def test_auditdb_dump(): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = "sqlite://test_auditdb.db" with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert t.audit.name == "test_auditdb" assert type(disk) is AuditSQLiteDB assert disk.filename == "test_auditdb.db" assert disk.connection_url == "sqlite://test_auditdb.db" print "Testing the audit database dump..." print " -> Writing..." for x in xrange(30): d1 = Url("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) disk.mark_plugin_finished(d1.identity, "some_plugin") disk.mark_plugin_finished(d2.identity, "some_plugin") disk.mark_plugin_finished(d3.identity, "some_plugin") disk.mark_stage_finished(d1.identity, 1) disk.mark_stage_finished(d2.identity, 2) disk.mark_stage_finished(d3.identity, 3) disk.add_shared_values("fake_set_id", ( "string", u"unicode", 100, 200L, 5.0, True, False, complex(1, 1), None, frozenset({"string", 100, 1.0}), (None, True, False), )) disk.put_mapped_values("fake_map_id", ( ("a_string", "string"), ("a_unicode_string", u"unicode"), ("an_integer", 100), ("a_long", 200L), ("a_float", 5.0), ("a_bool", True), ("another_bool", False), ("a_complex", complex(1, 1)), ("none", None), ("a_frozenset", frozenset({"string", 100, 1.0})), ("a_tuple", (None, True, False)), )) print " -> Dumping..." disk.dump("test_auditdb.sql")
def test_import(): print "Testing OpenVAS importer..." orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["192.168.56.101"] audit_config.audit_db = ":memory:" with PluginTester(orchestrator_config, audit_config) as t: t.run_plugin("import/xml_openvas", path.join(here, "test_openvas.xml")) results = Database.get_many( Database.keys(Data.TYPE_VULNERABILITY) ) assert len(results) == 1, len(results) v = results[0] assert v.level == "informational", v.level assert v.plugin_id == "import/xml_openvas", v.plugin_id assert "Remote web server does not reply with 404 error code." in v.description, v.description
def helper_test_auditdb_consistency_setup(audit_name, audit_db): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_name = audit_name audit_config.audit_db = audit_db with PluginTester(main_config, audit_config) as t: print "--> Testing general consistency..." helper_test_auditdb_general_consistency(t.audit.database) print "--> Testing data consistency..." for x in xrange(100): key = generate_random_string(10) data = generate_random_string(100) helper_test_auditdb_data_consistency(t.audit.database, key, data)
def test_scope_example(): print "Testing scope with: www.example.com" main_config = OrchestratorConfig() main_config.ui_mode = "disabled" main_config.use_colors = False audit_config = AuditConfig() audit_config.targets = ["http://www.example.com"] audit_config.include_subdomains = True with PluginTester(main_config, audit_config) as t: print Config.audit_scope for token, flag in ( (None, False), ("", False), ("www.example.com", True), ("example.com", True), ("com", False), ("subdomain.example.com", True), ("subdomain.www.example.com", True), ("www.example.org", False), ("wwwexample.com", False), ("www.wrong.com", False), ("127.0.0.1", False), ("::1", False), ("[::1]", False), ("http://www.example.com", True), ("https://example.com", True), ("ftp://ftp.example.com", True), ("mailto://[email protected]", True), ##("*****@*****.**", True), ): assert ((token in Config.audit_scope) == flag), repr(token) assert gethostbyname("www.example.com") in Config.audit_scope for address in gethostbyname_ex("www.example.com")[2]: assert address in Config.audit_scope for register in DNS.get_a("www.example.com"): assert register.address in Config.audit_scope for register in DNS.get_aaaa("www.example.com"): assert register.address in Config.audit_scope assert "[%s]" % register.address in Config.audit_scope for register in DNS.get_a("www.google.com"): assert register.address not in Config.audit_scope for register in DNS.get_aaaa("www.google.com"): assert register.address not in Config.audit_scope assert "[%s]" % register.address not in Config.audit_scope
def test(): config = OrchestratorConfig() config.from_dictionary({ "plugins_folder": path.abspath(path.join(here, "plugin_tests")), "ui_mode": "test", }) audit = AuditConfig() audit.from_dictionary({ "targets": [ "http://www.example.com/folder/subfolder/index.html", ], "reports": [ "-", ], "audit_db": "sqlite://", }) ##audit.plugin_load_overrides = [(True, "recon/test")] # XXX DEBUG shorter run try: print "Launching GoLismero..." print t1 = time.time() code = run(config, audit) t2 = time.time() print print "GoLismero ran for %f seconds" % (t2 - t1) print assert code == 0 print "Validating the audit database..." print validate(audit.audit_name) finally: print "Cleaning up..." print try: os.unlink("%s.db" % audit.audit_name) except Exception: pass print "Done!"
