MyProcess::MyProcess(QObject * parent) : QProcess(parent)
{
clearArguments();
setProcessChannelMode( QProcess::MergedChannels );
#if USE_TEMP_FILE
temp_file.open(); // Create temporary file
QString filename = temp_file.fileName();
setStandardOutputFile( filename );
qDebug("MyProcess::MyProcess: temporary file: %s", filename.toUtf8().data());
temp_file.close();
//connect(&temp_file, SIGNAL(readyRead()), this, SLOT(readTmpFile()) );
connect(&timer, SIGNAL(timeout()), this, SLOT(readTmpFile()) );
#else
connect(this, SIGNAL(readyReadStandardOutput()), this, SLOT(readStdOut()) );
#endif
connect(this, SIGNAL(finished(int, QProcess::ExitStatus)),
this, SLOT(procFinished()) );
// Test splitArguments
//QStringList l = MyProcess::splitArguments("-opt 1 hello \"56 67\" wssx -ios");
}
void OscapScannerLocal::evaluate()
{
if (mDryRun)
{
signalCompletion(mCancelRequested);
return;
}
emit infoMessage(QObject::tr("Querying capabilities..."));
try
{
fillInCapabilities();
}
catch (std::exception& e)
{
emit errorMessage(e.what());
return;
}
if (!checkPrerequisites())
{
mCancelRequested = true;
signalCompletion(mCancelRequested);
return;
}
// TODO: Error handling!
// This is mainly for check-engine-results and oval-results, to ensure
// we get a full report, including info from these files. openscap's XSLT
// uses info in the check engine results if it can find them.
QProcess process(this);
emit infoMessage(QObject::tr("Creating temporary files..."));
// This is mainly for check-engine-results and oval-results, to ensure
// we get a full report, including info from these files. openscap's XSLT
// uses info in the check engine results if it can find them.
TemporaryDir workingDir;
process.setWorkingDirectory(workingDir.getPath());
QStringList args;
QTemporaryFile inputARFFile;
QTemporaryFile arfFile;
arfFile.setAutoRemove(true);
setFilenameToTempFile(arfFile);
QTemporaryFile reportFile;
reportFile.setAutoRemove(true);
setFilenameToTempFile(reportFile);
QTemporaryFile resultFile;
resultFile.setAutoRemove(true);
setFilenameToTempFile(resultFile);
if (mScannerMode == SM_OFFLINE_REMEDIATION)
{
inputARFFile.open();
inputARFFile.write(getARFForRemediation());
inputARFFile.close();
args = buildOfflineRemediationArgs(inputARFFile.fileName(),
resultFile.fileName(),
reportFile.fileName(),
arfFile.fileName());
}
else
{
args = buildEvaluationArgs(mSession->getOpenedFilePath(),
mSession->hasTailoring() ? mSession->getTailoringFilePath() : QString(),
resultFile.fileName(),
reportFile.fileName(),
arfFile.fileName(),
mScannerMode == SM_SCAN_ONLINE_REMEDIATION);
}
QString program = getOscapProgramAndAdaptArgs(args);
emit infoMessage(QObject::tr("Starting the oscap process..."));
process.start(program, args);
process.waitForStarted();
if (process.state() != QProcess::Running)
{
emit errorMessage(QObject::tr("Failed to start local scanning process '%1'. Perhaps the executable was not found?").arg(program));
mCancelRequested = true;
}
unsigned int pollInterval = 100;
emit infoMessage(QObject::tr("Processing..."));
while (!process.waitForFinished(pollInterval))
{
// read everything new
readStdOut(process);
watchStdErr(process);
// pump the event queue, mainly because the user might want to cancel
QAbstractEventDispatcher::instance(mScanThread)->processEvents(QEventLoop::AllEvents);
if (mCancelRequested)
{
pollInterval = 1000;
emit infoMessage(QObject::tr("Cancellation was requested! Terminating scanning..."));
process.kill();
}
}
if (!mCancelRequested)
{
if (process.exitCode() == 1) // error happened
{
watchStdErr(process);
// TODO: pass the diagnostics over
emit errorMessage(QObject::tr("There was an error during evaluation! Exit code of the 'oscap' process was 1."));
// mark this run as canceled
mCancelRequested = true;
}
else
{
// read everything left over
readStdOut(process);
watchStdErr(process);
emit infoMessage(QObject::tr("The oscap tool has finished. Reading results..."));
resultFile.open();
mResults = resultFile.readAll();
resultFile.close();
