watobo 0.9.9.pre3 → 0.9.9
Sign up to get free protection for your applications and to get access to all the features.
- data/.yardopts +24 -0
- data/CHANGELOG +17 -7
- data/README +4 -60
- data/bin/nfq_server.rb +191 -0
- data/config/interceptor.yml +2 -6
- data/lib/watobo/adapters/data_store.rb +1 -1
- data/lib/watobo/adapters/file/file_store.rb +50 -33
- data/lib/watobo/ca.rb +22 -0
- data/lib/watobo/config.rb +6 -0
- data/lib/watobo/core/ca.rb +411 -0
- data/lib/watobo/core/cert_store.rb +56 -0
- data/lib/watobo/core/forwarding_proxy.rb +38 -0
- data/lib/watobo/core/http_socket.rb +18 -0
- data/lib/watobo/core/intercept_carver.rb +179 -0
- data/lib/watobo/core/intercept_filter.rb +257 -0
- data/lib/watobo/core/interceptor.rb +342 -79
- data/lib/watobo/core/netfilter_queue.rb +191 -0
- data/lib/watobo/core/project.rb +84 -138
- data/lib/watobo/core/proxy.rb +61 -0
- data/lib/watobo/core/request.rb +40 -0
- data/lib/watobo/core/response.rb +30 -0
- data/lib/watobo/core/scanner.rb +64 -58
- data/lib/watobo/core/session.rb +70 -77
- data/lib/watobo/core.rb +1 -1
- data/lib/watobo/framework/create_project.rb +25 -10
- data/lib/watobo/framework/init.rb +13 -0
- data/lib/watobo/gui/browser_preview.rb +5 -4
- data/lib/watobo/gui/checks_policy_frame.rb +1 -0
- data/lib/watobo/gui/client_cert_dialog.rb +11 -6
- data/lib/watobo/gui/conversation_table.rb +7 -4
- data/lib/watobo/gui/fuzzer_gui.rb +9 -11
- data/lib/watobo/gui/intercept_filter_dialog.rb +210 -0
- data/lib/watobo/gui/interceptor_gui.rb +59 -21
- data/lib/watobo/gui/interceptor_settings_dialog.rb +39 -5
- data/lib/watobo/gui/list_box.rb +2 -1
- data/lib/watobo/gui/log_viewer.rb +79 -5
- data/lib/watobo/gui/main_window.rb +159 -113
- data/lib/watobo/gui/manual_request_editor.rb +11 -5
- data/lib/watobo/gui/mixins/subscriber.rb +47 -0
- data/lib/watobo/gui/project_wizzard.rb +3 -3
- data/lib/watobo/gui/proxy_dialog.rb +17 -18
- data/lib/watobo/gui/request_editor.rb +1 -1
- data/lib/watobo/gui/rewrite_filters_dialog.rb +416 -0
- data/lib/watobo/gui/rewrite_rules_dialog.rb +394 -0
- data/lib/watobo/gui/scanner_settings_dialog.rb +9 -6
- data/lib/watobo/gui/session_management_dialog.rb +33 -23
- data/lib/watobo/gui/sites_tree.rb +5 -6
- data/lib/watobo/gui/status_bar.rb +101 -49
- data/lib/watobo/gui/table_editor.rb +1 -1
- data/lib/watobo/gui/templates/plugin2.rb +23 -27
- data/lib/watobo/gui/utils/save_default_settings.rb +9 -9
- data/lib/watobo/gui/utils/save_proxy_settings.rb +25 -9
- data/lib/watobo/gui/utils/save_scanner_settings.rb +10 -7
- data/lib/watobo/gui/utils/session_history.rb +1 -1
- data/lib/watobo/gui/www_auth_dialog.rb +25 -21
- data/lib/watobo/gui.rb +3 -1
- data/lib/watobo/mixins/httpparser.rb +47 -40
- data/lib/watobo/mixins/request_parser.rb +126 -41
- data/lib/watobo/mixins/shapers.rb +124 -15
- data/lib/watobo/utils/hexprint.rb +31 -0
- data/lib/watobo/utils/load_chat.rb +2 -0
- data/lib/watobo/utils/response_builder.rb +111 -0
- data/lib/watobo.rb +4 -1
- data/modules/active/discovery/http_methods.rb +6 -4
- data/modules/active/fileinclusion/lfi_simple.rb +3 -3
- data/modules/active/sqlinjection/sqli_timing.rb +6 -6
- data/modules/passive/redirectionz.rb +5 -6
- data/plugins/catalog/catalog.rb +240 -56
- data/plugins/catalog/db_tests +1 -6483
- data/plugins/catalog/db_variables +2 -29
- data/plugins/crawler/gui/auth_frame.rb +15 -3
- data/plugins/crawler/gui/crawler_gui.rb +24 -0
- data/plugins/crawler/gui/hooks_frame.rb +7 -2
- data/plugins/crawler/gui/settings_tabbook.rb +4 -0
- data/plugins/crawler/gui.rb +3 -3
- data/plugins/crawler/lib/engine.rb +1 -1
- data/plugins/filefinder/filefinder.rb +21 -17
- data/plugins/sqlmap/bin/test.rb +100 -0
- data/plugins/sqlmap/gui/main.rb +227 -0
- data/plugins/sqlmap/gui/options_frame.rb +119 -0
- data/plugins/sqlmap/gui.rb +27 -0