def test_nikto(): DEBUG = False ##DEBUG = True plugin_id = "testing/scan/nikto" csv_file = "test_nikto.csv" print "Testing plugin: %s" % plugin_id orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "console" audit_config = AuditConfig() audit_config.targets = ["http://www.example.com", "http://localhost"] audit_config.include_subdomains = False audit_config.enable_plugins = ["nikto"] audit_config.disable_plugins = ["all"] with PluginTester(orchestrator_config = orchestrator_config, audit_config = audit_config) as t: print "Testing Nikto plugin parser..." plugin, plugin_info = t.get_plugin(plugin_id) Config._context._PluginContext__plugin_info = plugin_info try: r, c = plugin.parse_nikto_results( BaseURL("http://www.example.com/"), path.join(here, csv_file)) if DEBUG: for d in r: print "-" * 10 print repr(d) assert c == 6, c assert len(r) == 10, len(r) c = defaultdict(int) for d in r: c[d.__class__.__name__] += 1 #print c assert c.pop("IP") == 1 assert c.pop("URL") == 3 assert c.pop("UncategorizedVulnerability") == 6 assert len(c) == 0 finally: Config._context._PluginContext__plugin_info = None print "Testing Nikto plugin against localhost..." r = t.run_plugin(plugin_id, BaseURL("http://localhost/")) for d in r: print "\t%r" % d
def test_nikto(): DEBUG = False ##DEBUG = True plugin_id = "testing/scan/nikto" csv_file = "test_nikto.csv" print "Testing plugin: %s" % plugin_id orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "console" audit_config = AuditConfig() audit_config.targets = ["http://www.example.com", "http://localhost"] audit_config.include_subdomains = False audit_config.enable_plugins = ["nikto"] audit_config.disable_plugins = ["all"] with PluginTester(orchestrator_config = orchestrator_config, audit_config = audit_config) as t: print "Testing Nikto plugin parser..." plugin, plugin_info = t.get_plugin(plugin_id) Config._context._PluginContext__plugin_info = plugin_info try: r, c = plugin.parse_nikto_results( BaseUrl("http://www.example.com/"), path.join(here, csv_file)) if DEBUG: for d in r: print "-" * 10 print repr(d) assert c == 6, c assert len(r) == 10, len(r) c = defaultdict(int) for d in r: c[d.__class__.__name__] += 1 #print c assert c.pop("IP") == 1 assert c.pop("Url") == 3 assert c.pop("UncategorizedVulnerability") == 6 assert len(c) == 0 finally: Config._context._PluginContext__plugin_info = None print "Testing Nikto plugin against localhost..." r = t.run_plugin(plugin_id, BaseUrl("http://localhost/")) for d in r: print "\t%r" % d
def test_scope_example(): print "Testing scope with: www.example.com" main_config = OrchestratorConfig() main_config.ui_mode = "disabled" main_config.use_colors = False audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.include_subdomains = True with PluginTester(main_config, audit_config) as t: assert None not in Config.audit_scope assert "" not in Config.audit_scope assert "www.example.com" in Config.audit_scope assert "example.com" in Config.audit_scope assert "com" not in Config.audit_scope assert "subdomain.example.com" in Config.audit_scope assert "subdomain.www.example.com" in Config.audit_scope assert "www.example.org" not in Config.audit_scope assert "wwwexample.com" not in Config.audit_scope assert "www.wrong.com" not in Config.audit_scope assert "127.0.0.1" not in Config.audit_scope assert "::1" not in Config.audit_scope assert "[::1]" not in Config.audit_scope assert "http://www.example.com" in Config.audit_scope assert "https://example.com" in Config.audit_scope assert "ftp://ftp.example.com" in Config.audit_scope assert "mailto://[email protected]" in Config.audit_scope ## assert "*****@*****.**" in Config.audit_scope assert gethostbyname("www.example.com") in Config.audit_scope for address in gethostbyname_ex("www.example.com")[2]: assert address in Config.audit_scope for register in DNS.get_a("www.example.com"): assert register.address in Config.audit_scope for register in DNS.get_aaaa("www.example.com"): assert register.address in Config.audit_scope assert "[%s]" % register.address in Config.audit_scope for register in DNS.get_a("www.google.com"): assert register.address not in Config.audit_scope for register in DNS.get_aaaa("www.google.com"): assert register.address not in Config.audit_scope assert "[%s]" % register.address not in Config.audit_scope
