watobo 0.9.21 → 0.9.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +46 -1
- data/bin/nfq_server.rb +0 -9
- data/bin/watobo_gui.rb +3 -13
- data/custom-views/prettify-json.rb +9 -18
- data/icons/watobo.ico +0 -0
- data/icons/watobo.ico.old +0 -0
- data/lib/watobo.rb +10 -19
- data/lib/watobo/adapters.rb +5 -14
- data/lib/watobo/adapters/data_store.rb +50 -59
- data/lib/watobo/adapters/file/file_store.rb +287 -296
- data/lib/watobo/adapters/file/marshal_store.rb +293 -296
- data/lib/watobo/adapters/session_store.rb +5 -14
- data/lib/watobo/ca.rb +1 -10
- data/lib/watobo/config.rb +197 -206
- data/lib/watobo/constants.rb +0 -9
- data/lib/watobo/core.rb +3 -12
- data/lib/watobo/core/active_check.rb +72 -135
- data/lib/watobo/core/active_checks.rb +49 -58
- data/lib/watobo/core/ca.rb +369 -389
- data/lib/watobo/core/cert_store.rb +34 -43
- data/lib/watobo/core/chat.rb +92 -101
- data/lib/watobo/core/chats.rb +271 -280
- data/lib/watobo/core/client_cert_store.rb +106 -35
- data/lib/watobo/core/conversation.rb +48 -57
- data/lib/watobo/core/cookie.rb +23 -32
- data/lib/watobo/core/egress_handlers.rb +98 -0
- data/lib/watobo/core/finding.rb +66 -75
- data/lib/watobo/core/findings.rb +107 -114
- data/lib/watobo/core/forwarding_proxy.rb +13 -22
- data/lib/watobo/core/fuzz_gen.rb +0 -9
- data/lib/watobo/core/intercept_carver.rb +166 -177
- data/lib/watobo/core/intercept_filter.rb +235 -244
- data/lib/watobo/core/interceptor.rb +98 -107
- data/lib/watobo/core/min_class.rb +4 -13
- data/lib/watobo/core/netfilter_queue.rb +170 -179
- data/lib/watobo/core/ott_cache.rb +132 -141
- data/lib/watobo/core/parameter.rb +43 -52
- data/lib/watobo/core/passive_check.rb +103 -102
- data/lib/watobo/core/passive_checks.rb +48 -57
- data/lib/watobo/core/passive_scanner.rb +54 -55
- data/lib/watobo/core/plugin.rb +11 -20
- data/lib/watobo/core/project.rb +3 -9
- data/lib/watobo/core/proxy.rb +43 -52
- data/lib/watobo/core/request.rb +125 -123
- data/lib/watobo/core/response.rb +44 -53
- data/lib/watobo/core/scanner.rb +0 -9
- data/lib/watobo/core/scanner3.rb +405 -414
- data/lib/watobo/core/scope.rb +83 -92
- data/lib/watobo/core/session.rb +1043 -1026
- data/lib/watobo/core/sid_cache.rb +98 -107
- data/lib/watobo/core/subscriber.rb +25 -34
- data/lib/watobo/defaults.rb +21 -30
- data/lib/watobo/external/diff/lcs.rb +0 -9
- data/lib/watobo/external/diff/lcs/array.rb +0 -9
- data/lib/watobo/external/diff/lcs/block.rb +0 -9
- data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
- data/lib/watobo/external/diff/lcs/change.rb +0 -9
- data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
- data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
- data/lib/watobo/external/diff/lcs/string.rb +0 -9
- data/lib/watobo/externals.rb +6 -15
- data/lib/watobo/framework.rb +4 -13
- data/lib/watobo/framework/create_project.rb +60 -69
- data/lib/watobo/framework/init.rb +0 -9
- data/lib/watobo/framework/init_modules.rb +0 -9
- data/lib/watobo/framework/license_text.rb +28 -37
- data/lib/watobo/framework/load_chat.rb +13 -22
- data/lib/watobo/gui.rb +132 -123
- data/lib/watobo/gui/about_watobo.rb +0 -9
- data/lib/watobo/gui/browser_preview.rb +0 -9
- data/lib/watobo/gui/certificate_dialog.rb +0 -9
- data/lib/watobo/gui/chat_diff.rb +0 -9
- data/lib/watobo/gui/chatviewer_frame.rb +73 -72
- data/lib/watobo/gui/checkboxtree.rb +0 -9
- data/lib/watobo/gui/checks_policy_frame.rb +0 -9
- data/lib/watobo/gui/client_cert_dialog.rb +96 -87
- data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
- data/lib/watobo/gui/conversation_table.rb +158 -164
- data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
- data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
- data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
- data/lib/watobo/gui/custom_viewer.rb +374 -383
- data/lib/watobo/gui/dashboard.rb +296 -303
- data/lib/watobo/gui/define_scope_frame.rb +0 -9
- data/lib/watobo/gui/differ_frame.rb +215 -224
- data/lib/watobo/gui/edit_comment.rb +0 -9
- data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
- data/lib/watobo/gui/export_dialog.rb +104 -113
- data/lib/watobo/gui/finding_info.rb +0 -9
- data/lib/watobo/gui/findings_tree.rb +210 -217
- data/lib/watobo/gui/full_scan_dialog.rb +0 -9
- data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
- data/lib/watobo/gui/fxsave_thread.rb +14 -0
- data/lib/watobo/gui/goto_url_dialog.rb +70 -79
- data/lib/watobo/gui/hex_viewer.rb +0 -9
- data/lib/watobo/gui/html_viewer.rb +287 -296
- data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
- data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
- data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
- data/lib/watobo/gui/json_viewer.rb +287 -0
- data/lib/watobo/gui/list_box.rb +101 -110
- data/lib/watobo/gui/log_file_viewer.rb +32 -41
- data/lib/watobo/gui/log_viewer.rb +83 -88
- data/lib/watobo/gui/login_wizzard.rb +0 -9
- data/lib/watobo/gui/main_window.rb +587 -618
- data/lib/watobo/gui/manual_request_editor.rb +620 -565
- data/lib/watobo/gui/master_pw_dialog.rb +0 -9
- data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
- data/lib/watobo/gui/page_tree.rb +217 -226
- data/lib/watobo/gui/password_policy_dialog.rb +0 -9
- data/lib/watobo/gui/plugin_board.rb +0 -9
- data/lib/watobo/gui/preferences_dialog.rb +0 -9
- data/lib/watobo/gui/progress_window.rb +17 -27
- data/lib/watobo/gui/project_wizzard.rb +0 -9
- data/lib/watobo/gui/proxy_dialog.rb +1 -10
- data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
- data/lib/watobo/gui/request_builder_frame.rb +102 -111
- data/lib/watobo/gui/request_editor.rb +181 -137
- data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
- data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
