def __init__(self, appinfo, parent = None): QWidget.__init__(self, parent) self.appinfo = appinfo self.current_selection = None width = self.width() self.domainIcon = QIcon(probe_icon(None, None, 'domain')) self.graphview = GraphView(self.appinfo) QObject.connect(self.graphview, SIGNAL('updateDetailsNodePan'), self.fillInformationPan_Slot) self.infodisplay = InfoDisplay(self.appinfo) QObject.connect(self.infodisplay.dropDownDomain, SIGNAL('currentIndexChanged(const QString&)'), self.selectedDomain_Slot) QObject.connect(self.infodisplay.availableRequestDropDown, SIGNAL('currentIndexChanged(const QString&)'), self.selectedRequestID_Slot) QObject.connect(self.infodisplay.save_screen, SIGNAL('triggered()'), self.saveGraphView_Slot) QObject.connect(self.infodisplay.clear_screen, SIGNAL('triggered()'), self.clearGraphView_Slot) QObject.connect(self.infodisplay.redraw_screen, SIGNAL('triggered()'), self.redrawGraphView_Slot) #QObject.connect(self.infodisplay.apply_heuristic, SIGNAL('toggled()'), self.graphview.executeHeuristic) QObject.connect(self.infodisplay.filter, SIGNAL('returnPressed()'), self.processFilter_Slot) self.splitter = QSplitter(parent) self.splitter.addWidget(self.graphview) self.splitter.addWidget(self.infodisplay) layout = QHBoxLayout() layout.addWidget(self.splitter) self.setLayout(layout)
def __init__(self, findingdb, netmanager, parent = None): QWidget.__init__(self, parent) self.findingdb = findingdb self.netmanager = netmanager self.current_findingid = None self.classification_name = QComboBox() self.rebuildClassificationDropDown() self.findingid = QLineEdit() self.findingid.setEnabled(False) self.domain_icon = QIcon(probe_icon(None, None, 'domain')) self.domain = QLineEdit() self.typefinding = QLineEdit() self.qurlstr = QLineEdit() self.severity = QLineEdit() self.impact = QLineEdit() self.trace = QTreeWidget() self.trace.setColumnCount(7) self.trace.setRootIsDecorated(False) self.trace.setAlternatingRowColors(True) self.trace.setSortingEnabled(False) self.trace.setEditTriggers(QAbstractItemView.DoubleClicked) self.trace.setWordWrap(True) self.trace.setHeaderLabels(["Request ID", "HTTP Method", "URL", "Parameter", "Payload", "Description", "User Information"]) self.trace.setUniformRowHeights(True) self.trace.resizeColumnToContents(0) self.description = QTextEdit() self.description.setAcceptRichText(False) self.description.setAutoFormatting(QTextEdit.AutoNone) self.reference = QTextEdit() self.reference.setAcceptRichText(False) self.reference.setAutoFormatting(QTextEdit.AutoNone) self.refresh_button = QPushButton("Refresh Finding Content") self.update_button = QPushButton("Persist Content") self.add_button = QPushButton("Add Finding") QObject.connect(self.add_button, SIGNAL("pressed()"), self.addFinding_Slot) QObject.connect(self.refresh_button, SIGNAL("pressed()"), self.refreshFinding_Slot) QObject.connect(self.update_button, SIGNAL("pressed()"), self.persistFinding_Slot) glayout = QGridLayout() glayout.addWidget(QLabel("Category name:"), 0, 0) glayout.addWidget(self.classification_name, 0, 1) glayout.addWidget(QLabel("Finding ID:"), 0, 2) glayout.addWidget(self.findingid, 0, 3) glayout.addWidget(QLabel("Domain:"), 1, 0) glayout.addWidget(self.domain, 1, 1) glayout.addWidget(QLabel("Type of finding:"), 2, 0) glayout.addWidget(self.typefinding, 2, 1) glayout.addWidget(QLabel("Severity:"), 3, 0) glayout.addWidget(self.severity, 3, 1) glayout.addWidget(QLabel("Impact:"), 3, 2) glayout.addWidget(self.impact, 3, 3) ilayout = QGridLayout() ilayout.addWidget(QLabel("URL:"), 0, 0) ilayout.addWidget(self.qurlstr, 0, 1) ilayout.addWidget(QLabel("Trace:"), 1, 0) ilayout.addWidget(self.trace, 1, 1) ilayout.addWidget(QLabel("Description:"), 2, 0) ilayout.addWidget(self.description, 2, 1) ilayout.addWidget(QLabel("Reference:"), 3, 0) ilayout.addWidget(self.reference, 3, 1) ilayout.setAlignment(Qt.AlignTop) button_layout = QHBoxLayout() #button_layout.addWidget(self.add_button) button_layout.addWidget(self.refresh_button) button_layout.addWidget(self.update_button) ilayout.addLayout(button_layout, 4, 1) layout = QVBoxLayout() layout.addLayout(glayout) layout.addSpacing(20) layout.addLayout(ilayout) self.setLayout(layout)
