watobo 0.9.21 → 0.9.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG.md +46 -1
- data/bin/nfq_server.rb +0 -9
- data/bin/watobo_gui.rb +3 -13
- data/custom-views/prettify-json.rb +9 -18
- data/icons/watobo.ico +0 -0
- data/icons/watobo.ico.old +0 -0
- data/lib/watobo.rb +10 -19
- data/lib/watobo/adapters.rb +5 -14
- data/lib/watobo/adapters/data_store.rb +50 -59
- data/lib/watobo/adapters/file/file_store.rb +287 -296
- data/lib/watobo/adapters/file/marshal_store.rb +293 -296
- data/lib/watobo/adapters/session_store.rb +5 -14
- data/lib/watobo/ca.rb +1 -10
- data/lib/watobo/config.rb +197 -206
- data/lib/watobo/constants.rb +0 -9
- data/lib/watobo/core.rb +3 -12
- data/lib/watobo/core/active_check.rb +72 -135
- data/lib/watobo/core/active_checks.rb +49 -58
- data/lib/watobo/core/ca.rb +369 -389
- data/lib/watobo/core/cert_store.rb +34 -43
- data/lib/watobo/core/chat.rb +92 -101
- data/lib/watobo/core/chats.rb +271 -280
- data/lib/watobo/core/client_cert_store.rb +106 -35
- data/lib/watobo/core/conversation.rb +48 -57
- data/lib/watobo/core/cookie.rb +23 -32
- data/lib/watobo/core/egress_handlers.rb +98 -0
- data/lib/watobo/core/finding.rb +66 -75
- data/lib/watobo/core/findings.rb +107 -114
- data/lib/watobo/core/forwarding_proxy.rb +13 -22
- data/lib/watobo/core/fuzz_gen.rb +0 -9
- data/lib/watobo/core/intercept_carver.rb +166 -177
- data/lib/watobo/core/intercept_filter.rb +235 -244
- data/lib/watobo/core/interceptor.rb +98 -107
- data/lib/watobo/core/min_class.rb +4 -13
- data/lib/watobo/core/netfilter_queue.rb +170 -179
- data/lib/watobo/core/ott_cache.rb +132 -141
- data/lib/watobo/core/parameter.rb +43 -52
- data/lib/watobo/core/passive_check.rb +103 -102
- data/lib/watobo/core/passive_checks.rb +48 -57
- data/lib/watobo/core/passive_scanner.rb +54 -55
- data/lib/watobo/core/plugin.rb +11 -20
- data/lib/watobo/core/project.rb +3 -9
- data/lib/watobo/core/proxy.rb +43 -52
- data/lib/watobo/core/request.rb +125 -123
- data/lib/watobo/core/response.rb +44 -53
- data/lib/watobo/core/scanner.rb +0 -9
- data/lib/watobo/core/scanner3.rb +405 -414
- data/lib/watobo/core/scope.rb +83 -92
- data/lib/watobo/core/session.rb +1043 -1026
- data/lib/watobo/core/sid_cache.rb +98 -107
- data/lib/watobo/core/subscriber.rb +25 -34
- data/lib/watobo/defaults.rb +21 -30
- data/lib/watobo/external/diff/lcs.rb +0 -9
- data/lib/watobo/external/diff/lcs/array.rb +0 -9
- data/lib/watobo/external/diff/lcs/block.rb +0 -9
- data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
- data/lib/watobo/external/diff/lcs/change.rb +0 -9
- data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
- data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
- data/lib/watobo/external/diff/lcs/string.rb +0 -9
- data/lib/watobo/externals.rb +6 -15
- data/lib/watobo/framework.rb +4 -13
- data/lib/watobo/framework/create_project.rb +60 -69
- data/lib/watobo/framework/init.rb +0 -9
- data/lib/watobo/framework/init_modules.rb +0 -9
- data/lib/watobo/framework/license_text.rb +28 -37
- data/lib/watobo/framework/load_chat.rb +13 -22
- data/lib/watobo/gui.rb +132 -123
- data/lib/watobo/gui/about_watobo.rb +0 -9
- data/lib/watobo/gui/browser_preview.rb +0 -9
- data/lib/watobo/gui/certificate_dialog.rb +0 -9
- data/lib/watobo/gui/chat_diff.rb +0 -9
- data/lib/watobo/gui/chatviewer_frame.rb +73 -72
- data/lib/watobo/gui/checkboxtree.rb +0 -9
- data/lib/watobo/gui/checks_policy_frame.rb +0 -9
- data/lib/watobo/gui/client_cert_dialog.rb +96 -87
- data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
- data/lib/watobo/gui/conversation_table.rb +158 -164
- data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
- data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
- data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
- data/lib/watobo/gui/custom_viewer.rb +374 -383
- data/lib/watobo/gui/dashboard.rb +296 -303
- data/lib/watobo/gui/define_scope_frame.rb +0 -9
- data/lib/watobo/gui/differ_frame.rb +215 -224
- data/lib/watobo/gui/edit_comment.rb +0 -9
- data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
- data/lib/watobo/gui/export_dialog.rb +104 -113
- data/lib/watobo/gui/finding_info.rb +0 -9
- data/lib/watobo/gui/findings_tree.rb +210 -217
- data/lib/watobo/gui/full_scan_dialog.rb +0 -9
- data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
- data/lib/watobo/gui/fxsave_thread.rb +14 -0
- data/lib/watobo/gui/goto_url_dialog.rb +70 -79
- data/lib/watobo/gui/hex_viewer.rb +0 -9
- data/lib/watobo/gui/html_viewer.rb +287 -296
- data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
- data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
