watobo 0.9.9.pre3 → 0.9.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (90) hide show
  1. data/.yardopts +24 -0
  2. data/CHANGELOG +17 -7
  3. data/README +4 -60
  4. data/bin/nfq_server.rb +191 -0
  5. data/config/interceptor.yml +2 -6
  6. data/lib/watobo/adapters/data_store.rb +1 -1
  7. data/lib/watobo/adapters/file/file_store.rb +50 -33
  8. data/lib/watobo/ca.rb +22 -0
  9. data/lib/watobo/config.rb +6 -0
  10. data/lib/watobo/core/ca.rb +411 -0
  11. data/lib/watobo/core/cert_store.rb +56 -0
  12. data/lib/watobo/core/forwarding_proxy.rb +38 -0
  13. data/lib/watobo/core/http_socket.rb +18 -0
  14. data/lib/watobo/core/intercept_carver.rb +179 -0
  15. data/lib/watobo/core/intercept_filter.rb +257 -0
  16. data/lib/watobo/core/interceptor.rb +342 -79
  17. data/lib/watobo/core/netfilter_queue.rb +191 -0
  18. data/lib/watobo/core/project.rb +84 -138
  19. data/lib/watobo/core/proxy.rb +61 -0
  20. data/lib/watobo/core/request.rb +40 -0
  21. data/lib/watobo/core/response.rb +30 -0
  22. data/lib/watobo/core/scanner.rb +64 -58
  23. data/lib/watobo/core/session.rb +70 -77
  24. data/lib/watobo/core.rb +1 -1
  25. data/lib/watobo/framework/create_project.rb +25 -10
  26. data/lib/watobo/framework/init.rb +13 -0
  27. data/lib/watobo/gui/browser_preview.rb +5 -4
  28. data/lib/watobo/gui/checks_policy_frame.rb +1 -0
  29. data/lib/watobo/gui/client_cert_dialog.rb +11 -6
  30. data/lib/watobo/gui/conversation_table.rb +7 -4
  31. data/lib/watobo/gui/fuzzer_gui.rb +9 -11
  32. data/lib/watobo/gui/intercept_filter_dialog.rb +210 -0
  33. data/lib/watobo/gui/interceptor_gui.rb +59 -21
  34. data/lib/watobo/gui/interceptor_settings_dialog.rb +39 -5
  35. data/lib/watobo/gui/list_box.rb +2 -1
  36. data/lib/watobo/gui/log_viewer.rb +79 -5
  37. data/lib/watobo/gui/main_window.rb +159 -113
  38. data/lib/watobo/gui/manual_request_editor.rb +11 -5
  39. data/lib/watobo/gui/mixins/subscriber.rb +47 -0
  40. data/lib/watobo/gui/project_wizzard.rb +3 -3
  41. data/lib/watobo/gui/proxy_dialog.rb +17 -18
  42. data/lib/watobo/gui/request_editor.rb +1 -1
  43. data/lib/watobo/gui/rewrite_filters_dialog.rb +416 -0
  44. data/lib/watobo/gui/rewrite_rules_dialog.rb +394 -0
  45. data/lib/watobo/gui/scanner_settings_dialog.rb +9 -6
  46. data/lib/watobo/gui/session_management_dialog.rb +33 -23
  47. data/lib/watobo/gui/sites_tree.rb +5 -6
  48. data/lib/watobo/gui/status_bar.rb +101 -49
  49. data/lib/watobo/gui/table_editor.rb +1 -1
  50. data/lib/watobo/gui/templates/plugin2.rb +23 -27
  51. data/lib/watobo/gui/utils/save_default_settings.rb +9 -9
  52. data/lib/watobo/gui/utils/save_proxy_settings.rb +25 -9
  53. data/lib/watobo/gui/utils/save_scanner_settings.rb +10 -7
  54. data/lib/watobo/gui/utils/session_history.rb +1 -1
  55. data/lib/watobo/gui/www_auth_dialog.rb +25 -21
  56. data/lib/watobo/gui.rb +3 -1
  57. data/lib/watobo/mixins/httpparser.rb +47 -40
  58. data/lib/watobo/mixins/request_parser.rb +126 -41
  59. data/lib/watobo/mixins/shapers.rb +124 -15
  60. data/lib/watobo/utils/hexprint.rb +31 -0
  61. data/lib/watobo/utils/load_chat.rb +2 -0
  62. data/lib/watobo/utils/response_builder.rb +111 -0
  63. data/lib/watobo.rb +4 -1
  64. data/modules/active/discovery/http_methods.rb +6 -4
