watobo 0.9.21 → 0.9.23

Sign up to get free protection for your applications and to get access to all the features.
Files changed (283) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +46 -1
  3. data/bin/nfq_server.rb +0 -9
  4. data/bin/watobo_gui.rb +3 -13
  5. data/custom-views/prettify-json.rb +9 -18
  6. data/icons/watobo.ico +0 -0
  7. data/icons/watobo.ico.old +0 -0
  8. data/lib/watobo.rb +10 -19
  9. data/lib/watobo/adapters.rb +5 -14
  10. data/lib/watobo/adapters/data_store.rb +50 -59
  11. data/lib/watobo/adapters/file/file_store.rb +287 -296
  12. data/lib/watobo/adapters/file/marshal_store.rb +293 -296
  13. data/lib/watobo/adapters/session_store.rb +5 -14
  14. data/lib/watobo/ca.rb +1 -10
  15. data/lib/watobo/config.rb +197 -206
  16. data/lib/watobo/constants.rb +0 -9
  17. data/lib/watobo/core.rb +3 -12
  18. data/lib/watobo/core/active_check.rb +72 -135
  19. data/lib/watobo/core/active_checks.rb +49 -58
  20. data/lib/watobo/core/ca.rb +369 -389
  21. data/lib/watobo/core/cert_store.rb +34 -43
  22. data/lib/watobo/core/chat.rb +92 -101
  23. data/lib/watobo/core/chats.rb +271 -280
  24. data/lib/watobo/core/client_cert_store.rb +106 -35
  25. data/lib/watobo/core/conversation.rb +48 -57
  26. data/lib/watobo/core/cookie.rb +23 -32
  27. data/lib/watobo/core/egress_handlers.rb +98 -0
  28. data/lib/watobo/core/finding.rb +66 -75
  29. data/lib/watobo/core/findings.rb +107 -114
  30. data/lib/watobo/core/forwarding_proxy.rb +13 -22
  31. data/lib/watobo/core/fuzz_gen.rb +0 -9
  32. data/lib/watobo/core/intercept_carver.rb +166 -177
  33. data/lib/watobo/core/intercept_filter.rb +235 -244
  34. data/lib/watobo/core/interceptor.rb +98 -107
  35. data/lib/watobo/core/min_class.rb +4 -13
  36. data/lib/watobo/core/netfilter_queue.rb +170 -179
  37. data/lib/watobo/core/ott_cache.rb +132 -141
  38. data/lib/watobo/core/parameter.rb +43 -52
  39. data/lib/watobo/core/passive_check.rb +103 -102
  40. data/lib/watobo/core/passive_checks.rb +48 -57
  41. data/lib/watobo/core/passive_scanner.rb +54 -55
  42. data/lib/watobo/core/plugin.rb +11 -20
  43. data/lib/watobo/core/project.rb +3 -9
  44. data/lib/watobo/core/proxy.rb +43 -52
  45. data/lib/watobo/core/request.rb +125 -123
  46. data/lib/watobo/core/response.rb +44 -53
  47. data/lib/watobo/core/scanner.rb +0 -9
  48. data/lib/watobo/core/scanner3.rb +405 -414
  49. data/lib/watobo/core/scope.rb +83 -92
  50. data/lib/watobo/core/session.rb +1043 -1026
  51. data/lib/watobo/core/sid_cache.rb +98 -107
  52. data/lib/watobo/core/subscriber.rb +25 -34
  53. data/lib/watobo/defaults.rb +21 -30
  54. data/lib/watobo/external/diff/lcs.rb +0 -9
  55. data/lib/watobo/external/diff/lcs/array.rb +0 -9
  56. data/lib/watobo/external/diff/lcs/block.rb +0 -9
  57. data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
  58. data/lib/watobo/external/diff/lcs/change.rb +0 -9
  59. data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
  60. data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
  61. data/lib/watobo/external/diff/lcs/string.rb +0 -9
  62. data/lib/watobo/externals.rb +6 -15
  63. data/lib/watobo/framework.rb +4 -13
  64. data/lib/watobo/framework/create_project.rb +60 -69
  65. data/lib/watobo/framework/init.rb +0 -9
  66. data/lib/watobo/framework/init_modules.rb +0 -9
  67. data/lib/watobo/framework/license_text.rb +28 -37
  68. data/lib/watobo/framework/load_chat.rb +13 -22
  69. data/lib/watobo/gui.rb +132 -123
  70. data/lib/watobo/gui/about_watobo.rb +0 -9
  71. data/lib/watobo/gui/browser_preview.rb +0 -9
  72. data/lib/watobo/gui/certificate_dialog.rb +0 -9
  73. data/lib/watobo/gui/chat_diff.rb +0 -9
  74. data/lib/watobo/gui/chatviewer_frame.rb +73 -72
  75. data/lib/watobo/gui/checkboxtree.rb +0 -9
  76. data/lib/watobo/gui/checks_policy_frame.rb +0 -9
  77. data/lib/watobo/gui/client_cert_dialog.rb +96 -87
  78. data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
  79. data/lib/watobo/gui/conversation_table.rb +158 -164
  80. data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
  81. data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
  82. data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
  83. data/lib/watobo/gui/custom_viewer.rb +374 -383
  84. data/lib/watobo/gui/dashboard.rb +296 -303
  85. data/lib/watobo/gui/define_scope_frame.rb +0 -9
  86. data/lib/watobo/gui/differ_frame.rb +215 -224
  87. data/lib/watobo/gui/edit_comment.rb +0 -9