- data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
- data/lib/watobo/gui/json_viewer.rb +287 -0
- data/lib/watobo/gui/list_box.rb +101 -110
- data/lib/watobo/gui/log_file_viewer.rb +32 -41
- data/lib/watobo/gui/log_viewer.rb +83 -88
- data/lib/watobo/gui/login_wizzard.rb +0 -9
- data/lib/watobo/gui/main_window.rb +587 -618
- data/lib/watobo/gui/manual_request_editor.rb +620 -565
- data/lib/watobo/gui/master_pw_dialog.rb +0 -9
- data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
- data/lib/watobo/gui/page_tree.rb +217 -226
- data/lib/watobo/gui/password_policy_dialog.rb +0 -9
- data/lib/watobo/gui/plugin_board.rb +0 -9
- data/lib/watobo/gui/preferences_dialog.rb +0 -9
- data/lib/watobo/gui/progress_window.rb +17 -27
- data/lib/watobo/gui/project_wizzard.rb +0 -9
- data/lib/watobo/gui/proxy_dialog.rb +1 -10
- data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
- data/lib/watobo/gui/request_builder_frame.rb +102 -111
- data/lib/watobo/gui/request_editor.rb +181 -137
- data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
- data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
- data/lib/watobo/gui/save_chat_dialog.rb +140 -149
- data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
- data/lib/watobo/gui/select_chat_dialog.rb +0 -9
- data/lib/watobo/gui/session_management_dialog.rb +0 -9
- data/lib/watobo/gui/sites_tree.rb +0 -9
- data/lib/watobo/gui/status_bar.rb +0 -9
- data/lib/watobo/gui/table_editor.rb +0 -9
- data/lib/watobo/gui/tagless_viewer.rb +0 -9
- data/lib/watobo/gui/templates/plugin.rb +0 -9
- data/lib/watobo/gui/templates/plugin2.rb +92 -100
- data/lib/watobo/gui/templates/plugin_base.rb +144 -153
- data/lib/watobo/gui/text_viewer.rb +0 -9
- data/lib/watobo/gui/transcoder_window.rb +0 -9
- data/lib/watobo/gui/utils/gui_utils.rb +0 -9
- data/lib/watobo/gui/utils/init_icons.rb +86 -95
- data/lib/watobo/gui/utils/load_icons.rb +33 -42
- data/lib/watobo/gui/utils/load_plugins.rb +116 -119
- data/lib/watobo/gui/utils/master_password.rb +68 -77
- data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
- data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
- data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
- data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
- data/lib/watobo/gui/utils/session_history.rb +112 -121
- data/lib/watobo/gui/workspace_dialog.rb +0 -9
- data/lib/watobo/gui/www_auth_dialog.rb +0 -9
- data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
- data/lib/watobo/http.rb +4 -13
- data/lib/watobo/http/cookies/cookies.rb +26 -35
- data/lib/watobo/http/data/data.rb +45 -54
- data/lib/watobo/http/data/json.rb +47 -55
- data/lib/watobo/http/url/url.rb +38 -47
- data/lib/watobo/http/xml/xml.rb +124 -130
- data/lib/watobo/interceptor.rb +3 -12
- data/lib/watobo/interceptor/proxy.rb +742 -739
- data/lib/watobo/interceptor/transparent.rb +22 -24
- data/lib/watobo/mixins.rb +10 -19
- data/lib/watobo/mixins/check_info.rb +27 -36
- data/lib/watobo/mixins/httpparser.rb +613 -637
- data/lib/watobo/mixins/request_parser.rb +88 -97
- data/lib/watobo/mixins/shapers.rb +515 -529
- data/lib/watobo/mixins/transcoders.rb +3 -11
- data/lib/watobo/parser.rb +1 -10
- data/lib/watobo/parser/html.rb +83 -92
- data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
- data/lib/watobo/sockets.rb +3 -12
- data/lib/watobo/sockets/agent.rb +828 -837
- data/lib/watobo/sockets/client_socket.rb +308 -312
- data/lib/watobo/sockets/connection.rb +401 -410
- data/lib/watobo/sockets/http_socket.rb +11 -13
- data/lib/watobo/sockets/ntlm_auth.rb +129 -138
- data/lib/watobo/utils.rb +10 -19
- data/lib/watobo/utils/check_regex.rb +0 -9
- data/lib/watobo/utils/copy_object.rb +0 -9
- data/lib/watobo/utils/crypto.rb +0 -9
- data/lib/watobo/utils/expand_range.rb +23 -32
- data/lib/watobo/utils/export_xml.rb +97 -106
- data/lib/watobo/utils/file_management.rb +9 -11
- data/lib/watobo/utils/hexprint.rb +9 -18
- data/lib/watobo/utils/load_chat.rb +0 -9
- data/lib/watobo/utils/load_icon.rb +0 -9
- data/lib/watobo/utils/ntlm.rb +866 -875
- data/lib/watobo/utils/print_debug.rb +12 -21
- data/lib/watobo/utils/response_builder.rb +90 -99
- data/lib/watobo/utils/response_hash.rb +0 -9
- data/lib/watobo/utils/secure_eval.rb +0 -9
- data/lib/watobo/utils/strings.rb +10 -19
- data/lib/watobo/utils/text2request.rb +0 -9
- data/lib/watobo/utils/url.rb +23 -32
- data/lib/watobo/utils/utf16.rb +11 -20
- data/modules/active/Apache/mod_status.rb +0 -9
- data/modules/active/Apache/multiview.rb +151 -160
- data/modules/active/Flash/crossdomain.rb +0 -9
- data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
