watobo 0.9.21 → 0.9.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +46 -1
- data/bin/nfq_server.rb +0 -9
- data/bin/watobo_gui.rb +3 -13
- data/custom-views/prettify-json.rb +9 -18
- data/icons/watobo.ico +0 -0
- data/icons/watobo.ico.old +0 -0
- data/lib/watobo.rb +10 -19
- data/lib/watobo/adapters.rb +5 -14
- data/lib/watobo/adapters/data_store.rb +50 -59
- data/lib/watobo/adapters/file/file_store.rb +287 -296
- data/lib/watobo/adapters/file/marshal_store.rb +293 -296
- data/lib/watobo/adapters/session_store.rb +5 -14
- data/lib/watobo/ca.rb +1 -10
- data/lib/watobo/config.rb +197 -206
- data/lib/watobo/constants.rb +0 -9
- data/lib/watobo/core.rb +3 -12
- data/lib/watobo/core/active_check.rb +72 -135
- data/lib/watobo/core/active_checks.rb +49 -58
- data/lib/watobo/core/ca.rb +369 -389
- data/lib/watobo/core/cert_store.rb +34 -43
- data/lib/watobo/core/chat.rb +92 -101
- data/lib/watobo/core/chats.rb +271 -280
- data/lib/watobo/core/client_cert_store.rb +106 -35
- data/lib/watobo/core/conversation.rb +48 -57
- data/lib/watobo/core/cookie.rb +23 -32
- data/lib/watobo/core/egress_handlers.rb +98 -0
- data/lib/watobo/core/finding.rb +66 -75
- data/lib/watobo/core/findings.rb +107 -114
- data/lib/watobo/core/forwarding_proxy.rb +13 -22
- data/lib/watobo/core/fuzz_gen.rb +0 -9
- data/lib/watobo/core/intercept_carver.rb +166 -177
- data/lib/watobo/core/intercept_filter.rb +235 -244
- data/lib/watobo/core/interceptor.rb +98 -107
- data/lib/watobo/core/min_class.rb +4 -13
- data/lib/watobo/core/netfilter_queue.rb +170 -179
- data/lib/watobo/core/ott_cache.rb +132 -141
- data/lib/watobo/core/parameter.rb +43 -52
- data/lib/watobo/core/passive_check.rb +103 -102
- data/lib/watobo/core/passive_checks.rb +48 -57
- data/lib/watobo/core/passive_scanner.rb +54 -55
- data/lib/watobo/core/plugin.rb +11 -20
- data/lib/watobo/core/project.rb +3 -9
- data/lib/watobo/core/proxy.rb +43 -52
- data/lib/watobo/core/request.rb +125 -123
- data/lib/watobo/core/response.rb +44 -53
- data/lib/watobo/core/scanner.rb +0 -9
- data/lib/watobo/core/scanner3.rb +405 -414
- data/lib/watobo/core/scope.rb +83 -92
- data/lib/watobo/core/session.rb +1043 -1026
- data/lib/watobo/core/sid_cache.rb +98 -107
- data/lib/watobo/core/subscriber.rb +25 -34
- data/lib/watobo/defaults.rb +21 -30
- data/lib/watobo/external/diff/lcs.rb +0 -9
- data/lib/watobo/external/diff/lcs/array.rb +0 -9
- data/lib/watobo/external/diff/lcs/block.rb +0 -9
- data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
- data/lib/watobo/external/diff/lcs/change.rb +0 -9
- data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
- data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
- data/lib/watobo/external/diff/lcs/string.rb +0 -9
- data/lib/watobo/externals.rb +6 -15
- data/lib/watobo/framework.rb +4 -13
- data/lib/watobo/framework/create_project.rb +60 -69
- data/lib/watobo/framework/init.rb +0 -9
- data/lib/watobo/framework/init_modules.rb +0 -9
- data/lib/watobo/framework/license_text.rb +28 -37
- data/lib/watobo/framework/load_chat.rb +13 -22
- data/lib/watobo/gui.rb +132 -123
- data/lib/watobo/gui/about_watobo.rb +0 -9
- data/lib/watobo/gui/browser_preview.rb +0 -9
- data/lib/watobo/gui/certificate_dialog.rb +0 -9
- data/lib/watobo/gui/chat_diff.rb +0 -9
- data/lib/watobo/gui/chatviewer_frame.rb +73 -72
- data/lib/watobo/gui/checkboxtree.rb +0 -9
- data/lib/watobo/gui/checks_policy_frame.rb +0 -9
- data/lib/watobo/gui/client_cert_dialog.rb +96 -87
- data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
- data/lib/watobo/gui/conversation_table.rb +158 -164
- data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
- data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
- data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
- data/lib/watobo/gui/custom_viewer.rb +374 -383
- data/lib/watobo/gui/dashboard.rb +296 -303
- data/lib/watobo/gui/define_scope_frame.rb +0 -9
- data/lib/watobo/gui/differ_frame.rb +215 -224
- data/lib/watobo/gui/edit_comment.rb +0 -9
- data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
- data/lib/watobo/gui/export_dialog.rb +104 -113
- data/lib/watobo/gui/finding_info.rb +0 -9
- data/lib/watobo/gui/findings_tree.rb +210 -217
- data/lib/watobo/gui/full_scan_dialog.rb +0 -9
- data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
- data/lib/watobo/gui/fxsave_thread.rb +14 -0
- data/lib/watobo/gui/goto_url_dialog.rb +70 -79
- data/lib/watobo/gui/hex_viewer.rb +0 -9
- data/lib/watobo/gui/html_viewer.rb +287 -296
- data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
- data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
- data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
- data/lib/watobo/gui/json_viewer.rb +287 -0
- data/lib/watobo/gui/list_box.rb +101 -110
- data/lib/watobo/gui/log_file_viewer.rb +32 -41