- data/lib/watobo/gui/save_chat_dialog.rb +140 -149
- data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
- data/lib/watobo/gui/select_chat_dialog.rb +0 -9
- data/lib/watobo/gui/session_management_dialog.rb +0 -9
- data/lib/watobo/gui/sites_tree.rb +0 -9
- data/lib/watobo/gui/status_bar.rb +0 -9
- data/lib/watobo/gui/table_editor.rb +0 -9
- data/lib/watobo/gui/tagless_viewer.rb +0 -9
- data/lib/watobo/gui/templates/plugin.rb +0 -9
- data/lib/watobo/gui/templates/plugin2.rb +92 -100
- data/lib/watobo/gui/templates/plugin_base.rb +144 -153
- data/lib/watobo/gui/text_viewer.rb +0 -9
- data/lib/watobo/gui/transcoder_window.rb +0 -9
- data/lib/watobo/gui/utils/gui_utils.rb +0 -9
- data/lib/watobo/gui/utils/init_icons.rb +86 -95
- data/lib/watobo/gui/utils/load_icons.rb +33 -42
- data/lib/watobo/gui/utils/load_plugins.rb +116 -119
- data/lib/watobo/gui/utils/master_password.rb +68 -77
- data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
- data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
- data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
- data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
- data/lib/watobo/gui/utils/session_history.rb +112 -121
- data/lib/watobo/gui/workspace_dialog.rb +0 -9
- data/lib/watobo/gui/www_auth_dialog.rb +0 -9
- data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
- data/lib/watobo/http.rb +4 -13
- data/lib/watobo/http/cookies/cookies.rb +26 -35
- data/lib/watobo/http/data/data.rb +45 -54
- data/lib/watobo/http/data/json.rb +47 -55
- data/lib/watobo/http/url/url.rb +38 -47
- data/lib/watobo/http/xml/xml.rb +124 -130
- data/lib/watobo/interceptor.rb +3 -12
- data/lib/watobo/interceptor/proxy.rb +742 -739
- data/lib/watobo/interceptor/transparent.rb +22 -24
- data/lib/watobo/mixins.rb +10 -19
- data/lib/watobo/mixins/check_info.rb +27 -36
- data/lib/watobo/mixins/httpparser.rb +613 -637
- data/lib/watobo/mixins/request_parser.rb +88 -97
- data/lib/watobo/mixins/shapers.rb +515 -529
- data/lib/watobo/mixins/transcoders.rb +3 -11
- data/lib/watobo/parser.rb +1 -10
- data/lib/watobo/parser/html.rb +83 -92
- data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
- data/lib/watobo/sockets.rb +3 -12
- data/lib/watobo/sockets/agent.rb +828 -837
- data/lib/watobo/sockets/client_socket.rb +308 -312
- data/lib/watobo/sockets/connection.rb +401 -410
- data/lib/watobo/sockets/http_socket.rb +11 -13
- data/lib/watobo/sockets/ntlm_auth.rb +129 -138
- data/lib/watobo/utils.rb +10 -19
- data/lib/watobo/utils/check_regex.rb +0 -9
- data/lib/watobo/utils/copy_object.rb +0 -9
- data/lib/watobo/utils/crypto.rb +0 -9
- data/lib/watobo/utils/expand_range.rb +23 -32
- data/lib/watobo/utils/export_xml.rb +97 -106
- data/lib/watobo/utils/file_management.rb +9 -11
- data/lib/watobo/utils/hexprint.rb +9 -18
- data/lib/watobo/utils/load_chat.rb +0 -9
- data/lib/watobo/utils/load_icon.rb +0 -9
- data/lib/watobo/utils/ntlm.rb +866 -875
- data/lib/watobo/utils/print_debug.rb +12 -21
- data/lib/watobo/utils/response_builder.rb +90 -99
- data/lib/watobo/utils/response_hash.rb +0 -9
- data/lib/watobo/utils/secure_eval.rb +0 -9
- data/lib/watobo/utils/strings.rb +10 -19
- data/lib/watobo/utils/text2request.rb +0 -9
- data/lib/watobo/utils/url.rb +23 -32
- data/lib/watobo/utils/utf16.rb +11 -20
- data/modules/active/Apache/mod_status.rb +0 -9
- data/modules/active/Apache/multiview.rb +151 -160
- data/modules/active/Flash/crossdomain.rb +0 -9
- data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
- data/modules/active/cq5/cq5_default_selectors.rb +106 -115
- data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
- data/modules/active/directories/dirwalker.rb +0 -9
- data/modules/active/discovery/fileextensions.rb +0 -9
- data/modules/active/discovery/http_methods.rb +0 -9
- data/modules/active/discovery/jsmapfiles.rb +79 -0
- data/modules/active/domino/domino_db.rb +68 -76
- data/modules/active/dotNET/custom_errors.rb +102 -111
- data/modules/active/dotNET/dotnet_files.rb +90 -99
- data/modules/active/fileinclusion/lfi_simple.rb +0 -9
- data/modules/active/jboss/jboss_basic.rb +0 -9
- data/modules/active/sap/business_objects.rb +51 -60
- data/modules/active/sap/its_commands.rb +0 -9
- data/modules/active/sap/its_service_parameter.rb +0 -9
- data/modules/active/sap/its_services.rb +0 -9
- data/modules/active/sap/its_xss.rb +0 -9
- data/modules/active/shell_shock/shell_shock.rb +139 -148
- data/modules/active/siebel/siebel_apps.rb +160 -169
- data/modules/active/sqlinjection/sql_boolean.rb +0 -9
- data/modules/active/sqlinjection/sql_numerical.rb +198 -0
- data/modules/active/sqlinjection/sqli_error.rb +0 -9
- data/modules/active/sqlinjection/sqli_timing.rb +220 -229
- data/modules/active/struts2/default_handler_ognl.rb +106 -115
- data/modules/active/struts2/include_params_ognl.rb +105 -114
- data/modules/active/xml/xml_xxe.rb +112 -123
- data/modules/active/xss/xss_ng.rb +214 -223
- data/modules/active/xss/xss_simple.rb +0 -9
- data/modules/passive/ajax.rb +68 -77
- data/modules/passive/autocomplete.rb +56 -65
- data/modules/passive/cookie_options.rb +0 -9
- data/modules/passive/cookie_xss.rb +0 -9
- data/modules/passive/detect_code.rb +0 -9
- data/modules/passive/detect_fileupload.rb +0 -9
- data/modules/passive/detect_infrastructure.rb +0 -9
- data/modules/passive/detect_one_time_tokens.rb +0 -9
- data/modules/passive/dirindexing.rb +0 -9
- data/modules/passive/disclosure_domino.rb +55 -64
- data/modules/passive/disclosure_emails.rb +0 -9
- data/modules/passive/disclosure_ipaddr.rb +55 -53
- data/modules/passive/filename_as_parameter.rb +0 -9
- data/modules/passive/form_spotter.rb +0 -9
- data/modules/passive/hidden_fields.rb +50 -59
- data/modules/passive/hotspots.rb +0 -9
