Class: Risu::CLI::Application

Inherits:
Object
  • Object
show all
Includes:
Base
Defined in:
lib/risu/cli/application.rb

Overview

Application class for Risu

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeApplication

Initializes a CLI Application



31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/risu/cli/application.rb', line 31

def initialize
	@options = {}
	@database = {}
	@report = {}
	@blacklist = {}

	@options[:debug] = false
	@options[:list_templates] = false
	@options[:post_process] = false

	@template_manager = Risu::Base::TemplateManager.new "risu/templates"
	@postprocess_manager = Risu::Base::PostProcessManager.new "risu/parsers/nessus/postprocess"
end

Instance Attribute Details

#databaseObject

Returns the value of attribute database.



28
29
30
 
# File 'lib/risu/cli/application.rb', line 28

def database
  @database
end

Instance Method Details

#consolize(&block) ⇒ Object

Starts a console and executes anything in a block sent to it

Parameters:

  • block

    Code block to transfer control



212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
 
# File 'lib/risu/cli/application.rb', line 212

def consolize &block

	yield

	IRB.setup(nil)
	IRB.conf[:USE_READLINE] = true
	IRB.conf[:PROMPT_MODE] = :SIMPLE

	irb = IRB::Irb.new
	IRB.conf[:MAIN_CONTEXT] = irb.context

	irb.context.evaluate("require 'irb/completion'", 0)

	trap("SIGINT") do
		irb.signal_handle
	end
	catch(:IRB_EXIT) do
		irb.eval_input
	end
end

#create_config(file = CONFIG_FILE) ⇒ Object

Creates a blank configuration file

Parameters:

  • file (defaults to: CONFIG_FILE)

    Path to configuration file



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/risu/cli/application.rb', line 50

def create_config(file=CONFIG_FILE)
	File.open(file, 'w+') do |f|
		f.write("report:\n")
		f.write("  author: \n")
		f.write("  title: \n")
		f.write("  company: \n")
		f.write("  network: \n")
		f.write("  owner: \n")
		f.write("  location: \n")
		f.write("  classification: \n\n")
		f.write("database:\n")
		f.write("  adapter: \n")
		f.write("  host: \n")
		f.write("  port: \n")
		f.write("  database: \n")
		f.write("  username: \n")
		f.write("  password: \n")
		f.write("  timeout: \n\n")
	end
end

#db_connectObject

Establishes an [ActiveRecord::Base] database connection



147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
 
# File 'lib/risu/cli/application.rb', line 147

def db_connect
	begin
		if @database["adapter"] == nil
			puts "[!] #{@database['adapter']}" if @options[:debug]

			return false, "[!] Invalid database adapter, please check your configuration file"
		end

		ActiveRecord::Base.establish_connection(@database)
		connection = ActiveRecord::Base.connection

		if @database["adapter"] =~ /sqlite/
			connection.execute("PRAGMA default_synchronous=OFF;")
			connection.execute("PRAGMA synchronous=OFF;")
			connection.execute("PRAGMA journal_mode=OFF;")
			#connection.execute("PRAGMA wal_autocheckpoint=10000;")
		end

		connection
	rescue ActiveRecord::AdapterNotSpecified => ans
		puts "[!] Database adapter not found, please check your configuration file"
		puts "#{ans.message}\n #{ans.backtrace}" if @options[:debug]
		exit
	rescue ActiveRecord::AdapterNotFound => anf
		puts "[!] Database adapter not found, please check your configuration file"
		puts "#{anf.message}\n #{anf.backtrace}" if @options[:debug]
		exit
	rescue ActiveRecord::NoDatabaseError => nde
		puts "[!] Database not found. Please check your configuration file"
		puts "#{nde.message}\n #{nde.backtrace}" if @options[:debug]
		exit
	#rescue Mysql2::Error => mse
	#	puts "[!] Unable to connect to MySQL. \"#{mse.message}\" Please check your configuration file"
	#	puts "#{mse.message}\n #{mse.backtrace}" if @options[:debug]
	#	exit
	rescue SQLite3::Exception => se
		puts "[!] Unable to open database. Please check your configuration file"
		puts "#{se.message}\n #{se.backtrace}" if @options[:debug]
		exit
	rescue => e
		puts "[!] Exception (#{e.class})! #{e.message}\n #{e.backtrace}"
	end
end

#load_config(file = CONFIG_FILE, in_memory_config = false) ⇒ Object

Loads the configuration file

Parameters:

  • file (defaults to: CONFIG_FILE)

    Path to configuration file

  • in_memory_config (Boolean) (defaults to: false)

    If the configuration is in memory



75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
 
# File 'lib/risu/cli/application.rb', line 75

def load_config file=CONFIG_FILE, in_memory_config=false
	if File.exist?(file) == true or in_memory_config == true
		begin
			if in_memory_config
				yaml = YAML::load(file)
			else
				yaml = YAML::load(File.open(file))
			end

			@database = yaml["database"]
			@report = yaml["report"]

			puts @database.inspect if @options[:debug]

			#If no values were entered put a default value in
			@report.each do |k, v|
				if v == nil
					@report[k] = "No #{k}"
				end
			end
		rescue => e
			puts "[!] Error loading configuration! - #{e.message}"
			exit
		end
	else
		puts "[!] Configuration file does not exist!"
		exit
	end
end

#migrate(direction) ⇒ Object

Initiator for [ActiveRecord] migrations.