def __init__(self, netmanager, parent=None): QDialog.__init__(self, parent) self.netmanager = netmanager self.urlrewritestore = self.netmanager.urlrewriting self.domainIcon = QIcon(probe_icon(None, None, 'domain')) self.enable_urlrewriting = QCheckBox("Enable URL rewriting handling") self.enable_urlrewriting.setChecked(False) QObject.connect(self.enable_urlrewriting, SIGNAL('stateChanged(int)'), self.enableURLRewrite_Slot) # QTree widget to represent the different editable information self.tree = QTreeWidget() self.tree.setRootIsDecorated(False) self.tree.setAlternatingRowColors(True) self.tree.setSortingEnabled(False) self.tree.setEditTriggers(QAbstractItemView.DoubleClicked) self.tree.setHeaderLabels( ['URL match', 'URL replace', 'Active', 'Unique ID']) self.tree.setColumnHidden(3, True) self.tree.setColumnWidth(2, 40) self.tree.resizeColumnToContents(0) self.tree.resizeColumnToContents(1) self.tree.setWordWrap(True) QObject.connect(self.tree, SIGNAL("itemClicked(QTreeWidgetItem *, int)"), self.clickedIndex_Slot) self.gbox = QGroupBox("URL Rewrite Rule") self.urlr_id = -1 self.domain_edit = QLineEdit() self.activated_rule = QCheckBox("Active") self.match_path = QLineEdit() self.replace = QLineEdit() self.close_dialog = QPushButton("&Close") QObject.connect(self.close_dialog, SIGNAL('pressed()'), self.cancel_Slot) self.add_button = QPushButton("Add rule") self.upd_button = QPushButton("Update rule") self.del_button = QPushButton("Delete rule") QObject.connect(self.add_button, SIGNAL('pressed()'), self.addRule_Slot) QObject.connect(self.upd_button, SIGNAL('pressed()'), self.updateRule_Slot) QObject.connect(self.del_button, SIGNAL('pressed()'), self.deleteRule_Slot) domain_active = QHBoxLayout() domain_active.addWidget(self.domain_edit) domain_active.addWidget(self.activated_rule) gridlayout = QGridLayout() gridlayout.addWidget(QLabel("Domain:"), 0, 0) gridlayout.addLayout(domain_active, 0, 1) gridlayout.addWidget(self.add_button, 0, 2) gridlayout.addWidget(QLabel("Match:"), 1, 0) gridlayout.addWidget(self.match_path, 1, 1) gridlayout.addWidget(self.upd_button, 1, 2) gridlayout.addWidget(QLabel("Replace:"), 2, 0) gridlayout.addWidget(self.replace, 2, 1) gridlayout.addWidget(self.del_button, 2, 2) self.gbox.setLayout(gridlayout) blayout = QGridLayout() blayout.addWidget(self.close_dialog, 0, 2) layout = QVBoxLayout() layout.addWidget(self.enable_urlrewriting) layout.addWidget(self.tree) layout.addWidget(self.gbox) layout.addLayout(blayout) self.setModal(False) self.setLayout(layout) # fill the data self.updateListRules() self.setMinimumSize(520, 700)
def __init__(self, netmanager, parent = None): QDialog.__init__(self, parent) self.netmanager = netmanager self.urlrewritestore = self.netmanager.urlrewriting self.domainIcon = QIcon(probe_icon(None, None, 'domain')) self.enable_urlrewriting = QCheckBox("Enable URL rewriting handling") self.enable_urlrewriting.setChecked(False) QObject.connect(self.enable_urlrewriting, SIGNAL('stateChanged(int)'), self.enableURLRewrite_Slot) # QTree widget to represent the different editable information self.tree = QTreeWidget() self.tree.setRootIsDecorated(False) self.tree.setAlternatingRowColors(True) self.tree.setSortingEnabled(False) self.tree.setEditTriggers(QAbstractItemView.DoubleClicked) self.tree.setHeaderLabels(['URL