Exemplo n.º 1
0
 def _cmd_report(self, params):
     '''
     Report one or more bugs to w3af's Trac, menu command.
     '''
     all_edata = exception_handler.get_all_exceptions()
     
     if not all_edata:
         om.out.console('There are no exceptions to report for this scan.')
         return
     
     report_bug_eids = []
     
     for data in params:
         id_list = data.split(',')
         for eid in id_list:
             if not eid.isdigit():
                 om.out.console('Exception IDs must be integers.')
             else:
                 eid = int(eid)
                 if not eid < len(all_edata):
                     om.out.console('Exception ID out of range.')
                 else:
                     report_bug_eids.append( eid )
                 
     
     # default to reporting all exceptions if none was specified
     if report_bug_eids == []:
         report_bug_eids = range(len(all_edata))
         
     for num, eid in enumerate(report_bug_eids):
         edata = all_edata[eid]
         self._report_exception(edata, eid, num+1, len(report_bug_eids))
Exemplo n.º 2
0
def handle_exceptions():
    '''
    In w3af's new exception handling method, some exceptions raising from
    plugins are "allowed" and the scan is NOT stopped because of them.
    
    At the same time, developers still want users to report their bugs.
    
    Because of that, we need to have a handler that at the end of the scan
    will allow the user to report the exceptions that were found during the
    scan.
    
    The main class in this game is core.controllers.coreHelpers.exception_handler
    and you should read it before this one.
    ''' 
    # Save the info to a file for later analysis by the user   
    for edata in exception_handler.get_all_exceptions():
        edata_str = edata.get_details()
        create_crash_file(edata_str)

    msg = 'Complete information related to the exceptions is available at "%s"'
    print msg  % gettempdir()
    
    # We do this because it would be both awful and useless to simply
    # print all exceptions one below the other in the console
    print exception_handler.generate_summary_str()
    
    # Create the dialog that allows the user to send the bugs, potentially more
    # than one since we captured all of them during the scan using the new
    # exception_handler, to Trac.
    title = _('Handled exceptions to report')
    bug_report_win = handled_bug_report.bug_report_window( title )
    
    # Blocks waiting for user interaction
    bug_report_win.show()
Exemplo n.º 3
0
 def _para_details(self, params, part):
     if len(params):
         return []
     
     all_edata = exception_handler.get_all_exceptions()
     suggestions = [str(i) for i in xrange(len(all_edata))]
     
     return suggest(suggestions, part) 
Exemplo n.º 4
0
 def _cmd_details(self, params):
     '''
     Show details for a bug referenced by id.
     '''
     all_edata = exception_handler.get_all_exceptions()
     
     if len(params) != 1:
         om.out.console('The exception ID needs to be specified, please read help:')
         self._cmd_help(['details'])
         return
     elif not params[0].isdigit():
         om.out.console('The exception ID needs to be an integer, please read help:')
         self._cmd_help(['details'])
         return
     elif int(params[0]) > len(all_edata)-1 or int(params[0]) < 0:
         om.out.console('Invalid ID specified, please read help:')
         self._cmd_help(['details'])
         return
     else:
         eid = int(params[0])
         edata = all_edata[eid]
         om.out.console( str(edata) )    
Exemplo n.º 5
0
 def _cmd_list(self, params):
     all_edata = exception_handler.get_all_exceptions()
     
     if len(params) == 0:
         ptype = 'all'
     elif len(params) == 1 and params[0] in self._w3af.plugins.getPluginTypes():
         ptype = params[0]
     else:
         om.out.console('Invalid parameter type, please read help:')
         self._cmd_help(['list'])
         return
         
     table = []
     table.append(('ID', 'Phase', 'Plugin', 'Exception'))
     table.append( () )
     eid = 0
     for edata in all_edata:
         if edata.phase == ptype or ptype == 'all':
             table_line = ( (str(eid), edata.phase, edata.plugin, str(edata.exception)) )
             table.append( table_line )
         eid += 1
                     
     self._console.drawTable(table)
Exemplo n.º 6
0
 def tearDown(self):
     # I want to make sure that we don't have *any hidden* exceptions in our tests.
     self.assertEquals(len(exception_handler.get_all_exceptions()), 0)
     self.w3afcore.quit()
     self.kb.cleanup()
Exemplo n.º 7
0
        self.assertEquals( edata.fuzzable_request, 'http://www.w3af.org/' )
        self.assertEquals( edata.filename, 'test_exception_handler.py' )
        self.assertEquals( edata.exception, e )
    
    def test_handle_multiple(self):
        
        for i in xrange(10):
            try:
                raise Exception('unittest')
            except Exception, e:
                exec_info = sys.exc_info()
                enabled_plugins = ''
                exception_handler.handle( self.status, e , exec_info, enabled_plugins )
        