def test(): config = OrchestratorConfig() config.from_dictionary({ "plugins_folder": path.abspath(path.join(here, "plugin_tests")), "ui_mode": "test", }) audit = AuditConfig() audit.from_dictionary({ "targets": ["http://www.example.com/folder/subfolder/index.html",], "reports": ["-",], "audit_db": "", }) ##audit.plugin_load_overrides = [(True, "recon/test")] # XXX DEBUG shorter run try: print "Launching GoLismero..." print t1 = time.time() code = run(config, audit) t2 = time.time() print print "GoLismero ran for %f seconds" % (t2 - t1) print assert code == 0 print "Validating the audit database..." print validate(audit) finally: print "Cleaning up..." print try: os.unlink("%s.db" % audit.audit_name) except Exception: pass print "Done!"
def build_config_from_cmdline(): # Get the command line parser. parser = cmdline_parser() # Parse the command line options. try: args = sys.argv[1:] envcfg = getenv("GOLISMERO_SETTINGS") if envcfg: args = parser.convert_arg_line_to_args(envcfg) + args P, V = parser.parse_known_args(args) if P.targets: P.targets += V else: P.targets = V P.plugin_args = {} command = P.command.upper() if command in COMMANDS: P.command = command if command == "RESCAN": P.command = "SCAN" P.redo = True else: P.redo = False else: P.targets.insert(0, P.command) P.command = "SCAN" # Load the Orchestrator options. cmdParams = OrchestratorConfig() cmdParams.command = P.command if P.config: cmdParams.config_file = path.abspath(P.config) if not path.isfile(cmdParams.config_file): raise ValueError("File not found: %s" % cmdParams.config_file) if cmdParams.config_file: cmdParams.from_config_file(cmdParams.config_file, allow_profile=True) if P.user_config: cmdParams.user_config_file = path.abspath(P.user_config) if not path.isfile(cmdParams.user_config_file): raise ValueError("File not found: %s" % cmdParams.user_config_file) if cmdParams.user_config_file: cmdParams.from_config_file(cmdParams.user_config_file, allow_profile=True) if P.profile: cmdParams.profile = P.profile cmdParams.profile_file = get_profile(cmdParams.profile) if cmdParams.profile_file: cmdParams.from_config_file(cmdParams.profile_file) cmdParams.from_object(P) cmdParams.plugin_load_overrides = P.plugin_load_overrides # Enable console colors if requested. Console.use_colors = cmdParams.color # Show the program banner. parser.must_show_banner = False if cmdParams.verbose: show_banner() # Load the target audit options. auditParams = AuditConfig() auditParams.profile = cmdParams.profile auditParams.profile_file = cmdParams.profile_file auditParams.config_file = cmdParams.config_file auditParams.user_config_file = cmdParams.user_config_file if auditParams.config_file: auditParams.from_config_file(auditParams.config_file) if auditParams.user_config_file: auditParams.from_config_file(auditParams.user_config_file) if auditParams.profile_file: auditParams.from_config_file(auditParams.profile_file) auditParams.from_object(P) auditParams.plugin_load_overrides = P.plugin_load_overrides # If importing is turned off, remove the list of imports. # FIXME this should be done by argparse in argument order! if P.disable_importing: auditParams.imports = [] # If reports are turned off, remove the list of reports. # Otherwise, if no reports are specified, default to screen report. # FIXME this should be done by argparse in argument order! if P.disable_reporting: auditParams.reports = [] elif (not auditParams.reports and (P.command != "REPORT" or not auditParams.targets)): auditParams.reports = ["-"] if auditParams.only_vulns is None: auditParams.only_vulns = True # Show exceptions as command line parsing errors. except Exception, e: ##raise # XXX DEBUG parser.error("arguments error: %s" % str(e))
