예제 #1
0
/* [ close_main_window ]
 * Quit or hide, determined by the config files
 */
static gboolean
close_main_window (void)
{
	if (preferences_get_bool (PREFS_MINIMIZE_TO_TRAY) &&
	    preferences_get_bool (PREFS_ENABLE_TRAY_ICON)) {
		gui_toggle_visibility ();
		return TRUE;
	} else {
		exit_fortified ();
		return FALSE;
	}
}
예제 #2
0
static void
apply_hosts_preferences (openvas_hosts_t *hosts, struct arglist *preferences)
{
  char *ordering, *exclude_hosts;

  if (hosts == NULL || preferences == NULL)
    return;

  /* Hosts ordering strategy: sequential, random, reversed... */
  ordering = preferences_get_string (preferences, "hosts_ordering");
  if (ordering)
    {
      if (!strcmp (ordering, "random"))
        {
          openvas_hosts_shuffle (hosts);
          log_write ("hosts_ordering: Random.\n");
        }
      else if (!strcmp (ordering, "reverse"))
        {
          openvas_hosts_reverse (hosts);
          log_write ("hosts_ordering: Reverse.\n");
        }
    }
  else
    log_write ("hosts_ordering: Sequential.\n");

  /* Exclude hosts ? */
  exclude_hosts = preferences_get_string (preferences, "exclude_hosts");
  if (exclude_hosts)
    {
      /* Exclude hosts, resolving hostnames. */
      int ret = openvas_hosts_exclude (hosts, exclude_hosts, 1);

      if (ret >= 0)
        log_write ("exclude_hosts: Skipped %d host(s).\n", ret);
      else
        log_write ("exclude_hosts: Error.\n");
    }

  /* Reverse-lookup unify ? */
  if (preferences_get_bool (preferences, "reverse_lookup_unify") == 1)
    log_write ("reverse_lookup_unify: Skipped %d host(s).\n",
               openvas_hosts_reverse_lookup_unify (hosts));

  /* Hosts that reverse-lookup only ? */
  if (preferences_get_bool (preferences, "reverse_lookup_only") == 1)
    log_write ("reverse_lookup_only: Skipped %d host(s).\n",
               openvas_hosts_reverse_lookup_only (hosts));
}
예제 #3
0
void warlock_send (const char *fmt, ...)
{
        va_list list;
        char *string;
        char *to_send;

        g_assert (fmt != NULL);

        va_start (list, fmt);
        g_vasprintf (&string, fmt, list);
        va_end (list);

        to_send = g_strconcat (string, "\n", NULL);
        g_free (string);

        if (preferences_get_bool (preferences_get_key (PREF_ECHO))) {
                echo (to_send);
        }

	if (connection != NULL) {
		simu_connection_send (connection, to_send);
	}

        g_free (to_send);
}
예제 #4
0
static void highlight_add (guint id)
{
        WarlockHighlight *highlight;
        const char *string;
        gboolean case_sensitive;
        guint i;
        char *name;

        string = preferences_get_string (preferences_get_highlight_key (id,
                                PREF_HIGHLIGHT_STRING));
        case_sensitive = preferences_get_bool (preferences_get_highlight_key
                        (id, PREF_HIGHLIGHT_CASE_SENSITIVE));

        highlight = g_new (WarlockHighlight, 1);
        highlight->id = id;
        highlight->regex = highlight_compile_regex (string, case_sensitive);
        highlight->gconf_connections = NULL;

        highlight_list = g_slist_append (highlight_list, highlight);

        highlight_add_tags (id);

        highlight->gconf_connections = g_slist_append
                (highlight->gconf_connections, GINT_TO_POINTER
                 (preferences_notify_add (preferences_get_highlight_key
                                          (id, PREF_HIGHLIGHT_STRING),
                                          change_string, highlight)));
        highlight->gconf_connections = g_slist_append
                (highlight->gconf_connections, GINT_TO_POINTER
                 (preferences_notify_add (preferences_get_highlight_key
                                          (id, PREF_HIGHLIGHT_CASE_SENSITIVE),
                                          change_string, highlight)));

        for (i = 0; i < HIGHLIGHT_MATCHES; i++) {
                name = mangle_name (id, i);
                highlight->gconf_connections = g_slist_append
                        (highlight->gconf_connections, GINT_TO_POINTER
                         (preferences_notify_add
                          (preferences_get_highlight_match_key
                           (id, i, PREF_HIGHLIGHT_MATCH_TEXT_COLOR),
                           changed_text, name)));

                highlight->gconf_connections = g_slist_append
                        (highlight->gconf_connections, GINT_TO_POINTER
                         (preferences_notify_add
                          (preferences_get_highlight_match_key
                           (id, i, PREF_HIGHLIGHT_MATCH_BASE_COLOR),
                           changed_background, name)));

