pyntcli 0.1.73__py3-none-any.whl → 0.1.75__py3-none-any.whl

pyntcli/commands/postman.py

@@ -1,5 +1,5 @@
 import argparse
-import time 
+import time
 import websocket
 import webbrowser
 import os
@@ -14,28 +14,31 @@ from pyntcli.pynt_docker import pynt_container
 from pyntcli.ui import ui_thread
 from pyntcli.transport import pynt_requests
 
+
 class PyntPostmanException(Exception):
     pass
 
+
 class PyntWebSocketException(PyntPostmanException):
     pass
 
+
 logger = log.get_logger()
 
+
 def postman_usage():
     return ui_thread.PrinterText("Integration with postman, run scan from pynt postman collection") \
         .with_line("") \
-        .with_line("Usage:",style=ui_thread.PrinterText.HEADER) \
+        .with_line("Usage:", style=ui_thread.PrinterText.HEADER) \
         .with_line("\tpynt postman [OPTIONS]") \
         .with_line("") \
-        .with_line("Options:",style=ui_thread.PrinterText.HEADER) \
+        .with_line("Options:", style=ui_thread.PrinterText.HEADER) \
         .with_line("\t--port - set the port pynt will listen to (DEFAULT: 5001)") \
         .with_line("\t--insecure - use when target uses self signed certificates") \
         .with_line("\t--host-ca - path to the CA file in PEM format to enable SSL certificate verification for pynt when running through a VPN.")
 
 
-
-class PostmanSubCommand(sub_command.PyntSubCommand): 
+class PostmanSubCommand(sub_command.PyntSubCommand):
     def __init__(self, name) -> None:
         super().__init__(name)
         self.server_base_url = "http://localhost:{}/api"
@@ -43,18 +46,17 @@ class PostmanSubCommand(sub_command.PyntSubCommand):
     def usage(self, *args):
         ui_thread.print(postman_usage())
 
-    def add_cmd(self, parent_command: argparse._SubParsersAction) -> argparse.ArgumentParser: 
+    def add_cmd(self, parent_command: argparse._SubParsersAction) -> argparse.ArgumentParser:
         postman_cmd = parent_command.add_parser(self.name)
         postman_cmd.add_argument("--port", "-p", help="set the port pynt will listen to (DEFAULT: 5001)", type=int, default=5001)
         postman_cmd.print_usage = self.usage
         postman_cmd.print_help = self.usage
         return postman_cmd
-    
 
     def scan_id_generator(self, port):
         try:
             ws = websocket.WebSocket()
-            ws.connect("ws://localhost:{}/api/scan_id".format(port))    
+            ws.connect("ws://localhost:{}/api/scan_id".format(port))
 
             while ws.connected:
                 scan_id = ws.recv()
@@ -69,7 +71,7 @@ class PostmanSubCommand(sub_command.PyntSubCommand):
         finally:
             ws.close()
 
-    def get_report(self, port,report_format, scan_id):
+    def get_report(self, port, report_format, scan_id):
         while True:
             res = pynt_requests.get(self.server_base_url.format(port) + "/report?format={}".format(report_format), params={"scanId": scan_id})
             if res.status_code == HTTPStatus.OK:
@@ -79,42 +81,38 @@ class PostmanSubCommand(sub_command.PyntSubCommand):
                 continue
             if res.status_code == HTTPStatus.BAD_REQUEST:
                 return
-            if res.status_code == 517: #pynt did not recieve any requests 
+            if res.status_code == 517:  # pynt did not recieve any requests
                 ui_thread.print(ui_thread.PrinterText(res.json()["message"], ui_thread.PrinterText.WARNING))
-                return 
+                return
             ui_thread.print("Error in polling for scan report: {}".format(res.text))
-            return 
-
+            return
 
     def run_cmd(self, args: argparse.Namespace):
-        if "application_id" in args and args.application_id: 
-            ui_thread.print("application-id is not supported in postman integration, use the request body in the start scan request")
+        if "application_id" in args and args.application_id:
+            ui_thread.print("application-id is not supported in postman integration, use the collection variables to set application id.")
             args.application_id = ""
 