- data/modules/active/cq5/cq5_default_selectors.rb +106 -115
- data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
- data/modules/active/directories/dirwalker.rb +0 -9
- data/modules/active/discovery/fileextensions.rb +0 -9
- data/modules/active/discovery/http_methods.rb +0 -9
- data/modules/active/discovery/jsmapfiles.rb +79 -0
- data/modules/active/domino/domino_db.rb +68 -76
- data/modules/active/dotNET/custom_errors.rb +102 -111
- data/modules/active/dotNET/dotnet_files.rb +90 -99
- data/modules/active/fileinclusion/lfi_simple.rb +0 -9
- data/modules/active/jboss/jboss_basic.rb +0 -9
- data/modules/active/sap/business_objects.rb +51 -60
- data/modules/active/sap/its_commands.rb +0 -9
- data/modules/active/sap/its_service_parameter.rb +0 -9
- data/modules/active/sap/its_services.rb +0 -9
- data/modules/active/sap/its_xss.rb +0 -9
- data/modules/active/shell_shock/shell_shock.rb +139 -148
- data/modules/active/siebel/siebel_apps.rb +160 -169
- data/modules/active/sqlinjection/sql_boolean.rb +0 -9
- data/modules/active/sqlinjection/sql_numerical.rb +198 -0
- data/modules/active/sqlinjection/sqli_error.rb +0 -9
- data/modules/active/sqlinjection/sqli_timing.rb +220 -229
- data/modules/active/struts2/default_handler_ognl.rb +106 -115
- data/modules/active/struts2/include_params_ognl.rb +105 -114
- data/modules/active/xml/xml_xxe.rb +112 -123
- data/modules/active/xss/xss_ng.rb +214 -223
- data/modules/active/xss/xss_simple.rb +0 -9
- data/modules/passive/ajax.rb +68 -77
- data/modules/passive/autocomplete.rb +56 -65
- data/modules/passive/cookie_options.rb +0 -9
- data/modules/passive/cookie_xss.rb +0 -9
- data/modules/passive/detect_code.rb +0 -9
- data/modules/passive/detect_fileupload.rb +0 -9
- data/modules/passive/detect_infrastructure.rb +0 -9
- data/modules/passive/detect_one_time_tokens.rb +0 -9
- data/modules/passive/dirindexing.rb +0 -9
- data/modules/passive/disclosure_domino.rb +55 -64
- data/modules/passive/disclosure_emails.rb +0 -9
- data/modules/passive/disclosure_ipaddr.rb +55 -53
- data/modules/passive/filename_as_parameter.rb +0 -9
- data/modules/passive/form_spotter.rb +0 -9
- data/modules/passive/hidden_fields.rb +50 -59
- data/modules/passive/hotspots.rb +0 -9
- data/modules/passive/in_script_parameter.rb +0 -9
- data/modules/passive/json_web_token.rb +93 -0
- data/modules/passive/multiple_server_headers.rb +0 -9
- data/modules/passive/possible_login.rb +0 -9
- data/modules/passive/redirect_url.rb +0 -9
- data/modules/passive/redirectionz.rb +0 -9
- data/modules/passive/sap-headers.rb +56 -65
- data/modules/passive/xss_dom.rb +0 -9
- data/plugins/aem/aem.rb +11 -20
- data/plugins/aem/gui/main.rb +118 -127
- data/plugins/aem/gui/tree_view.rb +171 -180
- data/plugins/aem/lib/agent.rb +130 -138
- data/plugins/aem/lib/dispatcher.rb +45 -51
- data/plugins/aem/lib/engine.rb +177 -186
- data/plugins/catalog/catalog.rb +345 -355
- data/plugins/crawler/crawler.rb +4 -13
- data/plugins/crawler/gui.rb +5 -14
- data/plugins/crawler/gui/auth_frame.rb +270 -279
- data/plugins/crawler/gui/crawler_gui.rb +271 -276
- data/plugins/crawler/gui/general_settings_frame.rb +96 -105
- data/plugins/crawler/gui/hooks_frame.rb +80 -89
- data/plugins/crawler/gui/scope_frame.rb +50 -59
- data/plugins/crawler/gui/settings_tabbook.rb +38 -47
- data/plugins/crawler/gui/status_frame.rb +59 -68
- data/plugins/crawler/lib/bags.rb +18 -27
- data/plugins/crawler/lib/constants.rb +11 -20
- data/plugins/crawler/lib/engine.rb +488 -497
- data/plugins/crawler/lib/grabber.rb +68 -77
- data/plugins/crawler/lib/status.rb +71 -80
- data/plugins/crawler/lib/uri_mp.rb +12 -21
- data/plugins/filefinder/filefinder.rb +326 -333
- data/plugins/sqlmap/bin/test.rb +78 -87
- data/plugins/sqlmap/gui.rb +4 -13
- data/plugins/sqlmap/gui/main.rb +218 -227
- data/plugins/sqlmap/gui/options_frame.rb +97 -106
- data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
- data/plugins/sqlmap/sqlmap.rb +2 -11
- data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
- data/plugins/sslchecker/gui/cipher_table.rb +246 -254
- data/plugins/sslchecker/gui/gui.rb +258 -264
- data/plugins/sslchecker/gui/sslchecker.rb +4 -13
- data/plugins/sslchecker/lib/check.rb +127 -133
- data/plugins/wshell/gui/main.rb +119 -117
- data/plugins/wshell/lib/core.rb +38 -88
- data/plugins/wshell/wshell.rb +11 -20
- metadata +170 -164
|
@@ -1,12 +1,3 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# edit_comment.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
# @private
|
|
11
2
|
module Watobo#:nodoc: all
|
|
12
3
|
module Gui
|
|