- data/modules/passive/in_script_parameter.rb +0 -9
- data/modules/passive/json_web_token.rb +93 -0
- data/modules/passive/multiple_server_headers.rb +0 -9
- data/modules/passive/possible_login.rb +0 -9
- data/modules/passive/redirect_url.rb +0 -9
- data/modules/passive/redirectionz.rb +0 -9
- data/modules/passive/sap-headers.rb +56 -65
- data/modules/passive/xss_dom.rb +0 -9
- data/plugins/aem/aem.rb +11 -20
- data/plugins/aem/gui/main.rb +118 -127
- data/plugins/aem/gui/tree_view.rb +171 -180
- data/plugins/aem/lib/agent.rb +130 -138
- data/plugins/aem/lib/dispatcher.rb +45 -51
- data/plugins/aem/lib/engine.rb +177 -186
- data/plugins/catalog/catalog.rb +345 -355
- data/plugins/crawler/crawler.rb +4 -13
- data/plugins/crawler/gui.rb +5 -14
- data/plugins/crawler/gui/auth_frame.rb +270 -279
- data/plugins/crawler/gui/crawler_gui.rb +271 -276
- data/plugins/crawler/gui/general_settings_frame.rb +96 -105
- data/plugins/crawler/gui/hooks_frame.rb +80 -89
- data/plugins/crawler/gui/scope_frame.rb +50 -59
- data/plugins/crawler/gui/settings_tabbook.rb +38 -47
- data/plugins/crawler/gui/status_frame.rb +59 -68
- data/plugins/crawler/lib/bags.rb +18 -27
- data/plugins/crawler/lib/constants.rb +11 -20
- data/plugins/crawler/lib/engine.rb +488 -497
- data/plugins/crawler/lib/grabber.rb +68 -77
- data/plugins/crawler/lib/status.rb +71 -80
- data/plugins/crawler/lib/uri_mp.rb +12 -21
- data/plugins/filefinder/filefinder.rb +326 -333
- data/plugins/sqlmap/bin/test.rb +78 -87
- data/plugins/sqlmap/gui.rb +4 -13
- data/plugins/sqlmap/gui/main.rb +218 -227
- data/plugins/sqlmap/gui/options_frame.rb +97 -106
- data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
- data/plugins/sqlmap/sqlmap.rb +2 -11
- data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
- data/plugins/sslchecker/gui/cipher_table.rb +246 -254
- data/plugins/sslchecker/gui/gui.rb +258 -264
- data/plugins/sslchecker/gui/sslchecker.rb +4 -13
- data/plugins/sslchecker/lib/check.rb +127 -133
- data/plugins/wshell/gui/main.rb +119 -117
- data/plugins/wshell/lib/core.rb +38 -88
- data/plugins/wshell/wshell.rb +11 -20
- metadata +170 -164
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: e79414053ae38bea886b65d60a350e8ac62258d8
|
4
|
+
data.tar.gz: 437d2cc8cd2bba344f17d8099e618366385842eb
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 43e8ed6af9219845fd1c1a1da5f37be56e845c408e699054a5b45db5afa48352b660d0e9023ed70252d956331811184a1cd1c297cd7dc58320153d424aba46d6
|
7
|
+
data.tar.gz: 93bd513d65ab88646cf9801c094dde4fc2fe84ce488f3306d2414ec05f2566daf9d1e2bce7e5052da11fd4a835946211803e70e3ba4b558306e1a8b4b4b8591b
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,48 @@
|
|
1
|
+
#Version 0.9.22
|
2
|
+
|
3
|
+
## News
|
4
|
+
|
5
|
+
**ManualRequestEditor**
|
6
|
+
|
7
|
+
* added dynamic egress handler support. Useful for more complex request transformations, e.g. if you need a http header with a hmac which is based on the request body
|
8
|
+
|
9
|
+
**SSL-Checker**
|
10
|
+
|
11
|
+
* the results can now be saved
|
12
|
+
* bad ciphers will be added to findings
|
13
|
+
|
14
|
+
##Fixes
|
15
|
+
|
16
|
+
**Proxy**
|
17
|
+
|
18
|
+
* fixed duplicated serial numbers in fake certificates
|
19
|
+
|
20
|
+
**WShell**
|
21
|
+
|
22
|
+
* fixed a bug which prevented work on linux boxes
|
23
|
+
* switched command execution to thread via runOnUiThread
|
24
|
+
|
25
|
+
**Client-Certificates**
|
26
|
+
|
27
|
+
* settings will be saved and reloaded on project start
|
28
|
+
|
29
|
+
**Transparent Proxy**
|
30
|
+
|
31
|
+
* crash fixed
|
32
|
+
|
33
|
+
**SQLMap Plugin**
|
34
|
+
|
35
|
+
* fixed load_config error
|
36
|
+
|
37
|
+
**General**
|
38
|
+
|
39
|
+
* fixed old yaml style file format after editing comments
|
40
|
+
|
41
|
+
**Contributions**
|
42
|
+
* Work around error 'FXComposeContext: illegal window parameter' (by Lars Kanis)
|
43
|
+
* Use runOnUiThread for GUI activity while loading plugins in a thread (by Lars Kanis)
|
44
|
+
|
45
|
+
|
1
46
|
Version 0.9.21
|
2
47
|
===
|
3
48
|
|
@@ -15,7 +60,7 @@ News
|
|
15
60
|
|
16
61
|
**Plugins**
|
17
62
|
|
18
|
-
* added Adobe Experience Manager Enumeration,
|
63
|
+
* added Adobe Experience Manager Enumeration, crawls the site by using information of AEM/CQ5 json-Extensions
|
19
64
|
|
20
65
|
**Fuzzer**
|
21
66
|
|
data/bin/nfq_server.rb
CHANGED
@@ -1,13 +1,4 @@
|
|
1
1
|
#!/usr/bin/ruby
|
2
|
-
#.
|
3
|
-
# nfq_server.rb
|
4
|
-
#.
|
5
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
6
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
7
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
8
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
9
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
10
|
-
|
11
2
|
require 'drb'
|
12
3
|
require 'yaml'
|
13
4
|
require 'openssl'
|
data/bin/watobo_gui.rb
CHANGED
@@ -1,16 +1,7 @@
|
|
1
1
|
#!/usr/bin/ruby
|
2
|
-
#.
|
3
|
-
# watobo_gui.rb
|
4
|
-
#.
|
5
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
6
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
7
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
8
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
9
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
10
|
-
|
11
2
|
if $0 == __FILE__
|
12
3
|
inc_path = File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")) # this is the same as rubygems would do
|
13
|
-
|
4
|
+
$: << inc_path
|
14
5
|
end
|
15
6
|
|
16
7
|
puts "#############################################################"
|
@@ -22,10 +13,9 @@ puts
|
|
22
13
|
puts "#############################################################"
|
23
14
|
|
24
15
|
require 'watobo'
|
16
|
+
require 'watobo/gui'
|
25
17
|
|
26
|
-
Watobo.