-        container = pynt_container.get_container_with_arguments(args ,pynt_container.PyntDockerPort("5001", args.port, name="--port"))        
-       
-        if util.is_port_in_use(args.port):
-            ui_thread.print(ui_thread.PrinterText("Port: {} already in use, please use a different one".format(args.port), ui_thread.PrinterText.WARNING))
-            return
+        container = pynt_container.get_container_with_arguments(args, pynt_container.PyntDockerPort("5001", args.port, name="--port"))
 
-        postman_docker = pynt_container.PyntContainer(image_name=pynt_container.PYNT_DOCKER_IMAGE, 
-                                            tag="postman-latest", 
-                                            detach=True, 
-                                            base_container=container)
+
+        postman_docker = pynt_container.PyntContainer(image_name=pynt_container.PYNT_DOCKER_IMAGE,
+                                                      tag="postman-latest",
+                                                      detach=True,
+                                                      base_container=container)
 
         postman_docker.run()
-        ui_thread.print_generator(postman_docker.stdout) 
-        
+        ui_thread.print_generator(postman_docker.stdout)
+
         util.wait_for_healthcheck("http://localhost:{}".format(args.port))
 
         for scan_id in self.scan_id_generator(args.port):
-            html_report = self.get_report(args.port, "html",scan_id)
+            html_report = self.get_report(args.port, "html", scan_id)
             html_report_path = os.path.join(tempfile.gettempdir(), "pynt_report_{}.html".format(int(time.time())))
 
             if html_report:
                 with open(html_report_path, "w", encoding="utf-8") as html_file:
                     html_file.write(html_report)
                 webbrowser.open("file://{}".format(html_report_path))
-        
+
         if not postman_docker.is_alive():
             ui_thread.print(ui_thread.PrinterText("Pynt container is not available", ui_thread.PrinterText.WARNING))

pyntcli/commands/pynt_cmd.py

@@ -5,6 +5,9 @@ from pyntcli.analytics import send as analytics
 from pyntcli.transport import pynt_requests
 from pyntcli.ui import ui_thread
 
+from requests.exceptions import SSLError, HTTPError
+
+
 from . import command, listen, postman, root, sub_command, id_command, newman, har, burp
 
 avail_sub_commands = [
@@ -17,29 +20,40 @@ avail_sub_commands = [
     burp.BurpCommand("burp"),
 ]
 
+
 class PyntCommandException(Exception):
     pass
 
+
 class BadArgumentsException(PyntCommandException):
     pass
 
+
 class NoSuchCommandException(PyntCommandException):
     pass
 
 
 VERSION_CHECK_URL = "https://d1efigcr4c19qn.cloudfront.net/cli/version"
 
+
 def check_is_latest_version(current_version):
-    res = pynt_requests.get(VERSION_CHECK_URL) 
-    res.raise_for_status()
 
-    latest_versions = res.text.replace("\n","")
+    try:
+        res = pynt_requests.get(VERSION_CHECK_URL)
+        res.raise_for_status()
 
-    if current_version != latest_versions:
-        ui_thread.print(ui_thread.PrinterText("""Pynt CLI new version is available, upgrade now with:
-python3 -m pip install --upgrade pyntcli""",ui_thread.PrinterText.WARNING))
+        latest_versions = res.text.replace("\n", "")
 
-class PyntCommand: 
+        if current_version != latest_versions:
+            ui_thread.print(ui_thread.PrinterText("""Pynt CLI new version is available, upgrade now with:
+python3 -m pip install --upgrade pyntcli""", ui_thread.PrinterText.WARNING))
+    except SSLError:
+        ui_thread.print(ui_thread.PrinterText("""Error: Unable to check if Pynt CLI version is up-to-date due to VPN/proxy. Run Pynt with --insecure to fix.""", ui_thread.PrinterText.WARNING))
+    except HTTPError:
+        ui_thread.print("""Unable to check if Pynt CLI version is up-to-date""")
+
+
+class PyntCommand:
     def __init__(self) -> None:
         self.base: root.BaseCommand = root.BaseCommand()
         self.sub_commands: Dict[str, sub_command.PyntSubCommand] = {sc.get_name(): sc for sc in avail_sub_commands}
@@ -50,25 +64,25 @@ class PyntCommand:
         for sc in self.sub_commands.values():
             self.base.add_base_arguments(sc.add_cmd(self.base.get_subparser()))
 
