hakiri 0.0.2 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +17 -0
- data/Gemfile +6 -0
- data/Gemfile.lock +21 -0
- data/bin/hakiri +71 -5
- data/hakiri.gemspec +22 -0
- data/lib/hakiri.rb +23 -7
- data/lib/hakiri/cli_output.rb +11 -0
- data/lib/hakiri/stack.rb +107 -0
- data/lib/hakiri/technologies/apache.rb +11 -0
- data/lib/hakiri/technologies/apache_tomcat.rb +11 -0
- data/lib/hakiri/technologies/java.rb +11 -0
- data/lib/hakiri/technologies/jruby.rb +11 -0
- data/lib/hakiri/technologies/linux_kernel.rb +11 -0
- data/lib/hakiri/technologies/memcached.rb +11 -0
- data/lib/hakiri/technologies/mongodb.rb +15 -0
- data/lib/hakiri/technologies/mysql.rb +11 -0
- data/lib/hakiri/technologies/nginx.rb +11 -0
- data/lib/hakiri/technologies/phusion_passenger.rb +11 -0
- data/lib/hakiri/technologies/postgres.rb +11 -0
- data/lib/hakiri/technologies/redis.rb +11 -0
- data/lib/hakiri/technologies/ruby.rb +11 -0
- data/lib/hakiri/technologies/ruby_on_rails.rb +11 -0
- data/lib/hakiri/technologies/technology.rb +19 -0
- data/lib/hakiri/technologies/thin.rb +11 -0
- data/lib/hakiri/technologies/trinidad.rb +12 -0
- data/lib/hakiri/technologies/unicorn.rb +11 -0
- data/lib/hakiri/version.rb +3 -0
- data/technologies.json +4 -0
- metadata +76 -2
data/.gitignore
ADDED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
GEM
|
2
|
+
remote: https://rubygems.org/
|
3
|
+
specs:
|
4
|
+
active_support (3.0.0)
|
5
|
+
activesupport (= 3.0.0)
|
6
|
+
activesupport (3.0.0)
|
7
|
+
commander (4.1.3)
|
8
|
+
highline (~> 1.6.11)
|
9
|
+
highline (1.6.19)
|
10
|
+
i18n (0.6.4)
|
11
|
+
terminal-table (1.4.5)
|
12
|
+
|
13
|
+
PLATFORMS
|
14
|
+
java
|
15
|
+
ruby
|
16
|
+
|
17
|
+
DEPENDENCIES
|
18
|
+
active_support
|
19
|
+
commander
|
20
|
+
i18n
|
21
|
+
terminal-table
|
data/bin/hakiri
CHANGED
@@ -2,6 +2,10 @@
|
|
2
2
|
|
3
3
|
require 'rubygems'
|
4
4
|
require 'commander/import'
|
5
|
+
require 'hakiri'
|
6
|
+
require 'terminal-table'
|
7
|
+
|
8
|
+
separator = "+#{ '-' * 78 }+"
|
5
9
|
|
6
10
|
program :name, 'hakiri'
|
7
11
|
program :version, Hakiri::VERSION
|
@@ -9,11 +13,73 @@ program :description, 'Hakiri CLI'
|
|
9
13
|
|
10
14
|
command :up do |c|
|
11
15
|
c.syntax = 'hakiri up [options]'
|
12
|
-
c.summary = ''
|
13
|
-
c.description = ''
|
14
|
-
c.
|
15
|
-
|
16
|
+
c.summary = 'Configure your stack with a JSON file.'
|
17
|
+
c.description = 'This command lets you load your custom stack JSON file, parses it and uploads it to your project at to www.hakiriup.com.'
|
18
|
+
c.option '--json_file STRING', String, 'Path to your JSON file'
|
19
|
+
|
20
|
+
c.action do |args, options|
|
21
|
+
options.default json_file: './technologies.json'
|
22
|
+
|
23
|
+
say 'Welcome to Hakiri!'