  88. data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
  89. data/lib/watobo/gui/export_dialog.rb +104 -113
  90. data/lib/watobo/gui/finding_info.rb +0 -9
  91. data/lib/watobo/gui/findings_tree.rb +210 -217
  92. data/lib/watobo/gui/full_scan_dialog.rb +0 -9
  93. data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
  94. data/lib/watobo/gui/fxsave_thread.rb +14 -0
  95. data/lib/watobo/gui/goto_url_dialog.rb +70 -79
  96. data/lib/watobo/gui/hex_viewer.rb +0 -9
  97. data/lib/watobo/gui/html_viewer.rb +287 -296
  98. data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
  99. data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
  100. data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
  101. data/lib/watobo/gui/json_viewer.rb +287 -0
  102. data/lib/watobo/gui/list_box.rb +101 -110
  103. data/lib/watobo/gui/log_file_viewer.rb +32 -41
  104. data/lib/watobo/gui/log_viewer.rb +83 -88
  105. data/lib/watobo/gui/login_wizzard.rb +0 -9
  106. data/lib/watobo/gui/main_window.rb +587 -618
  107. data/lib/watobo/gui/manual_request_editor.rb +620 -565
  108. data/lib/watobo/gui/master_pw_dialog.rb +0 -9
  109. data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
  110. data/lib/watobo/gui/page_tree.rb +217 -226
  111. data/lib/watobo/gui/password_policy_dialog.rb +0 -9
  112. data/lib/watobo/gui/plugin_board.rb +0 -9
  113. data/lib/watobo/gui/preferences_dialog.rb +0 -9
  114. data/lib/watobo/gui/progress_window.rb +17 -27
  115. data/lib/watobo/gui/project_wizzard.rb +0 -9
  116. data/lib/watobo/gui/proxy_dialog.rb +1 -10
  117. data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
  118. data/lib/watobo/gui/request_builder_frame.rb +102 -111
  119. data/lib/watobo/gui/request_editor.rb +181 -137
  120. data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
  121. data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
  122. data/lib/watobo/gui/save_chat_dialog.rb +140 -149
  123. data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
  124. data/lib/watobo/gui/select_chat_dialog.rb +0 -9
  125. data/lib/watobo/gui/session_management_dialog.rb +0 -9
  126. data/lib/watobo/gui/sites_tree.rb +0 -9
  127. data/lib/watobo/gui/status_bar.rb +0 -9
  128. data/lib/watobo/gui/table_editor.rb +0 -9
  129. data/lib/watobo/gui/tagless_viewer.rb +0 -9
  130. data/lib/watobo/gui/templates/plugin.rb +0 -9
  131. data/lib/watobo/gui/templates/plugin2.rb +92 -100
  132. data/lib/watobo/gui/templates/plugin_base.rb +144 -153
  133. data/lib/watobo/gui/text_viewer.rb +0 -9
  134. data/lib/watobo/gui/transcoder_window.rb +0 -9
  135. data/lib/watobo/gui/utils/gui_utils.rb +0 -9
  136. data/lib/watobo/gui/utils/init_icons.rb +86 -95
  137. data/lib/watobo/gui/utils/load_icons.rb +33 -42
  138. data/lib/watobo/gui/utils/load_plugins.rb +116 -119
  139. data/lib/watobo/gui/utils/master_password.rb +68 -77
  140. data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
  141. data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
  142. data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
  143. data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
  144. data/lib/watobo/gui/utils/session_history.rb +112 -121
  145. data/lib/watobo/gui/workspace_dialog.rb +0 -9
  146. data/lib/watobo/gui/www_auth_dialog.rb +0 -9
  147. data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
  148. data/lib/watobo/http.rb +4 -13
  149. data/lib/watobo/http/cookies/cookies.rb +26 -35
  150. data/lib/watobo/http/data/data.rb +45 -54
  151. data/lib/watobo/http/data/json.rb +47 -55
  152. data/lib/watobo/http/url/url.rb +38 -47
  153. data/lib/watobo/http/xml/xml.rb +124 -130
  154. data/lib/watobo/interceptor.rb +3 -12
  155. data/lib/watobo/interceptor/proxy.rb +742 -739
  156. data/lib/watobo/interceptor/transparent.rb +22 -24
  157. data/lib/watobo/mixins.rb +10 -19
  158. data/lib/watobo/mixins/check_info.rb +27 -36
  159. data/lib/watobo/mixins/httpparser.rb +613 -637
  160. data/lib/watobo/mixins/request_parser.rb +88 -97
  161. data/lib/watobo/mixins/shapers.rb +515 -529
  162. data/lib/watobo/mixins/transcoders.rb +3 -11
  163. data/lib/watobo/parser.rb +1 -10
  164. data/lib/watobo/parser/html.rb +83 -92
  165. data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
  166. data/lib/watobo/sockets.rb +3 -12
  167. data/lib/watobo/sockets/agent.rb +828 -837
  168. data/lib/watobo/sockets/client_socket.rb +308 -312
  169. data/lib/watobo/sockets/connection.rb +401 -410