-    def parse_args(self, args_from_cmd: List[str]): 
+    def parse_args(self, args_from_cmd: List[str]):
         return self.base.cmd().parse_args(args_from_cmd)
 
     def run_cmd(self, args: argparse.Namespace):
         if not "command" in args:
             raise BadArgumentsException()
-        
-        command = getattr(args, "command") 
+
+        command = getattr(args, "command")
         if not command in self.sub_commands:
             raise NoSuchCommandException()
-        
+
         if "host_ca" in args and args.host_ca:
             pynt_requests.add_host_ca(args.host_ca)
-            
+
         if "insecure" in args and args.insecure:
             pynt_requests.disable_tls_termination()
 
         check_is_latest_version(cli_version)
         analytics.emit(analytics.CLI_START)
-    
+
         self.base.run_cmd(args)
         self.sub_commands[command].run_cmd(args)

pyntcli/commands/root.py

@@ -4,6 +4,7 @@ import sys
 from os import environ
 
 from pyntcli.auth import login
+import pyntcli.log.log as log
 from pyntcli.ui import ui_thread
 from pyntcli.analytics import send as analytics
 
@@ -94,5 +95,6 @@ class BaseCommand:
         user_id = login.user_id()
         if user_id:
             analytics.set_user_id(user_id)
+            log.add_user_details(user_id)
 
         check_cicd_context()

pyntcli/commands/util.py

@@ -15,79 +15,81 @@ from pyntcli.transport import pynt_requests
 
 logger = log.get_logger()
 
-def is_port_in_use(port: int) -> bool:
-    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
-        return s.connect_ex(('localhost', port)) == 0
 
 def find_open_port() -> int:
     with socket.socket() as s:
-        s.bind(('', 0))            
-        return s.getsockname()[1] 
+        s.bind(('', 0))
+        return s.getsockname()[1]
+
 
 HEALTHCHECK_TIMEOUT = 60
 HEALTHCHECK_INTERVAL = 0.1
 
-def wait_for_healthcheck(address): 
+
+def wait_for_healthcheck(address):
     start = time.time()
-    while start + HEALTHCHECK_TIMEOUT > time.time(): 
+    while start + HEALTHCHECK_TIMEOUT > time.time():
         try:
             res = pynt_requests.get(address + "/healthcheck")
             if res.status_code == 418:
-                return 
-        except: 
+                return
+        except:
             time.sleep(HEALTHCHECK_INTERVAL)
 
     logger.debug("Health check timed out!")
     raise TimeoutError()
 
-def get_user_report_path(path,file_type):
+
+def get_user_report_path(path, file_type):
     path = Path(path)
     if path.is_dir():
-        return os.path.join(path, "pynt_results_{}.{}".format(int(time.time()),file_type))
-    
+        return os.path.join(path, "pynt_results_{}.{}".format(int(time.time()), file_type))
+
     return os.path.join(str(path.parent), path.stem + ".{}".format(file_type))
-    
+
 
 class HtmlReportNotCreatedException(Exception):
     pass
 
-class SomeFoundingsOrWargningsException(Exception):
+
+class SomeFindingsOrWarningsException(Exception):
     pass
 
+
 @contextmanager
 def create_default_file_mounts(args):
     html_report_path = os.path.join(tempfile.gettempdir(), "results.html")
     json_report_path = os.path.join(tempfile.gettempdir(), "results.json")
 