- data/lib/watobo/gui/log_viewer.rb +83 -88
- data/lib/watobo/gui/login_wizzard.rb +0 -9
- data/lib/watobo/gui/main_window.rb +587 -618
- data/lib/watobo/gui/manual_request_editor.rb +620 -565
- data/lib/watobo/gui/master_pw_dialog.rb +0 -9
- data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
- data/lib/watobo/gui/page_tree.rb +217 -226
- data/lib/watobo/gui/password_policy_dialog.rb +0 -9
- data/lib/watobo/gui/plugin_board.rb +0 -9
- data/lib/watobo/gui/preferences_dialog.rb +0 -9
- data/lib/watobo/gui/progress_window.rb +17 -27
- data/lib/watobo/gui/project_wizzard.rb +0 -9
- data/lib/watobo/gui/proxy_dialog.rb +1 -10
- data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
- data/lib/watobo/gui/request_builder_frame.rb +102 -111
- data/lib/watobo/gui/request_editor.rb +181 -137
- data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
- data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
- data/lib/watobo/gui/save_chat_dialog.rb +140 -149
- data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
- data/lib/watobo/gui/select_chat_dialog.rb +0 -9
- data/lib/watobo/gui/session_management_dialog.rb +0 -9
- data/lib/watobo/gui/sites_tree.rb +0 -9
- data/lib/watobo/gui/status_bar.rb +0 -9
- data/lib/watobo/gui/table_editor.rb +0 -9
- data/lib/watobo/gui/tagless_viewer.rb +0 -9
- data/lib/watobo/gui/templates/plugin.rb +0 -9
- data/lib/watobo/gui/templates/plugin2.rb +92 -100
- data/lib/watobo/gui/templates/plugin_base.rb +144 -153
- data/lib/watobo/gui/text_viewer.rb +0 -9
- data/lib/watobo/gui/transcoder_window.rb +0 -9
- data/lib/watobo/gui/utils/gui_utils.rb +0 -9
- data/lib/watobo/gui/utils/init_icons.rb +86 -95
- data/lib/watobo/gui/utils/load_icons.rb +33 -42
- data/lib/watobo/gui/utils/load_plugins.rb +116 -119
- data/lib/watobo/gui/utils/master_password.rb +68 -77
- data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
- data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
- data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
- data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
- data/lib/watobo/gui/utils/session_history.rb +112 -121
- data/lib/watobo/gui/workspace_dialog.rb +0 -9
- data/lib/watobo/gui/www_auth_dialog.rb +0 -9
- data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
- data/lib/watobo/http.rb +4 -13
- data/lib/watobo/http/cookies/cookies.rb +26 -35
- data/lib/watobo/http/data/data.rb +45 -54
- data/lib/watobo/http/data/json.rb +47 -55
- data/lib/watobo/http/url/url.rb +38 -47
- data/lib/watobo/http/xml/xml.rb +124 -130
- data/lib/watobo/interceptor.rb +3 -12
- data/lib/watobo/interceptor/proxy.rb +742 -739
- data/lib/watobo/interceptor/transparent.rb +22 -24
- data/lib/watobo/mixins.rb +10 -19
- data/lib/watobo/mixins/check_info.rb +27 -36
- data/lib/watobo/mixins/httpparser.rb +613 -637
- data/lib/watobo/mixins/request_parser.rb +88 -97
- data/lib/watobo/mixins/shapers.rb +515 -529
- data/lib/watobo/mixins/transcoders.rb +3 -11
- data/lib/watobo/parser.rb +1 -10
- data/lib/watobo/parser/html.rb +83 -92
- data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
- data/lib/watobo/sockets.rb +3 -12
- data/lib/watobo/sockets/agent.rb +828 -837
- data/lib/watobo/sockets/client_socket.rb +308 -312
- data/lib/watobo/sockets/connection.rb +401 -410
- data/lib/watobo/sockets/http_socket.rb +11 -13
- data/lib/watobo/sockets/ntlm_auth.rb +129 -138
- data/lib/watobo/utils.rb +10 -19
- data/lib/watobo/utils/check_regex.rb +0 -9
- data/lib/watobo/utils/copy_object.rb +0 -9
- data/lib/watobo/utils/crypto.rb +0 -9
- data/lib/watobo/utils/expand_range.rb +23 -32
- data/lib/watobo/utils/export_xml.rb +97 -106
- data/lib/watobo/utils/file_management.rb +9 -11
- data/lib/watobo/utils/hexprint.rb +9 -18
- data/lib/watobo/utils/load_chat.rb +0 -9
- data/lib/watobo/utils/load_icon.rb +0 -9
- data/lib/watobo/utils/ntlm.rb +866 -875
- data/lib/watobo/utils/print_debug.rb +12 -21
- data/lib/watobo/utils/response_builder.rb +90 -99
- data/lib/watobo/utils/response_hash.rb +0 -9
- data/lib/watobo/utils/secure_eval.rb +0 -9
- data/lib/watobo/utils/strings.rb +10 -19
- data/lib/watobo/utils/text2request.rb +0 -9
- data/lib/watobo/utils/url.rb +23 -32
- data/lib/watobo/utils/utf16.rb +11 -20
- data/modules/active/Apache/mod_status.rb +0 -9
- data/modules/active/Apache/multiview.rb +151 -160
- data/modules/active/Flash/crossdomain.rb +0 -9
- data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
- data/modules/active/cq5/cq5_default_selectors.rb +106 -115
- data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
- data/modules/active/directories/dirwalker.rb +0 -9
- data/modules/active/discovery/fileextensions.rb +0 -9
- data/modules/active/discovery/http_methods.rb +0 -9
- data/modules/active/discovery/jsmapfiles.rb +79 -0