- data/plugins/sqlmap/icons/sqlmap.ico +0 -0
- data/plugins/sqlmap/lib/sqlmap_ctrl.rb +116 -0
- data/plugins/sqlmap/sqlmap.rb +26 -0
- data/plugins/sslchecker/gui/gui.rb +45 -30
- metadata +32 -9
- data/certificates/cert.pem +0 -19
- data/certificates/privkey.pem +0 -15
- data/certificates/watobo_dh.key +0 -5
- data/lib/watobo/core/simple_ca.rb +0 -393
@@ -346,19 +346,22 @@ module Watobo
|
|
346
346
|
end
|
347
347
|
|
348
348
|
def openSessionManagement(sender, sel, item)
|
349
|
-
smdlg = SessionManagementDialog.new(self
|
349
|
+
smdlg = SessionManagementDialog.new(self)
|
350
350
|
if smdlg.execute != 0 then
|
351
|
-
|
351
|
+
|
352
352
|
sidpatterns = smdlg.getSidPatterns()
|
353
353
|
logout_signatures = smdlg.getLogoutSignatures()
|
354
|
-
|
355
|
-
|
356
|
-
|
357
|
-
|
354
|
+
unless Watobo.project.nil?
|
355
|
+
ids = smdlg.getLoginScriptIds()
|
356
|
+
Watobo.project.setLoginChatIds(ids)
|
357
|
+
Watobo.project.setSidPatterns(sidpatterns)
|
358
|
+
Watobo.project.setLogoutSignatures(logout_signatures)
|
358
359
|
end
|
359
360
|
# save settings
|
360
361
|
#saveProjectSettings(@project)
|
361
362
|
#saveSessionSettings(@project)
|
363
|
+
Watobo::Conf::Scanner.logout_signatures = logout_signatures
|
364
|
+
Watobo::Conf::Scanner.sid_patterns = sidpatterns
|
362
365
|
Watobo::Gui.save_settings()
|
363
366
|
end
|
364
367
|
end
|
@@ -392,11 +395,11 @@ module Watobo
|
|
392
395
|
end
|
393
396
|
|
394
397
|
def openWwwAuthDialog()
|
395
|
-
|
396
|
-
|
397
|
-
|
398
|
+
# if @project.nil?
|
399
|
+
# FXMessageBox.information(self,MBOX_OK,"No Project Defined", "Create Project First")
|
400
|
+
# else
|
398
401
|
auth_settings = {}
|
399
|
-
w3adlg = Watobo::Gui::WwwAuthDialog.new(self
|
402
|
+
w3adlg = Watobo::Gui::WwwAuthDialog.new(self )
|
400
403
|
if w3adlg.execute != 0
|
401
404
|
#puts "* New WWW-Authentication"
|
402
405
|
#puts @project.getWwwAuthentication().to_yaml
|
@@ -404,11 +407,12 @@ module Watobo
|
|
404
407
|
# saveProjectSettings(@project)
|
405
408
|
# Watobo::Gui.save_default_settings(@project)
|
406
409
|
Watobo::Gui.save_settings()
|
407
|
-
|
410
|
+
#@iproxy.www_auth = @project.getWwwAuthentication()
|
411
|
+
Watobo::Interceptor.proxy.refresh_www_auth
|
408
412
|
end
|
409
|
-
puts "* new www_auth settings"
|
413
|
+
#puts "* new www_auth settings"
|
410
414
|
# puts YAML.dump(@project.settings[:www_auth])
|
411
|
-
end
|
415
|
+
#end
|
412
416
|
|
413
417
|
end
|
414
418
|
|
@@ -424,7 +428,7 @@ module Watobo
|
|
424
428
|
puts "* got client certificate settings"
|
425
429
|
puts ccdlg.client_certificates.to_yaml
|
426
430
|
@project.client_certificates = ccdlg.client_certificates
|
427
|
-
|
431
|
+
Watobo::Interceptor.proxy.client_certificates = ccdlg.client_certificates
|
428
432
|
# saveProjectSettings(@project)
|
429
433
|
Watobo::Gui.save_settings()
|
430
434
|
# Watobo::Gui.save_default_settings(@project)
|
@@ -465,6 +469,17 @@ module Watobo
|
|
465
469
|
puts bang
|
466
470
|
end
|
467
471
|
end
|
472
|
+
|
473
|
+
def open_plugin_sqlmap(chat)
|
474
|
+
begin
|
475
|
+
sqlmap = Watobo::Plugin::Sqlmap::Gui.new(FXApp.instance, @project, chat)
|
476
|
+
sqlmap.create
|
477
|
+
sqlmap.show(Fox::PLACEMENT_SCREEN)
|
478
|
+
rescue => bang
|
479
|
+
puts "!!! could not open fuzzer"
|
480
|
+
puts bang
|
481
|
+
end
|
482
|
+
end
|
468
483
|
|
469
484
|
def addChat(chat)
|
470
485
|
# addChatToTable(chat) if chatIsFiltered?(chat) == false
|
@@ -509,7 +524,7 @@ module Watobo
|
|
509
524
|
when /JSSH_CONNECT_ERROR/i
|
510
525
|
FXMessageBox.information(self, MBOX_OK, "JSSH Missing", "It seem that the Firefox JSSH extension is not installed,\nwhich is required in order to use the BrowserPreview.\nPlease read the installation instruction in the README\n or online at http://watobo.sourceforge.net.")
