Import upstream version 1.9.1
Kali Janitor
1 year, 4 months ago
0 | 0 | Metadata-Version: 2.1 |
1 | 1 | Name: faraday-plugins |
2 | Version: 1.9.0 | |
2 | Version: 1.9.1 | |
3 | 3 | Summary: Faraday plugins package |
4 | 4 | Home-page: |
5 | 5 | Author: Faradaysec |
3 | 3 | import logging |
4 | 4 | import os |
5 | 5 | import shlex |
6 | import subprocess | |
6 | import subprocess # nosec | |
7 | 7 | import sys |
8 | 8 | from pathlib import Path |
9 | 9 | |
141 | 141 | color_message = click.style("Command: ", fg="green") |
142 | 142 | click.echo(f"{color_message} {command}") |
143 | 143 | else: |
144 | p = subprocess.Popen(shlex.split(command), stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |
144 | p = subprocess.Popen(shlex.split(command), stdout=subprocess.PIPE, stderr=subprocess.PIPE) # nosec | |
145 | 145 | output = io.StringIO() |
146 | 146 | while True: |
147 | 147 | retcode = p.poll() |
48 | 48 | output being sent is valid. |
49 | 49 | """ |
50 | 50 | try: |
51 | f = urlopen(self.getSetting("Host") + "/api/hooks?token=" + self.getSetting("Authkey")) | |
51 | f = urlopen(self.getSetting("Host") + "/api/hooks?token=" + self.getSetting("Authkey")) # nosec | |
52 | 52 | data = json.loads(f.read()) |
53 | 53 | except Exception: |
54 | 54 | self.logger.info("[BeEF] - Connection with api") |
0 | """ | |
1 | Faraday Penetration Test IDE | |
2 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
3 | See the file 'doc/LICENSE' for the license information | |
4 | ||
5 | """ | |
6 | ||
7 | from faraday_plugins.plugins.plugin import PluginXMLFormat | |
8 | from faraday_plugins.plugins.plugins_utils import CVE_regex, CWE_regex | |
9 | from xml.etree import ElementTree as ET | |
10 | ||
11 | __author__ = "Gonzalo Martinez" | |
12 | __copyright__ = "Copyright (c) 2013, Infobyte LLC" | |
13 | __credits__ = ["Gonzalo Martinez"] | |
14 | __license__ = "" | |
15 | __version__ = "1.0.0" | |
16 | __maintainer__ = "Gonzalo Martinez" | |
17 | __email__ = "[email protected]" | |
18 | __status__ = "Development" | |
19 | ||
20 | ||
21 | class CisPlugin(PluginXMLFormat): | |
22 | ||
23 | def __init__(self, *arg, **kwargs): | |
24 | super().__init__(*arg, **kwargs) | |
25 | self.ns = { | |
26 | "scap-con": "{http://scap.nist.gov/schema/scap/constructs/1.2}", | |
27 | "arf": "{http://scap.nist.gov/schema/asset-reporting-format/1.1}", | |
28 | "dsc": "{http://scap.nist.gov/schema/scap/source/1.2}", | |
29 | "ai": "{http://scap.nist.gov/schema/asset-identification/1.1}", | |
30 | "xccdf": "{http://checklists.nist.gov/xccdf/1.2}" | |
31 | } | |
32 | self.identifier_tag = "asset-report-collection" | |
33 | self.id = "CIS" | |
34 | self.name = "CIS XML Output Plugin" | |
35 | self.plugin_version = "1.0.0" | |
36 | ||
37 | def parseOutputString(self, output): | |
38 | ||
39 | root = ET.fromstring(output) | |
40 | rules = {} | |
41 | for rule in root.findall(f".//{self.ns['xccdf']}Rule"): | |
42 | rules[rule.attrib['id']] = { | |
43 | "title": rule[0].text, | |
44 | "description": rule[1][0].text | |
45 | } | |
46 | reports = root.findall(f".//{self.ns['arf']}reports") | |
47 | for report in reports: | |
48 | target_address = report.find(f".//{self.ns['xccdf']}target-address").text | |
49 | rules_results = report.findall(f".//{self.ns['xccdf']}rule-result") | |
50 | h_id = self.createAndAddHost(target_address) | |
51 | for rule_result in rules_results: | |
52 | result = rule_result.find(f"{self.ns['xccdf']}result").text | |
53 | if result != "pass": | |