  170. data/lib/watobo/sockets/http_socket.rb +11 -13
  171. data/lib/watobo/sockets/ntlm_auth.rb +129 -138
  172. data/lib/watobo/utils.rb +10 -19
  173. data/lib/watobo/utils/check_regex.rb +0 -9
  174. data/lib/watobo/utils/copy_object.rb +0 -9
  175. data/lib/watobo/utils/crypto.rb +0 -9
  176. data/lib/watobo/utils/expand_range.rb +23 -32
  177. data/lib/watobo/utils/export_xml.rb +97 -106
  178. data/lib/watobo/utils/file_management.rb +9 -11
  179. data/lib/watobo/utils/hexprint.rb +9 -18
  180. data/lib/watobo/utils/load_chat.rb +0 -9
  181. data/lib/watobo/utils/load_icon.rb +0 -9
  182. data/lib/watobo/utils/ntlm.rb +866 -875
  183. data/lib/watobo/utils/print_debug.rb +12 -21
  184. data/lib/watobo/utils/response_builder.rb +90 -99
  185. data/lib/watobo/utils/response_hash.rb +0 -9
  186. data/lib/watobo/utils/secure_eval.rb +0 -9
  187. data/lib/watobo/utils/strings.rb +10 -19
  188. data/lib/watobo/utils/text2request.rb +0 -9
  189. data/lib/watobo/utils/url.rb +23 -32
  190. data/lib/watobo/utils/utf16.rb +11 -20
  191. data/modules/active/Apache/mod_status.rb +0 -9
  192. data/modules/active/Apache/multiview.rb +151 -160
  193. data/modules/active/Flash/crossdomain.rb +0 -9
  194. data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
  195. data/modules/active/cq5/cq5_default_selectors.rb +106 -115
  196. data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
  197. data/modules/active/directories/dirwalker.rb +0 -9
  198. data/modules/active/discovery/fileextensions.rb +0 -9
  199. data/modules/active/discovery/http_methods.rb +0 -9
  200. data/modules/active/discovery/jsmapfiles.rb +79 -0
  201. data/modules/active/domino/domino_db.rb +68 -76
  202. data/modules/active/dotNET/custom_errors.rb +102 -111
  203. data/modules/active/dotNET/dotnet_files.rb +90 -99
  204. data/modules/active/fileinclusion/lfi_simple.rb +0 -9
  205. data/modules/active/jboss/jboss_basic.rb +0 -9
  206. data/modules/active/sap/business_objects.rb +51 -60
  207. data/modules/active/sap/its_commands.rb +0 -9
  208. data/modules/active/sap/its_service_parameter.rb +0 -9
  209. data/modules/active/sap/its_services.rb +0 -9
  210. data/modules/active/sap/its_xss.rb +0 -9
  211. data/modules/active/shell_shock/shell_shock.rb +139 -148
  212. data/modules/active/siebel/siebel_apps.rb +160 -169
  213. data/modules/active/sqlinjection/sql_boolean.rb +0 -9
  214. data/modules/active/sqlinjection/sql_numerical.rb +198 -0
  215. data/modules/active/sqlinjection/sqli_error.rb +0 -9
  216. data/modules/active/sqlinjection/sqli_timing.rb +220 -229
  217. data/modules/active/struts2/default_handler_ognl.rb +106 -115
  218. data/modules/active/struts2/include_params_ognl.rb +105 -114
  219. data/modules/active/xml/xml_xxe.rb +112 -123
  220. data/modules/active/xss/xss_ng.rb +214 -223
  221. data/modules/active/xss/xss_simple.rb +0 -9
  222. data/modules/passive/ajax.rb +68 -77
  223. data/modules/passive/autocomplete.rb +56 -65
  224. data/modules/passive/cookie_options.rb +0 -9
  225. data/modules/passive/cookie_xss.rb +0 -9
  226. data/modules/passive/detect_code.rb +0 -9
  227. data/modules/passive/detect_fileupload.rb +0 -9
  228. data/modules/passive/detect_infrastructure.rb +0 -9
  229. data/modules/passive/detect_one_time_tokens.rb +0 -9
  230. data/modules/passive/dirindexing.rb +0 -9
  231. data/modules/passive/disclosure_domino.rb +55 -64
  232. data/modules/passive/disclosure_emails.rb +0 -9
  233. data/modules/passive/disclosure_ipaddr.rb +55 -53
  234. data/modules/passive/filename_as_parameter.rb +0 -9
  235. data/modules/passive/form_spotter.rb +0 -9
  236. data/modules/passive/hidden_fields.rb +50 -59
  237. data/modules/passive/hotspots.rb +0 -9
  238. data/modules/passive/in_script_parameter.rb +0 -9
  239. data/modules/passive/json_web_token.rb +93 -0
  240. data/modules/passive/multiple_server_headers.rb +0 -9
  241. data/modules/passive/possible_login.rb +0 -9
  242. data/modules/passive/redirect_url.rb +0 -9
  243. data/modules/passive/redirectionz.rb +0 -9
  244. data/modules/passive/sap-headers.rb +56 -65
  245. data/modules/passive/xss_dom.rb +0 -9
  246. data/plugins/aem/aem.rb +11 -20
  247. data/plugins/aem/gui/main.rb +118 -127
  248. data/plugins/aem/gui/tree_view.rb +171 -180
  249. data/plugins/aem/lib/agent.rb +130 -138
  250. data/plugins/aem/lib/dispatcher.rb +45 -51
  251. data/plugins/aem/lib/engine.rb +177 -186
  252. data/plugins/catalog/catalog.rb +345 -355
