def DeleteAll(self, filter_data, target_id=None):
"""
Here keeping filter_data optional is very risky
"""
query = self.GenerateQueryUsingSession(
filter_data, target_id,
for_delete=True) # Empty dict will match all results
# Delete the folders created for these plugins
for plugin in query.all():
# First check if path exists in db
if plugin.output_path:
output_path = os.path.join(
self.config.GetOutputDirForTargets(), plugin.output_path)
if os.path.exists(output_path):
FileOperations.rm_tree(output_path)
# When folders are removed delete the results from db
results = query.delete()
self.db.session.commit()
def DeleteAll(self, filter_data, target_id=None):
"""
Here keeping filter_data optional is very risky
"""
query = self.GenerateQueryUsingSession(
filter_data,
target_id,
for_delete=True) # Empty dict will match all results
# Delete the folders created for these plugins
for plugin in query.all():
# First check if path exists in db
if plugin.output_path:
output_path = os.path.join(
self.config.GetOutputDirForTargets(),
plugin.output_path)
if os.path.exists(output_path):
FileOperations.rm_tree(output_path)
# When folders are removed delete the results from db
results = query.delete()
self.db.session.commit()
def initialize(self, outbound_options=[], outbound_auth=""):
# The tornado application, which is used to pass variables to request handler
self.application = tornado.web.Application(
handlers=[(r'.*', ProxyHandler)],
debug=False,
gzip=True,
)
self.config = self.get_component("config")
self.db_config = self.get_component("db_config")
# All required variables in request handler
# Required variables are added as attributes to application, so that request handler can access these
self.application.Core = self.get_component("core")
try:
self.proxy_manager = self.get_component("proxy_manager")
except ComponentNotFoundException:
self.proxy_manager = None
self.application.proxy_manager = self.proxy_manager
# ctypes object allocated from shared memory to verify if proxy must inject probe code or not
# 'i' means ctypes type is integer, initialization value is 0
# if lock is True then a new recursive lock object is created to
# synchronize access to the value
self.application.Core.pnh_inject = Value('i', 0, lock=True)
self.application.inbound_ip = self.db_config.Get('INBOUND_PROXY_IP')
self.application.inbound_port = int(
self.db_config.Get('INBOUND_PROXY_PORT'))
if self.proxy_manager: #Botnet mode needs only one proxy process
self.instances = "1"
else:
self.instances = self.db_config.Get("INBOUND_PROXY_PROCESSES")
# Proxy CACHE
# Cache related settings, including creating required folders according to cache folder structure
self.application.cache_dir = self.db_config.Get(
"INBOUND_PROXY_CACHE_DIR")
# Clean possible older cache directory.
if os.path.exists(self.application.cache_dir):
FileOperations.rm_tree(self.application.cache_dir)
FileOperations.make_dirs(self.application.cache_dir)
# SSL MiTM
# SSL certs, keys and other settings (os.path.expanduser because they are stored in users home directory ~/.owtf/proxy )
self.application.ca_cert = os.path.expanduser(
self.db_config.Get('CA_CERT'))
self.application.ca_key = os.path.expanduser(
self.db_config.Get('CA_KEY'))
try: # To stop owtf from breaking for our beloved users :P
self.application.ca_key_pass = FileOperations.open(
os.path.expanduser(self.db_config.Get('CA_PASS_FILE')),
'r',
owtf_clean=False).read().strip()
except IOError:
self.application.ca_key_pass = "******"
self.application.proxy_folder = os.path.dirname(
self.application.ca_cert)
self.application.certs_folder = os.path.expanduser(
self.db_config.Get('CERTS_FOLDER'))
try: # Ensure CA.crt and Key exist
assert os.path.exists(self.application.ca_cert)
assert os.path.exists(self.application.ca_key)
except AssertionError:
self.get_component("error_handler").FrameworkAbort(
"Files required for SSL MiTM are missing. Please run the install script"
)
try: # If certs folder missing, create that
assert os.path.exists(self.application.certs_folder)
except AssertionError:
FileOperations.make_dirs(self.application.certs_folder)
# Blacklist (or) Whitelist Cookies
# Building cookie regex to be used for cookie filtering for caching
if self.db_config.Get('WHITELIST_COOKIES') == 'None':
cookies_list = self.db_config.Get('BLACKLIST_COOKIES').split(',')
self.application.cookie_blacklist = True
else:
cookies_list = self.db_config.Get('WHITELIST_COOKIES').split(',')
self.application.cookie_blacklist = False
if self.application.cookie_blacklist:
regex_cookies_list = [
cookie + "=([^;]+;?)" for cookie in cookies_list
]
else:
regex_cookies_list = [
"(" + cookie + "=[^;]+;?)"
