def analyze_content(self): """ Perform analysis on the captured content""" #TODO: NEW DB THREAD TO HOLD RESPONSES, ANOTHER FOR WRITING RESULTS scopeController = self.framework.getScopeController() response = self.Data.read_all_responses(self.read_cursor) response_IDs = [] for row in response: dbrow = [m or '' for m in row] Id = dbrow[ResponsesTable.ID] url = dbrow[ResponsesTable.URL] if scopeController.isUrlInScope(url, url): response_IDs.append(Id) #Instantiate all found analyzers analyzerobjects = AnalyzerList(self.framework) analyzerobjects.instantiate_analyzers() analysisrunid = self.Data.analysis_start(self.cursor) #TODO - Consider threading from here down for x in analyzerobjects: #dbconfig=self.Data.get_config_value(self.read_cursor, 'ANALYSIS', str(x.__class__)) #print "dbconfig=%s"%dbconfig print("class=%s" % x.__class__) #x.setConfiguration(dbconfig) x.preanalysis() x.initResultsData() resultinstance = x.getResults() x.analyzerinstanceid = self.Data.analysis_add_analyzer_instance( self.cursor, analysisrunid, str(x.__class__).translate('<>'), x.friendlyname, x.desc, self.result_type_to_string(resultinstance)) fullanalysistext = StringIO() for Id in response_IDs: transaction = self.framework.get_request_response(Id) for analyzer in analyzerobjects: try: analyzer.analyzeTransaction(transaction, analyzer.getResults()) tempanalysisresults = analyzer.getResults() #If there were results for this page, add them to the DB if transaction.Id in tempanalysisresults.pages: pageresultset = self.Data.analysis_add_resultset( self.cursor, analyzer.analyzerinstanceid, transaction.Id, False, transaction.responseUrl, self.result_type_to_string( tempanalysisresults.pages[transaction.Id])) for result in tempanalysisresults.pages[ transaction.Id].results: self.Data.analysis_add_singleresult( self.cursor, pageresultset, result.severity, result.certainty, result.type, result.desc, #TODO: Consider db structure to handle data field str(result.data), result.span, self.result_type_to_string(result)) for key, value in list(tempanalysisresults.pages[ transaction.Id].stats.items()): self.Data.analysis_add_stat( self.cursor, pageresultset, key, value) except Exception as e: # TODO: add real debugging support self.framework.debug_log('Transaction ID: ' + str(transaction.Id)) self.framework.report_exception(e) #Post Analysis for analyzer in analyzerobjects: results = analyzer.getResults() analyzer.postanalysis(results) for context in list(results.overall.keys()): overallresultset = self.Data.analysis_add_resultset( self.cursor, analyzer.analyzerinstanceid, None, True, context, self.result_type_to_string(results.overall[context])) for result in results.overall[context].results: self.Data.analysis_add_singleresult( self.cursor, overallresultset, result.severity, result.certainty, result.type, result.desc, #TODO: Consider db structure to handle data field str(result.data), result.span, self.result_type_to_string(result)) #print "WRITING:",self.result_type_to_string(result) for key, value in list(results.overall[context].stats.items()): self.Data.analysis_add_stat(self.cursor, overallresultset, key, value) self.Data.commit() #Output results to analysis tab #for analyzer in analyzerobjects: #fullanalysistext.write(analyzer.getResults().toHTML()) return ''
