scope": if 1, will add a new domain if a parent domain is in scope
* "Add all domains found": Unsafe. if 1, all new domains found by tools will be considered in scope.
"""
commands = Command.getList({"$or":[{"types":{"$elemMatch":{"$eq":pentest_type}}}, {"types":{"$elemMatch":{"$eq":"Commun"}}}]})
if not commands:
commandslist = Command.getList()
if not commandslist:
dialog = ChildDialogQuestion(self.parent, "No command found", "There is no registered command in the database. Would you like to import the default set?")
self.parent.wait_window(dialog.app)
if dialog.rvalue != "Yes":
return
default = os.path.join(Utils.getMainDir(), "exports/pollenisator_commands.gzip")
res = self.importCommands(default)
if res:
default = os.path.join(Utils.getMainDir(), "exports/pollenisator_group_commands.gzip")
res = self.importCommands(default)
commands = Command.getList({"$or":[{"types":{"$elemMatch":{"$eq":pentest_type}}}, {"types":{"$elemMatch":{"$eq":"Commun"}}}]})
#Duplicate commands in local database
allcommands = Command.fetchObjects({})
for command in allcommands:
command.indb = MongoCalendar.getInstance().calendarName
command.addInDb()
Wave().initialize(dbName, commands).addInDb()
Interval().initialize(dbName, start_date, end_date).addInDb()
values = {"wave":dbName, "Scopes":scope, "Settings":False}
ScopeController(Scope()).doInsert(values)
self.settings.reloadSettings()
self.settings.db_settings["pentest_type"] = pentest_type
self.settings.db_settings["include_domains_with_ip_in_scope"] = settings['Add domains whose IP are in scope'] == 1
self.settings.db_settings["include_domains_with_topdomain_in_scope"] = settings["Add domains who have a parent domain in scope"] == 1
self.settings.db_settings["include_all_domains"] = settings["Add all domains found"] == 1
self.settings.db_settings["pentesters"] = list(map(lambda x: x.strip(), pentesters.split("\n")))
self.settings.save()
def addInTreeview(self, parentNode=None, addChildren=True):
"""Add this view in treeview. Also stores infos in application treeview.
Args:
parentNode: if None, will calculate the parent. If setted, forces the node to be inserted inside given parentNode.
addChildren: If False: skip interval, tools and scope insert. Useful when displaying search results.
"""
parentNode = self.getParent()
self.appliTw.views[str(self.controller.getDbId())] = {
"view": self,
'parent': ''
}
wave_node = self.appliTw.insert(parentNode,
"end",
str(self.controller.getDbId()),
text=str(
self.controller.getModelRepr()),
tags=self.controller.getTags(),
image=self.getClassIcon())
if addChildren:
dates_node, scopes_node = self.addChildrenBaseNodes(wave_node)
intervals = self.controller.getIntervals()
for interval in intervals:
interval_vw = IntervalView(
self.appliTw, self.appliViewFrame, self.mainApp,
IntervalController(Interval(interval)))
interval_vw.addInTreeview(dates_node)
tools = self.controller.getTools()
for tool in tools:
tool_o = ToolController(tool)
tool_vw = ToolView(self.appliTw, self.appliViewFrame,
self.mainApp, tool_o)
tool_vw.addInTreeview(str(self.controller.getDbId()))
scopes = self.controller.getScopes()
for scope in scopes:
scope_o = ScopeController(Scope(scope))
scope_vw = ScopeView(self.appliTw, self.appliViewFrame,
self.mainApp, scope_o)
scope_vw.addInTreeview(scopes_node)
if "hidden" in self.controller.getTags():
self.hide()
def notify(self, db, collection, iid, action, _parent):
"""
Callback for the observer implemented in mongo.py.
Each time an object is inserted, updated or deleted the standard way, this function will be called.
Args:
collection: the collection that has been modified
iid: the mongo ObjectId _id that was modified/inserted/deleted
action: string "update" or "insert" or "delete". It was the action performed on the iid
_parent: Not used. the mongo ObjectId of the parent. Only if action in an insert. Not used anymore
"""
mongoInstance = MongoCalendar.getInstance()
if not mongoInstance.hasACalendarOpen():
return
if mongoInstance.calendarName != db:
return
# Delete
if action == "delete":
if collection == "defects":
view = self.getViewFromId(str(iid))
if view is not None:
view.beforeDelete()
self.appli.statusbar.notify([],view.controller.getTags())
try:
self.delete(ObjectId(iid))
except tk.TclError:
pass # item was not inserted in the treeview
# Insert
if action == "insert":
view = None
res = mongoInstance.find(collection, {"_id": ObjectId(iid)}, False)
if collection == "tools":
view = ToolView(self, self.appli.viewframe,
self.appli, ToolController(Tool(res)))
elif collection == "waves":
view = WaveView(self, self.appli.viewframe,
self.appli, WaveController(Wave(res)))
elif collection == "scopes":
view = ScopeView(self, self.appli.viewframe,
self.appli, ScopeController(Scope(res)))
elif collection == "ports":
view = PortView(self, self.appli.viewframe,
self.appli, PortController(Port(res)))
elif collection == "ips":
view = IpView(self, self.appli.viewframe,
self.appli, IpController(Ip(res)))
elif collection == "intervals":
view = IntervalView(self, self.appli.viewframe,
self.appli, IntervalController(Interval(res)))
elif collection == "defects":
view = DefectView(self, self.appli.viewframe,
self.appli, DefectController(Defect(res)))
try:
if view is not None:
view.addInTreeview()
view.insertReceived()
self.appli.statusbar.notify(view.controller.getTags())
except tk.TclError:
pass
if action == "update":
try:
view = self.getViewFromId(str(iid))
if view is not None:
oldTags = self.item(str(iid))["tags"]
view.controller.actualize()
self.appli.statusbar.notify(view.controller.getTags(), oldTags)
self.item(str(iid), text=str(
view.controller.getModelRepr()), image=view.getIcon())
except tk.TclError:
if view is not None:
view.addInTreeview()
if str(self.appli.openedViewFrameId) == str(iid):
for widget in self.appli.viewframe.winfo_children():
widget.destroy()
view.openModifyWindow()
if view is not None:
view.updateReceived()
self.appli.statusbar.update()