- data/modules/active/domino/domino_db.rb +68 -76
- data/modules/active/dotNET/custom_errors.rb +102 -111
- data/modules/active/dotNET/dotnet_files.rb +90 -99
- data/modules/active/fileinclusion/lfi_simple.rb +0 -9
- data/modules/active/jboss/jboss_basic.rb +0 -9
- data/modules/active/sap/business_objects.rb +51 -60
- data/modules/active/sap/its_commands.rb +0 -9
- data/modules/active/sap/its_service_parameter.rb +0 -9
- data/modules/active/sap/its_services.rb +0 -9
- data/modules/active/sap/its_xss.rb +0 -9
- data/modules/active/shell_shock/shell_shock.rb +139 -148
- data/modules/active/siebel/siebel_apps.rb +160 -169
- data/modules/active/sqlinjection/sql_boolean.rb +0 -9
- data/modules/active/sqlinjection/sql_numerical.rb +198 -0
- data/modules/active/sqlinjection/sqli_error.rb +0 -9
- data/modules/active/sqlinjection/sqli_timing.rb +220 -229
- data/modules/active/struts2/default_handler_ognl.rb +106 -115
- data/modules/active/struts2/include_params_ognl.rb +105 -114
- data/modules/active/xml/xml_xxe.rb +112 -123
- data/modules/active/xss/xss_ng.rb +214 -223
- data/modules/active/xss/xss_simple.rb +0 -9
- data/modules/passive/ajax.rb +68 -77
- data/modules/passive/autocomplete.rb +56 -65
- data/modules/passive/cookie_options.rb +0 -9
- data/modules/passive/cookie_xss.rb +0 -9
- data/modules/passive/detect_code.rb +0 -9
- data/modules/passive/detect_fileupload.rb +0 -9
- data/modules/passive/detect_infrastructure.rb +0 -9
- data/modules/passive/detect_one_time_tokens.rb +0 -9
- data/modules/passive/dirindexing.rb +0 -9
- data/modules/passive/disclosure_domino.rb +55 -64
- data/modules/passive/disclosure_emails.rb +0 -9
- data/modules/passive/disclosure_ipaddr.rb +55 -53
- data/modules/passive/filename_as_parameter.rb +0 -9
- data/modules/passive/form_spotter.rb +0 -9
- data/modules/passive/hidden_fields.rb +50 -59
- data/modules/passive/hotspots.rb +0 -9
- data/modules/passive/in_script_parameter.rb +0 -9
- data/modules/passive/json_web_token.rb +93 -0
- data/modules/passive/multiple_server_headers.rb +0 -9
- data/modules/passive/possible_login.rb +0 -9
- data/modules/passive/redirect_url.rb +0 -9
- data/modules/passive/redirectionz.rb +0 -9
- data/modules/passive/sap-headers.rb +56 -65
- data/modules/passive/xss_dom.rb +0 -9
- data/plugins/aem/aem.rb +11 -20
- data/plugins/aem/gui/main.rb +118 -127
- data/plugins/aem/gui/tree_view.rb +171 -180
- data/plugins/aem/lib/agent.rb +130 -138
- data/plugins/aem/lib/dispatcher.rb +45 -51
- data/plugins/aem/lib/engine.rb +177 -186
- data/plugins/catalog/catalog.rb +345 -355
- data/plugins/crawler/crawler.rb +4 -13
- data/plugins/crawler/gui.rb +5 -14
- data/plugins/crawler/gui/auth_frame.rb +270 -279
- data/plugins/crawler/gui/crawler_gui.rb +271 -276
- data/plugins/crawler/gui/general_settings_frame.rb +96 -105
- data/plugins/crawler/gui/hooks_frame.rb +80 -89
- data/plugins/crawler/gui/scope_frame.rb +50 -59
- data/plugins/crawler/gui/settings_tabbook.rb +38 -47
- data/plugins/crawler/gui/status_frame.rb +59 -68
- data/plugins/crawler/lib/bags.rb +18 -27
- data/plugins/crawler/lib/constants.rb +11 -20
- data/plugins/crawler/lib/engine.rb +488 -497
- data/plugins/crawler/lib/grabber.rb +68 -77
- data/plugins/crawler/lib/status.rb +71 -80
- data/plugins/crawler/lib/uri_mp.rb +12 -21
- data/plugins/filefinder/filefinder.rb +326 -333
- data/plugins/sqlmap/bin/test.rb +78 -87
- data/plugins/sqlmap/gui.rb +4 -13
- data/plugins/sqlmap/gui/main.rb +218 -227
- data/plugins/sqlmap/gui/options_frame.rb +97 -106
- data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
- data/plugins/sqlmap/sqlmap.rb +2 -11
- data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
- data/plugins/sslchecker/gui/cipher_table.rb +246 -254
- data/plugins/sslchecker/gui/gui.rb +258 -264
- data/plugins/sslchecker/gui/sslchecker.rb +4 -13
- data/plugins/sslchecker/lib/check.rb +127 -133
- data/plugins/wshell/gui/main.rb +119 -117
- data/plugins/wshell/lib/core.rb +38 -88
- data/plugins/wshell/wshell.rb +11 -20
- metadata +170 -164
|
@@ -1,12 +1,3 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# edit_comment.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
# @private
|
|
11
2
|
module Watobo#:nodoc: all
|
|
12
3
|
module Gui
|
|
@@ -1,12 +1,3 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# edit_scope_dialog.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
# @private
|
|
11
2
|
module Watobo#:nodoc: all
|
|
12
3
|
module Gui
|
|
@@ -1,114 +1,105 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
1
|
+
# @private
|
|
2
|
+
module Watobo#:nodoc: all
|
|
3
|
+
module Gui
|
|
4
|
+
class ExportDialog < FXDialogBox
|
|
5
|
+
def check_settings
|
|
9
6
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
def
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
@
