def run(self, target, arguments, sqlsession, fast_mode=False):
"""
Run the security check.
It consists in running commands with context requirements matching with the
target's context.
:param Target target: Target
:param ArgumentsParser arguments: Arguments from command-line
:param Session sqlsession: SQLAlchemy session
:param SmartModulesLoader smartmodules_loader: Loader of SmartModules
:param bool fast_mode: Set to true to disable prompts
:return: Status
:rtype: bool
"""
if not self.tool.installed:
return False
i = 1
command_outputs = list()
for command in self.commands:
if command.context_requirements.check_target_compliance(target):
if not command.context_requirements.is_empty:
logger.info('Command #{num:02} matches requirements: ' \
'{context}'.format(num=i, context=command.context_requirements))
cmdline = command.get_cmdline(self.tool.tool_dir, target,
arguments)
if fast_mode:
logger.info('Run command #{num:02}'.format(num=i))
mode = 'y'
else:
mode = Output.prompt_choice(
'Run command {num}? [Y/n/f/q] '.format(
num='' if len(self.commands) == 1 else \
'#{num:02} '.format(num=i)),
choices={
'y': 'Yes',
'n': 'No',
#'t': 'New tab',
#'w': 'New window',
'f': 'Switch to fast mode (do not prompt anymore)',
'q': 'Quit the program',
},
default='y')
if mode == 'q':
logger.warning('Exit !')
sys.exit(0)
elif mode == 'n':
logger.info('Skipping this command')
continue
else:
if mode == 'f':
logger.info('Switch to fast mode')
arguments.args.fast_mode = True
Output.begin_cmd(cmdline)
process = ProcessLauncher(cmdline)
if mode == 'y' or mode == 'f':
output = process.start()
# elif mode == 't':
# output = process.start_in_new_tab()
# logger.info('Command started in new tab')
# else:
# output = process.start_in_new_window(self.name)
# logger.info('Command started in new window')
Output.delimiter()
print()
output = StringUtils.interpret_ansi_escape_clear_lines(
output)
outputraw = StringUtils.remove_ansi_escape(output)
command_outputs.append(
CommandOutput(cmdline=cmdline,
output=output,
outputraw=outputraw))
# Run smartmodule method on output
postcheck = SmartPostcheck(
target.service, sqlsession, self.tool.name,
'{0}\n{1}'.format(cmdline, outputraw))
postcheck.run()
else:
logger.info('Command #{num:02} does not match requirements: ' \
'{context}'.format(num=i, context=command.context_requirements))
logger.debug('Context string: {rawstr}'.format(
rawstr=command.context_requirements))
i += 1
# Add outputs in database
if command_outputs:
results_requester = ResultsRequester(sqlsession)
results_requester.add_result(target.service.id, self.name,
self.category, command_outputs)
return True
def run(self,
target,
smartmodules_loader,
results_requester,
fast_mode=False):
"""
Run the check, i.e. run the commands for which Target's specific options and authentication
level are matching the required context.
:param target : Target object
:param smartmodules_loader:
:param results_requester: ResultsRequester object
:param fast_mode: Boolean indicating whether prompts must be displayed or not
:return:
"""
if not self.tool.installed:
return False
i = 1
command_outputs = list()
for command in self.commands:
if target.is_matching_context(command.context):
if command.context:
logger.info(
'Command #{num:02} is matching current target\'s context: {context}'
.format(num=i, context=command.context))
cmdline = command.get_cmdline(self.tool.tool_dir, target)
#if i == 1: logger.info('Check: {descr}'.format(descr=self.description))
#logger.info('Command #{num:02}: {cmd}'.format(num=i, cmd=cmd_short))
if fast_mode:
logger.info('Run command #{num:02}'.format(num=i))
mode = 'y'
else:
mode = Output.prompt_choice(
'Run command #{num:02} ? [Y/n/t/w/q] '.format(num=i),
choices={
'y': 'Yes',
'n': 'No',
't': 'New tab',
'w': 'New window',
'q': 'Quit the program'
},
default='y')
if mode == 'q':
logger.warning('Exit !')
sys.exit(0)
elif mode == 'n':
logger.info('Skipping this command')
continue
else:
Output.begin_cmd(cmdline)
process = ProcessLauncher(cmdline)
if mode == 'y':
output = process.start()
elif mode == 't':
output = process.start_in_new_tab()
logger.info('Command started in new tab')
else:
output = process.start_in_new_window(self.name)
logger.info('Command started in new window')
Output.delimiter()
print()
command_outputs.append(
CommandOutput(cmdline=cmdline, output=output))
if self.postrun:
smartmodules_loader.call_postcheck_method(
self.postrun, target.service, output)
else:
logger.info(
'Command #{num:02} is not matching current target\'s context: {context}'
.format(num=i, context=command.context))
i += 1
if i == 1:
logger.warning('This check is skipped')
else:
# Add output(s) in db
results_requester.add_result(target.service.id, self.name,
self.category, command_outputs)