reportFile.open();
mReport = reportFile.readAll();
reportFile.close();
arfFile.open();
mARF = arfFile.readAll();
arfFile.close();
emit infoMessage(QObject::tr("Processing has been finished!"));
}
}
else
{
emit infoMessage(QObject::tr("Scanning cancelled!"));
}
signalCompletion(mCancelRequested);
}
int oLaucher::Crack(QSqlQuery qry)
{
pathFileName = qry.value(0).toString();
pathDictName = qry.value(1).toString();
AplicarDict = qry.value(2).toBool();
hashFileName = qry.value(5).toString();
hashDictName = qry.value(4).toString();
int ret = 0;
//qDebug() << "[!] ATTACK:: " << qry.value(0).toString() << "DICT " << qry.value(1).toString();
if(QFile::exists(pathFileName)==false)
{
return -1;
}
if(QFile::exists(pathDictName)==false)
{
return -2;
}
QFileInfo fileInf(pathFileName);
QString extension = fileInf.suffix();
oPrograms dats;
QString fileTmpPass;
connect(proc, SIGNAL(errorOccurred(QProcess::ProcessError)), this, SLOT(launchingError(QProcess::ProcessError)));
//connect(proc, SIGNAL(finished(int)), this, SLOT(ProcCerrado(int)));
connect(proc, SIGNAL(readyReadStandardOutput()), this, SLOT(readStdOut()));
connect(proc, SIGNAL(readyReadStandardError()), this, SLOT(readStdErr()));
connect(proc, SIGNAL(error(QProcess::ProcessError)), this, SLOT(launchingError(QProcess::ProcessError)));
fileTmpPass = fileTmpPass + "/tmp/filePwd" + QString::number(qrand() % 1000);
#ifdef Q_OS_WIN32
fileTmpPass = getenv("TMP");
fileTmpPass = fileTmpPass + "\\filePwd" + QString::number(qrand() % 1000);
#endif
QFile::remove(fileTmpPass);
if(extension.compare("cap", Qt::CaseInsensitive)==0)
{
// Crackea con Pyrit
qDebug() << "[!] Es un CAP";
crackerProgram = 3;
//QString strTmp = "attack_cowpatty";
oSqlite db;
QSqlQuery qry;
GetPathUtils(crackerProgram, &dats);
if(db.GetInfWpa(&qry, hashFileName)>=0)
{
//GetParamPyrit(pathFileName, qry.value(0).toString(), qry.value(1).toString(), pathDictName, &dats.args);
}
}
if(extension.compare("hccap", Qt::CaseInsensitive)==0)
{
// Crackea con oclHashcat
crackerProgram = 2;
qDebug() << "[!] Es un HCCAP";
GetParamHascat(pathFileName, AplicarDict, "QVariant::String", pathDictName, &dats.args);
GetPathUtils(crackerProgram, &dats);
}
if(extension.compare("pdf", Qt::CaseInsensitive)==0)
{
qDebug() << "[+] Es un PDF";
GetPathUtils(1, &dats);
dats.args << pathDictName;
if(AplicarDict)
dats.args << pathDictName;
else
{
//Aplicar fuerza bruta
}
proc->start(dats.pathExec, dats.args);
while(proc->isOpen())
{
//qDebug() << "IS OPEN xD";
#ifdef Q_OS_WIN
CheckIdleUser();
Sleep(1000);
#endif
}
}
if(extension.compare("rar", Qt::CaseInsensitive)==0)
{
//qDebug() << "[+] Es un rar";
GetPathUtils(1, &dats);
dats.args << pathDictName;
if(AplicarDict)
dats.args << pathDictName;
else
{
//Aplicar fuerza bruta
}
proc->start(dats.pathExec, dats.args);
//proc->waitForFinished(-1);
}
if(extension.compare("docx", Qt::CaseInsensitive)==0)
{
//qDebug() << "[+] Es un MS DOCX";
GetPathUtils(1, &dats);
dats.args << pathDictName;
if(AplicarDict)
dats.args << pathDictName;
else
{
//Aplicar fuerza bruta
}
proc->start(dats.pathExec, dats.args);
//proc->waitForFinished(-1);
}
qDebug() << "[+] Launching .. " << dats.pathExec << dats.args;
proc->start(dats.pathExec, dats.args);
proc->waitForFinished(-1);
AnalyzeOutput(fileTmpPass, crackerProgram);
delete proc;
return ret;
}
void OscapScannerRemoteSsh::evaluate()
{
if (mDryRun)
{
signalCompletion(mCancelRequested);
return;
}
ensureConnected();
if (mCancelRequested)
{
signalCompletion(true);
return;
}
{
SshSyncProcess proc(mSshConnection, this);
emit infoMessage(QObject::tr("Checking if oscap is available on remote machine..."));
proc.setCommand(QString("command"));
proc.setArguments(QStringList() << "-v" << SCAP_WORKBENCH_REMOTE_OSCAP_PATH);
proc.setCancelRequestSource(&mCancelRequested);
proc.run();
if (proc.getExitCode() != 0)
{
emit errorMessage(
QObject::tr("Failed to locate oscap on remote machine. "
"Please, check that openscap-scanner is installed on the remote machine.")
