Class: Watobo::Scanner3

Inherits:

Object

• Object
• Watobo::Scanner3

Includes:

Constants, Subscriber

Defined in:

lib/watobo/core/scanner3.rb

Overview

:nodoc: all

Defined Under Namespace

Classes: Worker

Constant Summary

SCANNER_READY =

0x0000

SCANNER_RUNNING =

0x0001

GENERATION_STARTED =

0x0100

GENERATION_FINISHED =

0x0200

Constants included from Constants

Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::AUTH_TYPE_UNKNOWN, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED

Instance Method Summary

• #cancel ⇒ Object
• #continue ⇒ Object
• #finished? ⇒ Boolean
• #generation_finished? ⇒ Boolean
• #initialize(chat_list = [], active_checks = [], passive_checks = [], prefs = {}) ⇒ Scanner3 constructor

  A new instance of Scanner3.

• #progress ⇒ Object
• #run(check_prefs = {}) ⇒ Object
• #running? ⇒ Boolean
• #status_running? ⇒ Boolean
• #stop ⇒ Object
• #sum_progress ⇒ Object
• #sum_total ⇒ Object
• #tasks ⇒ Object

  E N D O F W O R K E R.

Methods included from Subscriber

#clearEvents, #notify, #subscribe

Constructor Details

#initialize(chat_list = [], active_checks = [], passive_checks = [], prefs = {}) ⇒ Scanner3

Returns a new instance of Scanner3.

# File 'lib/watobo/core/scanner3.rb', line 319

def initialize(chat_list=[], active_checks=[], passive_checks=[], prefs={})
  @chat_list = chat_list
  @active_checks = []
  @passive_checks = passive_checks

  @tasks = Queue.new
  @logged_out = Queue.new

  @workers = []

  @status_lock = Mutex.new

  @task_count_lock = Mutex.new
  @task_counter = {}
  
  @ctrl_thread = nil

  # @onlineCheck = OnlineCheck.new(@project)
  msg = "Initializing Scanner ..."
  notify(:logger, LOG_INFO, msg)
  puts msg

  @prefs = Watobo::Conf::Scanner.to_h

  @prefs.update prefs

  puts @prefs.to_yaml

  unique_checks = {}
  active_checks.each do  |x|
    if x.respond_to? :new
    ac = x.new(self.object_id, @prefs)
    else
    ac = x
    end
    unique_checks[ac.class.to_s] = ac unless unique_checks.has_key?(ac.class.to_s)
  end
  unique_checks.each_value do |check|
    @active_checks << check
  end

  puts "#ActiveModules: #{@active_checks.length}"

  @active_checks.uniq.each do |check|

    check.resetCounters()
    @chat_list.each_with_index do |chat, index|
    #print "."
      check.updateCounters(chat, @prefs)
      puts "* [#{index}] CheckCounter #{chat.id}: #{check.check_name} - #{check.numChecks}"
    end

    # @numTotalChecks += check.numChecks
    # cn = check.info[:check_name]
    # puts "+ add check: #{cn}"
    # notify(:logger, LOG_INFO, "add check #{cn}")
    @task_counter[check.check_name] = { :total => check.numChecks,
      :progress => 0
    }
  end
  @status = SCANNER_READY
  msg = "Scanner Ready!"
  notify(:logger, LOG_INFO, msg)
  puts msg
end

Instance Method Details

#cancel ⇒ Object

# File 'lib/watobo/core/scanner3.rb', line 192

def cancel()
  begin
    @workers.each do |w|
      w.stop
    end
  rescue => bang
    puts bang
    puts bang.backtrace if $DEBUG
  end
end

#continue ⇒ Object

# File 'lib/watobo/core/scanner3.rb', line 203

def continue()
  # TODO
end

#finished? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/watobo/core/scanner3.rb', line 145

def finished?
  # puts "num_waiting: #{@tasks.num_waiting}"
  # puts "workers: #{@workers.length}"
  # puts "generation finished? #{generation_finished?.class}"
  # puts "num tasks: #{@tasks.size}"
  # puts "running workers: #{running_workers}"
  return true if (
  status_running? &&
  ( @tasks.num_waiting == @workers.length ) &&
  ( @tasks.size == 0 ) &&
  generation_finished?
  )
  false
end