def main(): # Get the config file name. config_file = get_default_config_file() if not config_file: raise RuntimeError("Could not find config file, aborting!") # Load the Orchestrator options. orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "web" orchestrator_config.colorize = False orchestrator_config.config_file = config_file orchestrator_config.from_config_file(orchestrator_config.config_file, allow_profile = True) if orchestrator_config.profile: orchestrator_config.profile_file = get_profile(orchestrator_config.profile) if orchestrator_config.profile_file: orchestrator_config.from_config_file(orchestrator_config.profile_file) else: raise RuntimeError("Could not find profile, aborting!") # Get the plugins folder from the parameters. # If no plugins folder is given, use the default. plugins_folder = orchestrator_config.plugins_folder if not plugins_folder: plugins_folder = path.abspath(__file__) plugins_folder = path.dirname(plugins_folder) plugins_folder = path.join(plugins_folder, "plugins") if not path.isdir(plugins_folder): from golismero import common plugins_folder = path.abspath(common.__file__) plugins_folder = path.dirname(plugins_folder) plugins_folder = path.join(plugins_folder, "plugins") if not path.isdir(plugins_folder): raise RuntimeError("Default plugins folder not found, aborting!") orchestrator_config.plugins_folder = plugins_folder # Check if all options are correct. orchestrator_config.check_params() # Launch GoLismero. launcher.run(orchestrator_config)
def main(): # Show the program banner. show_banner() # Get the command line parser. parser = cmdline_parser() # Parse the command line options. try: args = sys.argv[1:] envcfg = getenv("GOLISMERO_SETTINGS") if envcfg: args = parser.convert_arg_line_to_args(envcfg) + args P = parser.parse_args(args) # Load the Orchestrator options. cmdParams = OrchestratorConfig() if P.config: cmdParams.config_file = path.abspath(P.config) if not path.isfile(cmdParams.config_file): raise ValueError("File not found: %r" % cmdParams.config_file) if cmdParams.config_file: cmdParams.from_config_file(cmdParams.config_file, allow_profile = True) if P.profile: cmdParams.profile = P.profile cmdParams.profile_file = get_profile(cmdParams.profile) if cmdParams.profile_file: cmdParams.from_config_file(cmdParams.profile_file) cmdParams.from_object(P) cmdParams.plugin_load_overrides = P.plugin_load_overrides # Load the target audit options. auditParams = AuditConfig() auditParams.profile = cmdParams.profile auditParams.profile_file = cmdParams.profile_file auditParams.config_file = cmdParams.config_file if auditParams.config_file: auditParams.from_config_file(auditParams.config_file) if auditParams.profile_file: auditParams.from_config_file(auditParams.profile_file) auditParams.from_object(P) auditParams.plugin_load_overrides = P.plugin_load_overrides # If importing is turned off, remove the list of imports. if P.disable_importing: auditParams.imports = [] # If reports are turned off, remove the list of reports. # Otherwise, if no reports are specified, default to screen report. if P.disable_reporting: auditParams.reports = [] elif not auditParams.reports: auditParams.reports = ["-"] # If there are no targets but there's a database, # get the targets (scope) from the database. if not auditParams.targets and auditParams.audit_db: try: cfg = AuditDB.get_config_from_closed_database( auditParams.audit_db, auditParams.audit_name) if cfg: auditParams.targets = cfg.targets auditParams.include_subdomains = cfg.include_subdomains if cmdParams.verbose > 1: if auditParams.targets: print "Found the following targets in the database:" for t in auditParams.targets: print "--> " + t print except Exception: pass ##raise # XXX DEBUG # Show exceptions as command line parsing errors. except Exception, e: ##raise # XXX DEBUG parser.error(str(e))