);
mCancelRequested = true;
signalCompletion(mCancelRequested);
return;
}
emit infoMessage(QObject::tr("Querying capabilities on remote machine..."));
proc.setCommand(SCAP_WORKBENCH_REMOTE_OSCAP_PATH);
proc.setArguments(QStringList("-V"));
proc.setCancelRequestSource(&mCancelRequested);
proc.run();
if (proc.getExitCode() != 0)
{
emit errorMessage(
QObject::tr("Failed to query capabilities of oscap on remote machine.\n"
"Diagnostic info:\n%1").arg(proc.getDiagnosticInfo())
);
mCancelRequested = true;
signalCompletion(mCancelRequested);
return;
}
mCapabilities.parse(proc.getStdOutContents());
}
if (!checkPrerequisites())
{
mCancelRequested = true;
signalCompletion(mCancelRequested);
return;
}
QStringList baseArgs;
baseArgs.append("-o"); baseArgs.append(QString("ControlPath=%1").arg(mSshConnection._getMasterSocket()));
baseArgs.append(mTarget);
QString diagnosticInfo;
emit infoMessage(QObject::tr("Copying input data to remote target..."));
const QString inputFile = copyInputFileOver();
const QString tailoringFile = mSession->hasTailoring() ?
copyFileOver(mSession->getTailoringFilePath()) : QString();
if (mCancelRequested)
{
signalCompletion(true);
return;
}
const QString reportFile = createRemoteTemporaryFile();
const QString resultFile = createRemoteTemporaryFile();
const QString arfFile = createRemoteTemporaryFile();
const QString workingDir = createRemoteTemporaryDirectory();
// TODO: We could be leaking any of the temporary files at this point!
if (mCancelRequested)
{
signalCompletion(true);
return;
}
QStringList args;
if (mScannerMode == SM_OFFLINE_REMEDIATION)
{
args = buildOfflineRemediationArgs(inputFile,
resultFile,
reportFile,
arfFile);
}
else
{
args = buildEvaluationArgs(inputFile,
tailoringFile,
resultFile,
reportFile,
arfFile,
mScannerMode == SM_SCAN_ONLINE_REMEDIATION);
}
const QString sshCmd = args.join(" ");
emit infoMessage(QObject::tr("Starting the remote process..."));
QProcess process(this);
process.start(SCAP_WORKBENCH_LOCAL_SSH_PATH, baseArgs + QStringList(QString("cd '%1'; " SCAP_WORKBENCH_REMOTE_OSCAP_PATH " %2").arg(workingDir).arg(sshCmd)));
process.waitForStarted();
if (process.state() != QProcess::Running)
{
emit errorMessage(QObject::tr("Failed to start ssh. Perhaps the executable was not found?"));
mCancelRequested = true;
}
const unsigned int pollInterval = 100;
emit infoMessage(QObject::tr("Processing on the remote machine..."));
while (!process.waitForFinished(pollInterval))
{
// read everything new
readStdOut(process);
watchStdErr(process);
// pump the event queue, mainly because the user might want to cancel
QAbstractEventDispatcher::instance(mScanThread)->processEvents(QEventLoop::AllEvents);
if (mCancelRequested)
{
emit infoMessage(QObject::tr("Cancellation was requested! Terminating..."));
// TODO: On Windows we have to kill immediately, terminate() posts WM_CLOSE
// but oscap doesn't have any event loop running.