  253. data/plugins/crawler/crawler.rb +4 -13
  254. data/plugins/crawler/gui.rb +5 -14
  255. data/plugins/crawler/gui/auth_frame.rb +270 -279
  256. data/plugins/crawler/gui/crawler_gui.rb +271 -276
  257. data/plugins/crawler/gui/general_settings_frame.rb +96 -105
  258. data/plugins/crawler/gui/hooks_frame.rb +80 -89
  259. data/plugins/crawler/gui/scope_frame.rb +50 -59
  260. data/plugins/crawler/gui/settings_tabbook.rb +38 -47
  261. data/plugins/crawler/gui/status_frame.rb +59 -68
  262. data/plugins/crawler/lib/bags.rb +18 -27
  263. data/plugins/crawler/lib/constants.rb +11 -20
  264. data/plugins/crawler/lib/engine.rb +488 -497
  265. data/plugins/crawler/lib/grabber.rb +68 -77
  266. data/plugins/crawler/lib/status.rb +71 -80
  267. data/plugins/crawler/lib/uri_mp.rb +12 -21
  268. data/plugins/filefinder/filefinder.rb +326 -333
  269. data/plugins/sqlmap/bin/test.rb +78 -87
  270. data/plugins/sqlmap/gui.rb +4 -13
  271. data/plugins/sqlmap/gui/main.rb +218 -227
  272. data/plugins/sqlmap/gui/options_frame.rb +97 -106
  273. data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
  274. data/plugins/sqlmap/sqlmap.rb +2 -11
  275. data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
  276. data/plugins/sslchecker/gui/cipher_table.rb +246 -254
  277. data/plugins/sslchecker/gui/gui.rb +258 -264
  278. data/plugins/sslchecker/gui/sslchecker.rb +4 -13
  279. data/plugins/sslchecker/lib/check.rb +127 -133
  280. data/plugins/wshell/gui/main.rb +119 -117
  281. data/plugins/wshell/lib/core.rb +38 -88
  282. data/plugins/wshell/wshell.rb +11 -20
  283. metadata +170 -164
@@ -1,45 +1,36 @@
1
- #.
2
- # cert_store.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
- module Watobo#:nodoc: all
12
- module CertStore
13
- @fake_certs = Hash.new
14
- def self.acquire_ssl_ctx(target, cn)
15
- ctx = OpenSSL::SSL::SSLContext.new()
16
-
17
- unless @fake_certs.has_key? target
18
- cert_prefs = {
19
- :hostname => cn,
20
- :type => 'server',
21
- :user => 'watobo',
22
- :email => 'watobo@localhost',
23
- }
24
- cert_file, key_file = Watobo::CA.create_cert cert_prefs
25
- fake_cert = OpenSSL::X509::Certificate.new(File.read(cert_file))
26
- fake_key = OpenSSL::PKey::RSA.new(File.read(key_file))
27
-
28
- #ctx = OpenSSL::SSL::SSLContext.new('SSLv23_server')
29
- @fake_certs[target] = { :cert => fake_cert, :key => fake_key }
30
-
31
- end
32
- fc = @fake_certs[target]
33
- ctx.cert = fc[:cert]
34
- ctx.key = fc[:key]
35
-
36
- ctx.tmp_dh_callback = proc { |*args|
37
- Watobo::CA.dh_key
38
- }
39
-
40
- ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
41
- ctx.timeout = 10
42
- return ctx
43
- end
44
- end
2
+ module Watobo#:nodoc: all
3
+ module CertStore
4
+ @fake_certs = Hash.new
5
+ def self.acquire_ssl_ctx(target, cn)
6
+ ctx = OpenSSL::SSL::SSLContext.new()
7
+
8
+ unless @fake_certs.has_key? target
9
+ cert_prefs = {
10
+ :hostname => cn,
11
+ :type => 'server',
12
+ :user => 'watobo',
13
+ :email => 'watobo@localhost',
14
+ }
15
+ cert_file, key_file = Watobo::CA.create_cert cert_prefs
16
+ fake_cert = OpenSSL::X509::Certificate.new(File.read(cert_file))
17
+ fake_key = OpenSSL::PKey::RSA.new(File.read(key_file))
18
+
19
+ #ctx = OpenSSL::SSL::SSLContext.new('SSLv23_server')
20
+ @fake_certs[target] = { :cert => fake_cert, :key => fake_key }
21
+
22
+ end
23
+ fc = @fake_certs[target]
24
+ ctx.cert = fc[:cert]
25
+ ctx.key = fc[:key]
26
+
27
+ ctx.tmp_dh_callback = proc { |*args|
28
+ Watobo::CA.dh_key
29
+ }
30
+
31
+ ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
32
+ ctx.timeout = 10
33
+ return ctx
34
+ end
35
+ end
45
36
  end
@@ -1,65 +1,56 @@
1
- #.
2
- # chat.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
- module Watobo#:nodoc: all
12
- class Chat < Conversation
13
- attr :request
14
- attr :response
15
- attr :settings
16
-
17
- @@numChats = 0
18
- @@max_id = 0
19
-
20
- @@lock = Mutex.new
21
-
22
- public
23
- def resetCounters()
24
- @@numChats = 0
25
- @@max_id = 0
26
- end
27
-
28
- def tested?()
29
- return false unless @settings.has_key?(:tested)
30
- return @settings[:tested]
31
- end
32
-
33
- def tested=(truefalse)
34
- @settings[:tested] = truefalse
35
- end
36
-
37
- def tstart()
38
- @settings[:tstart]
39
- end
40
-
41
- def tstop()
42
- @settings[:tstop]
43
- end
44
-
45
- def id()
46
- @settings[:id]
47
- end
48
-
49
- def comment=(c)
50
- @settings[:comment] = c
51
- end
52
-
53
- def comment()
54
- @settings[:comment]
55
- end
56
-
57
- def use_ssl?