-    if "reporters" in args and args.reporters: 
+    if "reporters" in args and args.reporters:
         html_report_path = os.path.join(os.getcwd(), "pynt_results.html")
         json_report_path = os.path.join(os.getcwd(), "pynt_results.json")
 
     mounts = []
-    with open(html_report_path, "w"), open(json_report_path, "w"):    
+    with open(html_report_path, "w"), open(json_report_path, "w"):
         mounts.append(pynt_container.create_mount(json_report_path, "/etc/pynt/results/results.json"))
         mounts.append(pynt_container.create_mount(html_report_path, "/etc/pynt/results/results.html"))
-    
+
     yield mounts
-    
+
     if os.stat(html_report_path).st_size == 0:
         raise HtmlReportNotCreatedException()
-    
+
     webbrowser.open("file://{}".format(html_report_path))
 
     if os.stat(html_report_path).st_size > 0:
         report.PyntReporter(json_report_path).print_summary()
-    
+
     check_for_findings_or_warnings(args, json.load(open(json_report_path)))
 
+
 def check_for_findings_or_warnings(args, json_report):
-    security_tests = json_report.get("securityTests",{})
+    security_tests = json_report.get("securityTests", {})
     findings = security_tests.get("Findings", 0)
     warnings = security_tests.get("Warnings", 0)
 
     if "return_error" in args and args.return_error != "never" and findings != 0:
-        raise SomeFoundingsOrWargningsException()
+        raise SomeFindingsOrWarningsException()
 
     if "return_error" in args and args.return_error == "all-findings" and warnings != 0:
-        raise SomeFoundingsOrWargningsException()
-
+        raise SomeFindingsOrWarningsException()

pyntcli/log/log.py

@@ -15,7 +15,8 @@ LOGGING = {
             'level': 'DEBUG',
             'token': "KOfjdWTcZXmjAwAOslpFYwhLpDzFTfJl",
             'logs_drain_timeout': 5,
-            'url': 'https://listener.logz.io:8071'
+            'url': 'https://listener.logz.io:8071',
+            'retries_no': 1,
         }
     },
     'loggers': {

pyntcli/main.py

@@ -10,9 +10,10 @@ from pyntcli.ui import ui_thread
 from pyntcli.auth import login
 from pyntcli.analytics import send as analytics
 from requests.exceptions import SSLError
+from requests.exceptions import ProxyError
 from pyntcli.transport.pynt_requests import InvalidPathException, InvalidCertFormat
 from pyntcli.commands.util import HtmlReportNotCreatedException
-from pyntcli.commands.util import SomeFoundingsOrWargningsException
+from pyntcli.commands.util import SomeFindingsOrWarningsException
 from pyntcli.commands.postman import PyntWebSocketException
 from pyntcli import __version__
 
@@ -45,6 +46,7 @@ def start_analytics():
     user_id = login.user_id()
     if user_id:
         analytics.set_user_id(user_id)
+        log.add_user_details(user_id)
 