@@ -1,12 +1,3 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# edit_scope_dialog.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
# @private
|
|
11
2
|
module Watobo#:nodoc: all
|
|
12
3
|
module Gui
|
|
@@ -1,114 +1,105 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
1
|
+
# @private
|
|
2
|
+
module Watobo#:nodoc: all
|
|
3
|
+
module Gui
|
|
4
|
+
class ExportDialog < FXDialogBox
|
|
5
|
+
def check_settings
|
|
9
6
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
def
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
@
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
@
|
|
60
|
-
@
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
@
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
prefs
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
puts
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
end
|
|
110
|
-
end
|
|
111
|
-
|
|
112
|
-
if __FILE__ == $0
|
|
113
|
-
# TODO Generated stub
|
|
114
|
-
end
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def select_target_file()
|
|
10
|
+
fname = "watobo_" + Time.now.to_i.to_s + ".xml"
|
|
11
|
+
dst_file = File.join(@export_path, fname)
|
|
12
|
+
filename = FXFileDialog.getSaveFilename(self, "Select Export File", dst_file)
|
|
13
|
+
if filename != "" then
|
|
14
|
+
|
|
15
|
+
@filename_txt.text = filename
|
|
16
|
+
|
|
17
|
+
return true
|
|
18
|
+
end
|
|
19
|
+
return false
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def onFinished
|
|
23
|
+
getApp().stopModal(self, 1)
|
|
24
|
+
self.hide()
|
|
25
|
+
return 1
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def initialize(owner)
|
|
29
|
+
@export_path = Watobo.workspace_path
|
|
30
|
+
super(owner, "Export Dialog", :opts => DECOR_TITLE|DECOR_BORDER|DECOR_CLOSE, :width => 350, :height => 250)
|
|
31
|
+
|
|
32
|
+
main = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
|
33
|
+
|
|
34
|
+
# frame = FXHorizontalFrame.new(gbframe, :opts => LAYOUT_FILL_X, :padding => 0)
|
|
35
|
+
gbox = FXGroupBox.new(main, "Items", LAYOUT_SIDE_LEFT|FRAME_GROOVE|LAYOUT_FILL_X, 0, 0, 0, 80)
|
|
36
|
+
gbframe = FXVerticalFrame.new(gbox, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
|
|
37
|
+
@export_chats = FXCheckButton.new(gbframe, "Chats", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
38
|
+
@export_chats.checkState = true
|
|
39
|
+
|
|
40
|
+
@export_findings = FXCheckButton.new(gbframe, "Findings", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
41
|
+
@export_findings.checkState = true
|
|
42
|
+
|
|
43
|
+
|
|
44
|
+
# frame = FXHorizontalFrame.new(gbframe, :opts => LAYOUT_FILL_X, :padding => 0)
|
|
45
|
+
gbox = FXGroupBox.new(main, "Filter", LAYOUT_SIDE_LEFT|FRAME_GROOVE|LAYOUT_FILL_X, 0, 0, 0, 80)
|
|
46
|
+
gbframe = FXVerticalFrame.new(gbox, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
|
|
47
|
+
@scope_only = FXCheckButton.new(gbframe, "Scope Only", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
48
|
+
@scope_only.checkState = true
|
|
49
|
+
|
|
50
|
+
@ignore_fps = FXCheckButton.new(gbframe, "Ignore False-Positives", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
51
|
+
@ignore_fps.checkState = true
|
|
52
|
+
|
|
53
|
+
|
|
54
|
+
frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
|
|
55
|
+
FXLabel.new(frame, "Save To:", nil, LAYOUT_TOP|JUSTIFY_RIGHT)
|
|
56
|
+
@filename_txt = FXTextField.new(frame, 25, :opts => TEXTFIELD_NORMAL|LAYOUT_SIDE_RIGHT|LAYOUT_FILL_X)
|
|
57
|
+
@select_btn = FXButton.new(frame, "Select")
|
|
58
|
+
|
|
59
|
+
@select_btn.connect(SEL_COMMAND){ select_target_file }
|
|
60
|
+
|
|
61
|
+
buttons_frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
|
|
62
|
+
|
|
63
|
+
@export_btn = FXButton.new(buttons_frame, "export" , nil, nil, :opts => BUTTON_NORMAL|LAYOUT_RIGHT)
|
|
64
|
+
@export_btn.enable
|
|
65
|
+
@export_btn.connect(SEL_COMMAND){ onExport }
|
|
66
|
+
|
|
67
|
+
@finished_btn = FXButton.new(buttons_frame, "finished" , nil, nil, :opts => BUTTON_NORMAL|LAYOUT_RIGHT)
|
|
68
|
+
@finished_btn.enable
|
|
69
|
+
@finished_btn.connect(SEL_COMMAND){ onFinished }
|
|
70
|
+
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
private
|
|
74
|
+
|
|
75
|
+
def onExport
|
|
76
|
+
#return false unless check_export_target
|
|
77
|
+
prefs = []
|
|
78
|
+
prefs << :export_findings if @export_findings.checked?
|
|
79
|
+
prefs << :export_chats if @export_chats.checked?
|
|
80
|
+
prefs << :scope_only if @scope_only.checked?
|
|
81
|
+
prefs << :ignore_fps if @ignore_fps.checked?
|
|
82
|
+
|
|
83
|
+
puts "Export-Prefs: #{prefs.join(", ")}"
|
|
84
|
+
file = @filename_txt.text
|
|
85
|
+
unless file.strip.empty?