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
@
|
|
60
|
-
@
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
@
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
prefs
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
puts
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
end
|
|
110
|
-
end
|
|
111
|
-
|
|
112
|
-
if __FILE__ == $0
|
|
113
|
-
# TODO Generated stub
|
|
114
|
-
end
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def select_target_file()
|
|
10
|
+
fname = "watobo_" + Time.now.to_i.to_s + ".xml"
|
|
11
|
+
dst_file = File.join(@export_path, fname)
|
|
12
|
+
filename = FXFileDialog.getSaveFilename(self, "Select Export File", dst_file)
|
|
13
|
+
if filename != "" then
|
|
14
|
+
|
|
15
|
+
@filename_txt.text = filename
|
|
16
|
+
|
|
17
|
+
return true
|
|
18
|
+
end
|
|
19
|
+
return false
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def onFinished
|
|
23
|
+
getApp().stopModal(self, 1)
|
|
24
|
+
self.hide()
|
|
25
|
+
return 1
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def initialize(owner)
|
|
29
|
+
@export_path = Watobo.workspace_path
|
|
30
|
+
super(owner, "Export Dialog", :opts => DECOR_TITLE|DECOR_BORDER|DECOR_CLOSE, :width => 350, :height => 250)
|
|
31
|
+
|
|
32
|
+
main = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
|
33
|
+
|
|
34
|
+
# frame = FXHorizontalFrame.new(gbframe, :opts => LAYOUT_FILL_X, :padding => 0)
|
|
35
|
+
gbox = FXGroupBox.new(main, "Items", LAYOUT_SIDE_LEFT|FRAME_GROOVE|LAYOUT_FILL_X, 0, 0, 0, 80)
|
|
36
|
+
gbframe = FXVerticalFrame.new(gbox, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
|
|
37
|
+
@export_chats = FXCheckButton.new(gbframe, "Chats", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
38
|
+
@export_chats.checkState = true
|
|
39
|
+
|
|
40
|
+
@export_findings = FXCheckButton.new(gbframe, "Findings", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
41
|
+
@export_findings.checkState = true
|
|
42
|
+
|
|
43
|
+
|
|
44
|
+
# frame = FXHorizontalFrame.new(gbframe, :opts => LAYOUT_FILL_X, :padding => 0)
|
|
45
|
+
gbox = FXGroupBox.new(main, "Filter", LAYOUT_SIDE_LEFT|FRAME_GROOVE|LAYOUT_FILL_X, 0, 0, 0, 80)
|
|
46
|
+
gbframe = FXVerticalFrame.new(gbox, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
|
|
47
|
+
@scope_only = FXCheckButton.new(gbframe, "Scope Only", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
48
|
+
@scope_only.checkState = true
|
|
49
|
+
|
|
50
|
+
@ignore_fps = FXCheckButton.new(gbframe, "Ignore False-Positives", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT)
|
|
51
|
+
@ignore_fps.checkState = true
|
|
52
|
+
|
|
53
|
+
|
|
54
|
+
frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
|
|
55
|
+
FXLabel.new(frame, "Save To:", nil, LAYOUT_TOP|JUSTIFY_RIGHT)
|
|
56
|
+
@filename_txt = FXTextField.new(frame, 25, :opts => TEXTFIELD_NORMAL|LAYOUT_SIDE_RIGHT|LAYOUT_FILL_X)
|
|
57
|
+
@select_btn = FXButton.new(frame, "Select")
|
|
58
|
+
|
|
59
|
+
@select_btn.connect(SEL_COMMAND){ select_target_file }
|
|
60
|
+
|
|
61
|
+
buttons_frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
|
|
62
|
+
|
|
63
|
+
@export_btn = FXButton.new(buttons_frame, "export" , nil, nil, :opts => BUTTON_NORMAL|LAYOUT_RIGHT)
|
|
64
|
+
@export_btn.enable
|
|
65
|
+
@export_btn.connect(SEL_COMMAND){ onExport }
|
|
66
|
+
|
|
67
|
+
@finished_btn = FXButton.new(buttons_frame, "finished" , nil, nil, :opts => BUTTON_NORMAL|LAYOUT_RIGHT)
|
|
68
|
+
@finished_btn.enable
|
|
69
|
+
@finished_btn.connect(SEL_COMMAND){ onFinished }
|
|
70
|
+
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
private
|
|
74
|
+
|
|
75
|
+
def onExport
|
|
76
|
+
#return false unless check_export_target
|
|
77
|
+
prefs = []
|
|
78
|
+
prefs << :export_findings if @export_findings.checked?
|
|
79
|
+
prefs << :export_chats if @export_chats.checked?
|
|
80
|
+
prefs << :scope_only if @scope_only.checked?
|
|
81
|
+
prefs << :ignore_fps if @ignore_fps.checked?
|
|
82
|
+
|
|
83
|
+
puts "Export-Prefs: #{prefs.join(", ")}"
|
|
84
|
+
file = @filename_txt.text
|
|
85
|
+
unless file.strip.empty?
|
|
86
|
+
begin
|
|
87
|
+
File.open(file, "w"){|fh|
|
|
88
|
+
xml = Watobo::Utils.exportXML(*prefs)
|
|
89
|
+
fh.puts xml.to_xml
|
|
90
|
+
}
|
|
91
|
+
rescue => bang
|
|
92
|
+
puts bang
|
|
93
|
+
puts bang.backtrace
|
|
94
|
+
end
|
|
95
|
+
else
|
|
96
|
+
#TODO
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
if __FILE__ == $0
|
|
104
|
+
# TODO Generated stub
|
|
105
|
+
end
|
|
@@ -1,12 +1,3 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# finding_info.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
require 'fox16/colors'
|
|
11
2
|
# @private
|
|
12
3
|
module Watobo#:nodoc: all
|
|
@@ -1,20 +1,12 @@
|
|
|
1
|
-
#.
|
|
2
|
-
# findings_tree.rb
|
|
3
|
-
#.