  65. data/modules/active/fileinclusion/lfi_simple.rb +3 -3
  66. data/modules/active/sqlinjection/sqli_timing.rb +6 -6
  67. data/modules/passive/redirectionz.rb +5 -6
  68. data/plugins/catalog/catalog.rb +240 -56
  69. data/plugins/catalog/db_tests +1 -6483
  70. data/plugins/catalog/db_variables +2 -29
  71. data/plugins/crawler/gui/auth_frame.rb +15 -3
  72. data/plugins/crawler/gui/crawler_gui.rb +24 -0
  73. data/plugins/crawler/gui/hooks_frame.rb +7 -2
  74. data/plugins/crawler/gui/settings_tabbook.rb +4 -0
  75. data/plugins/crawler/gui.rb +3 -3
  76. data/plugins/crawler/lib/engine.rb +1 -1
  77. data/plugins/filefinder/filefinder.rb +21 -17
  78. data/plugins/sqlmap/bin/test.rb +100 -0
  79. data/plugins/sqlmap/gui/main.rb +227 -0
  80. data/plugins/sqlmap/gui/options_frame.rb +119 -0
  81. data/plugins/sqlmap/gui.rb +27 -0
  82. data/plugins/sqlmap/icons/sqlmap.ico +0 -0
  83. data/plugins/sqlmap/lib/sqlmap_ctrl.rb +116 -0
  84. data/plugins/sqlmap/sqlmap.rb +26 -0
  85. data/plugins/sslchecker/gui/gui.rb +45 -30
  86. metadata +32 -9
  87. data/certificates/cert.pem +0 -19
  88. data/certificates/privkey.pem +0 -15
  89. data/certificates/watobo_dh.key +0 -5
  90. data/lib/watobo/core/simple_ca.rb +0 -393
@@ -0,0 +1,191 @@
1
+ # .
2
+ # netfilter_queue.rb
3
+ #
4
+ # Copyright 2012 by siberas, http://www.siberas.de
5
+ #
6
+ # This file is part of WATOBO (Web Application Tool Box)
7
+ # http://watobo.sourceforge.com
8
+ #
9
+ # WATOBO is free software; you can redistribute it and/or modify
10
+ # it under the terms of the GNU General Public License as published by
11
+ # the Free Software Foundation version 2 of the License.
12
+ #
13
+ # WATOBO is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with WATOBO; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ # .
22
+ module Watobo
23
+ module NFQueue
24
+ @ssl_requests = Hash.new
25
+ @cert_list = Hash.new
26
+
27
+ @netqueue_lock = Mutex.new
28
+ @t_nfqueue = nil
29
+
30
+ @nfq_present = false
31
+
32
+ begin
33
+ require "nfqueue"
34
+ @nfq_present = true
35
+ rescue LoadError
36
+ puts "NFQUEUE not available on this system"
37
+ end
38
+
39
+ def self.get_ip_string(raw_addr)
40
+ begin
41
+ ip = ""
42
+ raw_addr.length.times do |i|
43
+ ip << "." unless ip.empty?
44
+ ip << raw_addr[i].ord.to_s
45
+ end
46
+ rescue => bang
47
+ puts bang
48
+ puts bang.backtrace
49
+ end
50
+ ip
51
+ end
52
+
53
+ def self.stop
54
+ @t_nfqueue.kill if @t_nfqueue.respond_to? :kill
55
+ end
56
+
57
+ def self.start
58
+ # @t_nfqueue.raise unless @t_nfqueue.nil?
59
+ puts @t_nfqueue.status if @t_nfqueue.respond_to? :status
60
+
61
+ puts "starting netfilter_queue ..."
62
+ @t_nfqueue = Thread.new{
63
+ begin
64
+ Netfilter::Queue.create(0) do |p|
65
+ puts ">> Netfilter Packet #" + p.id.to_s
66
+ # $stdout.flush
67
+ puts p.data.class
68
+ raw_src = p.data[12..15]
69
+ raw_dst = p.data[16..19]
70
+ src_port = p.data[20..21].unpack("H4")[0].hex
71
+ dst_port = p.data[22..24].unpack("H4")[0].hex
72
+ # if p.data.length > 47
73
+ # flags = p.data[47].unpack("H*")[0].hex
74
+ # puts flags.to_s
75
+ # if flags == 2
76
+ puts "ADD SSL REQUEST"
77
+ puts "#{get_ip_string(raw_src)}:#{src_port} -> #{get_ip_string(raw_dst)}:#{dst_port}"