                highlight->gconf_connections = g_slist_append
                        (highlight->gconf_connections, GINT_TO_POINTER
                         (preferences_notify_add
                          (preferences_get_highlight_match_key
                           (id, i, PREF_HIGHLIGHT_MATCH_FONT),
                           changed_font, name)));
        }
}
예제 #5
0
/* [ gui_construct ]
 * Create the GUI
 */
void
gui_construct (void)
{
	GtkWidget *tablabel;
        GtkWidget *statusview_page;
	GtkWidget *hitview_page;
	GtkWidget *policyview_page;

	gchar hostname[40];

	if (!gethostname (hostname, 39))
		Fortified.window = gnome_app_new (PACKAGE, g_strconcat ("Fortified ", hostname, NULL));
	else
		Fortified.window = gnome_app_new (PACKAGE, "Fortified");

	Fortified.ttips = gtk_tooltips_new ();

/* Set up the main window */
	g_signal_connect (G_OBJECT (Fortified.window), "delete_event",
			  G_CALLBACK (close_main_window), NULL);

	gnome_window_icon_set_default_from_file (
		"/usr/share/pixmaps/fortified.png");

	menus_initialize (Fortified.window);

/* The main application is spread out over a set of notebook pages */
	notebook = gtk_notebook_new ();
	gnome_app_set_contents (GNOME_APP (Fortified.window), notebook);

/* Set up the statusview page */
	statusview_page = create_statusview_page ();
	tablabel = gtk_label_new (_("Status"));
	gtk_notebook_append_page (GTK_NOTEBOOK (notebook), statusview_page, tablabel);

/* Set up the hitview page */
	hitview_page = create_hitview_page ();
	tablabel = gtk_label_new (_("Events"));
	gtk_notebook_append_page (GTK_NOTEBOOK (notebook), hitview_page, tablabel);

/* Set up the the policyview pages */
	policyview_page = create_policyview_page ();
	tablabel = gtk_label_new (_("Policy"));
	gtk_notebook_append_page (GTK_NOTEBOOK (notebook), policyview_page, tablabel);

	g_signal_connect_after (G_OBJECT (notebook), "switch-page",
			        G_CALLBACK (view_switched_cb), NULL);

	/* FIXME: By making the window non-resizable the expanders collapse properly,
	    but it would be nicer if it worked with a resizable window */
	//gtk_window_set_resizable (GTK_WINDOW (Fortified.window), FALSE);

	/* Show the tray icon */
	if (preferences_get_bool (PREFS_ENABLE_TRAY_ICON))
		tray_init ();
}
예제 #6
0
static void change_string (const char *key, gpointer user_data)
{
        gboolean case_sensitive;
        char *string;
        WarlockHighlight *highlight;

        highlight = user_data;

        string = preferences_get_string (preferences_get_highlight_key
                        (highlight->id, PREF_HIGHLIGHT_STRING));
        case_sensitive = preferences_get_bool (preferences_get_highlight_key
                        (highlight->id, PREF_HIGHLIGHT_CASE_SENSITIVE));
        highlight->regex = highlight_compile_regex (string, case_sensitive);
}
예제 #7
0
static void
init_toggle (char *name, Preference pref)
{
    gboolean bval;
    GtkWidget *widget;

    widget = glade_xml_get_widget (warlock_xml, name);

    bval = preferences_get_bool (preferences_get_key (pref));
    gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), bval);

    g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK
                      (on_checkbutton_toggled), GINT_TO_POINTER (pref));
}
예제 #8
0
파일: log.c 프로젝트: WarlockFE/warlock-gtk
// to be called at program start and anytime the value of auto-log changes
static void
log_toggle (void)
{
	char *key;
	gboolean autolog;

	key = preferences_get_key (PREF_AUTO_LOG);
	autolog = preferences_get_bool (key);
	g_free (key);

	if (autolog && log_file == NULL) {
		GError *err;
		char *filename, *name, *path, *path_key;

		path_key = preferences_get_key (PREF_LOG_PATH);
		path = preferences_get_string (path_key);
		g_free (path_key);

		name = warlock_log_get_name ();

		filename = g_build_filename (path, name, NULL);

		g_free (name);
		g_free (path);

		err = NULL;
		log_file = g_io_channel_new_file (filename, "a", &err);
		if (log_file == NULL) {
			echo_f ("Error: \"%s\" for file \"%s\".\n",
					err->message, filename);
		}
	} else if (!autolog && log_file != NULL) {
		g_io_channel_close (log_file);
		g_io_channel_unref (log_file);
		log_file = NULL;
	}
}
예제 #9
0
static WarlockView *
warlock_view_init (const char *name, const char *title,
		const char *menu_name)
{
        WarlockView *warlock_view;