process.terminate();
break;
}
}
if (mCancelRequested)
{
unsigned int waited = 0;
while (!process.waitForFinished(pollInterval))
{
waited += pollInterval;
if (waited > 10000) // 10 seconds should be enough for the process to terminate
{
emit warningMessage(QObject::tr("The oscap process didn't terminate in time, it will be killed instead."));
// if it didn't terminate, we have to kill it at this point
process.kill();
break;
}
}
}
else
{
// read everything left over
readStdOut(process);
watchStdErr(process);
mResults = readRemoteFile(resultFile, QObject::tr("XCCDF results")).toUtf8();
mReport = readRemoteFile(reportFile, QObject::tr("XCCDF report (HTML)")).toUtf8();
mARF = readRemoteFile(arfFile, QObject::tr("Result DataStream (ARF)")).toUtf8();
}
emit infoMessage(QObject::tr("Cleaning up..."));
// Remove all the temporary remote files
removeRemoteFile(inputFile, QObject::tr("input file"));
if (!tailoringFile.isEmpty())
removeRemoteFile(tailoringFile, QObject::tr("tailoring file"));
removeRemoteFile(resultFile, QObject::tr("XCCDF result file"));
removeRemoteFile(reportFile, QObject::tr("XCCDF report file"));
removeRemoteFile(arfFile, QObject::tr("Result DataStream file"));
removeRemoteDirectory(workingDir, QObject::tr("Temporary Working Directory"));
emit infoMessage(QObject::tr("Processing has been finished!"));
signalCompletion(mCancelRequested);
}
void MaximaSession::login()
{
qDebug()<<"login";
if (m_process)
m_process->deleteLater();
#ifndef Q_OS_WIN
m_process=new KPtyProcess(this);
m_process->setPtyChannels(KPtyProcess::StdinChannel|KPtyProcess::StdoutChannel);
m_process->pty()->setEcho(false);
#else
m_process=new KProcess(this);
m_process->setOutputChannelMode(KProcess::SeparateChannels);
#endif
m_process->setProgram(MaximaSettings::self()->path().toLocalFile());
m_process->start();
connect(m_process, SIGNAL(finished(int, QProcess::ExitStatus)), this, SLOT(restartMaxima()));
#ifndef Q_OS_WIN
connect(m_process->pty(), SIGNAL(readyRead()), this, SLOT(readStdOut()));
#else
connect(m_process, SIGNAL(readyReadStandardOutput()), this, SLOT(readStdOut()));
#endif
connect(m_process, SIGNAL(readyReadStandardError()), this, SLOT(readStdErr()));
connect(m_process, SIGNAL(error(QProcess::ProcessError)), this, SLOT(reportProcessError(QProcess::ProcessError)));
QString initFile=QStandardPaths::locate(QStandardPaths::GenericDataLocation, QLatin1String("cantor/maximabackend/cantor-initmaxima.lisp"));
qDebug()<<"initFile: "<<initFile;
QString cmd=initCmd.arg(initFile);
qDebug()<<"sending cmd: "<<cmd<<endl;
#ifndef Q_OS_WIN
m_process->pty()->write(cmd.toUtf8());
#else
m_process->write(cmd.toUtf8());
#endif
Cantor::Expression* expr=evaluateExpression(QLatin1String("print(____END_OF_INIT____);"),
Cantor::Expression::DeleteOnFinish);
expr->setInternal(true);
//check if we actually landed in the queue and there wasn't some
//error beforehand instead
if(m_expressionQueue.contains(dynamic_cast<MaximaExpression*>(expr)))
{
//move this expression to the front
m_expressionQueue.prepend(m_expressionQueue.takeLast());
}
//reset the typesetting state
setTypesettingEnabled(isTypesettingEnabled());
m_initState=MaximaSession::Initializing;
if(!MaximaSettings::self()->autorunScripts().isEmpty()){
QString autorunScripts = MaximaSettings::self()->autorunScripts().join(QLatin1String("\n"));
evaluateExpression(autorunScripts, MaximaExpression::DeleteOnFinish);
}
runFirstExpression();
}
void OscapScannerLocal::evaluate()
{
if (mDryRun)
{
signalCompletion(mCancelRequested);
return;
}
emit infoMessage(QObject::tr("Querying capabilities..."));
{
SyncProcess proc(this);
proc.setCommand(SCAP_WORKBENCH_LOCAL_OSCAP_PATH);
proc.setArguments(QStringList("--v"));
proc.run();
if (proc.getExitCode() != 0)
{
emit errorMessage(
QObject::tr("Failed to query capabilities of oscap on local machine.\n"
"Diagnostic info:\n%1").arg(proc.getDiagnosticInfo())
);
mCancelRequested = true;
signalCompletion(mCancelRequested);
return;
}
mCapabilities.parse(proc.getStdOutContents());
}
if (!checkPrerequisites())
{
mCancelRequested = true;
signalCompletion(mCancelRequested);
return;
}
// TODO: Error handling!