78
+ @netqueue_lock.synchronize do
79
+ if add_ssl_request(get_ip_string(raw_src), src_port, get_ip_string(raw_dst), dst_port)
80
+ puts "OK"
81
+ end
82
+ end
83
+ #end
84
+ #end
85
+ Netfilter::Packet::ACCEPT
86
+ end
87
+ rescue => bang
88
+ puts bang
89
+ puts bang.backtrace
90
+ # retry
91
+ rescue Netfilter::QueueError
92
+ puts "NetfilterERROR"
93
+ exit
94
+ end
95
+ }
96
+
97
+ @t_nfqueue
98
+ end
99
+
100
+ def self.add_ssl_request(c_host, c_port, s_host, s_port)
101
+ ck = "#{c_host}:#{c_port}"
102
+ sk = "#{s_host}:#{s_port}"
103
+
104
+ begin
105
+
106
+ unless @cert_list.has_key? sk
107
+ if cert = acquire_cert(s_host,s_port)
108
+ @ssl_requests[ck] = sk
109
+ @cert_list[sk] = cert
110
+ else
111
+ return false
112
+ end
113
+ else
114
+ @ssl_requests[ck] = sk
115
+ end
116
+
117
+ return true
118
+ rescue => bang
119
+ puts bang
120
+ puts bang.backtrace
121
+ end
122
+ return false
123
+
124
+ end
125
+
126
+ def self.get_connection_info(c_host,c_port)
127
+ begin
128
+ ck = "#{c_host}:#{c_port}"
129
+ target_site = nil
130
+ cert = nil
131
+ @netqueue_lock.synchronize do
132
+ if @ssl_requests.has_key? ck
133
+ target_site = @ssl_requests[ck]
134
+ cert = @cert_list[target_site] if @cert_list.has_key? target_site
135
+ end
136
+ end
137
+ return target_site, cert
138
+ rescue => bang
139
+ puts bang
140
+ puts bang.backtrace
141
+ end
142
+ return nil, nil
143
+ end
144
+
145
+ def self.acquire_cert(host, port)
146
+ puts "* acquire cert ... #{host}:#{port}"
147
+ begin
148
+ tcp_socket = TCPSocket.new( host, port )
149
+ tcp_socket.setsockopt( Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, 1)
150
+ tcp_socket.sync = true
151
+ ctx = OpenSSL::SSL::SSLContext.new()
152
+
153
+ ctx.tmp_dh_callback = proc { |*args|
154
+ OpenSSL::PKey::DH.new(128)
155
+ }
156
+
157
+ socket = OpenSSL::SSL::SSLSocket.new(tcp_socket, ctx)
158
+
159
+ socket.connect
160
+ #socket.setsockopt( Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, 1)
161
+ sk = "#{host}:#{port}"
162
+ cert = socket.peer_cert
163
+ @cert_list[sk] = cert
164
+ puts "PEER CERT SUBJECT: #{cert.subject}"
165
+ # puts cert.subject.methods.sort
166
+ return cert
167
+
168
+ rescue => bang
169
+ puts bang
170
+ puts bang.backtrace
171
+ end
172
+ return nil
173
+ end
174
+
175
+ end
176
+ end
177
+
178
+ if $0 == __FILE__
179
+ inc_path = File.expand_path(File.join(File.dirname(__FILE__), "..","..","..", "lib")) # this is the same as rubygems would do
180
+ $: << inc_path
181
+
182
+ require 'watobo'
183
+ require 'nfqueue'
184
+
185
+ Watobo::Interceptor.proxy_mode = Watobo::Interceptor::MODE_TRANSPARENT
186
+ @iproxy = Watobo::InterceptProxy.new()
187
+ @iproxy.run
188
+ while 1
189
+ sleep 1
190
+ end
191
+ end
@@ -34,31 +34,34 @@ module Watobo
34
34
  # end
35
35
  copy = Utils.copyObject(@request)
36
36
  # now extend the new request with the Watobo mixins
37
- copy.extend Watobo::Mixin::Parser::Url
38
- copy.extend Watobo::Mixin::Parser::Web10
39
- copy.extend Watobo::Mixin::Shaper::Web10
37
+ #copy.extend Watobo::Mixin::Parser::Url
38
+ #copy.extend Watobo::Mixin::Parser::Web10
39
+ #copy.extend Watobo::Mixin::Shaper::Web10
40
+ Watobo::Request.create copy
40
41
  return copy
41
42
  end
42
43
 