|
18
|
+
puts Watobo::Gui.info
|
27
19
|
|
28
20
|
puts ">> Starting GUI ..."
|
29
|
-
require 'watobo/gui'
|
30
|
-
|
31
21
|
Watobo::Gui.start
|
@@ -1,19 +1,10 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
lambda{|response|
|
11
|
-
begin
|
12
|
-
jb = JSON.parse(response.body.to_s)
|
13
|
-
out = JSON.pretty_generate jb
|
14
|
-
rescue => bang
|
15
|
-
out = "Could prettify response :(\n\n"
|
16
|
-
out << bang.to_s
|
17
|
-
end
|
18
|
-
out
|
1
|
+
lambda{|response|
|
2
|
+
begin
|
3
|
+
jb = JSON.parse(response.body.to_s)
|
4
|
+
out = JSON.pretty_generate jb
|
5
|
+
rescue => bang
|
6
|
+
out = "Could prettify response :(\n\n"
|
7
|
+
out << bang.to_s
|
8
|
+
end
|
9
|
+
out
|
19
10
|
}
|
data/icons/watobo.ico
CHANGED
Binary file
|
Binary file
|
data/lib/watobo.rb
CHANGED
@@ -1,15 +1,13 @@
|
|
1
1
|
#!/usr/bin/ruby
|
2
|
-
#.
|
3
|
-
# watobo.rb
|
4
|
-
#.
|
5
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
6
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
7
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
8
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
9
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
10
|
-
|
11
2
|
#Encoding: UTF-8
|
12
3
|
require 'rubygems'
|
4
|
+
begin
|
5
|
+
require 'bundler/setup'
|
6
|
+
rescue LoadError
|
7
|
+
puts "You will need bundler to run watobo!"
|
8
|
+
puts "please run\n gem install bundler\n bundle install\n"
|
9
|
+
exit
|
10
|
+
end
|
13
11
|
require 'yaml'
|
14
12
|
require 'json'
|
15
13
|
require 'thread'
|
@@ -31,6 +29,7 @@ require 'drb'
|
|
31
29
|
require 'nokogiri'
|
32
30
|
require 'stringio'
|
33
31
|
require 'mechanize'
|
32
|
+
require 'jwt'
|
34
33
|
|
35
34
|
require 'watobo/constants'
|
36
35
|
require 'watobo/utils'
|
@@ -52,7 +51,7 @@ dont_know_why_REQUIRE_hangs = Mechanize.new
|
|
52
51
|
# @private
|
53
52
|
module Watobo#:nodoc: all #:nodoc: all
|
54
53
|
|
55
|
-
VERSION = "0.9.
|
54
|
+
VERSION = "0.9.23"
|
56
55
|
|
57
56
|
def self.base_directory
|
58
57
|
@base_directory ||= ""
|
@@ -78,15 +77,7 @@ module Watobo#:nodoc: all #:nodoc: all
|
|
78
77
|
Watobo::VERSION
|
79
78
|
end
|
80
79
|
|
81
|
-
|
82
|
-
puts "--- Info ---"
|
83
|
-
puts "Version: " + version
|
84
|
-
puts "Working Directory: " + Watobo.working_directory
|
85
|
-
puts "Active Checks Location: " + Watobo.active_module_path
|
86
|
-
puts "Passive Checks Location: " + Watobo.passive_module_path
|
87
|
-
puts "---"
|
88
|
-
puts
|
89
|
-
end
|
80
|
+
|
90
81
|
end
|
91
82
|
|
92
83
|
Watobo.init_framework
|
data/lib/watobo/adapters.rb
CHANGED
@@ -1,15 +1,6 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
1
|
+
%w( data_store session_store ).each do |lib|
|
2
|
+
require "watobo/adapters/#{lib}"
|
3
|
+
end
|
9
4
|
|
10
|
-
|
11
|
-
|
12
|
-
end
|
13
|
-
|
14
|
-
#require "watobo/adapters/file/file_store"
|
15
|
-
require "watobo/adapters/file/marshal_store"
|
5
|
+
#require "watobo/adapters/file/file_store"
|
6
|
+
require "watobo/adapters/file/marshal_store"
|
@@ -1,20 +1,11 @@
|
|
1
|
-
#.
|
2
|
-
# data_store.rb
|
3
|
-
#.
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
9
|
-
|
10
1
|
# @private
|
11
|
-
module Watobo#:nodoc: all
|
12
|
-
class DataStore
|
13
|
-
|
14
|
-
@engine = nil
|
15
|
-
|
16
|
-
def self.engine
|
17
|
-
@engine
|
2
|
+
module Watobo#:nodoc: all
|
3
|
+
class DataStore
|
4
|
+
|
5
|
+
@engine = nil
|
6
|
+
|
7
|
+
def self.engine
|
8
|
+
@engine
|
18
9
|
end
|
19
10
|
|
20
11
|
def self.projects(&block)
|
@@ -37,47 +28,47 @@ module Watobo#:nodoc: all
|
|
37
28
|
ss << sname
|
38
29
|
end
|
39
30
|
ss
|
40
|
-
end
|
41
|
-
|
42
|
-
def self.connect(project_name, session_name)
|
43
|
-
a = Watobo::Conf::Datastore.adapter
|
44
|
-
store = case
|
45
|
-
when 'file'
|
46
|
-
FileSessionStore.new(project_name, session_name)
|
47
|
-
else
|
48
|
-
nil
|
49
|
-
end
|
50
|
-
@engine = store
|
51
|
-
store
|
52
|
-
end
|
53
|
-
|
54
|
-
def self.method_missing(name, *args, &block)
|
55
|
-
super unless @engine.respond_to? name
|
56
|
-
@engine.send name, *args, &block
|
57
|
-
end
|
58
|
-
|
59
|
-
|
60
|
-
end
|
61
|
-
|
62
|
-
def self.logs
|
63
|
-
return "" if DataStore.engine.nil?
|
64
|
-
DataStore.engine.logs
|
65
|
-
end
|
66
|
-
|
67
|
-
def self.log(message, prefs={})
|
68
|
-
|
69
|
-
text = message
|
70
|
-
if message.is_a? Array
|
71
|
-
text = message.join("\n| ")
|
72
|
-
end
|
73
|
-
|
74
|
-
#clean up sender's name
|
75
|
-
if prefs.has_key? :sender
|
76
|
-
prefs[:sender].gsub!(/.*::/,'')
|
77
|
-
end
|
78
|
-
|
79
|
-
if DataStore.engine.respond_to? :logger
|
80
|
-
DataStore.engine.logger message, prefs
|
81
|
-
end
|
82
|
-
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def self.connect(project_name, session_name)
|
34
|
+
a = Watobo::Conf::Datastore.adapter
|
35
|
+
store = case
|
36
|
+
when 'file'
|
37
|
+
FileSessionStore.new(project_name, session_name)
|
38
|
+
else
|
39
|
+
nil
|
40
|
+
end
|
41
|
+
@engine = store
|
42
|
+
store
|
43
|
+
end
|
44
|
+
|
45
|
+
def self.method_missing(name, *args, &block)
|
46
|
+
super unless @engine.respond_to? name
|
47
|
+
@engine.send name, *args, &block
|
48
|
+
end
|
49
|
+
|
50
|
+
|
51
|
+
end
|
52
|
+
|
53
|
+
def self.logs
|
54
|
+
return "" if DataStore.engine.nil?