|
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
9
|
-
|
|
10
1
|
# @private
|
|
11
|
-
module Watobo#:nodoc: all
|
|
2
|
+
module Watobo #:nodoc: all
|
|
12
3
|
module Gui
|
|
13
4
|
class FindingsTree < FXTreeList
|
|
14
5
|
include Watobo::Constants
|
|
15
6
|
include Watobo::Gui::Icons
|
|
16
7
|
|
|
17
8
|
attr_accessor :project
|
|
9
|
+
|
|
18
10
|
def subscribe(event, &callback)
|
|
19
11
|
(@event_dispatcher_listeners[event] ||= []) << callback
|
|
20
12
|
end
|
|
@@ -40,24 +32,24 @@ module Watobo#:nodoc: all
|
|
|
40
32
|
false
|
|
41
33
|
end
|
|
42
34
|
|
|
43
|
-
|
|
35
|
+
|
|
44
36
|
def reload()
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
37
|
+
self.clearItems
|
|
38
|
+
@findings.clear
|
|
39
|
+
Watobo::Findings.each do |fid, finding|
|
|
40
|
+
addFinding(finding)
|
|
41
|
+
end
|
|
42
|
+
expand_findings
|
|
43
|
+
@expandeds.each do |t|
|
|
44
|
+
site, text = t.split("|")
|
|
45
|
+
if (site = self.findItem(site, nil, SEARCH_FORWARD|SEARCH_NOWRAP))
|
|
46
|
+
if (node = self.findItem(text, site, SEARCH_FORWARD|SEARCH_NOWRAP))
|
|
47
|
+
self.expandTree(node)
|
|
48
|
+
else
|
|
49
|
+
@expandeds.delete t
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
end
|
|
61
53
|
end
|
|
62
54
|
|
|
63
55
|
def useRegularIcons()
|
|
@@ -123,17 +115,17 @@ module Watobo#:nodoc: all
|
|
|
123
115
|
site = nil
|
|
124
116
|
# puts "add finding"
|
|
125
117
|
if not hidden?(finding) then
|
|
126
|
-
site = self.findItem(finding.request.site, nil,SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
118
|
+
site = self.findItem(finding.request.site, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
127
119
|
|
|
128
120
|
if not site then
|
|
129
121
|
# found new site
|
|
130
122
|
site = self.appendItem(nil, finding.request.site, @icon_project, @icon_project)
|
|
131
123
|
item = self.appendItem(site, "Vulnerabilities", @icon_vuln, @icon_vuln)
|
|
132
|
-
self.setItemData(item, :finding_type
|
|
124
|
+
self.setItemData(item, :finding_type)
|
|
133
125
|
item = self.appendItem(site, "Hints", @icon_hints, @icon_hints)
|
|
134
|
-
self.setItemData(item, :finding_type
|
|
126
|
+
self.setItemData(item, :finding_type)
|
|
135
127
|
item = self.appendItem(site, "Info", @icon_info, @icon_info)
|
|
136
|
-
self.setItemData(item, :finding_type
|
|
128
|
+
self.setItemData(item, :finding_type)
|
|
137
129
|
#site = @findings_tree.moveItem(project.first,project,site)
|
|
138
130
|
self.setItemData(site, :item_type_site)
|
|
139
131
|
|
|
@@ -142,46 +134,54 @@ module Watobo#:nodoc: all
|
|
|
142
134
|
finding_type=""
|
|
143
135
|
|
|
144
136
|
case finding.details[:type]
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
137
|
+
when FINDING_TYPE_INFO
|
|
138
|
+
finding_type = "Info"
|
|
139
|
+
icon = @icon_info_info
|
|
140
|
+
|
|
141
|
+
when FINDING_TYPE_HINT
|
|
142
|
+
finding_type = "Hints"
|
|
143
|
+
icon = @icon_hints_info
|
|
144
|
+
|
|
145
|
+
when FINDING_TYPE_VULN
|
|
146
|
+
finding_type = "Vulnerabilities"
|
|
147
|
+
icon = @icon_vuln_bp
|
|
148
|
+
|
|
149
|
+
if finding.details[:rating] == VULN_RATING_LOW
|
|
150
|
+
icon = @icon_vuln_low
|
|
151
|
+
# puts "low-rating-vuln"
|
|
152
|
+
end
|
|
153
|
+
if finding.details[:rating] == VULN_RATING_MEDIUM
|
|
154
|
+
icon = @icon_vuln_medium
|
|
155
|
+
end
|
|
156
|
+
if finding.details[:rating] == VULN_RATING_HIGH
|
|
157
|
+
icon = @icon_vuln_high
|
|
158
|
+
end
|
|
159
|
+
if finding.details[:rating] == VULN_RATING_CRITICAL
|
|
160
|
+
icon = @icon_vuln_critical
|
|
161
|
+
end
|
|
170
162
|
end
|
|
171
163
|
|
|
172
164
|
sub_tree = self.findItem(finding_type, site, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP)
|
|
173
165
|
if sub_tree and sub_tree.parent == site and finding.details[:class]
|
|
166
|
+
class_item = nil
|
|
167
|
+
|
|
168
|
+
# don't use findItem here because of nested collisions
|
|
169
|
+
sub_tree.each do |c|
|
|
170
|
+
if c.text =~ /^#{Regexp.quote(finding.details[:class])}/
|
|
171
|
+
class_item = c
|
|
172
|
+
end
|
|
173
|
+
end
|
|
174
|
+
#class_item = self.findItem(finding.details[:class], sub_tree, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP|SEARCH_PREFIX)
|
|
174
175
|
|
|
175
|
-
class_item = self.findItem(finding.details[:class], sub_tree, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP|SEARCH_PREFIX)
|
|
176
176
|
if not class_item or class_item.parent != sub_tree
|
|
177
177
|
class_item = self.appendItem(sub_tree, finding.details[:class], icon, icon)
|
|
178
|
-
self.setItemData(class_item, :finding_class
|
|
178
|
+
self.setItemData(class_item, :finding_class)
|
|
179
179
|
end
|
|
180
180
|
title_item = self.findItem(finding.details[:title], class_item, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP)
|
|
181
181
|
if not title_item or title_item.parent != class_item
|
|
182
182
|
title_item = self.appendItem(class_item, finding.details[:title], nil, nil)
|
|
183
|
-
self.setItemData(title_item, :title
|
|
184
|
-
|
|
183
|
+
self.setItemData(title_item, :title)
|
|
184
|
+
# puts finding.details[:title]
|
|
185
185
|
end
|
|
186
186
|
# puts title_item
|
|
187
187
|
resource = finding.request.path_ext