 
 def main():
@@ -57,35 +59,41 @@ def main():
         cli = pynt_cmd.PyntCommand()
         cli.run_cmd(cli.parse_args(argv[1:]))
         analytics.stop()
-    except pynt_cmd.PyntCommandException:
+    except pynt_cmd.PyntCommandException as e:
         pynt_cmd.root.usage()
-    except pynt_container.DockerNotAvailableException:
+    except pynt_container.DockerNotAvailableException as e:
         ui_thread.print(ui_thread.PrinterText("Docker was unavailable, please make sure docker is installed and running.", ui_thread.PrinterText.WARNING))
-        analytics.emit(analytics.ERROR, {"error": "docker unavailable"})
-    except SSLError:
-        ui_thread.print(ui_thread.PrinterText("We encountered SSL issues and could not proceed, this may be the cause of a VPN or a Firewall in place.", ui_thread.PrinterText.WARNING))
-    except login.Timeout:
+        analytics.emit(analytics.ERROR, {"error": "docker unavailable. e: {}".format(e)})
+    except SSLError as e:
+        ui_thread.print(ui_thread.PrinterText("We encountered SSL issues and could not proceed, this may be the cause of a VPN or a Firewall in place. Run again with --insecure", ui_thread.PrinterText.WARNING))
+        analytics.emit(analytics.ERROR, {"error": "ssl error. e: {}".format(e)})
+    except login.Timeout as e:
         ui_thread.print(ui_thread.PrinterText("Pynt CLI exited due to incomplete registration, please try again.", ui_thread.PrinterText.WARNING))
-        analytics.emit(analytics.ERROR, {"error": "login timeout"})
-    except login.InvalidTokenInEnvVarsException:
+        analytics.emit(analytics.ERROR, {"error": "login timeout. e: {}".format(e)})
+    except login.InvalidTokenInEnvVarsException as e:
         ui_thread.print(ui_thread.PrinterText("Pynt CLI exited due to malformed credentials provided in env vars.", ui_thread.PrinterText.WARNING))
-        analytics.emit(analytics.ERROR, {"error": "invalid pynt cli credentials in env vars"})
-    except pynt_container.ImageUnavailableException:
-        analytics.emit(analytics.ERROR, {"error": "Couldnt pull pynt image and no local image found"})
-        pynt_errors.unexpected_error()
-    except HtmlReportNotCreatedException:
-        analytics.emit(analytics.ERROR, {"error": "Html report was not created"})
-        pynt_errors.unexpected_error()
+        analytics.emit(analytics.ERROR, {"error": "invalid pynt cli credentials in env vars. e: {}".format(e)})
+    except pynt_container.ImageUnavailableException as e:
+        analytics.emit(analytics.ERROR, {"error": "Couldn't pull pynt image and no local image found. e: {}".format(e)})
+        ui_thread.print(ui_thread.PrinterText("Error: Couldn't pull pynt image and no local image found.", ui_thread.PrinterText.WARNING))
+    except HtmlReportNotCreatedException as e:
+        analytics.emit(analytics.ERROR, {"error": "Html report was not created. e: {}".format(e)})
+        ui_thread.print(ui_thread.PrinterText("Pynt CLI exited: Html report was not created.", ui_thread.PrinterText.WARNING))
     except InvalidPathException as e:
         ui_thread.print(ui_thread.PrinterText("Pynt CLI exited due to invalid host-CA path: {}".format(e), ui_thread.PrinterText.WARNING))
-        analytics.emit(analytics.ERROR, {"error": "Host CA path provided was invalid"})
+        analytics.emit(analytics.ERROR, {"error": "Host CA path provided was invalid. e: {}".format(e)})
     except InvalidCertFormat as e:
         ui_thread.print(ui_thread.PrinterText("Pynt CLI exited due to invalid host-CA. Please provide a file in PEM format: {}".format(e), ui_thread.PrinterText.WARNING))
-        analytics.emit(analytics.ERROR, {"error": "Host CA provided was not in valid pem format"})
-    except PyntWebSocketException:
-        analytics.emit(analytics.ERROR, {"error": "postman websocket failed to connect"})
-        pynt_errors.unexpected_error()
-    except SomeFoundingsOrWargningsException as e:
+        analytics.emit(analytics.ERROR, {"error": "Host CA provided was not in valid pem format. e: {}".format(e)})
+    except PyntWebSocketException as e:
+        analytics.emit(analytics.ERROR, {"error": "postman websocket failed to connect. e: {}".format(e)})
+        ui_thread.print(ui_thread.PrinterText("Pynt CLI exited: postman websocket failed to connect", ui_thread.PrinterText.WARNING))
+    except ProxyError as e:
+        ui_thread.print(ui_thread.PrinterText("Pynt CLI exited due to a proxy error. check if your proxy is up", ui_thread.PrinterText.WARNING))
+        analytics.emit(analytics.ERROR, {"error": "there was a proxy error. e: {}".format(e)})
+    except pynt_container.PortInUseException as e:
+        analytics.emit(analytics.ERROR, {"error": "port in use. e: {}".format(e)})
+    except SomeFindingsOrWarningsException as e:
         exit(1)
     except Exception as e:
         analytics.emit(analytics.ERROR, {"error": "{}".format(e)})

pyntcli/pynt_docker/container_utils.py

@@ -0,0 +1,7 @@
+
+import socket
+
+
+def is_port_in_use(port: int) -> bool:
+    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
+        return s.connect_ex(('localhost', port)) == 0