|
511
526
|
else
|
512
|
-
FXMessageBox.information(self, MBOX_OK, "Proxy Settings", "Your Browser does not use WATOBO (127.0.0.1:#{
|
527
|
+
FXMessageBox.information(self, MBOX_OK, "Proxy Settings", "Your Browser does not use WATOBO (127.0.0.1:#{Watobo::Interceptor.proxy.port}) as its proxy.\nSo you can't use the Browser-View feature.\nPlease change your proxy settings and try it again!")
|
513
528
|
end
|
514
529
|
end
|
515
530
|
end
|
@@ -583,9 +598,9 @@ module Watobo
|
|
583
598
|
end
|
584
599
|
|
585
600
|
def onOpenInterceptor(sender, sel, ptr)
|
586
|
-
|
587
|
-
interceptor = Watobo::Gui::InterceptorUI.new(self,
|
588
|
-
|
601
|
+
unless Watobo.project.nil?
|
602
|
+
interceptor = Watobo::Gui::InterceptorUI.new(self, :opts => DECOR_ALL)
|
603
|
+
Watobo::Interceptor.proxy.target = interceptor
|
589
604
|
puts "* Interceptor created"
|
590
605
|
#@project.interceptor = interceptor
|
591
606
|
interceptor.create
|
@@ -593,7 +608,7 @@ module Watobo
|
|
593
608
|
getApp().runModalWhileShown(interceptor)
|
594
609
|
interceptor.releaseAll()
|
595
610
|
puts "* Interceptor closed"
|
596
|
-
iproxy.target = nil
|
611
|
+
#iproxy.target = nil
|
597
612
|
#if interceptor.execute != 0 then
|
598
613
|
# puts "interceptor finished"
|
599
614
|
#end
|
@@ -603,18 +618,26 @@ module Watobo
|
|
603
618
|
end
|
604
619
|
end
|
605
620
|
|
606
|
-
def update_status_bar(project)
|
607
|
-
|
608
|
-
|
621
|
+
def update_status_bar(project=nil)
|
622
|
+
unless Watobo.project.nil?
|
623
|
+
@statusBar.projectName = Watobo.project_name
|
624
|
+
@statusBar.sessionName = Watobo.session_name
|
625
|
+
@dashboard.updateProjectInfo(Watobo.project)
|
626
|
+
@scan_button.enable
|
627
|
+
@statusBar.statusInfoText = "Ready"
|
628
|
+
end
|
629
|
+
@statusBar.bindAddress= Watobo::Conf::Interceptor.bind_addr.to_s
|
609
630
|
@statusBar.portNumber = Watobo::Conf::Interceptor.port.to_s
|
610
631
|
@statusBar.forwardingProxy = "-"
|
611
|
-
|
612
|
-
unless
|
613
|
-
|
632
|
+
# puts Watobo::Conf::ForwardingProxy.default_proxy
|
633
|
+
unless Watobo::Conf::ForwardingProxy.default_proxy.empty?