43
44
  private
44
45
 
45
- def extendRequest
46
- @request.extend Watobo::Mixin::Shaper::Web10
47
- @request.extend Watobo::Mixin::Parser::Web10
48
- @request.extend Watobo::Mixin::Parser::Url
49
- end
46
+ # def extendRequest
47
+ # @request.extend Watobo::Mixin::Shaper::Web10
48
+ # @request.extend Watobo::Mixin::Parser::Web10
49
+ # @request.extend Watobo::Mixin::Parser::Url
50
+ # end
50
51
 
51
- def extendResponse
52
- @response.extend Watobo::Mixin::Parser::Web10
53
- end
52
+ # def extendResponse
53
+ # @response.extend Watobo::Mixin::Parser::Web10
54
+ # end
54
55
 
55
56
  def initialize(request, response)
56
57
  @request = request
57
58
  @response = response
58
59
  @file = nil
59
60
 
60
- extendRequest()
61
- extendResponse()
61
+ # extendRequest()
62
+ # extendResponse()
63
+ Watobo::Request.create @request
64
+ Watobo::Response.create @response
62
65
 
63
66
  end
64
67
 
@@ -176,15 +179,15 @@ module Watobo
176
179
  def id()
177
180
  @details[:id]
178
181
  end
179
-
182
+
180
183
  def false_positive?
181
184
  @details[:false_positive]
182
185
  end
183
-
186
+
184
187
  def set_false_positive
185
188
  @details[:false_positive] = true
186
189
  end
187
-
190
+
188
191
  def unset_false_positive
189
192
  @details[:false_positive] = false
190
193
  end
@@ -210,15 +213,15 @@ module Watobo
210
213
  @@numFindings += 1
211
214
 
212
215
  }
213
- extendRequest()
214
- extendResponse()
216
+ # extendRequest()
217
+ # extendResponse()
215
218
 
216
219
  end
217
220
 
218
221
  end
219
222
 
220
223
  class Project
221
-
224
+
222
225
  attr :chats
223
226
  attr_accessor :findings
224
227
  attr :scan_settings
@@ -254,7 +257,7 @@ module Watobo
254
257
  def projectSettingsFile
255
258
  @project_file
256
259
  end
257
-
260
+
258
261
  def session_settings()
259
262
  s = YAML.load(YAML.dump(scan_settings))
260
263
  sf = [:logout_signatures, :non_unique_parms, :login_chat_ids, :excluded_chats, :csrf_request_ids, :scope ]
@@ -438,7 +441,7 @@ module Watobo
438
441
  extend_request(request) unless request.respond_to? :site
439
442
  hashbase = request.site + request.method + request.path
440
443
  request.get_parm_names.sort.each do |p|
441
- # puts "URL-Parm: #{p}"
444
+ # puts "URL-Parm: #{p}"
442
445
  if @scan_settings[:non_unique_parms].include?(p) then
443
446
  hashbase += p + request.get_parm_value(p)
444
447
  else
@@ -447,7 +450,7 @@ module Watobo
447
450
 
448
451
  end
449
452
  request.post_parm_names.sort.each do |p|
450
- # puts "POST-Parm: #{p}"
453
+ # puts "POST-Parm: #{p}"
451
454
  if @scan_settings[:non_unique_parms].include?(p) then
452
455
  hashbase += p + request.post_parm_value(p)
453
456
  else
@@ -455,7 +458,7 @@ module Watobo
455
458
  end
456
459
 