match', 'URL replace', 'Active', 'Unique ID']) self.tree.setColumnHidden(3, True) self.tree.setColumnWidth (2, 40) self.tree.resizeColumnToContents(0) self.tree.resizeColumnToContents(1) self.tree.setWordWrap(True) QObject.connect(self.tree, SIGNAL("itemClicked(QTreeWidgetItem *, int)"), self.clickedIndex_Slot) self.gbox = QGroupBox("URL Rewrite Rule") self.urlr_id = -1 self.domain_edit = QLineEdit() self.activated_rule = QCheckBox("Active") self.match_path = QLineEdit() self.replace = QLineEdit() self.close_dialog = QPushButton("&Close") QObject.connect(self.close_dialog, SIGNAL('pressed()'), self.cancel_Slot) self.add_button = QPushButton("Add rule") self.upd_button = QPushButton("Update rule") self.del_button = QPushButton("Delete rule") QObject.connect(self.add_button, SIGNAL('pressed()'), self.addRule_Slot) QObject.connect(self.upd_button, SIGNAL('pressed()'), self.updateRule_Slot) QObject.connect(self.del_button, SIGNAL('pressed()'), self.deleteRule_Slot) domain_active = QHBoxLayout() domain_active.addWidget(self.domain_edit) domain_active.addWidget(self.activated_rule) gridlayout = QGridLayout() gridlayout.addWidget(QLabel("Domain:"), 0, 0) gridlayout.addLayout(domain_active, 0, 1) gridlayout.addWidget(self.add_button, 0, 2) gridlayout.addWidget(QLabel("Match:"), 1, 0) gridlayout.addWidget(self.match_path, 1, 1) gridlayout.addWidget(self.upd_button, 1, 2) gridlayout.addWidget(QLabel("Replace:"), 2, 0) gridlayout.addWidget(self.replace, 2, 1) gridlayout.addWidget(self.del_button, 2, 2) self.gbox.setLayout(gridlayout) blayout = QGridLayout() blayout.addWidget(self.close_dialog, 0, 2) layout = QVBoxLayout() layout.addWidget(self.enable_urlrewriting) layout.addWidget(self.tree) layout.addWidget(self.gbox) layout.addLayout(blayout) self.setModal(False) self.setLayout(layout) # fill the data self.updateListRules() self.setMinimumSize(520,700)
def __init__(self, findingdb, netmanager, parent=None): QWidget.__init__(self, parent) self.findingdb = findingdb self.netmanager = netmanager self.current_findingid = None self.classification_name = QComboBox() self.rebuildClassificationDropDown() self.findingid = QLineEdit() self.findingid.setEnabled(False) self.domain_icon = QIcon(probe_icon(None, None, 'domain')) self.domain = QLineEdit() self.typefinding = QLineEdit() self.qurlstr = QLineEdit() self.severity = QLineEdit() self.impact = QLineEdit() self.trace = QTreeWidget() self.trace.setColumnCount(7) self.trace.setRootIsDecorated(False) self.trace.setAlternatingRowColors(True) self.trace.setSortingEnabled(False) self.trace.setEditTriggers(QAbstractItemView.DoubleClicked) self.trace.setWordWrap(True) self.trace.setHeaderLabels([ "Request ID", "HTTP Method", "URL", "Parameter", "Payload", "Description", "User Information" ]) self.trace.setUniformRowHeights(True) self.trace.resizeColumnToContents(0) self.description = QTextEdit() self.description.setAcceptRichText(False) self.description.setAutoFormatting(QTextEdit.AutoNone) self.reference = QTextEdit() self.reference.setAcceptRichText(False) self.reference.setAutoFormatting(QTextEdit.AutoNone) self.refresh_button = QPushButton("Refresh Finding Content") self.update_button = QPushButton("Persist Content") self.add_button = QPushButton("Add Finding") QObject.connect(self.add_button, SIGNAL("pressed()"), self.addFinding_Slot) QObject.connect(self.refresh_button, SIGNAL("pressed()"), self.refreshFinding_Slot) QObject.connect(self.update_button, SIGNAL("pressed()"), self.persistFinding_Slot) glayout = QGridLayout() glayout.addWidget(QLabel("Category name:"), 0, 0) glayout.addWidget(self.classification_name, 