|
634
|
+
default_proxy = Watobo::Conf::ForwardingProxy.default_proxy
|
635
|
+
ps = Watobo::Conf::ForwardingProxy.to_h
|
636
|
+
proxy = ps[default_proxy]
|
637
|
+
@statusBar.forwardingProxy = "#{proxy[:name]} (#{proxy[:host]}:#{proxy[:port]})"
|
614
638
|
end
|
615
|
-
|
616
|
-
@
|
617
|
-
@dashboard.updateProjectInfo(project)
|
639
|
+
|
640
|
+
@statusBar.update_proxy_mode
|
618
641
|
end
|
619
642
|
|
620
643
|
def setupProgressWindow(title, numTotal)
|
@@ -650,8 +673,9 @@ module Watobo
|
|
650
673
|
@lastViewed = nil
|
651
674
|
@last_request = nil
|
652
675
|
@last_response = nil
|
653
|
-
|
654
|
-
|
676
|
+
#@iproxy.stop if @iproxy
|
677
|
+
Watobo::Interceptor.stop
|
678
|
+
#disable_menu
|
655
679
|
|
656
680
|
end
|
657
681
|
|
@@ -696,7 +720,7 @@ module Watobo
|
|
696
720
|
def startProject(project)
|
697
721
|
|
698
722
|
return false unless project.is_a? Project
|
699
|
-
|
723
|
+
update_menu
|
700
724
|
|
701
725
|
puts "DEBUG: starting project" if $DEBUG
|
702
726
|
@project = project
|
@@ -726,20 +750,8 @@ module Watobo
|
|
726
750
|
|
727
751
|
#puts "= SETTINGS ="
|
728
752
|
#puts @settings.to_yaml
|
729
|
-
|
730
|
-
|
731
|
-
Thread.new(chat) { |c|
|
732
|
-
@project.addChat(c)
|
733
|
-
}
|
734
|
-
}
|
735
|
-
@iproxy.run()
|
736
|
-
puts "DEBUG: Proxy running" if $DEBUG
|
737
|
-
# puts "* set www_auth for interceptor"
|
738
|
-
# puts YAML.dump(@project.settings[:www_auth])
|
739
|
-
@iproxy.www_auth = @project.settings[:www_auth]
|
740
|
-
|
741
|
-
@browserView = BrowserPreview.new(@iproxy)
|
742
|
-
|
753
|
+
|
754
|
+
|
743
755
|
|
744
756
|
Watobo::Gui.clear_plugins
|
745
757
|
Watobo::Gui::Utils.load_plugins(@project)
|
@@ -768,10 +780,19 @@ module Watobo
|
|
768
780
|
update_conversation_table(@project)
|
769
781
|
|
770
782
|
update_status_bar(@project)
|
783
|
+
|
784
|
+
|
785
|
+
Watobo::Interceptor.start
|
786
|
+
|
787
|
+
@browserView = BrowserPreview.new(Watobo::Interceptor.proxy)
|
788
|
+
|
789
|
+
|
771
790
|
@progress_window.hide
|
772
791
|
@chatTable.show
|
773
792
|
@sites_tree.show
|
793
|
+
@sites_tree.reload
|
774
794
|
@findings_tree.show
|
795
|
+
@findings_tree.reload
|
775
796
|
end
|
776
797
|
|
777
798
|
def decryptPassword(enc_pw=nil, dlg_titel="Encrypted Password")
|
@@ -952,20 +973,21 @@ module Watobo
|
|
952
973
|
end
|
953
974
|
|
954
975
|
def openScannerSettingsDialog(sender,sel,ptr)
|
955
|
-
|
956
|
-
|
976
|
+
# if @project then
|
977
|
+
# settings = @project.getScanPreferences()
|
957
978
|
# puts settings.to_yaml
|
958
|
-
|
979
|
+
# dlg = Watobo::Gui::ScannerSettingsDialog.new(self, settings, LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
980
|
+
dlg = Watobo::Gui::ScannerSettingsDialog.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
959
981
|
if dlg.execute != 0 then
|
960
982
|
# puts dlg.scanner_settings.to_yaml
|
961
|
-
|
983
|
+
# @project.updateSettings(YAML.load(YAML.dump(dlg.scanner_settings)))
|
962
984
|
# saveProjectSettings(@project)
|
963
985
|
Watobo::Gui.save_settings()
|
964
986
|
|
965
987
|
end
|
966
|
-
|
967
|
-
|
968
|
-
|
988
|
+
# else
|
989
|
+
# FXMessageBox.information(self,MBOX_OK,"No Project Defined", "Create Project First!")
|
990
|
+
# end
|
969
991
|
end
|
970
992
|
|
971
993
|
def openInterceptorSettingsDialog(sender,sel,ptr)
|
@@ -973,15 +995,18 @@ module Watobo
|
|
973
995
|
if dlg.execute != 0 then
|
974
996
|
puts dlg.interceptor_settings.to_yaml if $DEBUG
|
975
997
|
Watobo::Conf::Interceptor.set dlg.interceptor_settings
|
998
|
+
@statusBar.update_proxy_mode
|
976
999
|
#@settings[:interceptor].update YAML.load(YAML.dump(dlg.interceptor_settings))
|
977
1000
|
#@project.updateSettings(YAML.load(YAML.dump(dlg.scanner_settings)))
|
978
1001
|
FXMessageBox.information(self, MBOX_OK, "Restart required!", "You must restart WATOBO in order your changes take effect.")