58
- request.proto =~ /https/
59
- end
60
-
61
- def source()
62
- @settings[:source]
2
+ module Watobo#:nodoc: all
3
+ class Chat < Conversation
4
+ attr :request
5
+ attr :response
6
+ attr :settings
7
+
8
+ @@numChats = 0
9
+ @@max_id = 0
10
+
11
+ @@lock = Mutex.new
12
+
13
+ public
14
+ def resetCounters()
15
+ @@numChats = 0
16
+ @@max_id = 0
17
+ end
18
+
19
+ def tested?()
20
+ return false unless @settings.has_key?(:tested)
21
+ return @settings[:tested]
22
+ end
23
+
24
+ def tested=(truefalse)
25
+ @settings[:tested] = truefalse
26
+ end
27
+
28
+ def tstart()
29
+ @settings[:tstart]
30
+ end
31
+
32
+ def tstop()
33
+ @settings[:tstop]
34
+ end
35
+
36
+ def id()
37
+ @settings[:id]
38
+ end
39
+
40
+ def comment=(c)
41
+ @settings[:comment] = c
42
+ end
43
+
44
+ def comment()
45
+ @settings[:comment]
46
+ end
47
+
48
+ def use_ssl?
49
+ request.proto =~ /https/
50
+ end
51
+
52
+ def source()
53
+ @settings[:source]
63
54
  end
64
55
 
65
56
  def to_h
@@ -68,19 +59,19 @@ module Watobo#:nodoc: all
68
59
  h[:request] = @request.to_a
69
60
  h[:response] = @response.to_a
70
61
  h
71
- end
72
-
73
-
74
- # INITIALIZE ( request, response, prefs )
75
- # prefs:
76
- # :source - source of request/response CHAT_SOURCE
77
- # :id - an initial id, if no id is given it will be set to the @@max_id, if id == 0 counters will be ignored.
78
- # :start - starting time of request format is Time.now.to_f
79
- # :stop - time of loading response has finished
80
- # :
81
- def initialize(request, response, prefs = {})
82
-
83
- begin
62
+ end
63
+
64
+
65
+ # INITIALIZE ( request, response, prefs )
66
+ # prefs:
67
+ # :source - source of request/response CHAT_SOURCE
68
+ # :id - an initial id, if no id is given it will be set to the @@max_id, if id == 0 counters will be ignored.
69
+ # :start - starting time of request format is Time.now.to_f
70
+ # :stop - time of loading response has finished
71
+ # :
72
+ def initialize(request, response, prefs = {})
73
+
74
+ begin
84
75
  @settings = {
85
76
  :source => CHAT_SOURCE_UNDEF,
86
77
  :id => -1,
@@ -90,31 +81,31 @@ module Watobo#:nodoc: all
90
81
  :tested => false
91
82
  }
92
83
 
93
- super(request, response)
94
-
95
-
96
-
97
- @settings.update prefs
98
- # puts @settings[:id].to_s
99
-
100
- @@lock.synchronize{
101
- # enter critical section here ???
102
- if @settings[:id] > @@max_id
103
- @@max_id = @settings[:id]
104
- elsif @settings[:id] < 0
105
- @@max_id += 1
106
- @settings[:id] = @@max_id
107
- end
108
- @@numChats += 1
109
- # @comment = ''
110
- # leafe critical section here ???
111
- }
112
-
113
- rescue => bang
114
- puts bang
115
- puts bang.backtrace if $DEBUG
116
- end
117
- end
118
-
119
- end
84
+ super(request, response)
85
+
86
+
87
+
88
+ @settings.update prefs
89
+ # puts @settings[:id].to_s
90
+
91
+ @@lock.synchronize{
92
+ # enter critical section here ???
93
+ if @settings[:id] > @@max_id
94
+ @@max_id = @settings[:id]
95
+ elsif @settings[:id] < 0
96
+ @@max_id += 1
97
+ @settings[:id] = @@max_id
98
+ end
99
+ @@numChats += 1
100
+ # @comment = ''
101
+ # leafe critical section here ???
102
+ }
103
+
104
+ rescue => bang
105
+ puts bang
106
+ puts bang.backtrace if $DEBUG
107
+ end
108
+ end
109
+
110
+ end
120
111
  end
@@ -1,298 +1,289 @@
1
- #.
2
- # chats.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
- module Watobo#:nodoc: all
12
- class Chats
13
- @chats = []
14
- @chats_lock = Mutex.new
15
- @event_dispatcher_listeners = Hash.new
16
- def self.subscribe(event, &callback)
17
- (@event_dispatcher_listeners[event] ||= []) << callback
18
- end
19
-
20
- def self.clearEvents(event)
21
- @event_dispatcher_listeners[event] ||= []
22
- @event_dispatcher_listeners[event].clear
23
- end
24
-
25
- def self.notify(event, *args)
26
- if @event_dispatcher_listeners[event]
27
- @event_dispatcher_listeners[event].each do |m|
28
- m.call(*args) if m.respond_to? :call
29
- end
30
- end
31
- end
32
-
33
- def self.reset
34
- @chats = []
35
- @event_dispatcher_listeners = Hash.new
36
- end
37
-
38
- def self.load
39
-
40
- end
41
-
42
- def self.select(site, opts={}, &block)
43
- o = {
44
- :dir => "",
45
- #:file => nil,
46
- :method => nil,
47
- :max_count => 0
48
- }
49
- o.update opts
50
- o[:dir].strip!