for cookie in self.db_config.Get('COOKIES_LIST')
]
regex_string = '|'.join(regex_cookies_list)
self.application.cookie_regex = re.compile(regex_string)
# Outbound Proxy
# Outbound proxy settings to be used inside request handler
if outbound_options:
if len(outbound_options) == 3:
self.application.outbound_proxy_type = outbound_options[0]
self.application.outbound_ip = outbound_options[1]
self.application.outbound_port = int(outbound_options[2])
else:
self.application.outbound_proxy_type = "http"
self.application.outbound_ip = outbound_options[0]
self.application.outbound_port = int(outbound_options[1])
else:
self.application.outbound_ip, self.application.outbound_port, self.application.outbound_proxy_type = None, None, None
if outbound_auth:
self.application.outbound_username, self.application.outbound_password = outbound_auth.split(
":")
else:
self.application.outbound_username, self.application.outbound_password = None, None
# Server has to be global, because it is used inside request handler to attach sockets for monitoring
global server
server = tornado.httpserver.HTTPServer(self.application)
self.server = server
# Header filters
# Restricted headers are picked from framework/config/framework_config.cfg
# These headers are removed from the response obtained from webserver, before sending it to browser
global restricted_response_headers
restricted_response_headers = self.config.FrameworkConfigGet(
"PROXY_RESTRICTED_RESPONSE_HEADERS").split(",")
# These headers are removed from request obtained from browser, before sending it to webserver
global restricted_request_headers
restricted_request_headers = self.config.FrameworkConfigGet(
"PROXY_RESTRICTED_REQUEST_HEADERS").split(",")
# HTTP Auth options
if self.db_config.Get("HTTP_AUTH_HOST") != "None":
self.application.http_auth = True
# All the variables are lists
self.application.http_auth_hosts = self.db_config.Get(
"HTTP_AUTH_HOST").strip().split(',')
self.application.http_auth_usernames = self.db_config.Get(
"HTTP_AUTH_USERNAME").strip().split(',')
self.application.http_auth_passwords = self.db_config.Get(
"HTTP_AUTH_PASSWORD").strip().split(',')
self.application.http_auth_modes = self.db_config.Get(
"HTTP_AUTH_MODE").strip().split(',')
else:
self.application.http_auth = False
def CleanUpForTarget(self, target_URL):
return FileOperations.rm_tree(self.GetOutputDirForTarget(target_URL))
def CleanUpForTarget(self, target_URL):
return FileOperations.rm_tree(self.GetOutputDirForTarget(target_URL))
def initialize(self, outbound_options=[], outbound_auth=""):
# The tornado application, which is used to pass variables to request handler
self.application = tornado.web.Application(handlers=[(r'.*', ProxyHandler)], debug=False, gzip=True,)
self.config = self.get_component("config")
self.db_config = self.get_component("db_config")
# All required variables in request handler
# Required variables are added as attributes to application, so that request handler can access these
self.application.Core = self.get_component("core")
try:
self.proxy_manager = self.get_component("proxy_manager")
except ComponentNotFoundException:
self.proxy_manager = None
self.application.proxy_manager = self.proxy_manager
# ctypes object allocated from shared memory to verify if proxy must inject probe code or not
# 'i' means ctypes type is integer, initialization value is 0
# if lock is True then a new recursive lock object is created to
# synchronize access to the value
self.application.Core.pnh_inject = Value('i', 0, lock=True)
self.application.inbound_ip = self.db_config.Get('INBOUND_PROXY_IP')
self.application.inbound_port = int(self.db_config.Get('INBOUND_PROXY_PORT'))
if self.proxy_manager:
self.instances = "1" # Botnet mode needs only one proxy process.