|
|
86
|
+
begin
|
|
87
|
+
File.open(file, "w"){|fh|
|
|
88
|
+
xml = Watobo::Utils.exportXML(*prefs)
|
|
89
|
+
fh.puts xml.to_xml
|
|
90
|
+
}
|
|
91
|
+
rescue => bang
|
|
92
|
+
puts bang
|
|
93
|
+
puts bang.backtrace
|
|
94
|
+
end
|
|
95
|
+
else
|
|
96
|
+
#TODO
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
if __FILE__ == $0
|
|
104
|
+
# TODO Generated stub
|
|
105
|
+
end
|
|
@@ -1,12 +1,3 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# finding_info.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
require 'fox16/colors'
|
|
11
2
|
# @private
|
|
12
3
|
module Watobo#:nodoc: all
|
|
@@ -1,20 +1,12 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# findings_tree.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
# @private
|
|
11
|
-
module Watobo#:nodoc: all
|
|
2
|
+
module Watobo #:nodoc: all
|
|
12
3
|
module Gui
|
|
13
4
|
class FindingsTree < FXTreeList
|
|
14
5
|
include Watobo::Constants
|
|
15
6
|
include Watobo::Gui::Icons
|
|
16
7
|
|
|
17
8
|
attr_accessor :project
|
|
9
|
+
|
|
18
10
|
def subscribe(event, &callback)
|
|
19
11
|
(@event_dispatcher_listeners[event] ||= []) << callback
|
|
20
12
|
end
|
|
@@ -40,24 +32,24 @@ module Watobo#:nodoc: all
|
|
|
40
32
|
false
|
|
41
33
|
end
|
|
42
34
|
|
|
43
|
-
|
|
35
|
+
|
|
44
36
|
def reload()
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
37
|
+
self.clearItems
|
|
38
|
+
@findings.clear
|
|
39
|
+
Watobo::Findings.each do |fid, finding|
|
|
40
|
+
addFinding(finding)
|
|
41
|
+
end
|
|
42
|
+
expand_findings
|
|
43
|
+
@expandeds.each do |t|
|
|
44
|
+
site, text = t.split("|")
|
|
45
|
+
if (site = self.findItem(site, nil, SEARCH_FORWARD|SEARCH_NOWRAP))
|
|
46
|
+
if (node = self.findItem(text, site, SEARCH_FORWARD|SEARCH_NOWRAP))
|
|
47
|
+
self.expandTree(node)
|
|
48
|
+
else
|
|
49
|
+
@expandeds.delete t
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
end
|
|
61
53
|
end
|
|
62
54
|
|
|
63
55
|
def useRegularIcons()
|
|
@@ -123,17 +115,17 @@ module Watobo#:nodoc: all
|
|
|
123
115
|
site = nil
|
|
124
116
|
# puts "add finding"
|
|
125
117
|
if not hidden?(finding) then
|
|
126
|
-
site = self.findItem(finding.request.site, nil,SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
118
|
+
site = self.findItem(finding.request.site, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
127
119
|
|
|
128
120
|
if not site then
|
|
129
121
|
# found new site
|
|
130
122
|
site = self.appendItem(nil, finding.request.site, @icon_project, @icon_project)
|
|
131
123
|
item = self.appendItem(site, "Vulnerabilities", @icon_vuln, @icon_vuln)
|
|
132
|
-
self.setItemData(item, :finding_type
|
|
124
|
+
self.setItemData(item, :finding_type)
|
|
133
125
|
item = self.appendItem(site, "Hints", @icon_hints, @icon_hints)
|
|
134
|
-
self.setItemData(item, :finding_type
|
|
126
|
+
self.setItemData(item, :finding_type)
|
|
135
127
|
item = self.appendItem(site, "Info", @icon_info, @icon_info)
|
|
136
|
-
self.setItemData(item, :finding_type
|
|
128
|
+
self.setItemData(item, :finding_type)
|
|
137
129
|
#site = @findings_tree.moveItem(project.first,project,site)
|
|
138
130
|
self.setItemData(site, :item_type_site)
|
|
139
131
|
|
|
@@ -142,46 +134,54 @@ module Watobo#:nodoc: all
|
|
|
142
134
|
finding_type=""
|
|
143
135
|
|
|
144
136
|
case finding.details[:type]
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
137
|
+
when FINDING_TYPE_INFO
|
|
138
|
+
finding_type = "Info"
|
|
139
|
+
icon = @icon_info_info
|
|
140
|
+
|
|
141
|
+
when FINDING_TYPE_HINT
|
|
142
|
+
finding_type = "Hints"
|
|
143
|
+
icon = @icon_hints_info
|
|
144
|
+
|
|
145
|
+
when FINDING_TYPE_VULN
|
|
146
|
+
finding_type = "Vulnerabilities"
|
|
147
|
+
icon = @icon_vuln_bp
|
|
148
|
+
|
|
149
|
+
if finding.details[:rating] == VULN_RATING_LOW
|
|
150
|
+
icon = @icon_vuln_low
|
|
151
|
+
# puts "low-rating-vuln"
|
|
152
|
+
end
|
|
153
|
+
if finding.details[:rating] == VULN_RATING_MEDIUM
|
|
154
|
+
icon = @icon_vuln_medium
|
|
155
|
+
end
|
|
156
|
+
if finding.details[:rating] == VULN_RATING_HIGH
|
|
157
|
+
icon = @icon_vuln_high
|
|
158
|
+
end
|
|
159
|
+
if finding.details[:rating] == VULN_RATING_CRITICAL
|
|
160
|
+
icon = @icon_vuln_critical
|
|
161
|
+
end
|
|
170
162
|
end
|
|
171
163
|
|
|
172
164
|
sub_tree = self.findItem(finding_type, site, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP)
|
|
173
165
|
if sub_tree and sub_tree.parent == site and finding.details[:class]
|
|
166
|
+
class_item = nil
|
|
167
|
+
|
|
168
|
+
# don't use findItem here because of nested collisions
|
|
169
|
+
sub_tree.each do |c|
|
|
170
|
+
if c.text =~ /^#{Regexp.quote(finding.details[:class])}/
|
|
171
|
+
class_item = c
|
|
172
|
+
end
|
|
173
|
+
end
|
|
174
|
+
#class_item = self.findItem(finding.details[:class], sub_tree, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP|SEARCH_PREFIX)
|
|
174
175
|
|
|
175
|
-
class_item = self.findItem(finding.details[:class], sub_tree, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP|SEARCH_PREFIX)
|
|
176
176
|
if not class_item or class_item.parent != sub_tree
|
|
177
177
|
class_item = self.appendItem(sub_tree, finding.details[:class], icon, icon)
|
|
178
|
-
self.setItemData(class_item, :finding_class
|
|
178
|
+
self.setItemData(class_item, :finding_class)
|
|
179
179
|
end
|
|
180
180
|
title_item = self.findItem(finding.details[:title], class_item, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP)
|
|
181
181
|
if not title_item or title_item.parent != class_item
|