|
979
1002
|
Watobo::Conf::Interceptor.save
|
1003
|
+
Watobo::Gui.save_settings()
|
980
1004
|
#Watobo::Gui.save_default_settings(@settings[:interceptor])
|
981
1005
|
end
|
982
1006
|
end
|
983
1007
|
|
984
1008
|
def openScopeDialog(sender,sel,ptr)
|
1009
|
+
unless Watobo.project.nil?
|
985
1010
|
dlg = Watobo::Gui::EditScopeDialog.new(self, @project, LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
986
1011
|
if dlg.execute != 0 then
|
987
1012
|
@project.scope = YAML.load(YAML.dump(dlg.scope))
|
@@ -989,6 +1014,9 @@ module Watobo
|
|
989
1014
|
Watobo::Gui.save_settings()
|
990
1015
|
refreshViewers()
|
991
1016
|
end
|
1017
|
+
else
|
1018
|
+
FXMessageBox.information(self,MBOX_OK,"No Project Defined", "Create Project First!")
|
1019
|
+
end
|
992
1020
|
end
|
993
1021
|
|
994
1022
|
def startFullScan(sender,sel,ptr)
|
@@ -1124,7 +1152,7 @@ module Watobo
|
|
1124
1152
|
@project = nil
|
1125
1153
|
|
1126
1154
|
@scanner = nil
|
1127
|
-
|
1155
|
+
# @iproxy = nil
|
1128
1156
|
@browserView = nil
|
1129
1157
|
|
1130
1158
|
@scan_running = false
|
@@ -1197,49 +1225,49 @@ module Watobo
|
|
1197
1225
|
# file_save_as_command = FXMenuCommand.new(file_menu_pane, "Save As..." )
|
1198
1226
|
|
1199
1227
|
settings_menu_pane = FXMenuPane.new(self)
|
1200
|
-
|
1228
|
+
# @menu_items << settings_menu_pane
|
1201
1229
|
FXMenuTitle.new(menu_bar, "Settings" , :popupMenu => settings_menu_pane)
|
1202
|
-
|
1203
|
-
|
1230
|
+
@proxy_menu = FXMenuCommand.new(settings_menu_pane, "Forwarding Proxy..." )
|
1231
|
+
@session_mgmt_menu = FXMenuCommand.new(settings_menu_pane, "Session Management..." )
|
1204
1232
|
# @project ? menu_session.enable : menu_session.disable
|
1205
1233
|
|
1206
|
-
|
1207
|
-
|
1234
|
+
# menu_ca = FXMenuCommand.new(settings_menu_pane, "Create Certificate..." )
|
1235
|
+
# menu_ca.connect(SEL_COMMAND, method(:openCADialog))
|
1208
1236
|
|
1209
|
-
|
1210
|
-
|
1237
|
+
@target_scope_menu = FXMenuCommand.new(settings_menu_pane, "Target Scope..." )
|
1238
|
+
@target_scope_menu.connect(SEL_COMMAND, method(:openScopeDialog))
|
1211
1239
|
|
1212
|
-
|
1213
|
-
|
1240
|
+
@scanner_menu = FXMenuCommand.new(settings_menu_pane, "Scanner..." )
|
1241
|
+
@scanner_menu.connect(SEL_COMMAND, method(:openScannerSettingsDialog))
|
1214
1242
|
|
1215
|
-
|
1216
|
-
|
1243
|
+
@interceptor_menu = FXMenuCommand.new(settings_menu_pane, "Interceptor..." )
|
1244
|
+
@interceptor_menu.connect(SEL_COMMAND, method(:openInterceptorSettingsDialog))
|
1217
1245
|
|
1218
|
-
|
1219
|
-
|
1246
|
+
@www_auth_menu = FXMenuCommand.new(settings_menu_pane, "WWW-Auth..." )
|
1247
|
+
@www_auth_menu .connect(SEL_COMMAND) { openWwwAuthDialog() }
|
1220
1248
|
|
1221
|
-
|
1222
|
-
|
1249
|
+
@client_cert_menu = FXMenuCommand.new(settings_menu_pane, "Client Certificates..." )
|
1250
|
+
@client_cert_menu.connect(SEL_COMMAND) { open_client_cert_dialog() }
|
1223
1251
|
|
1224
|
-
|
1225
|
-
|
1252
|
+
# pp_prefs = FXMenuCommand.new(settings_menu_pane, "Password Policy..." )
|
1253
|
+
# pp_prefs.connect(SEL_COMMAND) { openPWPolicyDialog() }
|
1226
1254
|
# intercept_enable = FXMenuCheck.new(settings_menu_pane, "Enable Interception")
|
1227
1255
|
|
1228
1256
|
# file_menu_title = FXMenuTitle.new(menu_bar, "Settings" , :popupMenu => settings_menu_pane)
|
1229
1257
|
|
1230
|
-
|
1231
|
-
|
1258
|
+
@proxy_menu.connect(SEL_COMMAND, method(:onMenuProxy))
