Import upstream version 1.9.1
Kali Janitor
1 year, 4 months ago
| 0 | 0 | Metadata-Version: 2.1 |
| 1 | 1 | Name: faraday-plugins |
| 2 | Version: 1.9.0 | |
| 2 | Version: 1.9.1 | |
| 3 | 3 | Summary: Faraday plugins package |
| 4 | 4 | Home-page: |
| 5 | 5 | Author: Faradaysec |
| 3 | 3 | import logging |
| 4 | 4 | import os |
| 5 | 5 | import shlex |
| 6 | import subprocess | |
| 6 | import subprocess # nosec | |
| 7 | 7 | import sys |
| 8 | 8 | from pathlib import Path |
| 9 | 9 | |
| 141 | 141 | color_message = click.style("Command: ", fg="green") |
| 142 | 142 | click.echo(f"{color_message} {command}") |
| 143 | 143 | else: |
| 144 | p = subprocess.Popen(shlex.split(command), stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |
| 144 | p = subprocess.Popen(shlex.split(command), stdout=subprocess.PIPE, stderr=subprocess.PIPE) # nosec | |
| 145 | 145 | output = io.StringIO() |
| 146 | 146 | while True: |
| 147 | 147 | retcode = p.poll() |
| 48 | 48 | output being sent is valid. |
| 49 | 49 | """ |
| 50 | 50 | try: |
| 51 | f = urlopen(self.getSetting("Host") + "/api/hooks?token=" + self.getSetting("Authkey")) | |
| 51 | f = urlopen(self.getSetting("Host") + "/api/hooks?token=" + self.getSetting("Authkey")) # nosec | |
| 52 | 52 | data = json.loads(f.read()) |
| 53 | 53 | except Exception: |
| 54 | 54 | self.logger.info("[BeEF] - Connection with api") |
| 0 | """ | |
| 1 | Faraday Penetration Test IDE | |
| 2 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
| 3 | See the file 'doc/LICENSE' for the license information | |
| 4 | ||
| 5 | """ | |
| 6 | ||
| 7 | from faraday_plugins.plugins.plugin import PluginXMLFormat | |
| 8 | from faraday_plugins.plugins.plugins_utils import CVE_regex, CWE_regex | |
| 9 | from xml.etree import ElementTree as ET | |
| 10 | ||
| 11 | __author__ = "Gonzalo Martinez" | |
| 12 | __copyright__ = "Copyright (c) 2013, Infobyte LLC" | |
| 13 | __credits__ = ["Gonzalo Martinez"] | |
| 14 | __license__ = "" | |
| 15 | __version__ = "1.0.0" | |
| 16 | __maintainer__ = "Gonzalo Martinez" | |
| 17 | __email__ = "[email protected]" | |
| 18 | __status__ = "Development" | |
| 19 | ||
| 20 | ||
| 21 | class CisPlugin(PluginXMLFormat): | |
| 22 | ||
| 23 | def __init__(self, *arg, **kwargs): | |
| 24 | super().__init__(*arg, **kwargs) | |
| 25 | self.ns = { | |
| 26 | "scap-con": "{http://scap.nist.gov/schema/scap/constructs/1.2}", | |
| 27 | "arf": "{http://scap.nist.gov/schema/asset-reporting-format/1.1}", | |
| 28 | "dsc": "{http://scap.nist.gov/schema/scap/source/1.2}", | |
| 29 | "ai": "{http://scap.nist.gov/schema/asset-identification/1.1}", | |
| 30 | "xccdf": "{http://checklists.nist.gov/xccdf/1.2}" | |
| 31 | } | |
| 32 | self.identifier_tag = "asset-report-collection" | |
| 33 | self.id = "CIS" | |
| 34 | self.name = "CIS XML Output Plugin" | |
| 35 | self.plugin_version = "1.0.0" | |
| 36 | ||
| 37 | def parseOutputString(self, output): | |
| 38 | ||
| 39 | root = ET.fromstring(output) | |
| 40 | rules = {} | |
| 41 | for rule in root.findall(f".//{self.ns['xccdf']}Rule"): | |
| 42 | rules[rule.attrib['id']] = { | |
| 43 | "title": rule[0].text, | |
| 44 | "description": rule[1][0].text | |
| 45 | } | |
| 46 | reports = root.findall(f".//{self.ns['arf']}reports") | |
| 47 | for report in reports: | |
| 48 | target_address = report.find(f".//{self.ns['xccdf']}target-address").text | |
| 49 | rules_results = report.findall(f".//{self.ns['xccdf']}rule-result") | |
| 50 | h_id = self.createAndAddHost(target_address) | |
| 51 | for rule_result in rules_results: | |
| 52 | result = rule_result.find(f"{self.ns['xccdf']}result").text | |
| 53 | if result != "pass": | |