Parameters:

  • direction (Symbol)

    :up or :down



108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
 
# File 'lib/risu/cli/application.rb', line 108

def migrate direction
	begin
		if @database["adapter"] == nil
			return false, "[!] Invalid database adapter, please check your configuration file"
		end

		ActiveRecord::Base.establish_connection(@database)
		require 'risu/base/schema'
		Schema.migrate(direction)

		if direction == :up
			puts "[*] Creating tables" if @options[:debug]
			ver = Version.create
			ver.version = Risu::VERSION
			ver.save
		end

		puts "[*] Dropping tables" if direction == :down

	#@TODO temp hack, fix this by checking the schema on :up or :down for exiting data
	rescue SQLite3::SQLException => sqlitex
		puts "#{sqlitex.message}\n #{sqlitex.backtrace}" if @options[:debug]
		continue
	rescue ActiveRecord::AdapterNotSpecified => ans
		puts "[!] Database adapter not found, please check your configuration file"
		puts "#{ans.message}\n #{ans.backtrace}" if @options[:debug]
		exit
	rescue ActiveRecord::AdapterNotFound => anf
		puts "[!] Database adapter not found, please check your configuration file"
		puts "#{anf.message}\n #{anf.backtrace}" if @options[:debug]
		exit
	rescue => e
		puts "[!] Exception! #{e.message}"
		exit
	end
end

#parse_file(file) ⇒ Object

Handles the parsing of a single file

Parameters:

  • file

    The to parse



466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
 
# File 'lib/risu/cli/application.rb', line 466

def parse_file file
	begin
		puts "[*] Parsing #{file}..."
		tstart = Time.new

		if File.exist?(file) == false
			raise Risu::Exceptions::InvalidDocument, "[!] Document does not exist - #{file}"
		end

		nessus_doc = Risu::Parsers::Nessus::NessusDocument.new file
		nexpose_doc = Risu::Parsers::Nexpose::NexposeDocument.new file

		if nessus_doc.valid? == true
			nessus_doc.parse

			puts "[*] Fixing IP Address field"
			nessus_doc.fix_ips
		elsif nexpose_doc.valid? == true
			nexpose_doc.parse

			puts "[*] Fixing IP Address field"
			nexpose_doc.fix_ips
		else
			raise Risu::Exceptions::InvalidDocument, "[!] Invalid Document - #{file}"
		end

		printf "[*] Finished parsing %s. Parse took %.02f seconds\n", file, Time.now - tstart
		puts nessus_doc.new_tags.uniq.join("\n") #@TODO add a verbose check
	rescue Interrupt
		puts "[!] Parse canceled!"
		exit(1)
	#rescue Mysql2::Error => m
	#	if m.errno == 1146
	#		puts "[!] Error: Tables were not created. Please run #{Risu::APP_NAME} --create-tables"
	#		exit(1)
	#	end
	rescue => e
		puts "[!] #{e.message}\n #{e.backtrace.join("\n")}\n"
		exit(1)
	end
end

#parse_optionsObject

Parses all the command line options



234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
 
# File 'lib/risu/cli/application.rb', line 234

def parse_options
	begin
		opts = OptionParser.new do |opt|
			opt.banner =	"#{APP_NAME} v#{VERSION}\nJacob Hammack\nhttp://www.hammackj.com\n\n"
			opt.banner << "Usage: #{APP_NAME} [options] [files_to_parse]"
			opt.separator('')
			opt.separator("Parse Options")

			opt.on('--post-process', 'Preform post processing on the data') do |option|
				@options[:post_process] = option
			end

			opt.separator('')
			opt.separator("Reporting Options")

			opt.on('-t', '--template FILE', 'The filename of the template to use') do |option|
				@options[:template] = option
			end

			opt.on('-o', '--output-file FILE', 'The filename to output the generated report to') do |option|
				@options[:output_file] = option
			end

			opt.on('--list-templates', "Lists all of the templates available to #{APP_NAME}") do |option|
				@options[:list_templates] = option
			end

			opt.on('--list-post-process', "Lists all of the post processors available to #{APP_NAME}") do |option|
				@options[:list_postprocesses] = option
			end

