From 33be4c09daca15c21448d776dd034311527d247e Mon Sep 17 00:00:00 2001 From: allfro Date: Tue, 4 Dec 2012 04:33:28 -0500 Subject: [PATCH] Fixed canari server -> now serves images properly and initializes config for remote transforms Made the config parser recognize the special 'wordlist' option in configuration files better Cleaned up the installer and uninstaller scripts to make it easy to read and stop migraines ;) --- src/canari/commands/install_package.py | 6 ++--- src/canari/commands/run_server.py | 25 +++++++++++--------- src/canari/commands/uninstall_package.py | 8 +++---- src/canari/config.py | 6 ++++- src/canari/utils/wordlist.py | 30 +++++++++++++----------- 5 files changed, 42 insertions(+), 33 deletions(-) mode change 100644 => 100755 src/canari/commands/run_server.py diff --git a/src/canari/commands/install_package.py b/src/canari/commands/install_package.py index acf2794..e857662 100644 --- a/src/canari/commands/install_package.py +++ b/src/canari/commands/install_package.py @@ -4,7 +4,7 @@ from ..maltego.configuration import (MaltegoTransform, CmdCwdTransformProperty, CmdLineTransformProperty, CmdParmTransformProperty, InputConstraint, TransformSet, TransformSettings, CmdCwdTransformPropertySetting, CmdDbgTransformPropertySetting, CmdLineTransformPropertySetting, CmdParmTransformPropertySetting) -from common import detect_settings_dir, cmd_name, fix_pypath, get_bin_dir +from common import detect_settings_dir, cmd_name, fix_pypath, get_bin_dir, import_transform, import_package from ..maltego.message import ElementTree from os import sep, path, mkdir, chdir, getcwd, name @@ -208,7 +208,7 @@ def run(args): print ('Looking for transforms in %s.transforms' % opts.package) try: - m = __import__('%s.transforms' % opts.package, globals(), locals(), ['*']) + m = import_package('%s.transforms' % opts.package) except ImportError, e: print ("Does not appear to be a valid canari package. Couldn't import the '%s.transforms' package in '%s'. Error message: %s" % (opts.package, opts.package, e)) exit(-1) @@ -216,7 +216,7 @@ def run(args): for t in m.__all__: transform = '%s.transforms.%s' % (opts.package, t) - m2 = __import__(transform, globals(), locals(), ['dotransform']) + m2 = import_transform(transform) if hasattr(m2, 'dotransform') and hasattr(m2.dotransform, 'label'): install_transform( m2.__name__, diff --git a/src/canari/commands/run_server.py b/src/canari/commands/run_server.py old mode 100644 new mode 100755 index aa66f53..310a3b6 --- a/src/canari/commands/run_server.py +++ b/src/canari/commands/run_server.py @@ -2,7 +2,7 @@ from ..maltego.message import (MaltegoTransformResponseMessage, MaltegoException, MaltegoTransformExceptionMessage, MaltegoMessage, Message) -from common import cmd_name, import_transform, fix_binpath, fix_pypath +from common import cmd_name, import_transform, fix_binpath, fix_pypath, import_package from ..config import config from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler @@ -12,7 +12,7 @@ from SocketServer import ThreadingMixIn from ssl import wrap_socket, CERT_NONE from argparse import ArgumentParser from cStringIO import StringIO -from socket import gethostname +from socket import getfqdn from urlparse import urlsplit from hashlib import md5 from sys import argv @@ -24,7 +24,7 @@ __copyright__ = 'Copyright 2012, Canari Project' __credits__ = [] __license__ = 'GPL' -__version__ = '0.1' +__version__ = '0.3' __maintainer__ = 'Nadeem Douba' __email__ = 'ndouba@gmail.com' __status__ = 'Development' @@ -81,7 +81,7 @@ parser.add_argument( parser.add_argument( '--hostname', metavar='[hostname]', - default=gethostname(), + default=getfqdn(), help='The hostname of this transform server.' ) @@ -114,9 +114,10 @@ def message(m, r): if e.iconurl is not None: e.iconurl = e.iconurl.strip() if e.iconurl.startswith('file://'): - new_url = '/%s' % md5(e.iconurl).hexdigest() - if new_url not in r.server.resources: - r.server.resources[new_url] = e.iconurl[7:] + path = '/%s' % md5(e.iconurl).hexdigest() + new_url = '%s://%s%s' % ('https' if r.server.is_ssl else 'http', r.server.hostname, path) + if path not in r.server.resources: + r.server.resources[path] = e.iconurl[7:] e.iconurl = new_url Message(MaltegoMessage(m)).write(sio) @@ -167,6 +168,8 @@ class MaltegoTransformRequestHandler(BaseHTTPRequestHandler): value = e.find('Value').text or '' fields = dict([(f.get('Name', ''), f.text) for f in xml.findall('Entities/Entity/AdditionalFields/Field')]) params = dict([(f.get('Name', ''), f.text) for f in xml.findall('TransformFields/Field')]) + for k, i in params.items(): + config[k.replace('.', '/', 1)] = i limits = xml.find('Limits').attrib msg = t[0]( @@ -228,7 +231,7 @@ class MaltegoHTTPServer(HTTPServer): is_ssl = False def __init__(self, server_address=('', 8080), RequestHandlerClass=MaltegoTransformRequestHandler, - bind_and_activate=True, transforms={}, hostname=gethostname()): + bind_and_activate=True, transforms={}, hostname=getfqdn()): HTTPServer.