emit infoMessage(QObject::tr("Creating temporary files..."));
QTemporaryFile resultFile;
resultFile.setAutoRemove(true);
// the following forces Qt to give us the filename
resultFile.open(); resultFile.close();
QTemporaryFile reportFile;
reportFile.setAutoRemove(true);
reportFile.open(); reportFile.close();
QTemporaryFile arfFile;
arfFile.setAutoRemove(true);
arfFile.open(); arfFile.close();
// This is mainly for check-engine-results and oval-results, to ensure
// we get a full report, including info from these files. openscap's XSLT
// uses info in the check engine results if it can find them.
TemporaryDir workingDir;
emit infoMessage(QObject::tr("Starting the oscap process..."));
QProcess process(this);
process.setWorkingDirectory(workingDir.getPath());
QStringList args;
QTemporaryFile inputARFFile;
inputARFFile.setAutoRemove(true);
if (mScannerMode == SM_OFFLINE_REMEDIATION)
{
inputARFFile.open();
inputARFFile.write(getARFForRemediation());
inputARFFile.close();
args = buildOfflineRemediationArgs(inputARFFile.fileName(),
resultFile.fileName(),
reportFile.fileName(),
arfFile.fileName());
}
else
{
args = buildEvaluationArgs(mSession->getOpenedFilePath(),
mSession->hasTailoring() ? mSession->getTailoringFilePath() : QString(),
resultFile.fileName(),
reportFile.fileName(),
arfFile.fileName(),
mScannerMode == SM_SCAN_ONLINE_REMEDIATION);
}
QString program = "";
#ifdef SCAP_WORKBENCH_LOCAL_NICE_FOUND
args.prepend(getPkexecOscapPath());
args.prepend(QString::number(SCAP_WORKBENCH_LOCAL_OSCAP_NICENESS));
args.prepend("-n");
program = SCAP_WORKBENCH_LOCAL_NICE_PATH;
#else
program = getPkexecOscapPath();
#endif
process.start(program, args);
process.waitForStarted();
if (process.state() != QProcess::Running)
{
emit errorMessage(QObject::tr("Failed to start local scanning process '%1'. Perhaps the executable was not found?").arg(program));
mCancelRequested = true;
}
const unsigned int pollInterval = 100;
emit infoMessage(QObject::tr("Processing..."));
while (!process.waitForFinished(pollInterval))
{
// read everything new
readStdOut(process);
watchStdErr(process);
// pump the event queue, mainly because the user might want to cancel
QAbstractEventDispatcher::instance(mScanThread)->processEvents(QEventLoop::AllEvents);
if (mCancelRequested)
{
emit infoMessage(QObject::tr("Cancellation was requested! Terminating scanning..."));
process.kill();
process.waitForFinished(1000);
break;
}
}
if (!mCancelRequested)
{
if (process.exitCode() == 1) // error happened
{
watchStdErr(process);
// TODO: pass the diagnostics over
emit errorMessage(QObject::tr("There was an error during evaluation! Exit code of the 'oscap' process was 1."));
// mark this run as canceled
mCancelRequested = true;
}
else
{
// read everything left over
readStdOut(process);
watchStdErr(process);
emit infoMessage(QObject::tr("The oscap tool has finished. Reading results..."));
resultFile.open();
mResults = resultFile.readAll();
resultFile.close();
reportFile.open();
mReport = reportFile.readAll();
reportFile.close();
arfFile.open();
mARF = arfFile.readAll();
arfFile.close();
emit infoMessage(QObject::tr("Processing has been finished!"));
}
}
signalCompletion(mCancelRequested);
}