			# @TODO THIS NO WORK
			#opt.on('--create-template NAME', "Creates a template file in the ~/.risu/templates directory") do |option|
			#	if File.exists?(option) == true
			#		puts "[!] Template "
			#	end
			#end

			opt.separator('')
			opt.separator('Configuration Options')

			opt.on('--config-file FILE', "Loads configuration settings for the specified file. By default #{APP_NAME} loads #{CONFIG_FILE}") do |option|
				if File.exists?(option) == true
					@options[:config_file] = option
				else
					puts "[!] Specified config file does not exist. Please specify a file that exists."
					exit
				end
			end

			opt.on('--create-config-file [FILE]',"Creates a configuration file in the current directory with the specified name, Default is #{CONFIG_FILE}") do |option|
				if option == nil
					option = CONFIG_FILE
				end

				if File.exists?(option) == true
					puts "[!] Configuration file already exists; If you wish to over-write this file please delete it."
				else
					if option == nil
						create_config
					else
						create_config option
					end

					exit
				end
			end

			opt.separator('')
			opt.separator('Database Options')

			opt.on('--test-connection','Tests the database connection settings') do |option|
				@options[:test_connection] = option
			end

			opt.on('--create-tables',"Creates the tables required for #{APP_NAME}") do |option|
				@options[:create_tables] = option
			end

			opt.on('--drop-tables', "Deletes the tables and data from #{APP_NAME}") do |option|
				@options[:drop_tables] = option
			end

			opt.separator ''
			opt.separator 'Other Options'

			opt.on_tail('-v', '--version', "Shows application version information") do
				puts "#{APP_NAME}: #{VERSION}\nRuby Version: #{RUBY_VERSION}\nRubygems Version: #{Gem::VERSION}"
				exit
			end

			opt.on('-d','--debug','Enable Debug Mode (More verbose output)') do |option|
				@options[:debug] = true
			end

			opt.on('--console', 'Starts an ActiveRecord console into the configured database') do |option|
				@options[:console] = option
			end

			opt.on_tail("-?", "--help", "Show this message") do
				puts opt.to_s + "\n"
				exit
			end
		end

		if ARGV.length != 0
			opts.parse!
		else
			puts opts.to_s + "\n"
			exit
		end
	rescue OptionParser::AmbiguousOption
		puts opts.to_s + "\n"
		exit
	rescue OptionParser::MissingArgument
		puts opts.to_s + "\n"
		exit
	rescue OptionParser::InvalidOption
		puts opts.to_s + "\n"
		exit
	end
end

#process_post_processingObject

Preforms PostProcessing on the dataset



450
451
452
453
454
455
456
457
458
459
460
461
 
# File 'lib/risu/cli/application.rb', line 450

def process_post_processing
	if @options[:post_process] == true

		puts "[*] Preforming Post Processing"

		@postprocess_manager.registered_postprocesses.each do |p|
			#p = post.new
			puts "\t[*] Running #{p.info[:description]}"
			p.run()
		end
	end
end

#runObject

Main Application loop, handles all of the command line arguments and parsing of files on the command line



359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
 
# File 'lib/risu/cli/application.rb', line 359

def run
	parse_options

	if @options[:list_templates]
		@template_manager.display_templates
		exit
	end

	if @options[:list_postprocesses]
		@postprocess_manager.display_postprocesses
		exit
	end

	if @options[:debug] == true
		puts "[*] Enabling Debug Mode"
	end

	if @options[:config_file] != nil
		load_config @options[:config_file]
	else
		load_config
	end

	db_connect

	if @options[:console] != nil
		consolize do
			puts Risu::CLI::Banner
			puts "#{APP_NAME} Console v#{VERSION}"
		end
		exit
	end

	if @options[:test_connection] != nil
		puts "#{test_connection?[1]}"
		exit
	end

	if @options[:create_tables] != nil
		migrate(:up)
		exit
	end

	if @options[:drop_tables] != nil
		migrate(:down)
		exit
	end

	if @options[:template] != nil and @options[:output_file] != nil
		if @template_manager.find_template_by_name(@options[:template]) == nil
			puts "[!] Template \"#{@options[:template]}\" does not exist. Please check the name"
			exit
		end

		@findings = Report

		@findings.author = @report["author"]
		@findings.title = @report["title"]
		@findings.company = @report["company"]
		@findings.classification = @report["classification"]
		@findings.network = @report["network"]
		@findings.owner = @report["owner"]
		@findings.location = @report["location"]
		@findings.extra = @report

		template = Templater.new(@options[:template], @findings, @options[:output_file], @template_manager)
		template.generate
	end

	ARGV.each do |file|
		begin
			parse_file file

		rescue Risu::Exceptions::InvalidDocument => id
			puts "[!] #{id.message}"
			next
		rescue ActiveRecord::StatementInvalid
			puts "[!] Please run #{Risu::APP_NAME} --create-tables, to create the required database schema!"
			exit
		rescue => e
			puts e.inspect
			puts "[!] Error: #{file}"
			next
		end
	end

	process_post_processing
end

#test_connection?Boolean

Tests the database connection

Returns:

  • (Boolean)

    True on successful, False on failure



194
195
196
197
198
199
200
201
202
203
204
205
206
207
 
# File 'lib/risu/cli/application.rb', line 194

def test_connection?
	begin

		db_connect

		if ActiveRecord::Base.connected? == true
			return true, "[*] Connection Test Successful"
		else
			return false, "[!] Connection Test Failed"
		end
	rescue => e
		puts "[!] Exception! #{e.message}\n #{e.backtrace}"
	end
end