51
- o[:dir].gsub!(/^\//,"")
52
-
53
- matches = []
54
- @chats.each do |c|
55
- if c.request.site == site then
2
+ module Watobo#:nodoc: all
3
+ class Chats
4
+ @chats = []
5
+ @chats_lock = Mutex.new
6
+ @event_dispatcher_listeners = Hash.new
7
+ def self.subscribe(event, &callback)
8
+ (@event_dispatcher_listeners[event] ||= []) << callback
9
+ end
10
+
11
+ def self.clearEvents(event)
12
+ @event_dispatcher_listeners[event] ||= []
13
+ @event_dispatcher_listeners[event].clear
14
+ end
15
+
16
+ def self.notify(event, *args)
17
+ if @event_dispatcher_listeners[event]
18
+ @event_dispatcher_listeners[event].each do |m|
19
+ m.call(*args) if m.respond_to? :call
20
+ end
21
+ end
22
+ end
23
+
24
+ def self.reset
25
+ @chats = []
26
+ @event_dispatcher_listeners = Hash.new
27
+ end
28
+
29
+ def self.load
30
+
31
+ end
32
+
33
+ def self.select(site, opts={}, &block)
34
+ o = {
35
+ :dir => "",
36
+ #:file => nil,
37
+ :method => nil,
38
+ :max_count => 0
39
+ }
40
+ o.update opts
41
+ o[:dir].strip!
42
+ o[:dir].gsub!(/^\//,"")
43
+
44
+ matches = []
45
+ @chats.each do |c|
46
+ if c.request.site == site then
56
47
  matches.push c if o[:dir] == c.request.dir
57
- yield c if block_given?
58
- end
59
- return matches if o[:max_count] > 0 and matches.length >= o[:max_count]
60
- end
61
- return matches
62
-
63
- end
64
-
65
- def self.sites(prefs={}, &block)
66
- list = Hash.new
67
-
68
- cprefs = { :in_scope => false,
69
- :ssl => false
70
- }
71
- cprefs.update prefs
72
-
73
- Watobo::Chats.each do |chat|
74
- next if list.has_key?(chat.request.site)
75
- site = chat.request.site
76
- next if cprefs[:in_scope] == true and not Watobo::Scope.match_site?(site)
77
- next if cprefs[:ssl] and not chat.use_ssl?
78
-
79
- yield site if block_given?
80
- list[site] = nil
81
-
82
- end
83
- return list.keys
84
- end
85
-
86
- def self.dirs(site, list_opts={}, &block)
87
- opts = { :base_dir => "",
88
- :include_subdirs => true
89
- }
90
- opts.update(list_opts) if list_opts.is_a? Hash
91
- list = Hash.new
92
- @chats.each do |chat|
93
- next if chat.request.site != site
94
- next if list.has_key?(chat.request.path)
95
- next if opts[:base_dir] != "" and chat.request.path !~ /^#{Regexp.quote(opts[:base_dir])}/
96
- subdirs = chat.request.subDirs
97
- subdirs.each do |dir|
98
- next if dir.nil?
99
- next if list.has_key?(dir)
100
- list[dir] = :path
101
- if opts[:include_subdirs] == true then
102
- yield dir if block_given?
103
- else
104
- d = dir.gsub(/#{Regexp.quote(opts[:base_dir])}/,"")
105
- yield dir unless d =~ /\// and block_given?
106
- # otherwise it is a subdir of base_dir
107
- end
108
- end
109
- end
110
- end
111
-
112
- def self.get_by_id(chatid)
113
- @chats_lock.synchronize do
114
- @chats.each do |c|
115
- if c.id.to_s == chatid.to_s then
116
- return c
117
- end
118
- end
119
- end
120
- return nil
121
- end
122
-
123
- def self.each(&block)
124
- if block_given?
125
- @chats_lock.synchronize do
126
- @chats.map{|c| yield c }
127
- end
128
- end
129
- end
130
-
131
- def self.to_a
132
- @chats
133
- end
134
-
135
- def self.length
136
- l = 0
137
- @chats_lock.synchronize do
138
- l = @chats.length
139
- end
140
- l
141
- end
142
-
143
- def self.in_scope(&block)
144
- scan_prefs = Watobo::Conf::Scanner.to_h
145
- #puts scan_prefs.to_yaml
146
- unique_list = Hash.new
147
- cis = []
148
-
149
- @chats.each do |chat|
150
- next if scan_prefs[:excluded_chats].include?(chat.id)
151
- uch = chat.request.uniq_hash
152
-
153
- next if unique_list.has_key?(uch) and scan_prefs[:smart_scan] == true
154
- unique_list[uch] = nil
155
- if Watobo::Scope.match_chat? chat
156
- cis << chat
157
- yield chat if block_given?
158
- end
159
- end
160
- cis
161
- end
162
-
163
- # only returns/yields chats wich match filter
164
- #
165
- #
166
- def self.filtered(filter, &block)
167
- #puts filter.to_yaml
168
- @uniq_chats = {}
169
- filtered_chats = []
170
- @chats.each do |chat|
171
- if match?(chat, filter)
172
- yield chat if block_given?
173
- filtered_chats << chat
174
- end
175
- end
176
-
177
- filtered_chats
178
- end
179
-
180
- def self.add(chat, prefs={})
181
- @chats_lock.synchronize do
182
- begin
183
- if chat.request.host then
184
- @chats << chat
185
-
186
- options = {
187
- :run_passive_checks => true,
188
- :notify => true
189
- }
190
- options.update prefs
191
-
192
- Watobo::PassiveScanner.add(chat) if options[:run_passive_checks] == true
193
- # puts "[#{self}] add"
194
-
195
- #@interface.addChat(self, chat) if @interface
196
- notify(:new, chat) if options[:notify] == true
197
-
198
- if chat.id != 0 then
199
- Watobo::DataStore.add_chat(chat)
200
- else
201
- puts "!!! Could not add chat #{chat.id}"
202
- end
203
- end
204
-
205
- # p "!P!"
