def analyze_content(self):
""" Perform analysis on the captured content"""
#TODO: NEW DB THREAD TO HOLD RESPONSES, ANOTHER FOR WRITING RESULTS
scopeController = self.framework.getScopeController()
response = self.Data.read_all_responses(self.read_cursor)
response_IDs = []
for row in response:
dbrow = [m or '' for m in row]
Id = dbrow[ResponsesTable.ID]
url = dbrow[ResponsesTable.URL]
if scopeController.isUrlInScope(url, url):
response_IDs.append(Id)
#Instantiate all found analyzers
analyzerobjects = AnalyzerList(self.framework)
analyzerobjects.instantiate_analyzers()
analysisrunid = self.Data.analysis_start(self.cursor)
#TODO - Consider threading from here down
for x in analyzerobjects:
#dbconfig=self.Data.get_config_value(self.read_cursor, 'ANALYSIS', str(x.__class__))
#print "dbconfig=%s"%dbconfig
print("class=%s" % x.__class__)
#x.setConfiguration(dbconfig)
x.preanalysis()
x.initResultsData()
resultinstance = x.getResults()
x.analyzerinstanceid = self.Data.analysis_add_analyzer_instance(
self.cursor, analysisrunid,
str(x.__class__).translate('<>'), x.friendlyname, x.desc,
self.result_type_to_string(resultinstance))
fullanalysistext = StringIO()
for Id in response_IDs:
transaction = self.framework.get_request_response(Id)
for analyzer in analyzerobjects:
try:
analyzer.analyzeTransaction(transaction,
analyzer.getResults())
tempanalysisresults = analyzer.getResults()
#If there were results for this page, add them to the DB
if transaction.Id in tempanalysisresults.pages:
pageresultset = self.Data.analysis_add_resultset(
self.cursor, analyzer.analyzerinstanceid,
transaction.Id, False, transaction.responseUrl,
self.result_type_to_string(
tempanalysisresults.pages[transaction.Id]))
for result in tempanalysisresults.pages[
transaction.Id].results:
self.Data.analysis_add_singleresult(
self.cursor,
pageresultset,
result.severity,
result.certainty,
result.type,
result.desc,
#TODO: Consider db structure to handle data field
str(result.data),
result.span,
self.result_type_to_string(result))
for key, value in list(tempanalysisresults.pages[
transaction.Id].stats.items()):
self.Data.analysis_add_stat(
self.cursor, pageresultset, key, value)
except Exception as e:
# TODO: add real debugging support
self.framework.debug_log('Transaction ID: ' +
str(transaction.Id))
self.framework.report_exception(e)
#Post Analysis
for analyzer in analyzerobjects:
results = analyzer.getResults()
analyzer.postanalysis(results)
for context in list(results.overall.keys()):
overallresultset = self.Data.analysis_add_resultset(
self.cursor, analyzer.analyzerinstanceid, None, True,
context,
self.result_type_to_string(results.overall[context]))
for result in results.overall[context].results:
self.Data.analysis_add_singleresult(
self.cursor,
overallresultset,
result.severity,
result.certainty,
result.type,
result.desc,
#TODO: Consider db structure to handle data field
str(result.data),
result.span,
self.result_type_to_string(result))
#print "WRITING:",self.result_type_to_string(result)
for key, value in list(results.overall[context].stats.items()):
self.Data.analysis_add_stat(self.cursor, overallresultset,
key, value)
self.Data.commit()
#Output results to analysis tab
#for analyzer in analyzerobjects:
#fullanalysistext.write(analyzer.getResults().toHTML())
return ''
def __init__(self, dbfilename = '', parent=None):
super(RaftMain, self).__init__(parent)
if MAC:
qt_mac_set_native_menubar(False)
self.setupUi(self)
# hide currently unimplemented features
self.reqTabRawRequestTab.hide()
self.reqTabRawRequestTab.setParent(None)
self.wfUnusedSequenceTab.hide()
self.wfUnusedSequenceTab.setParent(None)
# initialize framework
self.framework = Framework(self)
