def verify_file(self, filename):
option_files = glob.glob(str(BASE_DIR) + '/storages/**/options.json',
recursive=True)
# loop though all options avalible
for option in option_files:
json_option = utils.reading_json(option)
stdout_path = json_option.get('WORKSPACES') + "/" + filename
if utils.not_empty_file(stdout_path):
return json_option.get('WORKSPACES'), os.path.normpath(
filename)
# get real path
p = Path(filename)
ws = p.parts[0]
if ws != utils.url_encode(ws):
# just replace the first one
filename_encode = filename.replace(ws, utils.url_encode(ws), 1)
stdout_path_encode = json_option.get(
'WORKSPACES') + filename_encode
if utils.not_empty_file(stdout_path_encode):
return json_option.get('WORKSPACES'), os.path.normpath(
filename_encode)
return False, False
def post(self):
current_path = os.path.dirname(os.path.realpath(__file__))
# global options
data = Configurations.parser.parse_args()
options = data['options']
utils.just_write(current_path + '/storages/options.json', options, is_json=True)
if options.get('FORCE') == "False":
old_log = options['WORKSPACE'] + '/log.json'
if utils.not_empty_file(old_log) and utils.reading_json(old_log):
utils.print_info(
"It's already done. use '-f' options to force rerun the module")
raw_activities = utils.reading_json(
options['WORKSPACE'] + '/log.json')
utils.just_write(current_path + '/storages/activities.json',
raw_activities, is_json=True)
return options
utils.print_info("Cleasning activities log")
#Create skeleton activities
commands = utils.reading_json(current_path + '/storages/commands.json')
raw_activities = {}
for k,v in commands.items():
raw_activities[k] = []
utils.just_write(current_path + '/storages/activities.json',
raw_activities, is_json=True)
return options
def post(self):
# global options
data = Configurations.parser.parse_args()
options = data['options']
# @TODO add another authen level when settings things from remote
# check if credentials is the same on the config file or not
if not self.verify(options):
return {"error": "Can't not verify to setup config"}
# write each workspace seprated folder
ws_name = utils.get_workspace(options)
utils.make_directory(current_path + '/storages/{0}/'.format(ws_name))
if not os.path.isdir(current_path + '/storages/{0}/'.format(ws_name)):
return {
"error":
"Can not create workspace directory with name {0} ".format(
ws_name)
}
activities_path = current_path + '/storages/{0}/activities.json'.format(
ws_name)
options_path = current_path + '/storages/{0}/options.json'.format(
ws_name)
# consider this is settings db
utils.just_write(options_path, options, is_json=True)
if options.get('FORCE') == "False":
old_log = options['WORKSPACE'] + '/log.json'
if utils.not_empty_file(old_log) and utils.reading_json(old_log):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
raw_activities = utils.reading_json(options['WORKSPACE'] +
'/log.json')
utils.just_write(activities_path, raw_activities, is_json=True)
return options
utils.print_info("Cleaning activities log")
# Create skeleton activities based on commands.json
commands = utils.reading_json(current_path + '/storages/commands.json')
raw_activities = {}
for k, v in commands.items():
raw_activities[k] = []
utils.just_write(activities_path, raw_activities, is_json=True)
return options
def get(self, filename):
# @TODO potential LFI here
std_file = os.path.normpath(filename)
stdout_path = self.options['WORKSPACES'] + std_file
if not utils.not_empty_file(stdout_path):
return 'Custom 404 here', 404
content = utils.just_read(stdout_path).replace("\n\n", "\n")
# content = utils.just_read(stdout_path)
try:
#convert console output to html
conv = Ansi2HTMLConverter(
scheme='mint-terminal')
# conv = Ansi2HTMLConverter()
html = conv.convert(content)
response = make_response(html)
response.headers['content-type'] = 'text/html'
return response
except:
return content
def get(self, workspace):
# module = request.args.get('module')
ws_name = os.path.basename(os.path.normpath(workspace))
# print(ws_name)
# change to current workspace instead of get from running target
self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
self.options['OUTPUT'] = ws_name
reports = []
for k in self.commands.keys():
if "report" in self.commands[k].keys():
report = utils.replace_argument(
self.options, self.commands[k].get("report"))
report_item = {"module": k, "report": report}
if utils.not_empty_file(report_item['report']):
report_item['report'] = report.replace(self.options['WORKSPACE'], ws_name)