        exception_handler.get_scan_id()
        all_edata = exception_handler.get_all_exceptions()
        
        self.assertEqual(exception_handler.MAX_EXCEPTIONS_PER_PLUGIN, len(all_edata))
        
        edata = all_edata[0]
        
        self.assertTrue( edata.get_summary().startswith('An exception was found') )
        self.assertTrue( 'traceback' in edata.get_details() )
        self.assertEquals( edata.plugin, 'plugin' )
        self.assertEquals( edata.phase, 'phase' )
        self.assertEquals( edata.fuzzable_request, 'http://www.w3af.org/' )
        self.assertEquals( edata.filename, 'test_exception_handler.py' )
    
           
class fake_status(w3af_core_status):
    pass
Exemplo n.º 8
0
    def __init__(self, title ):
        simple_base_window.__init__(self)
        
        exception_list = exception_handler.get_all_exceptions()
        scan_id = exception_handler.get_scan_id()
        
        trac_multi_bug_report.__init__(self, exception_list, scan_id )
        
        # We got here because of an autogenerated bug, not because of the user
        # going to the Help menu and then clicking on "Report a bug"
        self.autogen = True
        
        # Set generic window settings
        self.set_modal(True)
        self.set_title(title)
        
        self.vbox = gtk.VBox()
        self.vbox.set_border_width(10)
        
        # the label for the title
        self.title_label = gtk.Label()
        self.title_label.set_line_wrap(True)
        label_text = _('<b>The following exceptions were raised and handled</b>')
        self.title_label.set_markup(label_text)
        self.title_label.show()
        
        # A gtk.TextView for the exception
        frame = gtk.Frame('Handled exceptions')
        sw = gtk.ScrolledWindow()
        sw.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC)
        sw.set_size_request(200, 280)
        
        # Create the TreeStore to display all exceptions
        self.treestore = gtk.TreeStore(str, str)

        for edata in exception_list:
            where = edata.get_where()
            exception = str(edata.exception)
            tdata = [ where,
                      exception]
            self.treestore.append(None, tdata)

        # create the TreeView using treestore
        self.treeview = gtk.TreeView(self.treestore)

        # First column that holds the icon and the location
        tvcol = gtk.TreeViewColumn('Location')
        
        cell = gtk.CellRendererPixbuf()
        pb = self.treeview.render_icon(gtk.STOCK_DND, gtk.ICON_SIZE_SMALL_TOOLBAR, None)
        cell.set_property('pixbuf', pb)
        tvcol.pack_start(cell, expand=False)
        
        cell = gtk.CellRendererText()
        tvcol.pack_start(cell, expand=False)
        tvcol.add_attribute(cell, "text", 0)
        self.treeview.append_column(tvcol)
        
        # Second column that holds the exception
        tvcol = gtk.TreeViewColumn('Exception')
        cell = gtk.CellRendererText()
        tvcol.pack_start(cell, expand=True)
        tvcol.add_attribute(cell, "text", 1)
        self.treeview.append_column(tvcol)
        
        sw.add(self.treeview)
        frame.add(sw)
        
        # the label for the rest of the message
        self.label = gtk.Label()
        self.label.set_line_wrap(True)
        label_text = _("<i>All these exceptions were stored in '%s' for your later")
        label_text += _(' review.</i>\n\nReporting these is recommended and will')
        label_text += _(' help us improve w3af. <b>You can contribute</b> to the')
        label_text += _(' w3af project and submit these exceptions to our')
        label_text += _(' bug tracking system from within this window only using')
        label_text += _(' <i>two clicks</i>.\n\n')
        label_text += _('w3af will only send the exception traceback and the')
        label_text += _(' version information to Trac, no personal or ')
        label_text += _(' confidential information is collected.')
        self.label.set_markup( label_text % gettempdir() )
        self.label.show()
        
        self.vbox.pack_start(self.title_label, True, True, 10)
        self.vbox.pack_start(frame, True, True)
        self.vbox.pack_start(self.label, True, True, 10)
        
        # the buttons
        self.hbox = gtk.HBox()
        
        self.butt_cancel = gtk.Button(stock=gtk.STOCK_CANCEL)
        self.butt_cancel.connect("clicked", self._handle_cancel)
        self.hbox.pack_start(self.butt_cancel, True, False)

        self.butt_send = gtk.Button(stock=gtk.STOCK_OK)
        self.butt_send.connect("clicked", self.report_bug)
        self.hbox.pack_start(self.butt_send, True, False)
        
        self.vbox.pack_start(self.hbox, True, False, 10)
        
        #self.resize(400,450)
        self.add(self.vbox)
        self.show_all()
        
        # This is a quick fix to get around the problem generated by "set_selectable"
        # that selects the text by default
        self.label.select_region(0, 0)