|
|
@@ -189,15 +189,15 @@ module Watobo#:nodoc: all
|
|
|
189
189
|
request_item = self.findItem(resource, title_item, SEARCH_FORWARD|SEARCH_IGNORECASE|SEARCH_NOWRAP)
|
|
190
190
|
if not request_item or request_item.parent != title_item
|
|
191
191
|
text = "/" + resource
|
|
192
|
-
|
|
193
|
-
|
|
192
|
+
request_item = self.appendItem(title_item, text)
|
|
193
|
+
self.setItemData(request_item, finding)
|
|
194
194
|
end
|
|
195
|
-
|
|
195
|
+
|
|
196
196
|
#
|
|
197
197
|
unless class_item.text =~ / \(\d+\)$/
|
|
198
198
|
class_item.text = class_item.text + " (#{class_item.numChildren})"
|
|
199
199
|
else
|
|
200
|
-
|
|
200
|
+
class_item.text = class_item.text.gsub(/ \(\d+\)$/, " (#{class_item.numChildren})")
|
|
201
201
|
end
|
|
202
202
|
end
|
|
203
203
|
|
|
@@ -227,11 +227,11 @@ module Watobo#:nodoc: all
|
|
|
227
227
|
useRegularIcons()
|
|
228
228
|
|
|
229
229
|
@filtered_domains = Hash.new # domains which already have been filtered
|
|
230
|
-
|
|
230
|
+
|
|
231
231
|
self.connect(SEL_CLIPBOARD_REQUEST) do
|
|
232
|
-
|
|
232
|
+
setDNDData(FROM_CLIPBOARD, FXWindow.stringType, Fox.fxencodeStringData(@clipboard.to_s))
|
|
233
233
|
end
|
|
234
|
-
|
|
234
|
+
|
|
235
235
|
self.connect(SEL_EXPANDED) do |sender, sel, item|
|
|
236
236
|
parent = item
|
|
237
237
|
while parent.parent
|
|
@@ -242,7 +242,7 @@ module Watobo#:nodoc: all
|
|
|
242
242
|
@expandeds << node
|
|
243
243
|
end
|
|
244
244
|
end
|
|
245
|
-
|
|
245
|
+
|
|
246
246
|
self.connect(SEL_COLLAPSED) do |sender, sel, item|
|
|
247
247
|
parent = item
|
|
248
248
|
while parent.parent
|
|
@@ -295,25 +295,23 @@ module Watobo#:nodoc: all
|
|
|
295
295
|
unless event.moved?
|
|
296
296
|
FXMenuPane.new(self) do |menu_pane|
|
|
297
297
|
item = sender.getItemAt(event.win_x, event.win_y)
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
unless item.nil?
|
|
298
|
+
unless item.nil?
|
|
301
299
|
|
|
302
300
|
data = self.getItemData(item)
|
|
303
301
|
|
|
304
|
-
|
|
302
|
+
|
|
305
303
|
unless self.itemLeaf?(item)
|
|
306
|
-
FXMenuCommand.new(menu_pane, "expand tree"
|
|
304
|
+
FXMenuCommand.new(menu_pane, "expand tree").connect(SEL_COMMAND) {
|
|
307
305
|
expandFullTree(item)
|
|
308
306
|
}
|
|
309
307
|
|
|
310
|
-
FXMenuCommand.new(menu_pane, "collapse tree"
|
|
308
|
+
FXMenuCommand.new(menu_pane, "collapse tree").connect(SEL_COMMAND) {
|
|
311
309
|
self.collapseFullTree(item)
|
|
312
310
|
}
|
|
313
|
-
|
|
314
|
-
end
|
|
311
|
+
FXMenuSeparator.new(menu_pane)
|
|
315
312
|
end
|
|
316
|
-
|
|
313
|
+
end
|
|
314
|
+
target = FXMenuCheck.new(menu_pane, "show scope only")
|
|
317
315
|
|
|
318
316
|
target.check = @show_scope_only
|
|
319
317
|
|
|
@@ -322,7 +320,7 @@ module Watobo#:nodoc: all
|
|
|
322
320
|
reload
|
|
323
321
|
}
|
|
324
322
|
|
|
325
|
-
target = FXMenuCheck.new(menu_pane, "hide false-positives"
|
|
323
|
+
target = FXMenuCheck.new(menu_pane, "hide false-positives")
|
|
326
324
|
|
|
327
325
|
target.check = @hide_false_positives
|
|
328
326
|
|
|
@@ -330,118 +328,113 @@ module Watobo#:nodoc: all
|
|
|
330
328
|
@hide_false_positives = ts.checked?
|
|
331
329
|
reload
|
|
332
330
|
}
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
|
|
331
|
+
|
|
332
|
+
|
|
336
333
|
unless item.nil?
|
|
337
334
|
|
|
338
335
|
data = self.getItemData(item)
|
|
339
336
|
|
|
340
337
|
FXMenuSeparator.new(menu_pane) unless data == :finding_type
|
|
341
|
-
|
|
338
|
+
|
|
342
339
|
|
|
343
340
|
if data == :item_type_site then
|
|
344
|
-
|
|
345
|
-
FXMenuCommand.new(menu_pane, "add site to scope"
|
|
341
|
+
# FXMenuSeparator.new(menu_pane)
|
|
342
|
+
FXMenuCommand.new(menu_pane, "add site to scope").connect(SEL_COMMAND) {
|
|
346
343
|
#notify(:add_site_to_scope, item.to_s)
|
|
347
344
|
Watobo::Scope.add item.to_s
|
|
348
345
|
reload
|
|
349
346
|
}
|
|
350
|
-
|
|
347
|
+
#
|
|
351
348
|
elsif data == :title
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
|
|
360
|
-
|
|
349
|
+
findings = []
|
|
350
|
+
item.each do |ft|
|
|
351
|
+
f = self.getItemData(ft)
|
|
352
|
+
findings << f if f.is_a? Watobo::Finding
|
|
353
|
+
end
|
|
354
|
+
|
|
355
|
+
fp_submenu = FXMenuPane.new(self) do |sub|
|
|
361
356
|
|
|
362
|
-
|
|
357
|
+
|
|
358
|
+
target = FXMenuCommand.new(sub, "Set False Positive")
|
|
363
359
|
target.connect(SEL_COMMAND) {
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
# puts "* False Positive #{findings.length}"
|
|
360
|
+
|
|
361
|
+
# puts "* False Positive #{findings.length}"
|
|
367
362
|
|
|
368
363
|
# remember parent node to expand it later
|
|
369
364
|
fclass = item.parent.text
|
|
370
365
|
fcat = item.parent.parent.text
|
|
371
366
|
fsite = item.parent.parent.parent.text
|
|
372
|
-
|
|
367
|
+
|
|
373
368
|
puts ">> #{fsite} - #{fcat} - #{fclass} (#{fclass.object_id})"
|
|
374
|
-
|
|
369
|
+
|
|
375
370
|
notify(:set_false_positive, findings)
|
|
376
|
-
|
|
371
|
+
|
|
377
372
|
reload
|
|
378
|
-
|
|
373
|
+
|
|
379
374
|
site_item = cat_item = class_item = nil
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
375
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
376
|
+
|
|
377
|
+
unless site_item.nil?
