''' consoleUi.py Copyright 2006 Andres Riancho This file is part of w3af, w3af.sourceforge.net . w3af is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License. w3af is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with w3af; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ''' import sys try: # Some traditional imports from random import randint # Import all other menu's import core.ui.consoleUi.url as url import core.ui.consoleUi.tools as tools import core.ui.consoleUi.session as session import core.ui.consoleUi.plugins as plugins import core.ui.consoleUi.exploit as exploit # Import w3af import core.controllers.w3afCore import core.controllers.outputManager as om from core.controllers.w3afException import w3afException from core.ui.consoleUi.consoleMenu import consoleMenu from core.controllers.threads.threadManager import threadManager as tm import core.controllers.miscSettings as miscSettings from core.ui.consoleUi.pluginConfig import pluginConfig except KeyboardInterrupt: print 'Exiting before importing modules.' sys.exit(0) class consoleUi(consoleMenu): ''' A console user interface. @author: Andres Riancho ( andres.riancho@gmail.com ) ''' def __init__( self, commands=[] ): consoleMenu.__init__(self) self._menu = {'help':self._rootHelp, 'url-settings':self._url, 'misc-settings':self._misc,\ 'session':self._session,'plugins':self._plugins,'start':self.start,\ 'exploit':self._exploit,'exit':self._exit,'target':self._target,'tools':self._tools} self._w3af = core.controllers.w3afCore.w3afCore() self._commands = commands # I will use pop(), so I need a reversed list. self._commands.reverse() self._targetURLs = [] self._tm = tm() def sh( self ): ''' Starts the shell's main loop. @parameter commands: A list of commands to run. @return: The prompt ''' prompt = 'w3af>>> ' self._mainloop( prompt ) def _exec( self, command ): ''' Executes a user input. ''' command, parameters = self._parse( command ) if command in self._menu.keys(): func = self._menu[command] return func(parameters) else: om.out.console( 'command not found' ) def _rootHelp( self, parameters ): ''' Prints a help message to the user. ''' if len(parameters) == 0 : self.mprint('The following commands are available:','') self.mprint('help','You are here. help [command] prints more specific help.') self.mprint('url-settings','Configure the URL opener.') self.mprint('misc-settings','Configure w3af misc settings.') self.mprint('session','Load and save sessions.') self.mprint('plugins','Enable, disable and configure plugins.') self.mprint('start','Start site analysis.') self.mprint('exploit','Exploit a vulnerability.') self.mprint('tools','Enter the tools section.') self.mprint('target','Set the target URL.') self.mprint('exit','Exit w3af.') elif parameters[0] == 'target': self.mprint('Enter the target configuration. Here you will configure the target URL.','') elif parameters[0] == 'exploit': self.mprint('Enter the exploit configuration.','') elif parameters[0] == 'plugins': self.mprint('Enter the plugin configuration.','') elif parameters[0] == 'session': self.mprint('Enter the session configuration.','') elif parameters[0] == 'url-settings': self.mprint('Enter the url configuration.','') elif parameters[0] == 'misc-settings': self.mprint('Enter the w3af misc configuration.','') def _tools( self, parameters ): ''' Opens a tools menu ''' toolsObj = tools.tools( self._commands ) try: toolsObj.sh() except KeyboardInterrupt,k: om.out.console('') def _url( self, parameters ): ''' Opens a URL config menu ''' _url = url.url( self._w3af, self._commands ) try: _url.sh() except KeyboardInterrupt,k: om.out.console('') def _session( self, parameters ): ''' Opens a session config menu ''' s = session.session( self._w3af, self._commands ) try: s.sh() except KeyboardInterrupt,k: om.out.console('') def _plugins( self, parameters ): ''' Opens a plugins config menu ''' p = plugins.plugins( self._w3af, self._commands ) try: p.sh() except KeyboardInterrupt,k: om.out.console('') def _exploit( self, parameters ): ''' Opens a exploit config menu ''' e = exploit.exploit( self._w3af, self._commands ) try: e.sh() except KeyboardInterrupt,k: om.out.console('') def _misc( self, parameters ): ''' Opens a misc config menu ''' mS = miscSettings.miscSettings() pConf = pluginConfig( self._w3af, self._commands ) prompt = 'w3af/misc-settings>>> ' pConf.sh( prompt, mS ) return True def _target( self, parameters ): ''' Sets the target URL ''' tar = self._w3af.target pConf = pluginConfig( self._w3af, self._commands ) prompt = 'w3af/target>>> ' pConf.sh( prompt, tar ) return True def start( self, parameters ): ''' Starts the discovery and audit work. ''' try: self._w3af.start() except w3afException, e: om.out.console( str(e) ) except KeyboardInterrupt, e: self._exit() return True def _getRndExitMsg( self ): ''' @return: A random exit msg. ''' res = [] res.append('bye.') res.append('Be a good boy and contribute with some lines of code.') res.append('Be a good boy and contribute with some money :)') res.append('w3af, better than the regular script kiddie.') res.append('GPL v2 inside.') res.append('got w3af?') res.append('spawned a remote shell today?') res = res[ randint( 0, len(res) -1 ) ] return res def _exit( self, parameters = [] ): om.out.console( '' ) om.out.console( self._getRndExitMsg() ) self._tm.stopAllDaemons() self._tm.join( joinAll=True ) sys.exit(0) _back = _exit