|
55
|
+
DataStore.engine.logs
|
56
|
+
end
|
57
|
+
|
58
|
+
def self.log(message, prefs={})
|
59
|
+
|
60
|
+
text = message
|
61
|
+
if message.is_a? Array
|
62
|
+
text = message.join("\n| ")
|
63
|
+
end
|
64
|
+
|
65
|
+
#clean up sender's name
|
66
|
+
if prefs.has_key? :sender
|
67
|
+
prefs[:sender].gsub!(/.*::/,'')
|
68
|
+
end
|
69
|
+
|
70
|
+
if DataStore.engine.respond_to? :logger
|
71
|
+
DataStore.engine.logger message, prefs
|
72
|
+
end
|
73
|
+
end
|
83
74
|
end
|
@@ -1,302 +1,293 @@
|
|
1
|
-
#.
|
2
|
-
# file_store.rb
|
3
|
-
#.
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
9
|
-
|
10
1
|
# @private
|
11
|
-
module Watobo#:nodoc: all
|
12
|
-
class FileSessionStore < SessionStore
|
13
|
-
def num_chats
|
14
|
-
get_file_list(@conversation_path, "*-chat*").length
|
15
|
-
end
|
16
|
-
|
17
|
-
def num_findings
|
18
|
-
get_file_list(@findings_path, "*-finding*").length
|
19
|
-
end
|
20
|
-
|
21
|
-
def add_finding(finding)
|
22
|
-
return false unless finding.respond_to? :request
|
23
|
-
return false unless finding.respond_to? :response
|
24
|
-
|
25
|
-
finding_file = File.join("#{@findings_path}", "#{finding.id}-finding.yml")
|
26
|
-
if not File.exists?(finding_file) then
|
27
|
-
|
28
|
-
finding_data = {
|
29
|
-
:request => finding.request.map{|x| x.inspect},
|
30
|
-
:response => finding.response.map{|x| x.inspect},
|
31
|
-
:details => Hash.new
|
32
|
-
}
|
33
|
-
finding_data[:details].update(finding.details)
|
34
|
-
|
35
|
-
fh = File.new(finding_file, "w+b")
|
36
|
-
fh.print YAML.dump(finding_data)
|
37
|
-
fh.close
|
38
|
-
return true
|
39
|
-
end
|
40
|
-
return false
|
41
|
-
end
|
42
|
-
|
43
|
-
def delete_finding(finding)
|
44
|
-
finding_file = File.join("#{@findings_path}", "#{finding.id}-finding")
|
45
|
-
File.delete finding_file if File.exist? finding_file
|
46
|
-
finding_file << ".yml"
|
47
|
-
File.delete finding_file if File.exist? finding_file
|
48
|
-
|
49
|
-
end
|
50
|
-
|
51
|
-
def update_finding(finding)
|
52
|
-
finding_file = File.join("#{@findings_path}", "#{finding.id}-finding.yml")
|
53
|
-
finding_data = {
|
54
|
-
:request => finding.request.map{|x| x.inspect},
|
55
|
-
:response => finding.response.map{|x| x.inspect},
|
56
|
-
:details => Hash.new
|
57
|
-
}
|
58
|
-
finding_data[:details].update(finding.details)
|
59
|
-
|
60
|
-
if File.exists?(finding_file) then
|
61
|
-
fh = File.new(finding_file, "w+b")
|
62
|
-
fh.print YAML.dump(finding_data)
|
63
|
-
fh.close
|
64
|
-
end
|
65
|
-
|
66
|
-
end
|
67
|
-
|
68
|
-
# add_scan_log
|
69
|
-
# adds a chat to a specific log store, e.g. if you want to log scan results.
|
70
|
-
# needs a scan_name (STRING) as its destination which will be created
|
71
|
-
# if the scan name does not exist.
|
72
|
-
def add_scan_log(chat, scan_name = nil)
|
73
|
-
return false unless chat.respond_to? :request
|
74
|
-
return false unless chat.respond_to? :response
|
2
|
+
module Watobo#:nodoc: all
|
3
|
+
class FileSessionStore < SessionStore
|
4
|
+
def num_chats
|
5
|
+
get_file_list(@conversation_path, "*-chat*").length
|
6
|
+
end
|
7
|
+
|
8
|
+
def num_findings
|
9
|
+
get_file_list(@findings_path, "*-finding*").length
|
10
|
+
end
|
11
|
+
|
12
|
+
def add_finding(finding)
|
13
|
+
return false unless finding.respond_to? :request
|
14
|
+
return false unless finding.respond_to? :response
|
15
|
+
|
16
|
+
finding_file = File.join("#{@findings_path}", "#{finding.id}-finding.yml")
|
17
|
+
if not File.exists?(finding_file) then
|
18
|
+
|
19
|
+
finding_data = {
|
20
|
+
:request => finding.request.map{|x| x.inspect},
|
21
|
+
:response => finding.response.map{|x| x.inspect},
|
22
|
+
:details => Hash.new
|
23
|
+
}
|
24
|
+
finding_data[:details].update(finding.details)
|
25
|
+
|
26
|
+
fh = File.new(finding_file, "w+b")
|
27
|
+
fh.print YAML.dump(finding_data)
|
28
|
+
fh.close
|
29
|
+
return true
|
30
|
+
end
|
31
|
+
return false
|
32
|
+
end
|
33
|
+
|
34
|
+
def delete_finding(finding)
|
35
|
+
finding_file = File.join("#{@findings_path}", "#{finding.id}-finding")
|
36
|
+
File.delete finding_file if File.exist? finding_file
|
37
|
+
finding_file << ".yml"
|
38
|
+
File.delete finding_file if File.exist? finding_file
|
39
|
+
|
40
|
+
end
|
41
|
+
|
42
|
+
def update_finding(finding)
|
43
|
+
finding_file = File.join("#{@findings_path}", "#{finding.id}-finding.yml")
|
44
|
+
finding_data = {
|
45
|
+
:request => finding.request.map{|x| x.inspect},
|
46
|
+
:response => finding.response.map{|x| x.inspect},
|
47
|
+
:details => Hash.new
|
48
|
+
}
|
49
|
+
finding_data[:details].update(finding.details)
|
50
|
+
|
51
|
+
if File.exists?(finding_file) then
|
52
|
+
fh = File.new(finding_file, "w+b")
|
53
|
+
fh.print YAML.dump(finding_data)
|
54
|
+
fh.close
|
55
|
+
end
|
56
|
+
|
57
|
+
end
|
58
|
+
|
59
|
+
# add_scan_log
|
60
|
+
# adds a chat to a specific log store, e.g. if you want to log scan results.
|
61
|
+
# needs a scan_name (STRING) as its destination which will be created
|
62
|
+
# if the scan name does not exist.
|
63
|
+
def add_scan_log(chat, scan_name = nil)
|
64
|
+
return false unless chat.respond_to? :request
|
65
|
+
return false unless chat.respond_to? :response
|
75
66
|
begin
|
76
|
-
|
67
|
+
|
77
68
|
return false if scan_name.nil?