|
24
|
+
say separator
|
25
|
+
|
26
|
+
stack = Hakiri::Stack.new()
|
27
|
+
stack.build_from_json_file(options.json_file)
|
28
|
+
stack.fetch_versions
|
29
|
+
|
30
|
+
cli_output = Hakiri::CliOutput.new
|
31
|
+
say "Here are versions that Hakiri found based on the JSON file:"
|
32
|
+
puts cli_output.fancy_technologies_table(stack.technologies)
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
command :steps do |c|
|
37
|
+
c.syntax = 'hakiri steps [options]'
|
38
|
+
c.summary = 'Configure your stack in the simple walkthrough.'
|
39
|
+
c.description = 'This command launches a step by step walkthrough that will help you customize your stack.'
|
40
|
+
|
16
41
|
c.action do |args, options|
|
17
|
-
|
42
|
+
say 'Welcome to Hakiri Walkthrough!'
|
43
|
+
say separator
|
44
|
+
|
45
|
+
say 'Hakiri Walkthrough will help you configure your stack step by step and show you '
|
46
|
+
say 'vulnerabilities at the end.'
|
47
|
+
say separator
|
48
|
+
say 'Step 1 of 5: Rails Server'
|
49
|
+
say '1. Unicorn'
|
50
|
+
say '2. Phusion Passenger'
|
51
|
+
say '3. Thin'
|
52
|
+
say '4. Trinidad'
|
53
|
+
say '5. None of the above'
|
54
|
+
server = ask('What do you use as your Rails server? (1, 2, 3, 4 or 5) ', Integer) { |q| q.in = 1..5 }
|
55
|
+
say separator
|
56
|
+
say 'Step 2 of 5: Secondary Server'
|
57
|
+
say '1. Apache'
|
58
|
+
say '2. nginx'
|
59
|
+
say '3. Both'
|
60
|
+
say '4. Neither'
|
61
|
+
extra_server = ask('Do you use Apache or nginx? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
62
|
+
say separator
|
63
|
+
say 'Step 3 of 5: Database'
|
64
|
+
say '1. MySQL'
|
65
|
+
say '2. Postgres'
|
66
|
+
say '3. MongoDB'
|
67
|
+
say '4. None of the above'
|
68
|
+
db = ask('What database do you use? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
69
|
+
say separator
|
70
|
+
redis = agree 'Step 4 of 5: do you use Redis? (yes or no) '
|
71
|
+
say separator
|
72
|
+
memcached = agree 'Step 5 of 5: do you use Memcached? (yes or no) '
|
73
|
+
say separator
|
74
|
+
say 'Fetching versions on your system...'
|
75
|
+
say separator
|
76
|
+
|
77
|
+
stack = Hakiri::Stack.new()
|
78
|
+
stack.build_from_input(server, extra_server, db, redis, memcached)
|
79
|
+
stack.fetch_versions
|
80
|
+
|
81
|
+
cli_output = Hakiri::CliOutput.new
|
82
|
+
say 'Here are versions that Hakiri found:'
|
83
|
+
puts cli_output.fancy_technologies_table(stack.technologies)
|
18
84
|
end
|
19
85
|
end
|
data/hakiri.gemspec
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
$:.push File.expand_path('../lib', __FILE__)
|
2
|
+
require 'hakiri/version'
|
3
|
+
|
4
|
+
Gem::Specification.new do |s|
|
5
|
+
s.name = 'hakiri'
|
6
|
+
s.version = Hakiri::VERSION
|
7
|
+
s.date = '2013-06-04'
|
8
|
+
s.summary = 'CLI for Hakiri'
|
9
|
+
s.description = 'This is a tool to automate bug hunting.'