206
- rescue => bang
207
- puts bang
208
- puts bang.backtrace if $DEBUG
209
- end
210
- end
211
- end
212
-
213
- private
214
-
215
- def self.match?(chat, filter)
48
+ yield c if block_given?
49
+ end
50
+ return matches if o[:max_count] > 0 and matches.length >= o[:max_count]
51
+ end
52
+ return matches
53
+
54
+ end
55
+
56
+ def self.sites(prefs={}, &block)
57
+ list = Hash.new
58
+
59
+ cprefs = { :in_scope => false,
60
+ :ssl => false
61
+ }
62
+ cprefs.update prefs
63
+
64
+ Watobo::Chats.each do |chat|
65
+ next if list.has_key?(chat.request.site)
66
+ site = chat.request.site
67
+ next if cprefs[:in_scope] == true and not Watobo::Scope.match_site?(site)
68
+ next if cprefs[:ssl] and not chat.use_ssl?
69
+
70
+ yield site if block_given?
71
+ list[site] = nil
72
+
73
+ end
74
+ return list.keys
75
+ end
76
+
77
+ def self.dirs(site, list_opts={}, &block)
78
+ opts = { :base_dir => "",
79
+ :include_subdirs => true
80
+ }
81
+ opts.update(list_opts) if list_opts.is_a? Hash
82
+ list = Hash.new
83
+ @chats.each do |chat|
84
+ next if chat.request.site != site
85
+ next if list.has_key?(chat.request.path)
86
+ next if opts[:base_dir] != "" and chat.request.path !~ /^#{Regexp.quote(opts[:base_dir])}/
87
+ subdirs = chat.request.subDirs
88
+ subdirs.each do |dir|
89
+ next if dir.nil?
90
+ next if list.has_key?(dir)
91
+ list[dir] = :path
92
+ if opts[:include_subdirs] == true then
93
+ yield dir if block_given?
94
+ else
95
+ d = dir.gsub(/#{Regexp.quote(opts[:base_dir])}/,"")
96
+ yield dir unless d =~ /\// and block_given?
97
+ # otherwise it is a subdir of base_dir
98
+ end
99
+ end
100
+ end
101
+ end
102
+
103
+ def self.get_by_id(chatid)
104
+ @chats_lock.synchronize do
105
+ @chats.each do |c|
106
+ if c.id.to_s == chatid.to_s then
107
+ return c
108
+ end
109
+ end
110
+ end
111
+ return nil
112
+ end
113
+
114
+ def self.each(&block)
115
+ if block_given?
116
+ @chats_lock.synchronize do
117
+ @chats.map{|c| yield c }
118
+ end
119
+ end
120
+ end
121
+
122
+ def self.to_a
123
+ @chats
124
+ end
125
+
126
+ def self.length
127
+ l = 0
128
+ @chats_lock.synchronize do
129
+ l = @chats.length
130
+ end
131
+ l
132
+ end
133
+
134
+ def self.in_scope(&block)
135
+ scan_prefs = Watobo::Conf::Scanner.to_h
136
+ #puts scan_prefs.to_yaml
137
+ unique_list = Hash.new
138
+ cis = []
139
+
140
+ @chats.each do |chat|
141
+ next if scan_prefs[:excluded_chats].include?(chat.id)
142
+ uch = chat.request.uniq_hash
143
+
144
+ next if unique_list.has_key?(uch) and scan_prefs[:smart_scan] == true
145
+ unique_list[uch] = nil
146
+ if Watobo::Scope.match_chat? chat
147
+ cis << chat
148
+ yield chat if block_given?
149
+ end
150
+ end
151
+ cis
152
+ end
153
+
154
+ # only returns/yields chats wich match filter
155
+ #
156
+ #
157
+ def self.filtered(filter, &block)
158
+ #puts filter.to_yaml
159
+ @uniq_chats = {}
160
+ filtered_chats = []
161
+ @chats.each do |chat|
162
+ if match?(chat, filter)
163
+ yield chat if block_given?
164
+ filtered_chats << chat
165
+ end
166
+ end
167
+
168
+ filtered_chats
169
+ end
170
+
171
+ def self.add(chat, prefs={})
172
+ @chats_lock.synchronize do
173
+ begin
174
+ if chat.request.host then
175
+ @chats << chat
176
+
177
+ options = {
178
+ :run_passive_checks => true,
179
+ :notify => true
180
+ }
181
+ options.update prefs
182
+
183
+ Watobo::PassiveScanner.add(chat) if options[:run_passive_checks] == true
184
+ # puts "[#{self}] add"
185
+
186
+ #@interface.addChat(self, chat) if @interface
187
+ notify(:new, chat) if options[:notify] == true
188
+
189
+ if chat.id != 0 then
190
+ Watobo::DataStore.add_chat(chat)
191
+ else
192
+ puts "!!! Could not add chat #{chat.id}"
193
+ end
194
+ end
195
+
196
+ # p "!P!"