|
78
69
|
return false if scan_name.empty?
|
79
70
|
|
80
|
-
scan_name_clean = scan_name.gsub(/[:\\\/\.]*/,"_")
|
81
|
-
# puts ">> scan_name"
|
82
|
-
path = File.join(@scanlog_path, scan_name_clean)
|
83
|
-
|
84
|
-
Dir.mkdir path unless File.exist? path
|
85
|
-
|
86
|
-
log_file = File.join( path, "log_" + Time.now.to_f.to_s + ".yml")
|
87
|
-
|
88
|
-
chat_data = {
|
89
|
-
:request => chat.request.map{|x| x.inspect},
|
90
|
-
:response => chat.response.map{|x| x.inspect},
|
91
|
-
}
|
92
|
-
# puts log_file
|
93
|
-
chat_data.update(chat.settings)
|
94
|
-
File.open(log_file, "w") { |fh|
|
95
|
-
YAML.dump(chat_data, fh)
|
96
|
-
}
|
97
|
-
return true
|
98
|
-
rescue => bang
|
99
|
-
puts bang
|
100
|
-
puts bang.backtrace if $DEBUG
|
101
|
-
end
|
102
|
-
return false
|
103
|
-
end
|
104
|
-
|
105
|
-
def add_chat(chat)
|
106
|
-
return false unless chat_valid? chat
|
107
|
-
chat_file = File.join("#{@conversation_path}", "#{chat.id}-chat.yml")
|
108
|
-
chat_data = {
|
109
|
-
:request => chat.request.map{|x| x.inspect},
|
110
|
-
:response => chat.response.map{|x| x.inspect},
|
111
|
-
}
|
112
|
-
|
113
|
-
chat_data.update(chat.settings)
|
114
|
-
if not File.exists?(chat_file) then
|
115
|
-
File.open(chat_file, "w") { |fh|
|
116
|
-
YAML.dump(chat_data, fh)
|
117
|
-
}
|
118
|
-
chat.file = chat_file
|
119
|
-
return true
|
120
|
-
end
|
121
|
-
return false
|
122
|
-
end
|
123
|
-
|
124
|
-
def each_chat(&block)
|
125
|
-
get_file_list(@conversation_path, "*-chat*").each do |fname|
|
126
|
-
chat = Watobo::Utils.loadChatYAML(fname)
|
127
|
-
next unless chat
|
128
|
-
yield chat if block_given?
|
129
|
-
end
|
130
|
-
end
|
131
|
-
|
132
|
-
def each_finding(&block)
|
133
|
-
get_file_list(@findings_path, "*-finding*").each do |fname|
|
134
|
-
f = Watobo::Utils.loadFindingYAML(fname)
|
135
|
-
next unless f
|
136
|
-
yield f if block_given?
|
137
|
-
end
|
138
|
-
end
|
139
|
-
|
140
|
-
def initialize(project_name, session_name)
|
141
|
-
|
142
|
-
wsp = Watobo.workspace_path
|
143
|
-
return false unless File.exist? wsp
|
144
|
-
puts "* using workspace path: #{wsp}" if $DEBUG
|
145
|
-
|
146
|
-
@log_file = nil
|
147
|
-
@log_lock = Mutex.new
|
148
|
-
|
149
|
-
@project_path = File.join(wsp, project_name)
|
150
|
-
unless File.exist? @project_path
|
151
|
-
puts "* create project path: #{@project_path}" if $DEBUG
|
152
|
-
Dir.mkdir(@project_path)
|
153
|
-
end
|
154
|
-
|
155
|
-
@project_config_path = File.join(@project_path, ".config")
|
156
|
-
Dir.mkdir @project_config_path unless File.exist? @project_config_path
|
157
|
-
|
158
|
-
@session_path = File.join(@project_path, session_name)
|
159
|
-
|
160
|
-
unless File.exist? @session_path
|
161
|
-
puts "* create session path: #{@session_path}" if $DEBUG
|
162
|
-
Dir.mkdir(@session_path)
|
163
|
-
end
|
164
|
-
|
165
|
-
@session_config_path = File.join(@session_path, ".config")
|
166
|
-
Dir.mkdir @session_config_path unless File.exist? @session_config_path
|
167
|
-
|
168
|
-
sext = Watobo::Conf::General.session_settings_file_ext
|
169
|
-
|
170
|
-
@session_file = File.join(@session_path, session_name + sext)
|
171
|
-
@project_file = File.join(@project_path, project_name + Watobo::Conf::General.project_settings_file_ext)
|
172
|
-
|
173
|
-
@conversation_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.conversations))
|
174
|
-
|
175
|
-
@findings_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.findings))
|
176
|
-
@log_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.event_logs_dir))
|
177
|
-
@scanlog_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.scan_logs_dir))
|
178
|
-
|
179
|
-
[ @conversation_path, @findings_path, @log_path, @scanlog_path ].each do |folder|
|
180
|
-
if not File.exists?(folder) then
|
181
|
-
puts "create path #{folder}"
|
182
|
-
begin
|
183
|
-
Dir.mkdir(folder)
|
184
|
-
rescue SystemCallError => bang
|
185
|
-
puts "!!!ERROR:"
|
186
|
-
puts bang
|
187
|
-
rescue => bang
|
188
|
-
puts "!!!ERROR:"
|
189
|
-
puts bang
|
190
|
-
end
|
191
|
-
end
|
192
|
-
end
|
193
|
-
|
194
|
-
@log_file = File.join(@log_path, session_name + ".log")
|
195
|
-
|
196
|
-
# @chat_files = get_file_list(@conversation_path, "*-chat")
|
197
|
-
# @finding_files = get_file_list(@findings_path, "*-finding")
|
198
|
-
end
|
199
|
-
|
200
|
-
def save_session_settings(group, session_settings)
|
201
|
-
# puts ">> save_session_settings <<"
|
202
|
-
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
203
|
-
file << ".yml"
|
204
|
-
|
205
|
-
session_file = File.join(@session_config_path, file)
|
206
|
-
# puts "Dest.File: #{session_file}"
|
207
|
-
# puts session_settings.to_yaml
|