def main(): # Get the command line parser. parser = cmdline_parser() # Parse the command line options. try: args = sys.argv[1:] envcfg = getenv("GOLISMERO_SETTINGS") if envcfg: args = parser.convert_arg_line_to_args(envcfg) + args P = parser.parse_args(args) command = P.command.upper() if command in COMMANDS: P.command = command else: P.targets.insert(0, P.command) P.command = "SCAN" # Load the Orchestrator options. cmdParams = OrchestratorConfig() cmdParams.command = P.command if P.config: cmdParams.config_file = path.abspath(P.config) if not path.isfile(cmdParams.config_file): raise ValueError("File not found: %r" % cmdParams.config_file) if cmdParams.config_file: cmdParams.from_config_file(cmdParams.config_file, allow_profile = True) if P.profile: cmdParams.profile = P.profile cmdParams.profile_file = get_profile(cmdParams.profile) if cmdParams.profile_file: cmdParams.from_config_file(cmdParams.profile_file) cmdParams.from_object(P) cmdParams.plugin_load_overrides = P.plugin_load_overrides # Enable console colors if requested. Console.use_colors = cmdParams.color # Show the program banner. parser.must_show_banner = False if cmdParams.verbose: show_banner() # Load the target audit options. auditParams = AuditConfig() auditParams.profile = cmdParams.profile auditParams.profile_file = cmdParams.profile_file auditParams.config_file = cmdParams.config_file if auditParams.config_file: auditParams.from_config_file(auditParams.config_file) if auditParams.profile_file: auditParams.from_config_file(auditParams.profile_file) auditParams.from_object(P) auditParams.plugin_load_overrides = P.plugin_load_overrides # If importing is turned off, remove the list of imports. if P.disable_importing: auditParams.imports = [] # If reports are turned off, remove the list of reports. # Otherwise, if no reports are specified, default to screen report. if P.disable_reporting: auditParams.reports = [] elif not auditParams.reports and P.command in ("SCAN", "REPORT"): auditParams.reports = ["-"] if auditParams.only_vulns is None: auditParams.only_vulns = True # Show exceptions as command line parsing errors. except Exception, e: ##raise # XXX DEBUG parser.error(str(e))
def helper_auditdb_stress(n, dbname = ":auto:"): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = dbname with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert type(disk) is AuditSQLiteDB print " Testing %d elements..." % (n * 3) t1 = time.time() print " -> Writing..." for x in xrange(n): d1 = Url("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) t2 = time.time() print " -- Reading..." keys = disk.get_data_keys() assert len(keys) == (n * 3) for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None keys = disk.get_data_keys(Data.TYPE_INFORMATION) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_INFORMATION) data = disk.get_data(key, Data.TYPE_INFORMATION) assert data is not None assert data.data_type == Data.TYPE_INFORMATION assert isinstance(data, Text) keys = disk.get_data_keys(Data.TYPE_RESOURCE) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_RESOURCE) data = disk.get_data(key, Data.TYPE_RESOURCE) assert data is not None assert data.data_type == Data.TYPE_RESOURCE assert isinstance(data, Url) keys = disk.get_data_keys(Data.TYPE_VULNERABILITY) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_VULNERABILITY) data = disk.get_data(key, Data.TYPE_VULNERABILITY) assert data is not None assert data.data_type == Data.TYPE_VULNERABILITY assert isinstance(data, UrlDisclosure) t3 = time.time() print " <- Deleting..." for key in keys: disk.remove_data(key) t4 = time.time() print " Write time: %d seconds (%f seconds per element)" % (t2 - t1, (t2 - t1) / (n * 3.0)) print " Read time: %d seconds (%f seconds per element)" % (t3 - t2, (t3 - t2) / (n * 3.0)) print " Delete time: %d seconds (%f seconds per element)" % (t4 - t3, (t4 - t3) / (n * 3.0)) print " Total time: %d seconds (%f seconds per element)" % (t4 - t1, (t4 - t1) / (n * 3.0))
