class CheckerProcess(Process):
def __init__(self, team_id, checks, db_host, db_port, db_name, check_delay):
super(CheckerProcess, self).__init__()
self.team_id = team_id
self.db = MongoDBWrapper(db_host, int(db_port), db_name)
self.check_delay = int(check_delay)
self.shutdown_event = Event()
self.checks = []
for check in checks:
check_db_data = self.db.get_specific_check(check.check_id, check.check_class.check_type)
if len(check_db_data) > 0:
check_data = check_db_data[0]
if issubclass(check.check_class, InjectCheck):
check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name, check_data['time_to_check'])
self.checks.append(Checker(check.check_id, check_obj, check_obj.time_to_run))
elif issubclass(check.check_class, (ServiceCheck, AttackerCheck)):
check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name)
self.checks.append(Checker(check.check_id, check_obj, datetime.now()))
random.shuffle(self.checks, random.random)
def run(self):
while not self.shutdown_event.is_set():
self.run_checks()
def run_checks(self):
indices_to_remove = []
for i in range(0, len(self.checks)):
check = self.checks[i]
check_obj = copy(check.object)
now = datetime.now()
print check.time_to_run, '<', now, '=', check.time_to_run < now
if check.time_to_run < now:
check_process = Process(target=check_obj.run_check)
check_process.start()
check_process.join(check_obj.timeout)
if check_process.is_alive():
check_process.terminate()
score = check_obj.score
if issubclass(type(check_obj), InjectCheck):
self.db.complete_inject_check(check.id, self.team_id, datetime.now(), score)
#self.checks[:] = [obj for obj in self.checks if not obj == check]
indices_to_remove.append(i)
elif issubclass(type(check_obj), ServiceCheck):
self.db.complete_service_check(check.id, self.team_id, datetime.now(), score)
check.timestamp = datetime.now() + timedelta(seconds=self.check_delay)
elif issubclass(type(check_obj), AttackerCheck):
self.db.complete_attacker_check(check.id, self.team_id, datetime.now(), score)
check.timestamp = datetime.now() + timedelta(seconds=self.check_delay)
self.db.calculate_scores_for_team(self.team_id)
if self.shutdown_event.is_set():
break
indices_to_remove.sort(reverse=True)
for i in indices_to_remove:
del self.checks[i]
def __init__(self, team_id, checks, db_host, db_port, db_name, check_delay):
super(CheckerProcess, self).__init__()
self.team_id = team_id
self.db = MongoDBWrapper(db_host, int(db_port), db_name)
self.check_delay = int(check_delay)
self.shutdown_event = Event()
self.checks = []
for check in checks:
check_db_data = self.db.get_specific_check(check.check_id, check.check_class.check_type)
if len(check_db_data) > 0:
check_data = check_db_data[0]
if issubclass(check.check_class, InjectCheck):
check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name, check_data['time_to_check'])
self.checks.append(Checker(check.check_id, check_obj, check_obj.time_to_run))
elif issubclass(check.check_class, (ServiceCheck, AttackerCheck)):
check_obj = check.check_class(check_data['machine'], team_id, db_host, db_port, db_name)
self.checks.append(Checker(check.check_id, check_obj, datetime.now()))
random.shuffle(self.checks, random.random)
def create_app(_config_dir=None, _config_filename='settings.cfg', _configspec_filename='configspec.cfg'):
# Create Flask app
global app
app = Flask("CheshireCat")
if _config_dir is not None:
default_config_dirs.insert(0, _config_dir)
configspec_path = get_first_file_that_exists(default_config_dirs, _configspec_filename)
config_path = get_first_file_that_exists(default_config_dirs, _config_filename)
if configspec_path is None:
raise FileNotFound('configspec', default_config_dirs, _configspec_filename)
if config_path is None:
raise FileNotFound('config', default_config_dirs, _config_filename)
# Load configuration file
configspec = ConfigObj(configspec_path, list_values=False)
config = ConfigObj(config_path, configspec=configspec)
test = config.validate(Validator(), copy=True)
for key in config['CORE']:
app.config[key] = config['CORE'][key]
# Change the session interface to be more secure and portalble than the default
# which is provided by Werkzeug.
# These break the engine currently. I don't know why.
#app.session_interface = RedisSignedSessionInterface()
#app.session_interface = ItsdangerousSessionInterface()
# Flask-Login manages user sessions for us, but we need to set it up first, so
# we'll do so here.
global login_manager
login_manager = LoginManager()
login_manager.init_app(app)
# Initialize our database
dbconfig = config['CORE']['DATABASE']
db = MongoDBWrapper(dbconfig['HOST'], int(dbconfig['PORT']), dbconfig['DB_NAME'])
db.init_db()
if len(db.get_all_users_with_role('administrator')) == 0:
db.create_user('admin', hash_password('admin'), '*****@*****.**', 'administrator')
# Initialize CheshireCat
# Import the views, to apply the decorators which use the global app object.
from . import views