|
182
182
|
title_item = self.appendItem(class_item, finding.details[:title], nil, nil)
|
|
183
|
-
self.setItemData(title_item, :title
|
|
184
|
-
|
|
183
|
+
self.setItemData(title_item, :title)
|
|
184
|
+
# puts finding.details[:title]
|
|
185
185
|
end
|
|
186
186
|
# puts title_item
|
|
187
187
|
resource = finding.request.path_ext
|
|
@@ -189,15 +189,15 @@ module Watobo#:nodoc: all
|
|
|
189
189
|
request_item = self.findItem(resource, title_item, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP)
|
|
190
190
|
if not request_item or request_item.parent != title_item
|
|
191
191
|
text = "/" + resource
|
|
192
|
-
|
|
193
|
-
|
|
192
|
+
request_item = self.appendItem(title_item, text)
|
|
193
|
+
self.setItemData(request_item, finding)
|
|
194
194
|
end
|
|
195
|
-
|
|
195
|
+
|
|
196
196
|
#
|
|
197
197
|
unless class_item.text =~ / \(\d+\)$/
|
|
198
198
|
class_item.text = class_item.text + " (#{class_item.numChildren})"
|
|
199
199
|
else
|
|
200
|
-
|
|
200
|
+
class_item.text = class_item.text.gsub(/ \(\d+\)$/, " (#{class_item.numChildren})")
|
|
201
201
|
end
|
|
202
202
|
end
|
|
203
203
|
|
|
@@ -227,11 +227,11 @@ module Watobo#:nodoc: all
|
|
|
227
227
|
useRegularIcons()
|
|
228
228
|
|
|
229
229
|
@filtered_domains = Hash.new # domains which already have been filtered
|
|
230
|
-
|
|
230
|
+
|
|
231
231
|
self.connect(SEL_CLIPBOARD_REQUEST) do
|
|
232
|
-
|
|
232
|
+
setDNDData(FROM_CLIPBOARD, FXWindow.stringType, Fox.fxencodeStringData(@clipboard.to_s))
|
|
233
233
|
end
|
|
234
|
-
|
|
234
|
+
|
|
235
235
|
self.connect(SEL_EXPANDED) do |sender, sel, item|
|
|
236
236
|
parent = item
|
|
237
237
|
while parent.parent
|
|
@@ -242,7 +242,7 @@ module Watobo#:nodoc: all
|
|
|
242
242
|
@expandeds << node
|
|
243
243
|
end
|
|
244
244
|
end
|
|
245
|
-
|
|
245
|
+
|
|
246
246
|
self.connect(SEL_COLLAPSED) do |sender, sel, item|
|
|
247
247
|
parent = item
|
|
248
248
|
while parent.parent
|
|
@@ -295,25 +295,23 @@ module Watobo#:nodoc: all
|
|
|
295
295
|
unless event.moved?
|
|
296
296
|
FXMenuPane.new(self) do |menu_pane|
|
|
297
297
|
item = sender.getItemAt(event.win_x, event.win_y)
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
unless item.nil?
|
|
298
|
+
unless item.nil?
|
|
301
299
|
|
|
302
300
|
data = self.getItemData(item)
|
|
303
301
|
|
|
304
|
-
|
|
302
|
+
|
|
305
303
|
unless self.itemLeaf?(item)
|
|
306
|
-
FXMenuCommand.new(menu_pane, "expand tree"
|
|
304
|
+
FXMenuCommand.new(menu_pane, "expand tree").connect(SEL_COMMAND) {
|
|
307
305
|
expandFullTree(item)
|
|
308
306
|
}
|
|
309
307
|
|
|
310
|
-
FXMenuCommand.new(menu_pane, "collapse tree"
|
|
308
|
+
FXMenuCommand.new(menu_pane, "collapse tree").connect(SEL_COMMAND) {
|
|
311
309
|
self.collapseFullTree(item)
|
|
312
310
|
}
|
|
313
|
-
|
|
314
|
-
end
|
|
311
|
+
FXMenuSeparator.new(menu_pane)
|
|
315
312
|
end
|
|
316
|
-
|
|
313
|
+
end
|
|
314
|
+
target = FXMenuCheck.new(menu_pane, "show scope only")
|
|
317
315
|
|
|
318
316
|
target.check = @show_scope_only
|
|
319
317
|
|
|
@@ -322,7 +320,7 @@ module Watobo#:nodoc: all
|
|
|
322
320
|
reload
|
|
323
321
|
}
|
|
324
322
|
|
|
325
|
-
target = FXMenuCheck.new(menu_pane, "hide false-positives"
|
|
323
|
+
target = FXMenuCheck.new(menu_pane, "hide false-positives")
|
|
326
324
|
|
|
327
325
|
target.check = @hide_false_positives
|
|
328
326
|
|
|
@@ -330,118 +328,113 @@ module Watobo#:nodoc: all
|
|
|
330
328
|
@hide_false_positives = ts.checked?
|
|
331
329
|
reload
|
|
332
330
|
}
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
|
|
331
|
+
|
|
332
|
+
|
|
336
333
|
unless item.nil?
|
|
337
334
|
|
|
338
335
|
data = self.getItemData(item)
|
|
339
336
|
|
|
340
337
|
FXMenuSeparator.new(menu_pane) unless data == :finding_type
|
|
341
|
-
|
|
338
|
+
|
|
342
339
|
|
|
343
340
|
if data == :item_type_site then
|
|
344
|
-
|
|
345
|
-
FXMenuCommand.new(menu_pane, "add site to scope"
|
|
341
|
+
# FXMenuSeparator.new(menu_pane)
|
|
342
|
+
FXMenuCommand.new(menu_pane, "add site to scope").connect(SEL_COMMAND) {
|
|
346
343
|
#notify(:add_site_to_scope, item.to_s)
|
|
347
344
|
Watobo::Scope.add item.to_s
|
|
348
345
|
reload
|
|
349
346
|
}
|
|
350
|
-
|
|
347
|
+
#
|
|
351
348
|
elsif data == :title
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
|
|
360
|
-
|
|
349
|
+
findings = []
|
|
350
|
+
item.each do |ft|
|
|
351
|
+
f = self.getItemData(ft)
|
|
352
|
+
findings << f if f.is_a? Watobo::Finding
|
|
353
|
+
end
|
|
354
|
+
|
|
355
|
+
fp_submenu = FXMenuPane.new(self) do |sub|
|
|
361
356
|
|
|
362
|
-
|
|
357
|
+
|
|
358
|
+
target = FXMenuCommand.new(sub, "Set False Positive")
|
|
363
359
|
target.connect(SEL_COMMAND) {
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
# puts "* False Positive #{findings.length}"
|
|
360
|
+
|
|
361
|
+
# puts "* False Positive #{findings.length}"
|
|
367
362
|
|
|
368
363
|
# remember parent node to expand it later
|
|
369
364
|
fclass = item.parent.text
|
|
370
365
|
fcat = item.parent.parent.text
|
|
371
366
|
fsite = item.parent.parent.parent.text
|
|
372
|
-
|
|
367
|
+
|
|
373
368
|
puts ">> #{fsite} - #{fcat} - #{fclass} (#{fclass.object_id})"
|
|
374
|
-
|
|
369
|
+
|
|
375
370
|
notify(:set_false_positive, findings)
|
|
376
|
-
|
|
371
|
+
|
|
377
372
|
reload
|
|
378
|
-
|
|
373
|
+
|
|
379
374
|
site_item = cat_item = class_item = nil
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
375
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
376
|
+
|
|
377
|
+
unless site_item.nil?