208
|
-
# puts "---"
|
209
|
-
Watobo::Utils.save_settings(session_file, session_settings)
|
210
|
-
end
|
211
|
-
|
212
|
-
def load_session_settings(group)
|
213
|
-
# puts ">> load_session_settings : #{group}"
|
214
|
-
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
215
|
-
file << ".yml"
|
216
|
-
|
217
|
-
session_file = File.join(@session_config_path, file)
|
218
|
-
# puts "File: #{session_file}"
|
219
|
-
# puts "---"
|
220
|
-
|
221
|
-
s = Watobo::Utils.load_settings(session_file)
|
222
|
-
s
|
223
|
-
end
|
224
|
-
|
225
|
-
def save_project_settings(group, project_settings)
|
226
|
-
# puts ">> save_project_settings : #{group}"
|
227
|
-
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
228
|
-
file << ".yml"
|
229
|
-
|
230
|
-
project_file = File.join(@project_config_path, file)
|
231
|
-
# puts "Dest.File: #{project_file}"
|
232
|
-
# puts project_settings.to_yaml
|
233
|
-
# puts "---"
|
234
|
-
Watobo::Utils.save_settings(project_file, project_settings)
|
235
|
-
|
236
|
-
end
|
237
|
-
|
238
|
-
def load_project_settings(group)
|
239
|
-
# puts ">> load_project_settings : #{group}"
|
240
|
-
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
241
|
-
file << ".yml"
|
242
|
-
|
243
|
-
project_file = File.join(@project_config_path, file)
|
244
|
-
# puts "File: #{project_file}"
|
245
|
-
# puts "---"
|
246
|
-
|
247
|
-
s = Watobo::Utils.load_settings(project_file)
|
248
|
-
s
|
249
|
-
|
250
|
-
end
|
251
|
-
|
252
|
-
def logs
|
253
|
-
l = ''
|
254
|
-
@log_lock.synchronize do
|
255
|
-
l = File.open(@log_file).read
|
256
|
-
end
|
257
|
-
l
|
258
|
-
end
|
259
|
-
|
260
|
-
def logger( message, prefs = {} )
|
261
|
-
opts = { :sender => "unknown", :level => Watobo::Constants::LOG_INFO }
|
262
|
-
opts.update prefs
|
263
|
-
return false if @log_file.nil?
|
264
|
-
begin
|
265
|
-
t = Time.now
|
266
|
-
now = t.strftime("%m/%d/%Y @ %H:%M:%S")
|
267
|
-
log_message = [ now ]
|
268
|
-
log_message << "#{opts[:sender]}"
|
269
|
-
if message.is_a? Array
|
270
|
-
log_message << message.join("\n| ")
|
271
|
-
log_message << "\n-"
|
272
|
-
else
|
273
|
-
log_message << message
|
274
|
-
end
|
275
|
-
@log_lock.synchronize do
|
276
|
-
File.open(@log_file,"a") do |lfh|
|
277
|
-
lfh.puts log_message.join("|")
|
278
|
-
end
|
279
|
-
end
|
280
|
-
rescue => bang
|
281
|
-
puts bang
|
282
|
-
end
|
283
|
-
|
284
|
-
end
|
285
|
-
|
286
|
-
private
|
287
|
-
|
288
|
-
def chat_valid?(chat)
|
289
|
-
return false unless chat.respond_to? :request
|
290
|
-
return false unless chat.respond_to? :response
|
291
|
-
true
|
292
|
-
end
|
293
|
-
|
294
|
-
def get_file_list(path, pattern)
|
295
|
-
fl = Dir["#{path}/#{pattern}"].sort_by{ |x| File.basename(x).sub(/[^0-9]*/,'').to_i }
|
296
|
-
#puts fl.length
|
297
|
-
fl
|
298
|
-
end
|
299
|
-
|
300
|
-
end
|
301
|
-
|
71
|
+
scan_name_clean = scan_name.gsub(/[:\\\/\.]*/,"_")
|
72
|
+
# puts ">> scan_name"
|
73
|
+
path = File.join(@scanlog_path, scan_name_clean)
|
74
|
+
|
75
|
+
Dir.mkdir path unless File.exist? path
|
76
|
+
|
77
|
+
log_file = File.join( path, "log_" + Time.now.to_f.to_s + ".yml")
|
78
|
+
|
79
|
+
chat_data = {
|
80
|
+
:request => chat.request.map{|x| x.inspect},
|
81
|
+
:response => chat.response.map{|x| x.inspect},
|
82
|
+
}
|
83
|
+
# puts log_file
|
84
|
+
chat_data.update(chat.settings)
|
85
|
+
File.open(log_file, "w") { |fh|
|
86
|
+
YAML.dump(chat_data, fh)
|
87
|
+
}
|
88
|
+
return true
|
89
|
+
rescue => bang
|
90
|
+
puts bang
|
91
|
+
puts bang.backtrace if $DEBUG
|
92
|
+
end
|
93
|
+
return false
|
94
|
+
end
|
95
|
+
|
96
|
+
def add_chat(chat)
|
97
|
+
return false unless chat_valid? chat
|
98
|
+
chat_file = File.join("#{@conversation_path}", "#{chat.id}-chat.yml")
|
99
|
+
chat_data = {
|
100
|
+
:request => chat.request.map{|x| x.inspect},
|
101
|
+
:response => chat.response.map{|x| x.inspect},
|
102
|
+
}
|
103
|
+
|
104
|
+
chat_data.update(chat.settings)
|
105
|
+
if not File.exists?(chat_file) then
|
106
|
+
File.open(chat_file, "w") { |fh|
|
107
|
+
YAML.dump(chat_data, fh)
|
108
|
+
}
|
109
|
+
chat.file = chat_file
|
110
|
+
return true
|
111
|
+
end
|
112
|
+
return false
|
113
|
+
end
|
114
|
+
|
115
|
+
def each_chat(&block)
|
116
|
+
get_file_list(@conversation_path, "*-chat*").each do |fname|
|
117
|
+
chat = Watobo::Utils.loadChatYAML(fname)
|
118
|
+
next unless chat
|
119
|
+
yield chat if block_given?
|
120
|
+
end
|
121
|
+
end
|
122
|
+
|
123
|
+
def each_finding(&block)
|
124
|
+
get_file_list(@findings_path, "*-finding*").each do |fname|
|
125
|
+
f = Watobo::Utils.loadFindingYAML(fname)
|
126
|
+
next unless f
|
127
|
+
yield f if block_given?