def __init__(self, dbfilename = '', parent=None): super(RaftMain, self).__init__(parent) if MAC: qt_mac_set_native_menubar(False) self.setupUi(self) # hide currently unimplemented features self.reqTabRawRequestTab.hide() self.reqTabRawRequestTab.setParent(None) self.wfUnusedSequenceTab.hide() self.wfUnusedSequenceTab.setParent(None) # initialize framework self.framework = Framework(self) # default filename is temp.raftdb if dbfilename: self.dbfilename = dbfilename else: self.dbfilename = self.framework.get_temp_db_filename() # restore settings self.restore_settings() # Create progress dialog self.Progress = ProgressDialog() # add helper and utility singletons # TODO: should be base extractor and that loads/returns appropriate type self.contentExtractor = BaseExtractor.BaseExtractor() self.framework.setContentExtractor(self.contentExtractor) # Create actions for items self.responsesDataTree.doubleClicked.connect(self.response_item_double_clicked) self.fillingDataTree = False self.responsesDataTree.clicked.connect(self.fill_bottom) self.responsesDataTree.activated.connect(self.fill_bottom) self.responsesDataTree.setSortingEnabled(True) self.responsesDataTree.sortByColumn(0, Qt.AscendingOrder) #analysis tab connections self.mainAnalysisTreeWidget.clicked.connect(self.analysistree_handle_click) self.mainAnalysisTreeWidget.activated.connect(self.analysistree_handle_click) self.mainAnalysisTreeWidget.expanded.connect(self.analysistree_handle_expand) self.cookiesTabIndex = self.mainTabWidget.indexOf(self.tabMainCookies) self.mainTabWidget.currentChanged.connect(self.main_tab_change) # Toolbar buttons and actions self.actionButtonOpen.triggered.connect(self.open_file) self.actionZoomIn.triggered.connect(self.zoom_in) self.actionZoomOut.triggered.connect(self.zoom_out) self.actionDiff.triggered.connect(self.diff) self.actionAnalyze.triggered.connect(self.analyze_content) self.actionSequence.triggered.connect(self.display_sequence) self.actionConfig.triggered.connect(self.display_config) self.actionSearch.triggered.connect(self.display_search) self.actionBrowser.triggered.connect(self.launch_browser) # Create the actions for the buttons # self.connect(self.encodeButton, SIGNAL("clicked()"), self.encode_values) # self.connect(self.encodeWrapButton, SIGNAL("clicked()"), self.wrap_encode) # self.connect(self.decodeButton, SIGNAL("clicked()"), self.decode_values) # self.connect(self.decodeWrapButton, SIGNAL("clicked()"), self.wrap_decode) # Actions for Menus self.actionNew_Project.triggered.connect(self.new_project) self.actionOpen.triggered.connect(self.open_file) self.actionSave_As.triggered.connect(self.save_as) self.actionImport_RaftCaptureXml.triggered.connect(lambda x: self.import_raft('raft_capture_xml')) self.actionImport_BurpLog.triggered.connect(lambda x: self.import_burp('burp_log')) self.actionImport_BurpState.triggered.connect(lambda x: self.import_burp('burp_state')) self.actionImport_BurpXml.triggered.connect(lambda x: self.import_burp('burp_xml')) self.actionImport_Burp_Vuln_XML.triggered.connect(lambda x: self.import_burp('burp_vuln_xml')) self.actionImport_AppScan_XML.triggered.connect(lambda x: self.import_appscan('appscan_xml')) self.actionImport_WebScarab.triggered.connect(self.import_webscarab) self.actionImport_ParosMessages.triggered.connect(lambda x: self.import_paros('paros_message')) self.actionRefresh_Responses.triggered.connect(self.refresh_responses) self.actionClear_Responses.triggered.connect(self.clear_responses) self.actionExport_Settings.triggered.connect(self.export_settings) self.actionImport_Settings.triggered.connect(self.import_settings) self.actionEncoder_Decoder.triggered.connect(self.detach_encoder) # Actions for configuration self.actionConfiguration_BlackHoleNetwork.triggered.connect(lambda x: self.raft_config_toggle('black_hole_network', x)) self.actionAbout_RAFT.triggered.connect(self.display_about) self.actionAnalysisConfiguration.triggered.connect(self.display_analysis_config) # Declare, but do not fill, list of analyzers self.analyzerlist = AnalyzerList(self.framework) self.setup_others()