| 54 | severity = rule_result.attrib.get("severity","unclassified") | |
| 55 | rule_id = rule_result.attrib['idref'] | |
| 56 | references = [] | |
| 57 | for ident in rule_result.findall(f"{self.ns['xccdf']}ident"): | |
| 58 | text = ident.text | |
| 59 | if isinstance(text, str) and len(text) > 10: | |
| 60 | references.append(text) | |
| 61 | self.createAndAddVulnToHost( | |
| 62 | h_id, | |
| 63 | name=rules[rule_id]["title"], | |
| 64 | desc=rules[rule_id]["description"], | |
| 65 | severity=severity, | |
| 66 | ref=references | |
| 67 | ) | |
| 68 | ||
| 69 | def createPlugin(*args, **kwargs): | |
| 70 | return CisPlugin(*args, **kwargs) |
| 116 | 116 | return item |
| 117 | 117 | try: |
| 118 | 118 | item['ip'] = self.resolve_hostname(item['ip']) |
| 119 | except: | |
| 120 | pass # nosec | |
| 119 | except: # nosec | |
| 120 | pass | |
| 121 | 121 | return item |
| 122 | 122 | |
| 123 | 123 | def resolveNS(self, item, items): |
| 124 | 124 | try: |
| 125 | 125 | item['hosts'][0] = item['ip'] |
| 126 | 126 | item['ip'] = self.resolve_hostname(item['ip']) |
| 127 | except: | |
| 127 | except: # nosec | |
| 128 | 128 | pass |
| 129 | 129 | return item |
| 130 | 130 |
| 3 | 3 | See the file 'doc/LICENSE' for the license information |
| 4 | 4 | |
| 5 | 5 | """ |
| 6 | import subprocess | |
| 6 | import subprocess # nosec | |
| 7 | 7 | import re |
| 8 | 8 | import sys |
| 9 | 9 | import json |
| 181 | 181 | can_parse = super().canParseCommandString(current_input) |
| 182 | 182 | if can_parse: |
| 183 | 183 | try: |
| 184 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) | |
| 184 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) # nosec | |
| 185 | 185 | output = proc.stderr.read() |
| 186 | 186 | match = re.search(r"Current Version: ([0-9.]+)", output.decode('UTF-8')) |
| 187 | 187 | if match: |
| 0 | import subprocess | |
| 0 | import subprocess # nosec | |
| 1 | 1 | import re |
| 2 | 2 | import json |
| 3 | 3 | from packaging import version |
| 137 | 137 | can_parse = super().canParseCommandString(current_input) |
| 138 | 138 | if can_parse: |
| 139 | 139 | try: |
| 140 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) | |
| 140 | proc = subprocess.Popen([self.command, '-version'], stderr=subprocess.PIPE) # nosec | |
| 141 | 141 | output = proc.stderr.read() |
| 142 | 142 | match = re.search(r"Current Version: ([0-9.]+)", output.decode('UTF-8')) |
| 143 | 143 | if match: |
| 40 | 40 | int(hostName) |
| 41 | 41 | # No exception => host is the next item. |
| 42 | 42 | hostName = parameters[1] |
| 43 | except: | |
| 43 | except: # nosec | |
| 44 | 44 | pass |
| 45 | 45 | |
| 46 | 46 | # Add host and note with output of traceroute. |
| 96 | 96 | |
| 97 | 97 | faraday_obj_name = map_objects_fields.get(field)[0] |
| 98 | 98 | faraday_field = map_objects_fields.get(field)[1] |
| 99 | except: | |
| 99 | except: # nosec | |
| 100 | 100 | continue |
| 101 | 101 | |
| 102 | 102 | if faraday_field == "reference" and value != "": |
| 0 | 0 | Metadata-Version: 2.1 |
| 1 | 1 | Name: faraday-plugins |
| 2 | Version: 1.9.0 | |
| 2 | Version: 1.9.1 | |
| 3 | 3 | Summary: Faraday plugins package |
| 4 | 4 | Home-page: |
| 5 | 5 | Author: Faradaysec |
| 44 | 44 | faraday_plugins/plugins/repo/burp/plugin.py |
| 45 | 45 | faraday_plugins/plugins/repo/checkmarx/__init__.py |
| 46 | 46 | faraday_plugins/plugins/repo/checkmarx/plugin.py |
| 47 | faraday_plugins/plugins/repo/cis/__init__.py | |
| 48 | faraday_plugins/plugins/repo/cis/plugin.py | |
| 47 | 49 | faraday_plugins/plugins/repo/cobalt/__init__.py |
| 48 | 50 | faraday_plugins/plugins/repo/cobalt/plugin.py |
| 49 | 51 | faraday_plugins/plugins/repo/dig/__init__.py |