def gen(): pluginManager = PluginManager() pluginManager.find_plugins(OrchestratorConfig()) for plugin_type in categories: with open(path.join(here, plugin_type + ".rst"), "w") as f: name = get_plugin_type_display_name(plugin_type) print >> f, name print >> f, "*" * len(name) print >> f, "" print >> f, get_plugin_type_description(plugin_type) print >> f, "" plugins = pluginManager.get_plugins(plugin_type) if plugins: for plugin_id in sorted(plugins.keys()): plugin_info = plugins[plugin_id] display_name = "%s (*%s*)" % ( plugin_info.display_name, plugin_id[plugin_id.rfind("/") + 1:]) description = plugin_info.description description = description.replace("\r\n", "\n") description = description.replace("\n", "\n\n") print >> f, display_name print >> f, "=" * len(display_name) print >> f, "" print >> f, description print >> f, "" if plugin_info.plugin_args: width_key = 17 width_value = 17 for key, value in plugin_info.plugin_args.iteritems(): if key in plugin_info.plugin_passwd_args: value = "\\*" * 16 width_key = max(width_key, len(key)) width_value = max(width_value, len(value)) print >> f, "%s %s" % (("=" * width_key), ("=" * width_value)) print >> f, ( "**Argument name**%s **Default value**%s" % ((" " * (width_key - 17)), (" " * (width_value - 17)))).rstrip() print >> f, "%s %s" % (("-" * width_key), ("-" * width_value)) for key, value in plugin_info.plugin_args.iteritems(): value = value.replace("\r\n", "\n") value = value.replace("\n", " ") if key in plugin_info.plugin_passwd_args: value = "\\*" * 16 pad_key = (" " * (width_key - len(key))) pad_value = (" " * (width_value - len(value))) print >> f, ( "%s%s %s%s" % (key, pad_key, value, pad_value)).rstrip() print >> f, ("%s %s" % (("=" * width_key), ("=" * width_value))).rstrip() print >> f, "" else: print >> f, "There are currently no plugins in this category." print >> f, "" with open(path.join(here, plugin_type + ".rst"), "rU") as f: data = f.read() with open(path.join(here, plugin_type + ".rst"), "wb") as f: f.write(data) with open("index.rst", "wb") as f: f.write(index) for plugin_type in categories: f.write(" %s\n" % plugin_type)
def main(): # Get the config file name. config_file = get_default_config_file() if not config_file: raise RuntimeError("Could not find config file, aborting!") # Load the Orchestrator options. orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "web" orchestrator_config.color = False orchestrator_config.config_file = config_file orchestrator_config.from_config_file(orchestrator_config.config_file, allow_profile=True) if orchestrator_config.profile: orchestrator_config.profile_file = get_profile( orchestrator_config.profile) if orchestrator_config.profile_file: orchestrator_config.from_config_file( orchestrator_config.profile_file) else: raise RuntimeError("Could not find profile, aborting!") # Get the plugins folder from the parameters. # If no plugins folder is given, use the default. plugins_folder = orchestrator_config.plugins_folder if not plugins_folder: plugins_folder = path.abspath(__file__) plugins_folder = path.dirname(plugins_folder) plugins_folder = path.join(plugins_folder, "plugins") if not path.isdir(plugins_folder): from golismero import common plugins_folder = path.abspath(common.__file__) plugins_folder = path.dirname(plugins_folder) plugins_folder = path.join(plugins_folder, "plugins") if not path.isdir(plugins_folder): raise RuntimeError( "Default plugins folder not found, aborting!") orchestrator_config.plugins_folder = plugins_folder # Check if all options are correct. orchestrator_config.check_params() # Launch GoLismero. launcher.run(orchestrator_config)