        warlock_view = g_new (WarlockView, 1);
	warlock_view->widget = NULL;
	warlock_view->menuitem = NULL;
	warlock_view->scrolled_window = NULL;
	warlock_view->text_view = NULL;
	warlock_view->name = name;
	warlock_view->title = title;

	views = g_list_append (views, warlock_view);

	if (menu_name != NULL) {
		warlock_view->shown_key = preferences_get_full_key 
			(g_strconcat (name, "-view", NULL));
		warlock_view->shown = preferences_get_bool
			(warlock_view->shown_key);
		warlock_view->menuitem = warlock_get_widget (menu_name);
		gtk_check_menu_item_set_active (GTK_CHECK_MENU_ITEM
				(warlock_view->menuitem), warlock_view->shown);
	} else {
		warlock_view->shown_key = NULL;
		warlock_view->widget = warlock_get_widget ("main_window_frame");
		warlock_view->shown = TRUE;
		main_view = warlock_view;
	}

	if (warlock_view->shown)
		view_show (warlock_view);

        return warlock_view;
}
예제 #10
0
/**
 * @brief Attack a whole network.
 */
void
attack_network (struct arglist *globals)
{
  int max_hosts = 0, max_checks;
  int num_tested = 0;
  char *hostlist;
  openvas_hosts_t *hosts, *hosts_allow, *hosts_deny;
  openvas_hosts_t *sys_hosts_allow, *sys_hosts_deny;
  openvas_host_t *host;
  int global_socket = -1;
  struct arglist *preferences = NULL;
  struct arglist *plugins = NULL;
  plugins_scheduler_t sched;
  int fork_retries = 0;
  GHashTable *files;
  struct timeval then, now;
  char buffer[INET6_ADDRSTRLEN];

  int network_phase = 0;
  gchar *network_targets, *port_range;
  int do_network_scan = 0;
  int scan_stopped;

  gettimeofday (&then, NULL);

  preferences = arg_get_value (globals, "preferences");

  if ((do_network_scan = preferences_get_bool (preferences, "network_scan")) == -1)
    do_network_scan = 0;
  network_targets = arg_get_value (preferences, "network_targets");
  if (network_targets != NULL)
    arg_add_value (globals, "network_targets", ARG_STRING,
                   strlen (network_targets), network_targets);
  if (do_network_scan)
    {
      gchar *network_scan_status = arg_get_value (globals, "network_scan_status");
      if (network_scan_status != NULL)
        if (g_ascii_strcasecmp (network_scan_status, "done") == 0)
          network_phase = 0;
        else
          network_phase = 1;
      else
        {
          arg_add_value (globals, "network_scan_status", ARG_STRING,
                         strlen ("busy"), "busy");
          network_phase = 1;
        }
    }

  num_tested = 0;

  global_socket = GPOINTER_TO_SIZE (arg_get_value (globals, "global_socket"));

  plugins = arg_get_value (globals, "plugins");

  /* Init and check Target List */
  hostlist = arg_get_value (preferences, "TARGET");
  if (hostlist == NULL)
    {
      error_message_to_client (globals, "Missing target hosts", NULL, NULL);
      return;
    }

  /* Verify the port range is a valid one */
  port_range = arg_get_value (preferences, "port_range");
  if (validate_port_range (port_range))
    {
      error_message_to_client (globals, "Invalid port range", NULL, port_range);
      return;
    }

  /* Initialize the attack. */
  sched = plugins_scheduler_init (plugins,
    preferences_get_bool (preferences, "auto_enable_dependencies") == 1 ? 1 : 0,
    network_phase);

  max_hosts = get_max_hosts_number (preferences);
  max_checks = get_max_checks_number (preferences);

  if (network_phase)
    {
      network_targets = arg_get_value (preferences, "network_targets");
      if (network_targets == NULL)
        {
          log_write ("WARNING: In network phase, but without targets! Stopping.\n");
          host = NULL;
        }
      else
        {
          log_write
            ("Start a new scan. Target(s) : %s, in network phase with target %s\n",
             hostlist, network_targets);
        }
    }
  else
    {
      log_write ("Starts a new scan. Target(s) : %s, with max_hosts = %d and"
                 " max_checks = %d\n", hostlist, max_hosts, max_checks);
    }

  hosts = openvas_hosts_new (hostlist);
  /* Apply Hosts preferences. */
  apply_hosts_preferences (hosts, preferences);