|
|
378
|
+
self.expandTree(site_item)
|
|
379
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
380
|
+
end
|
|
381
|
+
|
|
382
|
+
unless cat_item.nil?
|
|
383
|
+
self.expandTree(cat_item)
|
|
384
|
+
class_item = self.findItem(fclass, cat_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
385
|
+
end
|
|
386
|
+
|
|
387
|
+
|
|
388
|
+
unless class_item.nil?
|
|
389
|
+
puts "Expanding #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
390
|
+
self.expandTree(class_item)
|
|
396
391
|
else
|
|
397
392
|
puts "Could not find tree item for #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
398
393
|
end
|
|
399
|
-
|
|
400
|
-
|
|
401
394
|
}
|
|
402
|
-
target = FXMenuCommand.new(sub, "Unset False Positive"
|
|
395
|
+
target = FXMenuCommand.new(sub, "Unset False Positive")
|
|
403
396
|
target.connect(SEL_COMMAND) {
|
|
404
397
|
fclass = item.parent.text
|
|
405
398
|
fcat = item.parent.parent.text
|
|
406
399
|
fsite = item.parent.parent.parent.text
|
|
407
|
-
|
|
400
|
+
|
|
408
401
|
notify(:unset_false_positive, findings)
|
|
409
402
|
reload
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
403
|
+
site_item = cat_item = class_item = nil
|
|
404
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
405
|
+
|
|
406
|
+
unless site_item.nil?
|
|
407
|
+
self.expandTree(site_item)
|
|
408
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
409
|
+
end
|
|
410
|
+
|
|
411
|
+
unless cat_item.nil?
|
|
412
|
+
self.expandTree(cat_item)
|
|
413
|
+
class_item = self.findItem(fclass, cat_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
414
|
+
end
|
|
415
|
+
|
|
416
|
+
|
|
417
|
+
unless class_item.nil?
|
|
418
|
+
puts "Expanding #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
419
|
+
self.expandTree(class_item)
|
|
427
420
|
else
|
|
428
421
|
puts "Could not find tree item for #{class_item} (#{class_item.object_id})-> #{cat_item} -> #{site_item}"
|
|
429
422
|
end
|
|
430
423
|
}
|
|
431
424
|
|
|
432
425
|
FXMenuSeparator.new(sub)
|
|
433
|
-
|
|
434
|
-
FXMenuCommand.new(sub, "Purge - NO UNDO!"
|
|
426
|
+
|
|
427
|
+
FXMenuCommand.new(sub, "Purge - NO UNDO!").connect(SEL_COMMAND) {
|
|
435
428
|
notify(:purge_findings, findings)
|
|
436
429
|
reload
|
|
437
|
-
|
|
430
|
+
}
|
|
438
431
|
end
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
info = FXMenuCommand.new(menu_pane, "Details..."
|
|
432
|
+
FXMenuCascade.new(menu_pane, "All \"#{item}\"", nil, fp_submenu)
|
|
433
|
+
|
|
434
|
+
FXMenuSeparator.new(menu_pane)
|
|
435
|
+
info = FXMenuCommand.new(menu_pane, "Details...")
|
|
443
436
|
info.connect(SEL_COMMAND) {
|
|
444
|
-
|
|
437
|
+
#@interface.showFindingDetails(item.data)}
|
|
445
438
|
notify(:show_finding_details, findings.first)
|
|
446
439
|
}
|
|
447
440
|
|
|
@@ -449,75 +442,75 @@ module Watobo#:nodoc: all
|
|
|
449
442
|
#puts "FINDING_CLASS"
|
|
450
443
|
# COPY SUBMENU
|
|
451
444
|
findings = []
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
445
|
+
item.each do |c|
|
|
446
|
+
c.each do |ft|
|
|
447
|
+
f = self.getItemData(ft)
|
|
448
|
+
findings << f if f.is_a? Watobo::Finding
|
|
449
|
+
end
|
|
450
|
+
|
|
451
|
+
end
|
|
457
452
|
|
|
458
|
-
end
|
|
459
|
-
|
|
460
453
|
fp_submenu = FXMenuPane.new(self) do |sub|
|
|
461
|
-
|
|
462
|
-
|
|
454
|
+
|
|
455
|
+
target = FXMenuCommand.new(sub, "Copy URLs")
|
|
463
456
|
target.connect(SEL_COMMAND) {
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
475
|
-
|
|
457
|
+
|
|
458
|
+
urls = []
|
|
459
|
+
findings.each do |f|
|
|
460
|
+
proto = f.request.proto
|
|
461
|
+
site = f.request.site
|
|
462
|
+
path = f.request.path
|
|
463
|
+
urls << "#{proto}://#{site}/#{path}"
|
|
464
|
+
end
|
|
465
|
+
types = [FXWindow.stringType]
|
|
466
|
+
if acquireClipboard(types)
|
|
467
|
+
@clipboard = urls.uniq.join("\n")
|
|
468
|
+
end
|
|
476
469
|
}
|
|
477
470
|
|
|
478
|
-
target = FXMenuCommand.new(sub, "Set False Positive"
|
|
471
|
+
target = FXMenuCommand.new(sub, "Set False Positive")
|
|
479
472
|
target.connect(SEL_COMMAND) {
|
|
480
|
-
|
|
473
|
+
|
|
481
474
|
fcat = item.parent.text
|
|
482
475
|
fsite = item.parent.parent.text
|
|
483
|
-
|
|
476
|
+
|
|
484
477
|
notify(:set_false_positive, findings)
|
|
485
478
|
reload
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
490
|
-
|
|
491
|
-
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
|
|
495
|
-
|
|
496
|
-
|
|
479
|
+
site_item = cat_item = class_item = nil
|
|
480
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
481
|
+
|
|
482
|
+
unless site_item.nil?