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
def initialize(project_name, session_name)
|
132
|
+
|
133
|
+
wsp = Watobo.workspace_path
|
134
|
+
return false unless File.exist? wsp
|
135
|
+
puts "* using workspace path: #{wsp}" if $DEBUG
|
136
|
+
|
137
|
+
@log_file = nil
|
138
|
+
@log_lock = Mutex.new
|
139
|
+
|
140
|
+
@project_path = File.join(wsp, project_name)
|
141
|
+
unless File.exist? @project_path
|
142
|
+
puts "* create project path: #{@project_path}" if $DEBUG
|
143
|
+
Dir.mkdir(@project_path)
|
144
|
+
end
|
145
|
+
|
146
|
+
@project_config_path = File.join(@project_path, ".config")
|
147
|
+
Dir.mkdir @project_config_path unless File.exist? @project_config_path
|
148
|
+
|
149
|
+
@session_path = File.join(@project_path, session_name)
|
150
|
+
|
151
|
+
unless File.exist? @session_path
|
152
|
+
puts "* create session path: #{@session_path}" if $DEBUG
|
153
|
+
Dir.mkdir(@session_path)
|
154
|
+
end
|
155
|
+
|
156
|
+
@session_config_path = File.join(@session_path, ".config")
|
157
|
+
Dir.mkdir @session_config_path unless File.exist? @session_config_path
|
158
|
+
|
159
|
+
sext = Watobo::Conf::General.session_settings_file_ext
|
160
|
+
|
161
|
+
@session_file = File.join(@session_path, session_name + sext)
|
162
|
+
@project_file = File.join(@project_path, project_name + Watobo::Conf::General.project_settings_file_ext)
|
163
|
+
|
164
|
+
@conversation_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.conversations))
|
165
|
+
|
166
|
+
@findings_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.findings))
|
167
|
+
@log_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.event_logs_dir))
|
168
|
+
@scanlog_path = File.expand_path(File.join(@session_path, Watobo::Conf::Datastore.scan_logs_dir))
|
169
|
+
|
170
|
+
[ @conversation_path, @findings_path, @log_path, @scanlog_path ].each do |folder|
|
171
|
+
if not File.exists?(folder) then
|
172
|
+
puts "create path #{folder}"
|
173
|
+
begin
|
174
|
+
Dir.mkdir(folder)
|
175
|
+
rescue SystemCallError => bang
|
176
|
+
puts "!!!ERROR:"
|
177
|
+
puts bang
|
178
|
+
rescue => bang
|
179
|
+
puts "!!!ERROR:"
|
180
|
+
puts bang
|
181
|
+
end
|
182
|
+
end
|
183
|
+
end
|
184
|
+
|
185
|
+
@log_file = File.join(@log_path, session_name + ".log")
|
186
|
+
|
187
|
+
# @chat_files = get_file_list(@conversation_path, "*-chat")
|
188
|
+
# @finding_files = get_file_list(@findings_path, "*-finding")
|
189
|
+
end
|
190
|
+
|
191
|
+
def save_session_settings(group, session_settings)
|
192
|
+
# puts ">> save_session_settings <<"
|
193
|
+
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
194
|
+
file << ".yml"
|
195
|
+
|
196
|
+
session_file = File.join(@session_config_path, file)
|
197
|
+
# puts "Dest.File: #{session_file}"
|
198
|
+
# puts session_settings.to_yaml
|
199
|
+
# puts "---"
|
200
|
+
Watobo::Utils.save_settings(session_file, session_settings)
|
201
|
+
end
|
202
|
+
|
203
|
+
def load_session_settings(group)
|
204
|
+
# puts ">> load_session_settings : #{group}"
|
205
|
+
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
206
|
+
file << ".yml"
|
207
|
+
|
208
|
+
session_file = File.join(@session_config_path, file)
|
209
|
+
# puts "File: #{session_file}"
|
210
|
+
# puts "---"
|
211
|
+
|
212
|
+
s = Watobo::Utils.load_settings(session_file)
|
213
|
+
s
|
214
|
+
end
|
215
|
+
|
216
|
+
def save_project_settings(group, project_settings)
|
217
|
+
# puts ">> save_project_settings : #{group}"
|
218
|
+
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
219
|
+
file << ".yml"
|
220
|
+
|
221
|
+
project_file = File.join(@project_config_path, file)
|
222
|
+
# puts "Dest.File: #{project_file}"
|
223
|
+
# puts project_settings.to_yaml
|
224
|
+
# puts "---"
|
225
|
+
Watobo::Utils.save_settings(project_file, project_settings)
|
226
|
+
|
227
|
+
end
|
228
|
+
|
229
|
+
def load_project_settings(group)
|
230
|
+
# puts ">> load_project_settings : #{group}"
|
231
|
+
file = Watobo::Utils.snakecase group.gsub(/\.yml/,'')
|
232
|
+
file << ".yml"
|
233
|
+
|
234
|
+
project_file = File.join(@project_config_path, file)
|
235
|
+
# puts "File: #{project_file}"
|
236
|
+
# puts "---"
|
237
|
+
|
238
|
+
s = Watobo::Utils.load_settings(project_file)
|
239
|
+
s
|
240
|
+
|
241
|
+
end
|
242
|
+
|
243
|
+
def logs
|
244
|
+
l = ''
|
245
|
+
@log_lock.synchronize do
|
246
|
+
l = File.open(@log_file).read
|
247
|
+
end
|
248
|
+
l
|
249
|
+
end
|
250
|
+
|
251
|
+
def logger( message, prefs = {} )
|
252
|
+
opts = { :sender => "unknown", :level => Watobo::Constants::LOG_INFO }
|
253
|
+
opts.update prefs
|
254
|
+
return false if @log_file.nil?
|
255
|
+
begin
|
256
|
+
t = Time.now
|
257
|
+
now = t.strftime("%m/%d/%Y @ %H:%M:%S")
|
258
|
+
log_message = [ now ]
|
259
|
+
log_message << "#{opts[:sender]}"
|
260
|
+
if message.is_a? Array
|
261
|
+
log_message << message.join("\n| ")
|
262
|
+
log_message << "\n-"
|
263
|
+
else
|
264
|
+
log_message << message
|
265
|
+
end
|
266
|
+
@log_lock.synchronize do
|
267
|
+
File.open(@log_file,"a") do |lfh|
|
268
|
+
lfh.puts log_message.join("|")
|
269
|
+
end
|
270
|
+
end
|
271
|
+
rescue => bang
|
272
|
+
puts bang
|
273
|
+
end
|
274
|
+
|
275
|
+
end
|
276
|
+
|
277
|
+
private
|
278
|
+
|
279
|
+
def chat_valid?(chat)
|
280
|
+
return false unless chat.respond_to? :request
|
281
|
+
return false unless chat.respond_to? :response
|
282
|
+
true
|
283
|
+
end
|
284
|
+
|
285
|
+
def get_file_list(path, pattern)
|
286
|
+
fl = Dir["#{path}/#{pattern}"].sort_by{ |x| File.basename(x).sub(/[^0-9]*/,'').to_i }
|
287
|
+
#puts fl.length
|
288
|
+
fl
|
289
|
+
end
|
290
|
+
|
291
|
+
end
|
292
|
+
|
302
293
|
end
|