|
|
378
|
+
self.expandTree(site_item)
|
|
379
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
380
|
+
end
|
|
381
|
+
|
|
382
|
+
unless cat_item.nil?
|
|
383
|
+
self.expandTree(cat_item)
|
|
384
|
+
class_item = self.findItem(fclass, cat_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
385
|
+
end
|
|
386
|
+
|
|
387
|
+
|
|
388
|
+
unless class_item.nil?
|
|
389
|
+
puts "Expanding #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
390
|
+
self.expandTree(class_item)
|
|
396
391
|
else
|
|
397
392
|
puts "Could not find tree item for #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
398
393
|
end
|
|
399
|
-
|
|
400
|
-
|
|
401
394
|
}
|
|
402
|
-
target = FXMenuCommand.new(sub, "Unset False Positive"
|
|
395
|
+
target = FXMenuCommand.new(sub, "Unset False Positive")
|
|
403
396
|
target.connect(SEL_COMMAND) {
|
|
404
397
|
fclass = item.parent.text
|
|
405
398
|
fcat = item.parent.parent.text
|
|
406
399
|
fsite = item.parent.parent.parent.text
|
|
407
|
-
|
|
400
|
+
|
|
408
401
|
notify(:unset_false_positive, findings)
|
|
409
402
|
reload
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
403
|
+
site_item = cat_item = class_item = nil
|
|
404
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
405
|
+
|
|
406
|
+
unless site_item.nil?
|
|
407
|
+
self.expandTree(site_item)
|
|
408
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
409
|
+
end
|
|
410
|
+
|
|
411
|
+
unless cat_item.nil?
|
|
412
|
+
self.expandTree(cat_item)
|
|
413
|
+
class_item = self.findItem(fclass, cat_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
414
|
+
end
|
|
415
|
+
|
|
416
|
+
|
|
417
|
+
unless class_item.nil?
|
|
418
|
+
puts "Expanding #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
419
|
+
self.expandTree(class_item)
|
|
427
420
|
else
|
|
428
421
|
puts "Could not find tree item for #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
429
422
|
end
|
|
430
423
|
}
|
|
431
424
|
|
|
432
425
|
FXMenuSeparator.new(sub)
|
|
433
|
-
|
|
434
|
-
FXMenuCommand.new(sub, "Purge - NO UNDO!"
|
|
426
|
+
|
|
427
|
+
FXMenuCommand.new(sub, "Purge - NO UNDO!").connect(SEL_COMMAND) {
|
|
435
428
|
notify(:purge_findings, findings)
|
|
436
429
|
reload
|
|
437
|
-
|
|
430
|
+
}
|
|
438
431
|
end
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
info = FXMenuCommand.new(menu_pane, "Details..."
|
|
432
|
+
FXMenuCascade.new(menu_pane, "All \"#{item}\"", nil, fp_submenu)
|
|
433
|
+
|
|
434
|
+
FXMenuSeparator.new(menu_pane)
|
|
435
|
+
info = FXMenuCommand.new(menu_pane, "Details...")
|
|
443
436
|
info.connect(SEL_COMMAND) {
|
|
444
|
-
|
|
437
|
+
#@interface.showFindingDetails(item.data)}
|
|
445
438
|
notify(:show_finding_details, findings.first)
|
|
446
439
|
}
|
|
447
440
|
|
|
@@ -449,75 +442,75 @@ module Watobo#:nodoc: all
|
|
|
449
442
|
#puts "FINDING_CLASS"
|
|
450
443
|
# COPY SUBMENU
|
|
451
444
|
findings = []
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
445
|
+
item.each do |c|
|
|
446
|
+
c.each do |ft|
|
|
447
|
+
f = self.getItemData(ft)
|
|
448
|
+
findings << f if f.is_a? Watobo::Finding
|
|
449
|
+
end
|
|
450
|
+
|
|
451
|
+
end
|
|
457
452
|
|
|
458
|
-
end
|
|
459
|
-
|
|
460
453
|
fp_submenu = FXMenuPane.new(self) do |sub|
|
|
461
|
-
|
|
462
|
-
|
|
454
|
+
|
|
455
|
+
target = FXMenuCommand.new(sub, "Copy URLs")
|
|
463
456
|
target.connect(SEL_COMMAND) {
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
475
|
-
|
|
457
|
+
|
|
458
|
+
urls = []
|
|
459
|
+
findings.each do |f|
|
|
460
|
+
proto = f.request.proto
|
|
461
|
+
site = f.request.site
|
|
462
|
+
path = f.request.path
|
|
463
|
+
urls << "#{proto}://#{site}/#{path}"
|
|
464
|
+
end
|
|
465
|
+
types = [FXWindow.stringType]
|
|
466
|
+
if acquireClipboard(types)
|
|
467
|
+
@clipboard = urls.uniq.join("\n")
|
|
468
|
+
end
|
|
476
469
|
}
|
|
477
470
|
|
|
478
|
-
target = FXMenuCommand.new(sub, "Set False Positive"
|
|
471
|
+
target = FXMenuCommand.new(sub, "Set False Positive")
|
|
479
472
|
target.connect(SEL_COMMAND) {
|
|
480
|
-
|
|
473
|
+
|
|
481
474
|
fcat = item.parent.text
|
|
482
475
|
fsite = item.parent.parent.text
|
|
483
|
-
|
|
476
|
+
|
|
484
477
|
notify(:set_false_positive, findings)
|
|
485
478
|
reload
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
490
|
-
|
|
491
|
-
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
|
|
495
|
-
|
|
496
|
-
|
|
479
|
+
site_item = cat_item = class_item = nil
|
|
480
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
481
|
+
|
|
482
|
+
unless site_item.nil?