reports.append(report_item)
return {'reports': reports}
def get(self, workspace):
# module = request.args.get('module')
ws_name = os.path.basename(os.path.normpath(workspace))
# print(ws_name)
# change to current workspace instead of get from running target
self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
self.options['OUTPUT'] = ws_name
reports = []
for k in self.commands.keys():
if "report" in self.commands[k].keys():
report = utils.replace_argument(self.options,
self.commands[k].get("report"))
report_item = {"module": k, "report": report}
if utils.not_empty_file(report_item['report']):
report_item['report'] = report.replace(
self.options['WORKSPACE'], ws_name)
reports.append(report_item)
return {'reports': reports}
def post(self, workspace=None):
# global options
data = Authentication.parser.parse_args()
username = data['username']
password = data['password']
# if no workspace specific
if not workspace:
if self.get_options(username, password):
# cause we don't have real db so it's really hard to manage JWT
# just change the secret if you want to revoke old token
expires = datetime.timedelta(days=365)
token = create_access_token(username, expires_delta=expires)
return {'access_token': token}
else:
return {'error': "Credentials Incorrect"}
elif workspace == 'None':
pass
current_path = os.path.dirname(os.path.realpath(__file__))
options_path = current_path + \
'/storages/{0}/options.json'.format(workspace)
if not utils.not_empty_file(options_path):
return {'error': "Workspace not found"}
options = utils.reading_json(options_path)
if username == options.get('USERNAME'):
if password == options.get('PASSWORD'):
# cause we don't have real db so it's really hard to manage JWT
# just change the secret if you want to revoke old token
expires = datetime.timedelta(days=365)
token = create_access_token(username, expires_delta=expires)
return {'access_token': token}
return {'error': "Credentials Incorrect"}
def get(self, workspace):
module = request.args.get('module')
ws_name = os.path.basename(os.path.normpath(workspace))
# print(ws_name)
# change to current workspace instead of get from running target
self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
self.options['OUTPUT'] = ws_name
reports = {}
for key, value in self.commands.items():
raw_report = self.commands[key].get('report')
reports[key] = "N/A"
if raw_report:
real_report = utils.replace_argument(
self.options, self.commands[key].get('report'))
if utils.not_empty_file(real_report):
reports[key] = real_report.replace(
self.options['WORKSPACES'], '')
if module is not None:
reports = reports.get(module)
return {'reports': reports}
def get(self, workspace):
# module = request.args.get('module')
ws_name = os.path.basename(os.path.normpath(workspace))
options_path = str(BASE_DIR.joinpath('storages/{0}/options.json'.format(ws_name)))
self.options = utils.reading_json(options_path)
if not self.options:
return {"error": "Workspace {0} not found".format(ws_name)}
# get commands
commands_path = str(BASE_DIR.joinpath('commands.json'))
self.commands = utils.reading_json(commands_path)
# change to current workspace instead of get from running target
self.options['WORKSPACE'] = self.options['WORKSPACES'] + ws_name
self.options['OUTPUT'] = ws_name
final_reports = []
# reports = {}
for key in self.commands.keys():
final_reports.append({
"module": key,
"reports": []
})
for k in self.commands.keys():
if "report" in self.commands[k].keys():
report = utils.replace_argument(self.options, self.commands[k].get("report"))
# print(report)
if type(report) == str:
if utils.not_empty_file(report):
report_path = report.replace(
self.options.get('WORKSPACE'), ws_name)
report_item = {
"path": report_path,
"type": "html",
}
for i in range(len(final_reports)):
if final_reports[i].get('module') == k:
final_reports[i]["reports"].append(
report_item)
# final_reports[k]["reports"].append(report_item)
elif type(report) == list:
for item in report:
report_path = utils.replace_argument(self.options, item.get("path"))
if utils.not_empty_file(report_path):
report_path = report_path.replace(
self.options.get('WORKSPACE'), ws_name)
report_item = {
"path": report_path,
"type": item.get("type"),
}
for i in range(len(final_reports)):
if final_reports[i].get('module') == k:
final_reports[i]["reports"].append(report_item)
# just clean up
clean_reports = []
for i in range(len(final_reports)):
if final_reports[i].get('reports'):
clean_reports.append(final_reports[i])
return {'reports': clean_reports}