197
+ rescue => bang
198
+ puts bang
199
+ puts bang.backtrace if $DEBUG
200
+ end
201
+ end
202
+ end
203
+
204
+ private
205
+
206
+ def self.match?(chat, filter)
216
207
  begin
217
208
 
218
- filtered = false
219
- # return false if filter[:ok_only] == true and chat.response.responseCode !~ /200/
220
-
221
- if filter[:unique]
222
- uniq_hash = chat.request.uniq_hash
223
- return false if @uniq_chats.has_key? uniq_hash
224
- @uniq_chats[uniq_hash] = nil
225
- end
226
- #puts "scope"
227
- if filter[:scope_only]
228
- return false unless Watobo::Scope.match_site?(chat.request.site)
229
- end
230
- # puts "* passed scope"
231
- if filter[:hide_tested]
232
- return false if chat.tested?
233
- end
209
+ filtered = false
210
+ # return false if filter[:ok_only] == true and chat.response.responseCode !~ /200/
211
+
212
+ if filter[:unique]
213
+ uniq_hash = chat.request.uniq_hash
214
+ return false if @uniq_chats.has_key? uniq_hash
215
+ @uniq_chats[uniq_hash] = nil
216
+ end
217
+ #puts "scope"
218
+ if filter[:scope_only]
219
+ return false unless Watobo::Scope.match_site?(chat.request.site)
220
+ end
221
+ # puts "* passed scope"
222
+ if filter[:hide_tested]
223
+ return false if chat.tested?
224
+ end
234
225
 
235
226
  if filter.has_key?(:status_codes) and not filter[:status_codes].empty?
236
227
  return false if filter[:status_codes].find_index{|i| chat.response.status =~ /#{i}/}.nil?
237
228
  end
238
-
239
- if filter.has_key?(:mime_types) and not filter[:mime_types].empty?
240
- match = false
241
- filter[:mime_types].each do |mt|
242
- if chat.response.content_type =~ /#{mt}/i
243
- match = true
244
- end
245
- end
246
- puts "MIME_TYPE: #{match}"
247
- return false if match == false
248
- end
249
-
250
- #puts "extensions"
251
- # puts "* passed hide tested"
252
- if filter[:hidden_extensions] == true
253
- return false if filter[:hidden_extension_patterns].include?(chat.request.doctype)
254
- end
255
-
256
- if filter[:show_extension_patterns]
257
- unless filter[:show_extension_patterns].empty? or filter[:show_extensions] == false
258
- return false unless filter[:show_extension_patterns].include?(chat.request.doctype)
229
+
230
+ if filter.has_key?(:mime_types) and not filter[:mime_types].empty?
231
+ match = false
232
+ filter[:mime_types].each do |mt|
233
+ if chat.response.content_type =~ /#{mt}/i
234
+ match = true
235
+ end
236
+ end
237
+ puts "MIME_TYPE: #{match}"
238
+ return false if match == false
239
+ end
240
+
241
+ #puts "extensions"
242
+ # puts "* passed hide tested"
243
+ if filter[:hidden_extensions] == true
244
+ return false if filter[:hidden_extension_patterns].include?(chat.request.doctype)
245
+ end
246
+
247
+ if filter[:show_extension_patterns]
248
+ unless filter[:show_extension_patterns].empty? or filter[:show_extensions] == false
249
+ return false unless filter[:show_extension_patterns].include?(chat.request.doctype)
259
250
  end
260
- end
261
- #return true if filter[:text].empty?
251
+ end
252
+ #return true if filter[:text].empty?
262
253
  # puts "url pattern"
263
- if filter[:url_pattern]
254
+ if filter[:url_pattern]
264
255
  unless filter[:url_pattern].empty?
265
- filtered = true
266
- return true if chat.request.first =~ /#{filter[:url_pattern]}/i
267
- #return false
256
+ filtered = true
257
+ return true if chat.request.first =~ /#{filter[:url_pattern]}/i
258
+ #return false
268
259
  end
269
- end
260
+ end
270
261
 
271
- if filter[:request_pattern]
262
+ if filter[:request_pattern]
272
263
  unless filter[:request_pattern].empty?
273
- filtered = true
274
- return true if chat.request.join =~ /#{filter[:request_pattern]}/i
275
- #return false
276
- end
277
- end
278
- # puts filter.to_yaml
264
+ filtered = true
265
+ return true if chat.request.join =~ /#{filter[:request_pattern]}/i
266
+ #return false
267
+ end
268
+ end
269
+ # puts filter.to_yaml
279
270
  # puts chat.response.responseCode
280
- if filter[:response_pattern]
271
+ if filter[:response_pattern]
281
272
  unless filter[:response_pattern].empty?
282
- filtered = true
283
- #return false if filter[:text_only] == true and chat.response.content_type !~ /(text|javascript|xml|json)/
284
- return true if chat.response.join.unpack("C*").pack("C*") =~ /#{filter[:response_pattern]}/i
285
- #return false
273
+ filtered = true
274
+ #return false if filter[:text_only] == true and chat.response.content_type !~ /(text|javascript|xml|json)/
275
+ return true if chat.response.join.unpack("C*").pack("C*") =~ /#{filter[:response_pattern]}/i
276
+ #return false
286
277
  end
287
- end
288
-
289
- return !filtered
290
-
291
- rescue => bang
292
- puts bang
293
- puts bang.backtrace if $DEBUG
294
- end
295
- false
296
- end
297
- end
278
+ end
279
+
280
+ return !filtered
281
+
282
+ rescue => bang
283
+ puts bang
284
+ puts bang.backtrace if $DEBUG
285
+ end
286
+ false
287
+ end
288
+ end
298
289
  end