0, 1) glayout.addWidget(QLabel("Finding ID:"), 0, 2) glayout.addWidget(self.findingid, 0, 3) glayout.addWidget(QLabel("Domain:"), 1, 0) glayout.addWidget(self.domain, 1, 1) glayout.addWidget(QLabel("Type of finding:"), 2, 0) glayout.addWidget(self.typefinding, 2, 1) glayout.addWidget(QLabel("Severity:"), 3, 0) glayout.addWidget(self.severity, 3, 1) glayout.addWidget(QLabel("Impact:"), 3, 2) glayout.addWidget(self.impact, 3, 3) ilayout = QGridLayout() ilayout.addWidget(QLabel("URL:"), 0, 0) ilayout.addWidget(self.qurlstr, 0, 1) ilayout.addWidget(QLabel("Trace:"), 1, 0) ilayout.addWidget(self.trace, 1, 1) ilayout.addWidget(QLabel("Description:"), 2, 0) ilayout.addWidget(self.description, 2, 1) ilayout.addWidget(QLabel("Reference:"), 3, 0) ilayout.addWidget(self.reference, 3, 1) ilayout.setAlignment(Qt.AlignTop) button_layout = QHBoxLayout() #button_layout.addWidget(self.add_button) button_layout.addWidget(self.refresh_button) button_layout.addWidget(self.update_button) ilayout.addLayout(button_layout, 4, 1) layout = QVBoxLayout() layout.addLayout(glayout) layout.addSpacing(20) layout.addLayout(ilayout) self.setLayout(layout)
def fillInformationPan_Slot(self, tpl): self.current_selection = tpl domain = tpl[0] qurlstr = tpl[1] info = self.appinfo.getInfo(domain, qurlstr) if not info: return # domain { # url-string { # 'method' : [] # 'request_id' : [] # 'original' : True if user clicked on link or if link was directly requested # False if it's a subsequent request # 'tampered' : True if user tampered this request once... will help to extract # the coverage of pen-test # 'spidered' : True if spider discovered the link # 'content-type' : [image, xml, html, js, css, flash, binary, etc.] # 'get' : { '$PARAMETER_NAME$' : []} # 'post' : { '$PARAMETER_NAME$' : []} # 'headers' : { '$PARAMETER_NAME$' : []} # 'cookies' : { '$PARAMETER_NAME$' : [('value', 'raw')]} # 'fragment' : [] # } } # load request ID to the drop down self.infodisplay.availableRequestDropDown.clear() self.infodisplay.availableRequestDropDown.addItem(QString("List of existing requests:")) for request_id in info['request_id']: self.infodisplay.availableRequestDropDown.addItem(QString("request - %d" % request_id)) self.infodisplay.tree.setUpdatesEnabled(False) self.infodisplay.tree.clear() root = self.infodisplay.tree.invisibleRootItem() item = QTreeWidgetItem() item.setText(0, domain) item.setIcon(0, self.domainIcon) item.setIcon(0, QIcon(probe_icon(None, None, 'domain'))) item.setText(1, QUrl(qurlstr).path()) item.setFlags(item.flags() | Qt.ItemIsEditable) root.addChild(item) root.addChild(SiteInfo.__create_treeitem("Nb Requests", str(len(info['request_id'])))) root.addChild(SiteInfo.__create_treeitem("Clicked by user", "true" if info['original'] else "false")) root.addChild(SiteInfo.__create_treeitem("Tampered by user", "true" if info['tampered'] else "false")) root.addChild(SiteInfo.__create_treeitem("Spidered", "true" if info['spidered'] else "false")) root.addChild(SiteInfo.__create_treeitem("Content types", ", ".join(info['content-type']))) for item in ('headers', 'get', 'post', 'cookies'): category = SiteInfo.__create_treeseparator(string.capitalize(item)) root.addChild(category) for variable in info[item]: values = [unicode(v) for v in info[item][variable]] category.addChild(SiteInfo.__create_treeitem(variable, ", ".join(values))) if 0 < len(info['fragment']): category = SiteInfo.__create_treeseparator("Fragments") root.addChild(category) values = [unicode(v) for v in info['fragment']] category.addChild(SiteInfo.__create_treeitem(", ".join(values), "")) self.infodisplay.tree.expandAll() self.infodisplay.tree.resizeColumnToContents(0) self.infodisplay.tree.setUpdatesEnabled(True)