  /* Don't start if the provided interface is unauthorized. */
  if (apply_source_iface_preference (globals, preferences) != 0)
    {
      openvas_hosts_free (hosts);
      error_message_to_client (globals, "Interface not authorized for scanning", NULL, NULL);
      return;
    }
  /* hosts_allow/deny lists. */
  hosts_allow = openvas_hosts_new (preferences_get_string
                                    (preferences, "hosts_allow"));
  hosts_deny = openvas_hosts_new (preferences_get_string
                                   (preferences, "hosts_deny"));
  /* sys_* preferences, which can't be overriden by the client. */
  sys_hosts_allow = openvas_hosts_new (preferences_get_string
                                        (preferences, "sys_hosts_allow"));
  sys_hosts_deny = openvas_hosts_new (preferences_get_string
                                       (preferences, "sys_hosts_deny"));
  host = openvas_hosts_next (hosts);
  if (host == NULL)
    goto stop;
  hosts_init (global_socket, max_hosts);
  /*
   * Start the attack !
   */
  while (host)
    {
      int pid;
      char *hostname;
      struct in6_addr host_ip;

      hostname = openvas_host_value_str (host);
      if (openvas_host_get_addr6 (host, &host_ip) == -1)
        {
          log_write ("Couldn't resolve target %s\n", hostname);
          error_message_to_client (globals, "Couldn't resolve hostname.",
                                   hostname, NULL);
          g_free (hostname);
          host = openvas_hosts_next (hosts);
          continue;
        }

      /* Do we have the right to test this host ? */
      if (!host_authorized (host, &host_ip, hosts_allow, hosts_deny))
        {
          error_message_to_client (globals, "Host access denied.",
                                   hostname, NULL);
          log_write ("Host %s access denied.", hostname);
        }
      else if (!host_authorized (host, &host_ip, sys_hosts_allow,
                                 sys_hosts_deny))
        {
          error_message_to_client (globals, "Host access denied"
                                            " (system-wide restriction.)",
                                   hostname, NULL);
          log_write ("Host %s access denied (sys_* preference restriction.)",
                     hostname);
        }
      else
        {
          struct attack_start_args args;
          int s;
          char *MAC = NULL;
          int mac_err = -1;
          gchar *name;

          if (preferences_get_bool (preferences, "use_mac_addr") > 0
              && v6_is_local_ip (&host_ip))
            {
              mac_err = v6_get_mac_addr (&host_ip, &MAC);
              if (mac_err > 0)
                {
                  /* remote host is down */
                  g_free (hostname);
                  host = openvas_hosts_next (hosts);
                  continue;
                }
            }

          s = hosts_new (globals, hostname);
          if (s < 0)
            goto scan_stop;

          args.globals = globals;
          memcpy (&args.hostip, &host_ip, sizeof (struct in6_addr));
          name = openvas_host_value_str (host);
          strncpy (args.fqdn, name, sizeof (args.fqdn));
          g_free (name);
          args.host_mac_addr = MAC;
          args.sched = sched;
          args.thread_socket = s;

        forkagain:
          pid = create_process ((process_func_t) attack_start, &args);
          if (pid < 0)
            {
              fork_retries++;
              if (fork_retries > MAX_FORK_RETRIES)
                {
                  /* Forking failed - we go to the wait queue. */
                  log_write ("fork() failed - %s. %s won't be tested\n",
                             strerror (errno), hostname);
                  efree (&MAC);
                  goto stop;
                }

              log_write
                ("fork() failed - sleeping %d seconds and trying again...\n",
                 fork_retries);
              fork_sleep (fork_retries);
              goto forkagain;
            }

          hosts_set_pid (hostname, pid);
          if (network_phase)
            log_write ("Testing %s (network level) [%d]\n",
                       network_targets, pid);
          else
            log_write ("Testing %s (%s) [%d]\n",
                       hostname, inet_ntop (AF_INET6,
                                            &args.hostip,
                                            buffer,
                                            sizeof (buffer)),
                       pid);
          if (MAC != NULL)
            efree (&MAC);
        }

      num_tested++;

      if (network_phase)
        {
          host = NULL;
          arg_set_value (globals, "network_scan_status", strlen ("done"), "done");
        }
      else
        {
          g_free (hostname);
          host = openvas_hosts_next (hosts);
        }
    }

  /* Every host is being tested... We have to wait for the processes
   * to terminate. */
  while (hosts_read (globals) == 0)
    ;

  log_write ("Test complete");

scan_stop:
  /* Free the memory used by the files uploaded by the user, if any. */
  files = arg_get_value (globals, "files_translation");
  if (files)
    g_hash_table_foreach_remove (files, (GHRFunc) free_uploaded_file, NULL);

stop:
  scan_stopped = GPOINTER_TO_SIZE(arg_get_value (globals, "stop_required"));

  openvas_hosts_free (hosts);
  openvas_hosts_free (hosts_allow);
  openvas_hosts_free (hosts_deny);
  openvas_hosts_free (sys_hosts_allow);
  openvas_hosts_free (sys_hosts_deny);

  plugins_scheduler_free (sched);

  gettimeofday (&now, NULL);
  log_write ("Total time to scan all hosts : %ld seconds\n",
             now.tv_sec - then.tv_sec);

  if (do_network_scan && network_phase && !scan_stopped)
    attack_network (globals);

  return;
}