def run_read(self, parameters):
if len(parameters) != 2:
msg = 'Usage: pixy <local temp directory> <pixy tool location>\n'
msg += 'Example: payload pixy /tmp/mirror/ ~/tools/pixy/'
return msg
local_temp_dir = parameters[0]
pixy_location = parameters[1]
api_result = self.api_read( local_temp_dir, pixy_location )
if not api_result:
return 'No vulnerabilities were identified.'
else:
rows = []
rows.append( ['Vulnerability type','Location'] )
rows.append( [] )
for vuln_type in api_result:
for vuln_location in api_result[vuln_type]:
rows.append( [vuln_type, vuln_location ] )
result_table = table( rows )
result_table.draw( 100 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['gcc_version']:
return 'GCC version could not be identified.'
else:
rows = []
rows.append( ['GCC Version', api_result['gcc_version'] ] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read(parameters)
if not api_result["gcc_version"]:
return "GCC version could not be identified."
else:
rows = []
rows.append(["GCC Version", api_result["gcc_version"]])
result_table = table(rows)
result_table.draw(80)
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['os']:
return 'Remote OS not identified.'
else:
rows = []
rows.append( ['Remote OS', api_result['os'] ] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
rows = []
rows.append( ['Description', 'Value'] )
rows.append( [] )
for key in api_result:
rows.append( [key, str(api_result[key]) ] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_res = self.api_read()
if not api_res:
return 'No vulnerability was found.'
rows = [['Vuln Type', 'Remote Location', 'Vuln Param', 'Lineno'], []]
for vulnty, files in api_res.iteritems():
for f in files:
rows.append([vulnty, f['loc'], f['vulnsrc'], str(f['lineno'])])
restable = table(rows)
restable.draw(100)
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['kernel_version']:
return 'Failed to identify kernel version.'
else:
rows = []
rows.append( ['Kernel version',] )
rows.append( [] )
rows.append( [api_result['kernel_version'], ] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'No hashes were found.'
else:
rows = []
rows.append( ['User','Hash'] )
rows.append( [] )
for user, uhash in api_result.items():
rows.append( [user, uhash] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read(parameters)
if not api_result["apache_run_user"]:
return "Apache run user not found."
else:
rows = []
rows.append(["Apache run user"])
rows.append([])
for key_name in api_result:
for user in api_result[key_name]:
rows.append([user])
result_table = table(rows)
result_table.draw(80)
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
rows = []
rows.append( ['Running inside Virtual Machine',] )
rows.append( [] )
if api_result['running_vm']:
rows.append(['The remote host is a virtual machine.',])
else:
rows.append(['The remote host is NOT a virtual machine.',])
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['version']:
return 'Apache version not found.'
else:
rows = []
rows.append( ['Version',] )
rows.append( [] )
for key_name in api_result:
for version in api_result[key_name]:
rows.append( [version,] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'No CPU information found.'
else:
rows = []
rows.append( ['Description','Value'] )
rows.append( [] )
for name in api_result:
rows.append( [name, api_result[name] ] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['apache_run_group']:
return 'Apache run group not found.'
else:
rows = []
rows.append( ['Apache run group'] )
rows.append( [] )
for key_name in api_result:
for group in api_result[key_name]:
rows.append( [group,] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['apache_root_directory']:
return 'Apache root directory not found.'
else:
rows = []
rows.append( ['Apache root directories'] )
rows.append( [] )
for key_name in api_result:
for directory in api_result[key_name]:
rows.append( [directory,] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['hostname']:
return 'Host name could not be identified.'
else:
rows = []
rows.append( ['Hostname',] )
rows.append( [] )
for hostname in api_result['hostname']:
rows.append( [hostname,] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['apache_config']:
return 'Apache configuration files not found.'
else:
rows = []
rows.append( ['Apache configuration files'] )
rows.append( [] )
for key_name in api_result:
for filename, file_content in api_result[key_name].items():
rows.append( [filename,] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'Domain name not found.'
else:
rows = []
rows.append( ['Domain name',] )
rows.append( [] )
for domain in api_result.values():
rows.append( [domain,] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'No email files could be read.'
else:
rows = []
rows.append( ['Email files'] )
rows.append( [] )
for filename in api_result:
rows.append( [filename,] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'No user configuration files found.'
else:
rows = []
rows.append( ['User configuration files',] )
rows.append( [] )
for filename in api_result:
rows.append( [filename,] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['ssh_version']:
return 'SSH version could not be identified.'
else:
rows = []
rows.append( ['SSH version'] )
rows.append( [] )
rows.append( [api_result['ssh_version'],] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
rows = []
rows.append( ['Description', 'Hours', 'Minutes', 'Seconds'] )
rows.append( [] )
for key in api_result:
hours = api_result[key]['hours']
minutes = api_result[key]['minutes']
seconds = api_result[key]['seconds']
rows.append( [key, hours, minutes, seconds] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'ARP cache not found.'
else:
rows = []
rows.append( ['IP address', 'HW address', 'Device'] )
rows.append( [] )
for ip_address in api_result:
hw_addr, device = api_result[ip_address]
rows.append( [ip_address, hw_addr, device] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'No MySQL configuration directories were found.'
else:
rows = []
rows.append( ['MySQL configuration directory'] )
rows.append( [] )
for directory in api_result['directory']:
rows.append( [directory,] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['file'] and not api_result['version']:
return 'Apache mod_security configuration files not found.'
else:
rows = []
rows.append( ['Description','Value'] )
rows.append( [] )
for key_name in api_result:
for k, v in api_result[key_name].items():
rows.append( [key_name, k] )
result_table = table( rows )
result_table.draw( 90 )
return
def run_read(self, parameters):
api_result = self.api_read(parameters)
if not api_result:
return "No firefox files were identified."
else:
rows = []
rows.append(["Firefox file", "Read access"])
rows.append([])
for filename in api_result:
rows.append([filename, "Yes"])
result_table = table(rows)
result_table.draw(80)
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'No log files not found.'
else:
rows = []
rows.append( ['Log files'] )
rows.append( [] )
for filename in api_result:
rows.append( [filename,] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result:
return 'No firefox files were identified.'
else:
rows = []
rows.append( ['Firefox file','Read access'] )
rows.append( [] )
for filename in api_result:
rows.append( [filename, 'Yes' ] )
result_table = table( rows )
result_table.draw( 80 )
return rows
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['apache_ssl_certificate'] and not api_result['apache_ssl_key']:
return 'Apache SSL key and Certificate not found.'
else:
rows = []
rows.append( ['Description', 'Value'] )
rows.append( [] )
for key_name in api_result:
for desc, value in api_result[key_name].iteritems():
rows.append( [desc, value] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['current']:
return 'Current user not found.'
else:
rows = []
rows.append( ['Current user'] )
rows.append( [] )
for key_name in api_result:
for user in api_result[key_name]:
rows.append( [ user, ] )
result_table = table( rows )
result_table.draw( 80 )
return
def run_read(self, parameters):
api_result = self.api_read( parameters )
if not api_result['apache_directory']:
return 'Apache configuration directory not found.'
else:
rows = []
rows.append( ['Apache directories',] )
rows.append( [] )
for key_name in api_result:
for path in api_result[key_name]:
rows.append( [path,] )
result_table = table( rows )
result_table.draw( 80 )
return