【3】Golismero插件编写-ImportPlugin插件编写

进击的巨人，不错的新番灾难片，得追一阵子了

地址： http://blog.csdn.net/hujkay

作者：Jekkay Hu([email protected])

关键词：golismero, web扫描器， 插件编写

时间： 2013/09/22

3. 导入插件(ImportPlugin)

   Golismero的导入插件(ImportPlugin)可以将其他安全工具的扫描结果导入，然后再启动扫描，其接口类如下：

接口类	golismero.api.plugin. ImportPlugin
基类	+ golismero.api.plugin.Plugin    +Object

该接口类的方法如下：

接口方法	说明
_init_	x.__init__(...) initializes x; see help(type(x)) for signature
import_results(input_file)	Run plugin and import the results into the audit database. This is the entry point for Import plugins, where most of the logic resides. Parameters:    input_file (str) – Input file to parse.
is_supported(input_file)	Determine if this plugin supports the requested file format. Tipically, here is where Import plugins examine the file extension. Parameters:    input_file (str) – Input file to parse. Returns:  True if this plugin supports the format, False otherwise. Return type:    bool
state	Returns:  Shared plugin state variables. Return type:    PluginState
update_status(progress=None)	Plugins can call this method to tell the user of the current progress of whatever the plugin is doing. Warning Do not override this method! Note This method may not be supported in future versions of GoLismero. Parameters:    progress (float | None) – Progress percentage [0, 100] as a float, or None to indicate progress can’t be measured.

      下面以编写一个导入插件为例，情景设定：假如有一款开源的WEB爬虫Jekkay，能够快速高效抓取用户所设定的所有URL地址，并将结果保存为XML形式，而我们希望通过导入该URL列表到golismero系统，然后再利用golismero的各个功能插件对其进行检测。Web爬虫Jekkay保存的URL列表内容形式为下所示：

<urls tag="jekkay">    <url>http://www.jike521.com/index.html</url>    <url>http://www.jike521.com/administrator.html</url>    <url>http://www.jike521.com/admin.html</url> </urls>

      对于该需求，写一个导入插件JekkayImportPlugin是最为恰当的，而插件编写步骤和之前的类似。

3.1 导入插件配置文件

    创建插件的配置文件/plugins/import/jekkay.golismero，定义插件的信息，内容如下：

[Core] Name   = Importer URL From my Web Spider - Jekkay Module = ./jekkay.py Class  = JekkayImportPlugin   [Documentation] Description = Import the results of my Web Spider - Jekkay Author      = Jekkay Hu( [email protected]) Version     = 0.1 Website     = http://blog.csdn.net/hujkay Copyright   = Copyright (C) 2011-2013 GoLismero Project License     = GNU Public License

3.2  编写插件代码

    创建plugins/import/jekkay.py, 编写导入插件JekkayImportPlugin代码，实现将WEB爬虫的结果转换成Golismero的数据结构功能，代码如下。

#!/usr/bin/env python # -*- coding: utf-8 -*-   __license__ = """ """   from golismero.api.config import Config from golismero.api.data.db import Database from golismero.api.data.resource.domain import Domain from golismero.api.data.resource.ip import IP from golismero.api.data.resource.url import Url from golismero.api.data.vulnerability import Vulnerability from golismero.api.logger import Logger from golismero.api.plugin import TestingPlugin, ImportPlugin from xml.etree import ElementTree as etree     #------------------------------------------------------------------------------ class JekkayImportPlugin(ImportPlugin):       #--------------------------------------------------------------------------     def is_supported(self, input_file):         if input_file and input_file.lower().endswith(".xml"):             with open(input_file, "rU") as fd:                 line = fd.readline()                 return line.startswith('<urls tag="jekkay"')         return False       #----------------------------------------------------------------------     def parsexmlinfo(self,xmlresult):         """Convert results to Golismero Formatt"""         result=[]         try:             for weburl in xmlresult:                 if weburl.tag != 'url':                     continue                 u = weburl.text                 if u is None or not u.startswith("http"):                     continue                 result.append(Url(u))         except:             pass         return result           #--------------------------------------------------------------------------     def import_results(self, input_file):         try:             xml_results       = etree.parse(input_file)             golismero_results = self.parsexmlinfo(xml_results.getroot())             if golismero_results:                 Database.async_add_many(golismero_results)         except Exception , e:             pass

3.3  测试插件

    我们想测试一下在抓取的URL中，是否存在管理页面，启用一下之前写的简单管理页面检测插件findadminpage，输入以下指令：

python golismero.py www.jike521.com -i d:/weburls.xml -e findadminpage -o result.html

执行的输出的详细信息如下：

/----------------------------------------------\ | GoLismero 2.0.0b1 - The Web Knife            | | Contact: golismero.project<@>gmail.com       | |                                              | | Daniel Garcia Garcia a.k.a cr0hn (@ggdaniel) | | Mario Vilas (@Mario_Vilas)                   | \----------------------------------------------/   GoLismero started at 2013-09-22 12:00:56.376000 [*] GoLismero: Audit name: golismero-L7Bqxp46 [*] GoLismero: Audit database: golismero-L7Bqxp46.db [*] GoLismero: Added 4 new targets to the database. [*] GoLismero: Importing results from external tools... [*] GoLismero: Launching tests... [*] Find Admin Page: Started. [*] Find Admin Page: Started. [*] Find Admin Page: Started. [*] Find Admin Page: Started. [*] Find Admin Page: Working... [*] Find Admin Page: Find Admin Page: http://www.jike521.com/admin.html <!> Vulnerability 'generic' dicovered by plugin 'Find Admin Page'. Risk level: 0 [*] Find Admin Page: Finished. [*] Find Admin Page: Working... [*] Find Admin Page: Find Admin Page: http://www.jike521.com/ [*] Find Admin Page: Finished. [*] Find Admin Page: Working... [*] Find Admin Page: Find Admin Page: http://www.jike521.com/administrator.html <!> Vulnerability 'generic' dicovered by plugin 'Find Admin Page'. Risk level: 0 [*] Find Admin Page: Finished. [*] Find Admin Page: Working... [*] Find Admin Page: Find Admin Page: http://www.jike521.com/index.html [*] Find Admin Page: Finished. [*] GoLismero: Generating reports... [*] HTML Report: Writing HTML report to file: result.html GoLismero stopped at 2013-09-22 12:01:22.494000

 OKAY，执行完毕之后，我们打开一下result.html,显示的页面如下。

     从上可以看到， URL列表中含有从XML文件中导入的URL，并且发现了有2个漏洞，即有两个管理页面： admin.html和administrator.html，点击admin.html可以展开看到详细的漏洞信息，包括描述(Description),等级(level)，URL和插件ID(plugin_id)。但是有一点很奇怪，administrator.html一栏一直无法展开，原因还不确定，好奇怪，回头再研究一下具体原因。

胡杨

2013/09/22