457
460
  end
458
- # puts hashbase
461
+ # puts hashbase
459
462
  return Digest::MD5.hexdigest(hashbase)
460
463
  rescue => bang
461
464
  puts bang
@@ -492,7 +495,6 @@ module Watobo
492
495
  @scan_settings.update new_settings
493
496
  end
494
497
 
495
-
496
498
  def findChats(site, opts={})
497
499
  o = {
498
500
  :dir => "",
@@ -549,33 +551,34 @@ module Watobo
549
551
  end
550
552
 
551
553
  def addChat(chat, prefs={})
552
- @chats_lock.synchronize do
553
- begin
554
- if chat.request.host then
555
- chats.push chat
554
+ @chats_lock.synchronize do
555
+ begin
556
+ if chat.request.host then
557
+ chats.push chat
556
558
 
557
- options = {
558
- :run_passive_checks => true,
559
- :notify => true
560
- }
561
- options.update prefs
559
+ options = {
560
+ :run_passive_checks => true,
561
+ :notify => true
562
+ }
563
+ options.update prefs
562
564
 
563
- runPassiveChecks(chat) if options[:run_passive_checks] == true
565
+ runPassiveChecks(chat) if options[:run_passive_checks] == true
564
566
 
565
- #@interface.addChat(self, chat) if @interface
566
- notify(:new_chat, chat) if options[:notify] == true
567
+ #@interface.addChat(self, chat) if @interface
568
+ notify(:new_chat, chat) if options[:notify] == true
567
569
 
568
- if chat.id != 0 then
569
- @session_store.add_chat(chat)
570
- else
571
- puts "!!! Could not add chat #{chat.id}"
570
+ if chat.id != 0 then
571
+ @session_store.add_chat(chat)
572
+ else
573
+ puts "!!! Could not add chat #{chat.id}"
574
+ end
572
575
  end
576
+
577
+ # p "!P!"
578
+ rescue => bang
579
+ puts bang
580
+ puts bang.backtrace if $DEBUG
573
581
  end
574
- # p "!P!"
575
- rescue => bang
576
- puts bang
577
- puts bang.backtrace if $DEBUG
578
- end
579
582
  end
580
583
  end
581
584
 
@@ -583,8 +586,8 @@ module Watobo
583
586
  @sessionMgr.runLogin(loginChats)
584
587
  end
585
588
 
586
- def has_scope?()
587
- return false if @scan_settings[:scope].nil?
589
+ def has_scope?()
590
+ return false if @scan_settings[:scope].empty?
588
591
  @scan_settings[:scope].each_key do |k|
589
592
  return true if @scan_settings[:scope][k][:enabled] == true
590
593
  end
@@ -632,81 +635,72 @@ module Watobo
632
635
 
633
636
  def addFinding(finding, opts={})
634
637
  @findings_lock.synchronize do
635
- options = {
636
- :notify => true,
637
- :save_finding => true
638
- }
639
- options.update opts
640
- # puts "* add finding #{finding.details[:fid]}" if $DEBUG
641
-
642
- @findings_count ||= Hash.new
643
- @findings_count[finding.details[:class]] = 0 unless @findings_count.has_key? finding.details[:class]
644
-
645
- unless @findings.has_key?(finding.details[:fid]) or @findings_count[finding.details[:class]] > 100
646
- begin
647
- @findings[finding.details[:fid]] = finding
648
- @findings_count[finding.details[:class]] += 1
649
- #@interface.addFinding(new_finding)
650
- # puts "* new finding"
651
- notify(:new_finding, finding) if options[:notify] == true
652
-
653
- @session_store.add_finding(finding) if options[:save_finding] == true
654
- rescue => bang
655
- puts "!!!ERROR: #{Module.nesting[0].name}"
656
- puts bang
657
- puts bang.backtrace if $DEBUG
638
+ options = {
639
+ :notify => true,
640
+ :save_finding => true
641
+ }
642
+ options.update opts
643
+ # puts "* add finding #{finding.details[:fid]}" if $DEBUG
644
+
645
+ @findings_count ||= Hash.new
646
+ @findings_count[finding.details[:class]] = 0 unless @findings_count.has_key? finding.details[:class]
647
+
648
+ unless @findings.has_key?(finding.details[:fid]) or @findings_count[finding.details[:class]] > 100
649
+ begin
650
+ @findings[finding.details[:fid]] = finding
651
+ @findings_count[finding.details[:class]] += 1
652
+ #@interface.addFinding(new_finding)
653
+ # puts "* new finding"
654
+ notify(:new_finding, finding) if options[:notify] == true
655
+
656
+ @session_store.add_finding(finding) if options[:save_finding] == true
657
+ rescue => bang
658
+ puts "!!!ERROR: #{Module.nesting[0].name}"
659
+ puts bang
660
+ puts bang.backtrace if $DEBUG
661
+ end
662
+ else
663
+ # puts "Skip finding <#{finding.details[:class]}>"
658
664
  end
659
- else
660
- puts "Skip finding <#{finding.details[:class]}>"
661
- end
662
665
  end
663
666
 