54 | severity = rule_result.attrib.get("severity","unclassified") | |
55 | rule_id = rule_result.attrib['idref'] | |
56 | references = [] | |
57 | for ident in rule_result.findall(f"{self.ns['xccdf']}ident"): | |
58 | text = ident.text | |
59 | if isinstance(text, str) and len(text) > 10: | |
60 | references.append(text) | |
61 | self.createAndAddVulnToHost( | |
62 | h_id, | |
63 | name=rules[rule_id]["title"], | |
64 | desc=rules[rule_id]["description"], | |
65 | severity=severity, | |
66 | ref=references | |
67 | ) | |
68 | ||
69 | def createPlugin(*args, **kwargs): | |
70 | return CisPlugin(*args, **kwargs) |
116 | 116 | return item |
117 | 117 | try: |
118 | 118 | item['ip'] = self.resolve_hostname(item['ip']) |
119 | except: | |
120 | pass # nosec | |
119 | except: # nosec | |
120 | pass | |
121 | 121 | return item |
122 | 122 | |
123 | 123 | def resolveNS(self, item, items): |
124 | 124 | try: |
125 | 125 | item['hosts'][0] = item['ip'] |
126 | 126 | item['ip'] = self.resolve_hostname(item['ip']) |
127 | except: | |
127 | except: # nosec | |
128 | 128 | pass |
129 | 129 | return item |
130 | 130 |
3 | 3 | See the file 'doc/LICENSE' for the license information |
4 | 4 | |
5 | 5 | """ |
6 | import subprocess | |
6 | import subprocess # nosec | |
7 | 7 | import re |
8 | 8 | import sys |
9 | 9 | import json |
181 | 181 | can_parse = super().canParseCommandString(current_input) |
182 | 182 | if can_parse: |
183 | 183 | try: |
184 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) | |
184 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) # nosec | |
185 | 185 | output = proc.stderr.read() |
186 | 186 | match = re.search(r"Current Version: ([0-9.]+)", output.decode('UTF-8')) |
187 | 187 | if match: |
0 | import subprocess | |
0 | import subprocess # nosec | |
1 | 1 | import re |
2 | 2 | import json |
3 | 3 | from packaging import version |
137 | 137 | can_parse = super().canParseCommandString(current_input) |
138 | 138 | if can_parse: |
139 | 139 | try: |
140 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) | |
140 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) # nosec | |
141 | 141 | output = proc.stderr.read() |
142 | 142 | match = re.search(r"Current Version: ([0-9.]+)", output.decode('UTF-8')) |
143 | 143 | if match: |
40 | 40 | int(hostName) |
41 | 41 | # No exception => host is the next item. |
42 | 42 | hostName = parameters[1] |
43 | except: | |
43 | except: # nosec | |
44 | 44 | pass |
45 | 45 | |
46 | 46 | # Add host and note with output of traceroute. |
96 | 96 | |
97 | 97 | faraday_obj_name = map_objects_fields.get(field)[0] |
98 | 98 | faraday_field = map_objects_fields.get(field)[1] |
99 | except: | |
99 | except: # nosec | |
100 | 100 | continue |
101 | 101 | |
102 | 102 | if faraday_field == "reference" and value != "": |
0 | 0 | Metadata-Version: 2.1 |
1 | 1 | Name: faraday-plugins |
2 | Version: 1.9.0 | |
2 | Version: 1.9.1 | |
3 | 3 | Summary: Faraday plugins package |
4 | 4 | Home-page: |
5 | 5 | Author: Faradaysec |
44 | 44 | faraday_plugins/plugins/repo/burp/plugin.py |
45 | 45 | faraday_plugins/plugins/repo/checkmarx/__init__.py |
46 | 46 | faraday_plugins/plugins/repo/checkmarx/plugin.py |
47 | faraday_plugins/plugins/repo/cis/__init__.py | |
48 | faraday_plugins/plugins/repo/cis/plugin.py | |
47 | 49 | faraday_plugins/plugins/repo/cobalt/__init__.py |
48 | 50 | faraday_plugins/plugins/repo/cobalt/plugin.py |
49 | 51 | faraday_plugins/plugins/repo/dig/__init__.py |