|
1259
|
+
@session_mgmt_menu.connect(SEL_COMMAND, method(:openSessionManagement))
|
1232
1260
|
|
1233
1261
|
tools_menu_pane = FXMenuPane.new(self)
|
1234
1262
|
FXMenuTitle.new(menu_bar, "Tools" , :popupMenu => tools_menu_pane)
|
1235
|
-
|
1236
|
-
|
1237
|
-
|
1238
|
-
|
1239
|
-
|
1263
|
+
@transcoder_menu = FXMenuCommand.new(tools_menu_pane, "Transcoder")
|
1264
|
+
@interceptor_menu = FXMenuCommand.new(tools_menu_pane, "Interceptor")
|
1265
|
+
|
1266
|
+
@transcoder_menu.connect(SEL_COMMAND, method(:onOpenTranscoder))
|
1267
|
+
@interceptor_menu.connect(SEL_COMMAND, method(:onOpenInterceptor))
|
1240
1268
|
|
1241
1269
|
view_menu_pane = FXMenuPane.new(self)
|
1242
|
-
|
1270
|
+
|
1243
1271
|
FXMenuTitle.new(menu_bar, "View" , :popupMenu => view_menu_pane)
|
1244
1272
|
view_logs_command = FXMenuCommand.new(view_menu_pane, "Logs" )
|
1245
1273
|
view_dashboard_command = FXMenuCommand.new(view_menu_pane, "Dashboard" )
|
@@ -1250,7 +1278,7 @@ module Watobo
|
|
1250
1278
|
view_findings_command.connect(SEL_COMMAND, method(:showConversation))
|
1251
1279
|
|
1252
1280
|
window_menu_pane = FXMenuPane.new(self)
|
1253
|
-
|
1281
|
+
|
1254
1282
|
FXMenuTitle.new(menu_bar, "Window" , :popupMenu => window_menu_pane)
|
1255
1283
|
use_small_icons = FXMenuCheck.new(window_menu_pane, "Small Icons/Text" )
|
1256
1284
|
use_small_icons.connect(SEL_COMMAND) {
|
@@ -1339,17 +1367,23 @@ module Watobo
|
|
1339
1367
|
frame = FXVerticalFrame.new(tab_frame, :opts => LAYOUT_FILL_Y|LAYOUT_FILL_X|FRAME_SUNKEN, :padding => 0)
|
1340
1368
|
@sites_tree = Watobo::Gui::SitesTree.new(frame, self, nil)
|
1341
1369
|
|
1342
|
-
|
1343
|
-
|
1344
|
-
|
1345
|
-
|
1346
|
-
|
1347
|
-
|
1348
|
-
|
1349
|
-
|
1350
|
-
|
1351
|
-
|
1352
|
-
|
1370
|
+
@treeTabbook.connect(SEL_COMMAND) { |sender, sel, item|
|
1371
|
+
case item
|
1372
|
+
when 0
|
1373
|
+
# @chatTable.apply_filter @conversation_table_ctrl.filter_settings
|
1374
|
+
begin
|
1375
|
+
getApp().beginWaitCursor()
|
1376
|
+
update_conversation_table(@project)
|
1377
|
+
ensure
|
1378
|
+
getApp().endWaitCursor()
|
1379
|
+
end
|
1380
|
+
# if @project
|
1381
|
+
# @project.settings.delete(:site_filter)
|
1382
|
+
# updateRequestTable(@project)
|
1383
|
+
#end
|
1384
|
+
end
|
1385
|
+
}
|
1386
|
+
|
1353
1387
|
subscribeFindingsTree()
|
1354
1388
|
subscribeSitesTree()
|
1355
1389
|
|
@@ -1417,6 +1451,10 @@ module Watobo
|
|
1417
1451
|
target.connect(SEL_COMMAND) {
|
1418
1452
|
open_manual_request_editor(chat)
|
1419
1453
|
}
|
1454
|
+
target = FXMenuCommand.new(sendto_menu, "SQLmap..." )
|
1455
|
+
target.connect(SEL_COMMAND) {
|
1456
|
+
open_plugin_sqlmap(chat)
|
1457
|
+
}
|
1420
1458
|
|
1421
1459
|
end
|
1422
1460
|
FXMenuCascade.new(menu_pane, "Send to", nil, submenu)
|
@@ -1588,7 +1626,8 @@ module Watobo
|
|
1588
1626
|
#===================================================================
|
1589
1627
|
logFrame = FXVerticalFrame.new(@switcher, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN)
|
1590
1628
|
FXLabel.new(logFrame, "Eventlist:", :opts => LAYOUT_FILL_X)
|
1591
|
-
|
1629
|
+
|
1630
|
+
@log_viewer = Watobo::Gui::LogViewer.new(logFrame, :opts => FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
1592
1631
|
|
1593
1632
|
# DASHBOARD#
|
1594
1633
|
@dashboard = Dashboard.new(@switcher)
|
@@ -1606,7 +1645,8 @@ module Watobo
|
|
1606
1645
|