# default filename is temp.raftdb
if dbfilename:
self.dbfilename = dbfilename
else:
self.dbfilename = self.framework.get_temp_db_filename()
# restore settings
self.restore_settings()
# Create progress dialog
self.Progress = ProgressDialog()
# add helper and utility singletons
# TODO: should be base extractor and that loads/returns appropriate type
self.contentExtractor = BaseExtractor.BaseExtractor()
self.framework.setContentExtractor(self.contentExtractor)
# Create actions for items
self.responsesDataTree.doubleClicked.connect(self.response_item_double_clicked)
self.fillingDataTree = False
self.responsesDataTree.clicked.connect(self.fill_bottom)
self.responsesDataTree.activated.connect(self.fill_bottom)
self.responsesDataTree.setSortingEnabled(True)
self.responsesDataTree.sortByColumn(0, Qt.AscendingOrder)
#analysis tab connections
self.mainAnalysisTreeWidget.clicked.connect(self.analysistree_handle_click)
self.mainAnalysisTreeWidget.activated.connect(self.analysistree_handle_click)
self.mainAnalysisTreeWidget.expanded.connect(self.analysistree_handle_expand)
self.cookiesTabIndex = self.mainTabWidget.indexOf(self.tabMainCookies)
self.mainTabWidget.currentChanged.connect(self.main_tab_change)
# Toolbar buttons and actions
self.actionButtonOpen.triggered.connect(self.open_file)
self.actionZoomIn.triggered.connect(self.zoom_in)
self.actionZoomOut.triggered.connect(self.zoom_out)
self.actionDiff.triggered.connect(self.diff)
self.actionAnalyze.triggered.connect(self.analyze_content)
self.actionSequence.triggered.connect(self.display_sequence)
self.actionConfig.triggered.connect(self.display_config)
self.actionSearch.triggered.connect(self.display_search)
self.actionBrowser.triggered.connect(self.launch_browser)
# Create the actions for the buttons
# self.connect(self.encodeButton, SIGNAL("clicked()"), self.encode_values)
# self.connect(self.encodeWrapButton, SIGNAL("clicked()"), self.wrap_encode)
# self.connect(self.decodeButton, SIGNAL("clicked()"), self.decode_values)
# self.connect(self.decodeWrapButton, SIGNAL("clicked()"), self.wrap_decode)
# Actions for Menus
self.actionNew_Project.triggered.connect(self.new_project)
self.actionOpen.triggered.connect(self.open_file)
self.actionSave_As.triggered.connect(self.save_as)
self.actionImport_RaftCaptureXml.triggered.connect(lambda x: self.import_raft('raft_capture_xml'))
self.actionImport_BurpLog.triggered.connect(lambda x: self.import_burp('burp_log'))
self.actionImport_BurpState.triggered.connect(lambda x: self.import_burp('burp_state'))
self.actionImport_BurpXml.triggered.connect(lambda x: self.import_burp('burp_xml'))
self.actionImport_Burp_Vuln_XML.triggered.connect(lambda x: self.import_burp('burp_vuln_xml'))
self.actionImport_AppScan_XML.triggered.connect(lambda x: self.import_appscan('appscan_xml'))
self.actionImport_WebScarab.triggered.connect(self.import_webscarab)
self.actionImport_ParosMessages.triggered.connect(lambda x: self.import_paros('paros_message'))
self.actionRefresh_Responses.triggered.connect(self.refresh_responses)
self.actionClear_Responses.triggered.connect(self.clear_responses)
self.actionExport_Settings.triggered.connect(self.export_settings)
self.actionImport_Settings.triggered.connect(self.import_settings)
self.actionEncoder_Decoder.triggered.connect(self.detach_encoder)
# Actions for configuration
self.actionConfiguration_BlackHoleNetwork.triggered.connect(lambda x: self.raft_config_toggle('black_hole_network', x))
self.actionAbout_RAFT.triggered.connect(self.display_about)
self.actionAnalysisConfiguration.triggered.connect(self.display_analysis_config)
# Declare, but do not fill, list of analyzers
self.analyzerlist = AnalyzerList(self.framework)
self.setup_others()