664
667
  end
665
-
668
+
666
669
  def delete_finding(f)
667
670
  @findings_lock.synchronize do
668
671
  @session_store.delete_finding(f)
669
672
  @findings.delete f.details[:fid]
670
673
  end
671
674
  end
672
-
675
+
673
676
  def set_false_positive(finding)
674
677
  @findings_lock.synchronize do
675
678
  puts "Set Finding #{finding.id} / #{finding.details[:fid]} False-Positive" if $DEBUG
676
679
  if @findings.has_key? finding.details[:fid]
677
680
  @findings[finding.details[:fid]].set_false_positive
678
- @session_store.update_finding(finding)
679
- return true
681
+ @session_store.update_finding(finding)
682
+ return true
680
683
  end
681
684
  return false
682
685
  end
683
686
  end
684
-
687
+
685
688
  def unset_false_positive(finding)
686
689
  @findings_lock.synchronize do
687
690
  if @findings.has_key? finding.id
688
- @findings[finding.id].unset_false_positive
689
- @session_store.update_finding(finding)
690
- return true
691
+ @findings[finding.id].unset_false_positive
692
+ @session_store.update_finding(finding)
693
+ return true
691
694
  end
692
695
  return false
693
696
  end
694
697
  end
695
698
 
696
-
697
699
  def setupProject(progress_window=nil)
698
700
  begin
699
701
  puts "DEBUG: Setup Project" if $DEBUG and $debug_project
700
702
  importSession()
701
- =begin
702
- importSession(progress_window)
703
-
704
- init_active_modules(progress_window)
705
703
 
706
- init_passive_modules(progress_window)
707
-
708
- initPlugins(progress_window)
709
- =end
710
704
  rescue => bang
711
705
  puts bang
712
706
  puts bang.backtrace if $DEBUG
@@ -913,55 +907,7 @@ module Watobo
913
907
  notify(:update_progress, :increment =>1, :job => "finding #{f.id}" )
914
908
  addFinding(f, :notify => true, :save_finding => false ) if f
915
909
  end
916
- =begin
917
- puts "* Import Session:"
918
- puts "+ Conversation Path:\n>> #{File.expand_path(@conversations_path)}"
919
-
920
- puts
921
- chatIds = listChatIds(@conversations_path, "chat")
922
- findingIds = listChatIds(@findings_path, "finding")
923
-
924
- numChats = chatIds.length
925
- numFindings = findingIds.length
926
- numImports = numChats + numFindings
927
- pc = 0
928
910
 
929
- notify(:update_progress, :total => numImports, :task => "Import Conversation")
930
-
931
- begin
932
- chatIds.each_with_index do |id, index|
933
-
934
- notify(:update_progress, :increment =>1, :job => "chat #{index}/#{numChats}" )
935
-
936
- fname = File.join(@conversations_path, "#{id}-chat")
937
- chat = Watobo::Utils.loadChatYAML(fname)
938
- addChat(chat, :run_passive_checks => false, :notify => false ) if chat
939
- end
940
- rescue => bang
941
- puts "!!!ERROR: Could not import conversations"
942
- puts bang
943
- puts bang.backtrace if $DEBUG
944
- end
945
-
946
- puts "+ Findings Path:\n>> #{File.expand_path(@findings_path)}"
947
-
948
- notify(:update_progress, :task => "Import Findings")
949
- begin
950
- findingIds.each_with_index do |id, index|
951
- notify(:update_progress, :increment => 1, :job => "Finding #{index}/#{numFindings}")
952
-
953
- fname = File.join(@findings_path, "#{id}-finding")
954
- finding = Watobo::Utils.loadFindingYAML(fname)
955
-
956
- addFinding(finding, :notify => false) if finding
957
-
958
- end
959
- rescue => bang
960
- puts "!!!ERROR: Could not import finding [#{id}]"
961
- puts bang
962
-
963
- end
964
- =end
965
911
  end
966
912
 