# if @foption_nocss.checked? then @doctype_TableFilter.concat(@fext_style);end
|
1607
1646
|
|
1608
1647
|
add_queue_timer(50)
|
1609
|
-
disable_menu
|
1648
|
+
#disable_menu
|
1649
|
+
update_menu
|
1610
1650
|
end
|
1611
1651
|
|
1612
1652
|
def create
|
@@ -1671,6 +1711,7 @@ module Watobo
|
|
1671
1711
|
def subscribeSitesTree()
|
1672
1712
|
@sites_tree.subscribe(:add_site_to_scope){ |site|
|
1673
1713
|
@project.addToScope(site)
|
1714
|
+
Watobo::Gui.save_settings()
|
1674
1715
|
}
|
1675
1716
|
|
1676
1717
|
@sites_tree.subscribe(:show_conversation){ |chat_list|
|
@@ -1687,6 +1728,7 @@ module Watobo
|
|
1687
1728
|
def subscribeFindingsTree()
|
1688
1729
|
@findings_tree.subscribe(:add_site_to_scope){ |site|
|
1689
1730
|
@project.addToScope(site)
|
1731
|
+
Watobo::Gui.save_settings()
|
1690
1732
|
}
|
1691
1733
|
|
1692
1734
|
@findings_tree.subscribe(:delete_domain_filter){ |df|
|
@@ -1766,10 +1808,9 @@ module Watobo
|
|
1766
1808
|
end
|
1767
1809
|
end
|
1768
1810
|
|
1769
|
-
|
1770
|
-
|
1771
|
-
|
1772
|
-
end
|
1811
|
+
# def onApplyFilterClick(sender,sel,item)
|
1812
|
+
# applyFilter()
|
1813
|
+
# end
|
1773
1814
|
|
1774
1815
|
def onClear(sender, sel, item)
|
1775
1816
|
@table_filter.value =""
|
@@ -1802,31 +1843,36 @@ module Watobo
|
|
1802
1843
|
end
|
1803
1844
|
|
1804
1845
|
def onMenuProxy(sender,sel,item)
|
1805
|
-
|
1806
|
-
# puts @project.settings.to_yaml
|
1807
|
-
# puts @settings[:password_policy].to_yaml
|
1808
|
-
proxy_dialog = Watobo::Gui::ProxyDialog.new(self, @project.forward_proxy_settings, Watobo::Conf::Gui.dump )
|
1846
|
+
proxy_dialog = Watobo::Gui::ProxyDialog.new(self)
|
1809
1847
|
if proxy_dialog.execute != 0 then
|
1810
1848
|
proxy_prefs = proxy_dialog.getProxyPrefs
|
1811
1849
|
Watobo::Conf::ForwardingProxy.set proxy_prefs
|
1812
|
-
|
1850
|
+
#@project.setProxyOptions(YAML.load(YAML.dump(proxy_prefs)))
|
1813
1851
|
puts "* current proxy:\n> #{@project.getCurrentProxy()}" if $DEBUG
|
1814
1852
|
|
1815
|
-
|
1816
|
-
|
1817
|
-
# saveProjectSettings(@project)
|
1818
|
-
Watobo::Gui.save_settings()
|
1853
|
+
# Watobo::Gui.save_settings()
|
1854
|
+
#Watobo::Conf::ForwardingProxy.save
|
1819
1855
|
|
1856
|
+
Watobo.save_proxy_settings
|
1820
1857
|
update_status_bar(@project)
|
1821
|
-
#puts "* current proxy:\n> #{@project.getCurrentProxy().to_yaml}"
|
1822
|
-
#puts @settings[:password_policy].to_yaml
|
1823
1858
|
end
|
1824
|
-
|
1825
|
-
FXMessageBox.information(self,MBOX_OK,"No Project Defined", "Create Project First")
|
1826
|
-
|
1859
|
+
|
1860
|
+
#FXMessageBox.information(self,MBOX_OK,"No Project Defined", "Create Project First")
|
1861
|
+
|
1827
1862
|
end
|
1828
|
-
|
1829
|
-
def
|
1863
|
+
|
1864
|
+
def update_menu
|
1865
|
+
[@client_cert_menu, @www_auth_menu, @target_scope_menu ].each do |m|
|
1866
|
+
Watobo.project.nil? ? m.disable : m.enable
|
1867
|
+
end
|
1868
|
+
|
1869
|
+
# @scanner_menu
|
1870
|
+
# @interceptor_menu
|
1871
|
+
# @transcoder_menu
|
1872
|
+
|
1873
|
+
end
|
1874
|
+
|
1875
|
+
def disable_menu_UNUSED
|
1830
1876
|
@menu_items.each do |e|
|
1831
1877
|
e.disable if e.respond_to? :disable
|
1832
1878
|
if e.respond_to? :each_child
|
@@ -1837,7 +1883,7 @@ module Watobo
|
|
1837
1883
|
end
|
1838
1884
|
end
|
1839
1885
|
|
1840
|
-
def
|
1886
|
+
def enable_menu_UNUSED
|
1841
1887
|
@menu_items.each do |e|
|
1842
1888
|