else:
self.instances = self.db_config.Get("INBOUND_PROXY_PROCESSES")
# Proxy CACHE
# Cache related settings, including creating required folders according to cache folder structure
self.application.cache_dir = self.db_config.Get("INBOUND_PROXY_CACHE_DIR")
# Clean possible older cache directory.
if os.path.exists(self.application.cache_dir):
FileOperations.rm_tree(self.application.cache_dir)
FileOperations.make_dirs(self.application.cache_dir)
# SSL MiTM
# SSL certs, keys and other settings (os.path.expanduser because they are stored in users home directory
# ~/.owtf/proxy)
self.application.ca_cert = os.path.expanduser(self.db_config.Get('CA_CERT'))
self.application.ca_key = os.path.expanduser(self.db_config.Get('CA_KEY'))
# To stop OWTF from breaking for our beloved users :P
try:
self.application.ca_key_pass = FileOperations.open(
os.path.expanduser(self.db_config.Get('CA_PASS_FILE')),
'r',
owtf_clean=False).read().strip()
except IOError:
self.application.ca_key_pass = "******" # XXX: Legacy CA key pass for older versions.
self.application.proxy_folder = os.path.dirname(self.application.ca_cert)
self.application.certs_folder = os.path.expanduser(self.db_config.Get('CERTS_FOLDER'))
try: # Ensure CA.crt and Key exist.
assert os.path.exists(self.application.ca_cert)
assert os.path.exists(self.application.ca_key)
except AssertionError:
self.get_component("error_handler").FrameworkAbort(
"Files required for SSL MiTM are missing. Please run the install script")
try: # If certs folder missing, create that.
assert os.path.exists(self.application.certs_folder)
except AssertionError:
FileOperations.make_dirs(self.application.certs_folder)
# Blacklist (or) Whitelist Cookies
# Building cookie regex to be used for cookie filtering for caching
if self.db_config.Get('WHITELIST_COOKIES') == 'None':
cookies_list = self.db_config.Get('BLACKLIST_COOKIES').split(',')
self.application.cookie_blacklist = True
else:
cookies_list = self.db_config.Get('WHITELIST_COOKIES').split(',')
self.application.cookie_blacklist = False
if self.application.cookie_blacklist:
regex_cookies_list = [cookie + "=([^;]+;?)" for cookie in cookies_list]
else:
regex_cookies_list = ["(" + cookie + "=[^;]+;?)" for cookie in self.db_config.Get('COOKIES_LIST')]
regex_string = '|'.join(regex_cookies_list)
self.application.cookie_regex = re.compile(regex_string)
# Outbound Proxy
# Outbound proxy settings to be used inside request handler
if outbound_options:
if len(outbound_options) == 3:
self.application.outbound_proxy_type = outbound_options[0]
self.application.outbound_ip = outbound_options[1]
self.application.outbound_port = int(outbound_options[2])
else:
self.application.outbound_proxy_type = "http"
self.application.outbound_ip = outbound_options[0]
self.application.outbound_port = int(outbound_options[1])
else:
self.application.outbound_ip = None
self.application.outbound_port = None
self.application.outbound_proxy_type = None
if outbound_auth:
self.application.outbound_username, self.application.outbound_password = outbound_auth.split(":")
else:
self.application.outbound_username = None
self.application.outbound_password = None
self.server = tornado.httpserver.HTTPServer(self.application)
# server has to be a class variable, because it is used inside request handler to attach sockets for monitoring
ProxyHandler.server = self.server
# Header filters
# Restricted headers are picked from framework/config/framework_config.cfg
# These headers are removed from the response obtained from webserver, before sending it to browser
restricted_response_headers = self.config.FrameworkConfigGet("PROXY_RESTRICTED_RESPONSE_HEADERS").split(",")
ProxyHandler.restricted_response_headers = restricted_response_headers
# These headers are removed from request obtained from browser, before sending it to webserver
restricted_request_headers = self.config.FrameworkConfigGet("PROXY_RESTRICTED_REQUEST_HEADERS").split(",")
ProxyHandler.restricted_request_headers = restricted_request_headers
# HTTP Auth options
if self.db_config.Get("HTTP_AUTH_HOST") != "None":
self.application.http_auth = True
# All the variables are lists
self.application.http_auth_hosts = self.db_config.Get("HTTP_AUTH_HOST").strip().split(',')
self.application.http_auth_usernames = self.db_config.Get("HTTP_AUTH_USERNAME").strip().split(',')
self.application.http_auth_passwords = self.db_config.Get("HTTP_AUTH_PASSWORD").strip().split(',')
self.application.http_auth_modes = self.db_config.Get("HTTP_AUTH_MODE").strip().split(',')
else:
self.application.http_auth = False