|
10
|
+
s.authors = ['Vasily Vasinov']
|
11
|
+
s.email = 'vasinov@me.com'
|
12
|
+
s.files = `git ls-files`.split("\n")
|
13
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
14
|
+
s.require_paths = ['lib']
|
15
|
+
s.homepage = 'http://www.hakiriup.com'
|
16
|
+
s.license = 'MIT'
|
17
|
+
|
18
|
+
s.add_dependency 'commander'
|
19
|
+
s.add_dependency 'terminal-table'
|
20
|
+
s.add_dependency 'active_support'
|
21
|
+
s.add_dependency 'i18n'
|
22
|
+
end
|
data/lib/hakiri.rb
CHANGED
@@ -1,8 +1,24 @@
|
|
1
|
-
|
2
|
-
def self.start
|
3
|
-
version_retriever = VersionRetriever.new
|
4
|
-
puts version_retriever.get_ruby
|
5
|
-
end
|
6
|
-
end
|
1
|
+
module Hakiri
|
7
2
|
|
8
|
-
|
3
|
+
end
|
4
|
+
require 'hakiri/stack'
|
5
|
+
require 'hakiri/version'
|
6
|
+
require 'hakiri/cli_output'
|
7
|
+
require 'hakiri/technologies/technology'
|
8
|
+
require 'hakiri/technologies/apache'
|
9
|
+
require 'hakiri/technologies/apache_tomcat'
|
10
|
+
require 'hakiri/technologies/java'
|
11
|
+
require 'hakiri/technologies/jruby'
|
12
|
+
require 'hakiri/technologies/linux_kernel'
|
13
|
+
require 'hakiri/technologies/memcached'
|
14
|
+
require 'hakiri/technologies/mongodb'
|
15
|
+
require 'hakiri/technologies/mysql'
|
16
|
+
require 'hakiri/technologies/nginx'
|
17
|
+
require 'hakiri/technologies/phusion_passenger'
|
18
|
+
require 'hakiri/technologies/postgres'
|
19
|
+
require 'hakiri/technologies/redis'
|
20
|
+
require 'hakiri/technologies/ruby'
|
21
|
+
require 'hakiri/technologies/ruby_on_rails'
|
22
|
+
require 'hakiri/technologies/thin'
|
23
|
+
require 'hakiri/technologies/trinidad'
|
24
|
+
require 'hakiri/technologies/unicorn'
|
@@ -0,0 +1,11 @@
|
|
1
|
+
class Hakiri::CliOutput
|
2
|
+
def initialize
|
3
|
+
@technologies_table = []
|
4
|
+
end
|
5
|
+
|
6
|
+
def fancy_technologies_table(technologies)
|
7
|
+
technologies.each { |key, value| @technologies_table << [key, value[:version]] }
|
8
|
+
|
9
|
+
Terminal::Table.new rows: @technologies_table
|
10
|
+
end
|
11
|
+
end
|
data/lib/hakiri/stack.rb
ADDED
@@ -0,0 +1,107 @@
|
|
1
|
+
require 'active_support/all'
|
2
|
+
|
3
|
+
class Hakiri::Stack
|
4
|
+
attr_accessor :technologies, :default_path
|
5
|
+
|
6
|
+
# This method initialized Hakiri::Stack class
|
7
|
+
#
|
8
|
+
def initialize()
|
9
|
+
@default_path = ''
|
10
|
+
@technologies = {}
|
11
|
+
end
|
12
|
+
|
13
|
+
# This method parses a supplied JSON file and sets stack technologies.
|
14
|
+
#
|
15
|
+
# * *Args* :
|
16
|
+
# - +json_file+ -> JSON file with technologies in the Hakiri format.
|
17
|
+
#
|
18
|
+
def build_from_json_file(json_file)
|
19
|
+
@technologies = JSON.parse(IO.read(json_file))