__init__(self, server_address, RequestHandlerClass, bind_and_activate) self.transforms = transforms self.hostname = hostname @@ -239,7 +242,7 @@ class SecureMaltegoHTTPServer(MaltegoHTTPServer): is_ssl = True def __init__(self, server_address=('', 8080), RequestHandlerClass=MaltegoTransformRequestHandler, - bind_and_activate=True, transforms={}, cert='cert.pem', hostname=gethostname()): + bind_and_activate=True, transforms={}, cert='cert.pem', hostname=getfqdn()): MaltegoHTTPServer.__init__( self, server_address, @@ -288,7 +291,7 @@ def run(args): print ('Loading transform package %s' % p) - m = __import__(p, globals(), locals(), ['*']) + m = import_package(p) for t in m.__all__: @@ -340,4 +343,4 @@ def run(args): httpd.serve_forever() except KeyboardInterrupt: httpd.server_close() - exit(0) \ No newline at end of file + exit(0) diff --git a/src/canari/commands/uninstall_package.py b/src/canari/commands/uninstall_package.py index a95955c..fa6fc44 100644 --- a/src/canari/commands/uninstall_package.py +++ b/src/canari/commands/uninstall_package.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -from common import detect_settings_dir, cmd_name, fix_pypath +from common import detect_settings_dir, cmd_name, fix_pypath, import_package, import_transform from os import sep, path, mkdir, listdir, unlink, rmdir from argparse import ArgumentParser @@ -11,7 +11,7 @@ __copyright__ = 'Copyright 2012, Canari Project' __credits__ = [] __license__ = 'GPL' -__version__ = '0.1' +__version__ = '0.2' __maintainer__ = 'Nadeem Douba' __email__ = 'ndouba@gmail.com' __status__ = 'Development' @@ -91,11 +91,11 @@ def run(args): fix_pypath() - m = __import__(opts.package, globals(), locals(), ['__all__']) + m = import_package(opts.package) for t in m.__all__: transform = '%s.%s' % (opts.package, t) - m2 = __import__(transform, globals(), locals(), ['dotransform']) + m2 = import_transform(transform) if hasattr(m2, 'dotransform') and hasattr(m2.dotransform, 'label'): uninstall_transform( m2.__name__, diff --git a/src/canari/config.py b/src/canari/config.py index 65e709e..e25c790 100644 --- a/src/canari/config.py +++ b/src/canari/config.py @@ -5,14 +5,16 @@ from resource import conf from re import findall, search, match, split from ConfigParser import SafeConfigParser from os import environ, getcwd, sep +from utils.wordlist import wordlist from urlparse import urlsplit + __author__ = 'Nadeem Douba' __copyright__ = 'Copyright 2012, Canari Project' __credits__ = [] __license__ = 'GPL' -__version__ = '0.1' +__version__ = '0.2' __maintainer__ = 'Nadeem Douba' __email__ = 'ndouba@gmail.com' __status__ = 'Development' @@ -86,6 +88,8 @@ class CanariConfigParser(SafeConfigParser): value.append(v) else: value = value.replace(r'\,', ',') + if option == 'wordlist': + value = wordlist(value) return value def __setitem__(self, key, value): diff --git a/src/canari/utils/wordlist.py b/src/canari/utils/wordlist.py index fa21f0f..5f4a51f 100644 --- a/src/canari/utils/wordlist.py +++ b/src/canari/utils/wordlist.py @@ -9,7 +9,7 @@ __copyright__ = 'Copyright 2012, Canari Project' __credits__ = [] __license__ = 'GPL' -__version__ = '0.1' +__version__ = '0.2' __maintainer__ = 'Nadeem Douba' __email__ = 'ndouba@gmail.com' __status__ = 'Development' @@ -20,16 +20,18 @@ __all__ = [ def wordlist(uri, match='(.*?)\n+', ignore='^#.*', strip=None): - l = [] - data = urlopen(uri).read() - if search('\.gz(ip)?$', uri) is not None: - data = decompress(data, 16 + MAX_WBITS) - if data: - l = findall(match, data) - if ignore is not None: - l = filter(lambda x: search(ignore, x) is None, l) - if strip is not None: - l = map(lambda x: sub(strip, '', x), l) - return l - - + if isinstance(uri, basestring): + l = [] + if not uri: + return l + data = urlopen(uri).read() + if search('\.gz(ip)?$', uri) is not None: + data = decompress(data, 16 + MAX_WBITS) + if data: + l = findall(match, data) + if ignore is not None: + l = filter(lambda x: search(ignore, x) is None, l) + if strip is not None: + l = map(lambda x: sub(strip, '', x), l) + return l + return uri \ No newline at end of file -- 2.45.1