def daemon_main(listen_address, listen_port, server_push): # Get the config file name. config_file = get_default_config_file() if not config_file: raise RuntimeError("Could not find config file, aborting!") # Load the Orchestrator options. orchestrator_config = OrchestratorConfig() orchestrator_config.config_file = config_file orchestrator_config.from_config_file(orchestrator_config.config_file, allow_profile=True) if orchestrator_config.profile: orchestrator_config.profile_file = get_profile(orchestrator_config.profile) if orchestrator_config.profile_file: orchestrator_config.from_config_file(orchestrator_config.profile_file) else: raise RuntimeError("Could not find profile, aborting!") # Get the plugins folder from the parameters. # If no plugins folder is given, use the default. plugins_folder = orchestrator_config.plugins_folder if not plugins_folder: plugins_folder = path.abspath(__file__) plugins_folder = path.dirname(plugins_folder) plugins_folder = path.join(plugins_folder, "plugins") if not path.isdir(plugins_folder): from golismero import common plugins_folder = path.abspath(common.__file__) plugins_folder = path.dirname(plugins_folder) plugins_folder = path.join(plugins_folder, "plugins") if not path.isdir(plugins_folder): raise RuntimeError("Default plugins folder not found, aborting!") orchestrator_config.plugins_folder = plugins_folder # Load the daemon configuration from command line. if listen_address: orchestrator_config.listen_address = listen_address if listen_port: orchestrator_config.listen_port = listen_port if server_push: orchestrator_config.server_push = server_push # Force the daemon UI plugin. orchestrator_config.ui_mode = "daemon" # Force disable colored output. orchestrator_config.color = False # Force maximum verbosity level. orchestrator_config.verbose = Logger.MORE_VERBOSE # Launch GoLismero. launcher.run(orchestrator_config)
def helper_auditdb_stress(n): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = "sqlite://" with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert type(disk) is AuditSQLiteDB print " Testing %d elements..." % (n * 3) t1 = time.time() print " -> Writing..." for x in xrange(n): d1 = Url("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) t2 = time.time() print " -- Reading..." keys = disk.get_data_keys() assert len(keys) == (n * 3) for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None keys = disk.get_data_keys(Data.TYPE_INFORMATION) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_INFORMATION) data = disk.get_data(key, Data.TYPE_INFORMATION) assert data is not None assert data.data_type == Data.TYPE_INFORMATION assert isinstance(data, Text) keys = disk.get_data_keys(Data.TYPE_RESOURCE) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_RESOURCE) data = disk.get_data(key, Data.TYPE_RESOURCE) assert data is not None assert data.data_type == Data.TYPE_RESOURCE assert isinstance(data, Url) keys = disk.get_data_keys(Data.TYPE_VULNERABILITY) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_VULNERABILITY) data = disk.get_data(key, Data.TYPE_VULNERABILITY) assert data is not None assert data.data_type == Data.TYPE_VULNERABILITY assert isinstance(data, UrlDisclosure) t3 = time.time() print " <- Deleting..." for key in keys: disk.remove_data(key) t4 = time.time() print " Write time: %d seconds (%f seconds per element)" % ( t2 - t1, (t2 - t1) / (n * 3.0)) print " Read time: %d seconds (%f seconds per element)" % ( t3 - t2, (t3 - t2) / (n * 3.0)) print " Delete time: %d seconds (%f seconds per element)" % ( t4 - t3, (t4 - t3) / (n * 3.0)) print " Total time: %d seconds (%f seconds per element)" % ( t4 - t1, (t4 - t1) / (n * 3.0))