|
20
|
+
end
|
21
|
+
|
22
|
+
# This method analyzes user input from the Hakiri gem and sets up
|
23
|
+
# default paths to retrieve versions.
|
24
|
+
#
|
25
|
+
# * *Args* :
|
26
|
+
# - +server+ -> Rails server selection.
|
27
|
+
# - +extra_server+ -> Apache, nginx, both or neither.
|
28
|
+
# - +db+ -> DB selection.
|
29
|
+
# - +redis+ -> is Redis present?
|
30
|
+
# - +memcached+ -> is Memcached present?
|
31
|
+
#
|
32
|
+
def build_from_input(server, extra_server, db, redis, memcached)
|
33
|
+
@technologies['ruby'] = { path: @default_path }
|
34
|
+
@technologies['ruby_on_rails'] = { path: @default_path }
|
35
|
+
|
36
|
+
case server
|
37
|
+
when 1
|
38
|
+
@technologies['unicorn'] = { path: @default_path }
|
39
|
+
when 2
|
40
|
+
@technologies['phusion-passenger'] = { path: @default_path }
|
41
|
+
when 3
|
42
|
+
@technologies['thin'] = { path: @default_path }
|
43
|
+
when 4
|
44
|
+
@technologies['trinidad'] = { path: @default_path }
|
45
|
+
@technologies['java'] = { path: @default_path }
|
46
|
+
@technologies['apache-tomcat'] = { path: @default_path }
|
47
|
+
@technologies['jruby'] = { path: @default_path }
|
48
|
+
else
|
49
|
+
nil
|
50
|
+
end
|
51
|
+
|
52
|
+
case extra_server
|
53
|
+
when 1
|
54
|
+
@technologies['apache'] = { path: @default_path }
|
55
|
+
when 2
|
56
|
+
@technologies['nginx'] = { path: @default_path }
|
57
|
+
when 3
|
58
|
+
@technologies['apache'] = { path: @default_path }
|
59
|
+
@technologies['nginx'] = { path: @default_path }
|
60
|
+
else
|
61
|
+
nil
|
62
|
+
end
|
63
|
+
|
64
|
+
case db
|
65
|
+
when 1
|
66
|
+
@technologies['mysql'] = { path: @default_path }
|
67
|
+
when 2
|
68
|
+
@technologies['postgres'] = { path: @default_path }
|
69
|
+
when 3
|
70
|
+
@technologies['mongodb'] = { path: @default_path }
|
71
|
+
else
|
72
|
+
nil
|
73
|
+
end
|
74
|
+
|
75
|
+
@technologies['redis'] = { path: @default_path } if redis
|
76
|
+
|
77
|
+
@technologies['memcached'] = { path: @default_path } if memcached
|
78
|
+
end
|
79
|
+
|
80
|
+
# This method attempts to get versions of technologies in the @technologies
|
81
|
+
# instance variable. If a version is part of a technology hash then it doesn't
|
82
|
+
# get overwritten by this method.
|
83
|
+
#
|
84
|
+
def fetch_versions
|
85
|
+
@technologies.each do |technology_name, value|
|
86
|
+
begin
|
87
|
+
if @technologies[technology_name]['version'] and @technologies[technology_name]['version'] != ''
|
88
|
+
@technologies[technology_name][:version] = @technologies[technology_name]['version']
|
89
|
+
else
|
90
|
+
technology_class = Hakiri.const_get(technology_name.gsub('-', '_').camelcase)
|
91
|
+
technology_object = technology_class.new(value[:path])
|
92
|
+
|
93
|
+
if technology_object.version
|
94
|
+
@technologies[technology_name][:version] = technology_object.version
|
95
|
+
else
|
96
|
+
@technologies.delete(technology_name)
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
@technologies[technology_name].delete('version')
|
101
|
+
rescue Exception => e
|
102
|
+
puts "Error: technology #{technology_name} doesn't exist."
|
103
|
+
@technologies.delete(technology_name)
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
class Hakiri::Java < Hakiri::Technology
|
2
|
+
def version
|
3
|
+
begin
|
4
|
+
output = `#{@path}java -version 2>&1 | awk 'NR == 2 { print ; }'`
|
5
|
+
/\d+(\.\d+)?(\.\d+)?(_\d+)?/.match(output)[0].gsub('_', '.')
|
6
|
+
rescue Exception => e
|
7
|
+
puts_error(e, output)
|
8
|
+
nil
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
class Hakiri::Mongodb < Hakiri::Technology
|
2
|
+
def version
|
3
|
+
begin
|
4
|
+
output = `ps -ax | grep mongo 2>&1`
|
5
|
+
@default_regexp.match(output)[0]
|
6
|
+
rescue Exception => e
|
7
|
+
puts_error(e, output)
|
8
|
+
nil
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
def puts_error(e, output)
|
13
|
+
puts "Error: couldn't find a running version of MongoDB"
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
class Hakiri::Technology
|
2
|
+
|
3
|
+
# This method initialized Hakiri::Technology class
|
4
|
+
#
|
5
|
+
def initialize(path = '')