#generation_finished? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/watobo/core/scanner3.rb', line 141

def generation_finished?
  ( status & GENERATION_FINISHED ) > 0
end

#progress ⇒ Object

# File 'lib/watobo/core/scanner3.rb', line 207

def progress
  @task_count_lock.synchronize do
    YAML.load(YAML.dump(@task_counter))
  end
end

#run(check_prefs = {}) ⇒ Object

# File 'lib/watobo/core/scanner3.rb', line 229

def run( check_prefs={} )
  # @sites_online.clear
  @uniqueRequests = Hash.new
  set_status_running

  @login_count = 0
  @max_login_count = 20

  @ctrl_thread = Thread.new{
    size = -1
    loop do
      if @tasks.num_waiting == @workers.length and @tasks.size == 0 and generation_finished?
        begin
        puts "[#{self}] seems scan is finished. stopping workers now ..."
        @workers.map{|w|
          #puts "[]#{self}] stopping worker #{w}"
          w.stop
          }
        # suizide!
        Thread.exit
        rescue => bang
          puts bang
          puts bang.backtrace
        end
      end

      if @logged_out.size == ( @workers.length - @tasks.num_waiting) or @tasks.num_waiting == @workers.size
        @logged_out.clear
        #puts "!LOGOUT DETECTED!\n#{@logged_out.size} - #{@workers.length} - #{@tasks.num_waiting}\n\n"
        begin
          puts "Run login ..."
          login
          @workers.each do |wrkr|
           # puts "State: #{wrkr.state}"
            if wrkr.wait_for_login?
              wrkr.engine.run
            end
          end

        rescue => bang
          puts bang
          puts bang.backtrace
        end

      end

      sleep 1
    end
  }

  @prefs.update check_prefs
  msg = "\n[Scanner] Starting Scan ..."
  notify(:logger, LOG_INFO, msg )
  puts msg

  # starting workers before check generation
  start_workers( @prefs)
  @max_tasks = 1000

  # start check generation in seperate thread
  Thread.new{
    begin
      set_status GENERATION_STARTED
      @chat_list.uniq.each do |chat|
      # puts chat.request.url.to_s
        @active_checks.uniq.each do |ac|
          ac.reset()
          if site_alive?(chat) then
            ac.generateChecks(chat){ |check|
              while @tasks.size > @max_tasks
                sleep 1
              end
              task = { :module => ac,
                :check => check
              }
              @tasks.push task
            }
          end
        end
      end
    rescue => bang
      puts bang
      puts bang.backtrace if $DEBUG
    ensure
      set_status GENERATION_FINISHED
    end
  }

end

#running? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/watobo/core/scanner3.rb', line 160

def running?()

  return false if (
  status_running? &&
  ( @tasks.num_waiting == @workers.length ) &&
  ( @tasks.size == 0 ) &&
  generation_finished?
  )
  return true if status_running?
  return false
end

#status_running? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/watobo/core/scanner3.rb', line 137

def status_running?
  ( status & SCANNER_RUNNING ) > 0
end

#stop ⇒ Object

# File 'lib/watobo/core/scanner3.rb', line 172

def stop()
  print "\n[#{self}] stopping ... "
  begin
    @workers.each do |w|
      w.stop
    end
    unless @ctrl_thread.nil?
      if @ctrl_thread.alive?
        puts "stop ctrl_thread"
        Thread.kill @ctrl_thread
      end
    end
    print "[OK]\n"
  rescue => bang
    print "[OUTCH]\n"
    puts bang
    puts bang.backtrace if $DEBUG
  end
end

#sum_progress ⇒ Object

# File 'lib/watobo/core/scanner3.rb', line 221

def sum_progress
  sum = 0
  @task_count_lock.synchronize do
    sum = @task_counter.values.inject(0){|i,v| i + v[:progress] }
  end
  sum
end

#sum_total ⇒ Object

# File 'lib/watobo/core/scanner3.rb', line 213

def sum_total
  sum = 0
  @task_count_lock.synchronize do
    sum = @task_counter.values.inject(0){|i,v| i + v[:total] }
  end
  sum
end

#tasks ⇒ Object

E N D O F W O R K E R

# File 'lib/watobo/core/scanner3.rb', line 133

def tasks
  @tasks
end