|
|
483
|
+
self.expandTree(site_item)
|
|
484
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
485
|
+
end
|
|
486
|
+
|
|
487
|
+
unless cat_item.nil?
|
|
488
|
+
self.expandTree(cat_item)
|
|
489
|
+
end
|
|
497
490
|
|
|
498
491
|
}
|
|
499
|
-
target = FXMenuCommand.new(sub, "Unset False Positive"
|
|
492
|
+
target = FXMenuCommand.new(sub, "Unset False Positive")
|
|
500
493
|
target.connect(SEL_COMMAND) {
|
|
501
494
|
fcat = item.parent.text
|
|
502
495
|
fsite = item.parent.parent.text
|
|
503
496
|
notify(:unset_false_positive, findings)
|
|
504
497
|
reload
|
|
505
498
|
site_item = cat_item = class_item = nil
|
|
506
|
-
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
|
|
513
|
-
|
|
514
|
-
|
|
515
|
-
|
|
499
|
+
site_item = self.findItem(fsite, nil, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
500
|
+
|
|
501
|
+
unless site_item.nil?
|
|
502
|
+
self.expandTree(site_item)
|
|
503
|
+
cat_item = self.findItem(fcat, site_item, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
504
|
+
end
|
|
505
|
+
|
|
506
|
+
unless cat_item.nil?
|
|
507
|
+
self.expandTree(cat_item)
|
|
508
|
+
end
|
|
516
509
|
}
|
|
517
510
|
|
|
518
511
|
FXMenuSeparator.new(sub)
|
|
519
|
-
FXMenuCommand.new(sub, "Purge - NO UNDO!"
|
|
520
|
-
|
|
512
|
+
FXMenuCommand.new(sub, "Purge - NO UNDO!").connect(SEL_COMMAND) {
|
|
513
|
+
|
|
521
514
|
puts "* purge findings #{findings.length}"
|
|
522
515
|
|
|
523
516
|
notify(:purge_findings, findings)
|
|
@@ -526,32 +519,32 @@ module Watobo#:nodoc: all
|
|
|
526
519
|
|
|
527
520
|
end
|
|
528
521
|
FXMenuCascade.new(menu_pane, "All \"#{item}\"", nil, fp_submenu)
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
info = FXMenuCommand.new(menu_pane, "Details..."
|
|
522
|
+
|
|
523
|
+
FXMenuSeparator.new(menu_pane)
|
|
524
|
+
info = FXMenuCommand.new(menu_pane, "Details...")
|
|
532
525
|
info.connect(SEL_COMMAND) {
|
|
533
|
-
|
|
526
|
+
#@interface.showFindingDetails(item.data)}
|
|
534
527
|
notify(:show_finding_details, findings.first)
|
|
535
528
|
}
|
|
536
529
|
|
|
537
530
|
elsif data.is_a? Watobo::Finding then
|
|
538
|
-
FXMenuCommand.new(menu_pane, "Copy URL"
|
|
539
|
-
types = [
|
|
540
|
-
|
|
541
|
-
|
|
542
|
-
|
|
543
|
-
|
|
531
|
+
FXMenuCommand.new(menu_pane, "Copy URL").connect(SEL_COMMAND) {
|
|
532
|
+
types = [FXWindow.stringType]
|
|
533
|
+
if acquireClipboard(types)
|
|
534
|
+
@clipboard = item.data.request.url.to_s
|
|
535
|
+
end
|
|
536
|
+
|
|
544
537
|
}
|
|
545
|
-
|
|
546
|
-
doManual = FXMenuCommand.new(menu_pane, "Manual Request.."
|
|
538
|
+
# FXMenuSeparator.new(menu_pane)
|
|
539
|
+
doManual = FXMenuCommand.new(menu_pane, "Manual Request..")
|
|
547
540
|
doManual.connect(SEL_COMMAND) {
|
|
548
|
-
|
|
541
|
+
# @interface.open_manual_request_editor(item.data)
|
|
549
542
|
notify(:open_manual_request, item.data)
|
|
550
543
|
|
|
551
544
|
}
|
|
552
|
-
info = FXMenuCommand.new(menu_pane, "Details..."
|
|
545
|
+
info = FXMenuCommand.new(menu_pane, "Details...")
|
|
553
546
|
info.connect(SEL_COMMAND) {
|
|
554
|
-
|
|
547
|
+
#@interface.showFindingDetails(item.data)}
|
|
555
548
|
notify(:show_finding_details, item.data)
|
|
556
549
|
}
|
|
557
550
|
end
|
|
@@ -566,16 +559,16 @@ module Watobo#:nodoc: all
|
|
|
566
559
|
end
|
|
567
560
|
|
|
568
561
|
private
|
|
569
|
-
|
|
562
|
+
|
|
570
563
|
def expand_findings()
|
|
571
564
|
self.each do |site|
|
|
572
565
|
expandTree site
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
|
|
566
|
+
%w(Vulnerabilities Hints Info).each do |item|
|
|
567
|
+
f = self.findItem(item, site, SEARCH_FORWARD|SEARCH_IGNORECASE)
|
|
568
|
+
expandTree(f) unless site.nil?
|
|
569
|
+
end
|
|
577
570
|
end
|
|
578
|
-
|
|
571
|
+
|
|
579
572
|
end
|
|
580
573
|
|
|
581
574
|
def notify(event, *args)
|
|
@@ -586,6 +579,6 @@ module Watobo#:nodoc: all
|
|
|
586
579
|
end
|
|
587
580
|
end
|
|
588
581
|
end
|
|
589
|
-
|
|
582
|
+
# namespace end
|
|
590
583
|
end
|
|
591
584
|
end
|