e.enable if e.respond_to? :enable
|
1843
1889
|
if e.respond_to? :each_child
|
@@ -553,10 +553,13 @@ module Watobo
|
|
553
553
|
|
554
554
|
unless scan_chats.empty? then
|
555
555
|
# we only need array of selected class names
|
556
|
-
|
557
|
-
|
558
|
-
|
559
|
-
|
556
|
+
# scan_modules = dlg.selectedModules().map{ |m| m.class.to_s }
|
557
|
+
|
558
|
+
# acc = @project.active_checks.select do |ac|
|
559
|
+
# scan_modules.include? ac.class.to_s
|
560
|
+
# end
|
561
|
+
|
562
|
+
acc = dlg.selectedModules
|
560
563
|
|
561
564
|
scan_prefs = @project.getScanPreferences
|
562
565
|
# we don't want logout detection during a QuickScan
|
@@ -593,6 +596,9 @@ module Watobo
|
|
593
596
|
@scanner.subscribe(:new_finding) { |f|
|
594
597
|
@project.addFinding(f)
|
595
598
|
}
|
599
|
+
|
600
|
+
@scanner.subscribe(:module_started){ |m| logger("Module #{m} started")}
|
601
|
+
@scanner.subscribe(:module_finished){ |m| logger("Module #{m} finished")}
|
596
602
|
|
597
603
|
csrf_requests = []
|
598
604
|
|
@@ -686,7 +692,7 @@ module Watobo
|
|
686
692
|
@chat = chat
|
687
693
|
|
688
694
|
if chat.respond_to? :request
|
689
|
-
self.title = "
|
695
|
+
self.title = "#{chat.request.method} #{chat.request.url}"
|
690
696
|
end
|
691
697
|
|
692
698
|
@original_request = chat.copyRequest
|
@@ -0,0 +1,47 @@
|
|
1
|
+
# .
|
2
|
+
# subscriber.rb
|
3
|
+
#
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
5
|
+
#
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
7
|
+
# http://watobo.sourceforge.com
|
8
|
+
#
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
12
|
+
#
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
16
|
+
# GNU General Public License for more details.
|
17
|
+
#
|
18
|
+
# You should have received a copy of the GNU General Public License
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
21
|
+
# .
|
22
|
+
module Watobo
|
23
|
+
module Gui
|
24
|
+
module Subscriber
|
25
|
+
def subscribe(event, &callback)
|
26
|
+
@event_dispatcher_listeners ||= Hash.new
|
27
|
+
(@event_dispatcher_listeners[event] ||= []) << callback
|
28
|
+
end
|
29
|
+
|
30
|
+
def clearEvents(event)
|
31
|
+
@event_dispatcher_listeners ||= Hash.new
|
32
|
+
@event_dispatcher_listeners[event] ||= []
|
33
|
+
@event_dispatcher_listeners[event].clear
|
34
|
+
end
|
35
|
+
|
36
|
+
def notify(event, *args)
|
37
|
+
@event_dispatcher_listeners ||= Hash.new
|
38
|
+
if @event_dispatcher_listeners[event]
|
39
|
+
puts "NOTIFY: #{self}(:#{event}) [#{@event_dispatcher_listeners[event].length}]" if $DEBUG
|
40
|
+
@event_dispatcher_listeners[event].each do |m|
|
41
|
+
m.call(*args) if m.respond_to? :call
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -56,7 +56,8 @@ module Watobo
|
|
56
56
|
|
57
57
|
if File.exists?(workspace_dt) then
|
58
58
|
Dir.foreach(workspace_dt) do |file|
|
59
|
-
|
59
|
+
#puts file
|
60
|
+
if not file =~ /^\.{1,2}/ and File.ftype(File.join(workspace_dt,file)) == 'directory' then
|
60
61
|
@projectList.appendItem(file)
|
61
62
|
end
|
62
63
|
end
|
@@ -67,9 +68,8 @@ module Watobo
|
|
67
68
|
|
68
69
|
def updateSessionList(project_dir)
|
69
70
|
@sessionList.clearItems
|
70
|
-
|
71
71
|
Dir.foreach(project_dir) do |file|
|
72
|
-
if not file =~ /^\.{1,2}
|
72
|
+
if not file =~ /^\.{1,2}/ and File.ftype(File.join(project_dir,file)) == 'directory' then
|
73
73
|
@sessionList.appendItem(file)
|
74
74
|
end
|
75
75
|
end
|