967
913
  def setDefaults_UNUSED()
@@ -0,0 +1,61 @@
1
+ # .
2
+ # proxy.rb
3
+ #
4
+ # Copyright 2012 by siberas, http://www.siberas.de
5
+ #
6
+ # This file is part of WATOBO (Web Application Tool Box)
7
+ # http://watobo.sourceforge.com
8
+ #
9
+ # WATOBO is free software; you can redistribute it and/or modify
10
+ # it under the terms of the GNU General Public License as published by
11
+ # the Free Software Foundation version 2 of the License.
12
+ #
13
+ # WATOBO is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with WATOBO; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ # .
22
+ module Watobo
23
+ class Proxy
24
+ include Watobo::Constants
25
+
26
+ attr :login
27
+
28
+ def method_missing(name, *args, &block)
29
+ # puts "* instance method missing (#{name})"
30
+ if @settings.has_key? name.to_sym
31
+ return @settings[name.to_sym]
32
+ else
33
+ super
34
+ end
35
+ end
36
+
37
+
38
+ def has_login?
39
+ # puts @settings.to_yaml
40
+ return false if @settings[:auth_type] == AUTH_TYPE_NONE
41
+ return true
42
+ end
43
+
44
+ def initialize(prefs)
45
+ @login = nil
46
+ raise ArgumentError, "Proxy needs host, port and name" unless prefs.has_key? :host
47
+ raise ArgumentError, "Proxy needs host, port and name" unless prefs.has_key? :port
48
+ raise ArgumentError, "Proxy needs host, port and name" unless prefs.has_key? :name
49
+
50
+ @settings = {
51
+ :auth_type => AUTH_TYPE_NONE,
52
+ :username => '',
53
+ :password => '',
54
+ :domain => '',
55
+ :workstation => ''}
56
+
57
+ @settings.update prefs
58
+
59
+ end
60
+ end
61
+ end
@@ -0,0 +1,40 @@
1
+ # .
2
+ # request.rb
3
+ #
4
+ # Copyright 2012 by siberas, http://www.siberas.de
5
+ #
6
+ # This file is part of WATOBO (Web Application Tool Box)
7
+ # http://watobo.sourceforge.com
8
+ #
9
+ # WATOBO is free software; you can redistribute it and/or modify
10
+ # it under the terms of the GNU General Public License as published by
11
+ # the Free Software Foundation version 2 of the License.
12
+ #
13
+ # WATOBO is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with WATOBO; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ # .
22
+ module Watobo
23
+ def self.create_request(url, prefs={})
24
+ u = "http://" unless url =~ /^http/
25
+ u << url
26
+ uri = URI.parse u
27
+ r = "GET #{uri.to_s} HTTP/1.0\r\n"
28
+ r << "Host: #{uri.host}"
29
+ r.extend Watobo::Mixins::RequestParser
30
+ r.to_request
31
+ end
32
+
33
+ module Request
34
+ def self.create request
35
+ request.extend Watobo::Mixin::Parser::Url
36
+ request.extend Watobo::Mixin::Parser::Web10
37
+ request.extend Watobo::Mixin::Shaper::Web10
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,30 @@
1
+ # .
2
+ # response.rb
3
+ #
4
+ # Copyright 2012 by siberas, http://www.siberas.de
5
+ #
6
+ # This file is part of WATOBO (Web Application Tool Box)
7
+ # http://watobo.sourceforge.com
8
+ #
9
+ # WATOBO is free software; you can redistribute it and/or modify
10
+ # it under the terms of the GNU General Public License as published by
11
+ # the Free Software Foundation version 2 of the License.
12
+ #
13
+ # WATOBO is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with WATOBO; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ # .
22
+ module Watobo
23
+ module Response
24
+ def self.create( response )
25
+ response.extend Watobo::Mixin::Parser::Web10
26
+ response.extend Watobo::Mixin::Shaper::Web10
27
+ response.extend Watobo::Mixin::Shaper::HttpResponse
28
+ end
29
+ end
30
+ end