|
6
|
+
@default_regexp = /\d+(\.\d+)(\.\d+)/
|
7
|
+
@path = path
|
8
|
+
end
|
9
|
+
|
10
|
+
# This method outputs a default error in the command line.
|
11
|
+
#
|
12
|
+
# * *Args* :
|
13
|
+
# - +e+ -> Supplied exception.
|
14
|
+
# - +output+ -> Output that triggered the error.
|
15
|
+
#
|
16
|
+
def puts_error(e, output)
|
17
|
+
puts "Error: #{output.lines.first}"
|
18
|
+
end
|
19
|
+
end
|
data/technologies.json
ADDED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hakiri
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -27,6 +27,54 @@ dependencies:
|
|
27
27
|
- - ! '>='
|
28
28
|
- !ruby/object:Gem::Version
|
29
29
|
version: '0'
|
30
|
+
- !ruby/object:Gem::Dependency
|
31
|
+
name: terminal-table
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
33
|
+
none: false
|
34
|
+
requirements:
|
35
|
+
- - ! '>='
|
36
|
+
- !ruby/object:Gem::Version
|
37
|
+
version: '0'
|
38
|
+
type: :runtime
|
39
|
+
prerelease: false
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ! '>='
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: '0'
|
46
|
+
- !ruby/object:Gem::Dependency
|
47
|
+
name: active_support
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
49
|
+
none: false
|
50
|
+
requirements:
|
51
|
+
- - ! '>='
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '0'
|
54
|
+
type: :runtime
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
- !ruby/object:Gem::Dependency
|
63
|
+
name: i18n
|
64
|
+
requirement: !ruby/object:Gem::Requirement
|
65
|
+
none: false
|
66
|
+
requirements:
|
67
|
+
- - ! '>='
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
type: :runtime
|
71
|
+
prerelease: false
|
72
|
+
version_requirements: !ruby/object:Gem::Requirement
|
73
|
+
none: false
|
74
|
+
requirements:
|
75
|
+
- - ! '>='
|
76
|
+
- !ruby/object:Gem::Version
|
77
|
+
version: '0'
|
30
78
|
description: This is a tool to automate bug hunting.
|
31
79
|
email: vasinov@me.com
|
32
80
|
executables:
|
@@ -34,8 +82,34 @@ executables:
|
|
34
82
|
extensions: []
|
35
83
|
extra_rdoc_files: []
|
36
84
|
files:
|
37
|
-
-
|
85
|
+
- .gitignore
|
86
|
+
- Gemfile
|
87
|
+
- Gemfile.lock
|
38
88
|
- bin/hakiri
|
89
|
+
- hakiri.gemspec
|
90
|
+
- lib/hakiri.rb
|
91
|
+
- lib/hakiri/cli_output.rb
|
92
|
+
- lib/hakiri/stack.rb
|
93
|
+
- lib/hakiri/technologies/apache.rb
|
94
|
+
- lib/hakiri/technologies/apache_tomcat.rb
|
95
|
+
- lib/hakiri/technologies/java.rb
|
96
|
+
- lib/hakiri/technologies/jruby.rb
|
97
|
+
- lib/hakiri/technologies/linux_kernel.rb
|
98
|
+
- lib/hakiri/technologies/memcached.rb
|
99
|
+
- lib/hakiri/technologies/mongodb.rb
|
100
|
+
- lib/hakiri/technologies/mysql.rb
|
101
|
+
- lib/hakiri/technologies/nginx.rb
|
102
|
+
- lib/hakiri/technologies/phusion_passenger.rb
|
103
|
+
- lib/hakiri/technologies/postgres.rb
|
104
|
+
- lib/hakiri/technologies/redis.rb
|
105
|
+
- lib/hakiri/technologies/ruby.rb
|
106
|
+
- lib/hakiri/technologies/ruby_on_rails.rb
|
107
|
+
- lib/hakiri/technologies/technology.rb
|
108
|
+
- lib/hakiri/technologies/thin.rb
|
109
|
+
- lib/hakiri/technologies/trinidad.rb
|
110
|
+
- lib/hakiri/technologies/unicorn.rb
|
111
|
+
- lib/hakiri/version.rb
|
112
|
+
- technologies.json
|
39
113
|
homepage: http://www.hakiriup.com
|
40
114
|
licenses:
|
41
115
|
- MIT
|