|
|
483
|
+
self.expandTree(site_item)
|
|
484
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
485
|
+
end
|
|
486
|
+
|
|
487
|
+
unless cat_item.nil?
|
|
488
|
+
self.expandTree(cat_item)
|
|
489
|
+
end
|
|
497
490
|
|
|
498
491
|
}
|
|
499
|
-
target = FXMenuCommand.new(sub, "Unset False Positive"
|
|
492
|
+
target = FXMenuCommand.new(sub, "Unset False Positive")
|
|
500
493
|
target.connect(SEL_COMMAND) {
|
|
501
494
|
fcat = item.parent.text
|
|
502
495
|
fsite = item.parent.parent.text
|
|
503
496
|
notify(:unset_false_positive, findings)
|
|
504
497
|
reload
|
|
505
498
|
site_item = cat_item = class_item = nil
|
|
506
|
-
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
|
|
513
|
-
|
|
514
|
-
|
|
515
|
-
|
|
499
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
500
|
+
|
|
501
|
+
unless site_item.nil?
|
|
502
|
+
self.expandTree(site_item)
|
|
503
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
504
|
+
end
|
|
505
|
+
|
|
506
|
+
unless cat_item.nil?
|
|
507
|
+
self.expandTree(cat_item)
|
|
508
|
+
end
|
|
516
509
|
}
|
|
517
510
|
|
|
518
511
|
FXMenuSeparator.new(sub)
|
|
519
|
-
FXMenuCommand.new(sub, "Purge - NO UNDO!"
|
|
520
|
-
|
|
512
|
+
FXMenuCommand.new(sub, "Purge - NO UNDO!").connect(SEL_COMMAND) {
|
|
513
|
+
|
|
521
514
|
puts "* purge findings #{findings.length}"
|
|
522
515
|
|
|
523
516
|
notify(:purge_findings, findings)
|
|
@@ -526,32 +519,32 @@ module Watobo#:nodoc: all
|
|
|
526
519
|
|
|
527
520
|
end
|
|
528
521
|
FXMenuCascade.new(menu_pane, "All \"#{item}\"", nil, fp_submenu)
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
info = FXMenuCommand.new(menu_pane, "Details..."
|
|
522
|
+
|
|
523
|
+
FXMenuSeparator.new(menu_pane)
|
|
524
|
+
info = FXMenuCommand.new(menu_pane, "Details...")
|
|
532
525
|
info.connect(SEL_COMMAND) {
|
|
533
|
-
|
|
526
|
+
#@interface.showFindingDetails(item.data)}
|
|
534
527
|
notify(:show_finding_details, findings.first)
|
|
535
528
|
}
|
|
536
529
|
|
|
537
530
|
elsif data.is_a? Watobo::Finding then
|
|
538
|
-
FXMenuCommand.new(menu_pane, "Copy URL"
|
|
539
|
-
types = [
|
|
540
|
-
|
|
541
|
-
|
|
542
|
-
|
|
543
|
-
|
|
531
|
+
FXMenuCommand.new(menu_pane, "Copy URL").connect(SEL_COMMAND) {
|
|
532
|
+
types = [FXWindow.stringType]
|
|
533
|
+
if acquireClipboard(types)
|
|
534
|
+
@clipboard = item.data.request.url.to_s
|
|
535
|
+
end
|
|
536
|
+
|
|
544
537
|
}
|
|
545
|
-
|
|
546
|
-
doManual = FXMenuCommand.new(menu_pane, "Manual Request.."
|
|
538
|
+
# FXMenuSeparator.new(menu_pane)
|
|
539
|
+
doManual = FXMenuCommand.new(menu_pane, "Manual Request..")
|
|
547
540
|
doManual.connect(SEL_COMMAND) {
|
|
548
|
-
|
|
541
|
+
# @interface.open_manual_request_editor(item.data)
|
|
549
542
|
notify(:open_manual_request, item.data)
|
|
550
543
|
|
|
551
544
|
}
|
|
552
|
-
info = FXMenuCommand.new(menu_pane, "Details..."
|
|
545
|
+
info = FXMenuCommand.new(menu_pane, "Details...")
|
|
553
546
|
info.connect(SEL_COMMAND) {
|
|
554
|
-
|
|
547
|
+
#@interface.showFindingDetails(item.data)}
|
|
555
548
|
notify(:show_finding_details, item.data)
|
|
556
549
|
}
|
|
557
550
|
end
|
|
@@ -566,16 +559,16 @@ module Watobo#:nodoc: all
|
|
|
566
559
|
end
|
|
567
560
|
|
|
568
561
|
private
|
|
569
|
-
|
|
562
|
+
|
|
570
563
|
def expand_findings()
|
|
571
564
|
self.each do |site|
|
|
572
565
|
expandTree site
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
|
|
566
|
+
%w(Vulnerabilities Hints Info).each do |item|
|
|
567
|
+
f = self.findItem(item, site, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
568
|
+
expandTree(f) unless site.nil?
|
|
569
|
+
end
|
|
577
570
|
end
|
|
578
|
-
|
|
571
|
+
|
|
579
572
|
end
|
|
580
573
|
|
|
581
574
|
def notify(event, *args)
|
|
@@ -586,6 +579,6 @@ module Watobo#:nodoc: all
|
|
|
586
579
|
end
|
|
587
580
|
end
|
|
588
581
|
end
|
|
589
|
-
|
|
582
|
+
# namespace end
|
|
590
583
|
end
|
|
591
584
|
end
|