diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml new file mode 100644 index 00000000..cf614bcf --- /dev/null +++ b/.github/workflows/docker-publish.yml @@ -0,0 +1,75 @@ +name: Docker + +on: + push: + # Publish `develop` as Docker `latest` image. + branches: + - develop + + # Publish `v1.2.3` tags as releases. + tags: + - v* + + # Run tests for any PRs. + pull_request: + +env: + IMAGE_NAME: subgraph_vega_python_interface + +jobs: + # Run tests. + # See also https://docs.docker.com/docker-hub/builds/automated-testing/ + test: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Run tests + run: | + if [ -f docker-compose.test.yml ]; then + docker-compose --file docker-compose.test.yml build + docker-compose --file docker-compose.test.yml run sut + else + docker build . --file Dockerfile + fi + + # Push image to GitHub Packages. + # See also https://docs.docker.com/docker-hub/builds/ + push: + # Ensure test job passes before pushing image. + needs: test + + runs-on: ubuntu-latest + if: github.event_name == 'push' + + steps: + - uses: actions/checkout@v2 + + - name: Build image + run: docker build . --file Dockerfile --tag $IMAGE_NAME + + - name: Log into GitHub Container Registry + run: echo "${{ secrets.CR_PAT }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin + + - name: Push image to GitHub Container Registry + run: | + IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME + + # Change all uppercase to lowercase + IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') + + # Strip git ref prefix from version + VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') + + # Strip "v" prefix from tag name + [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') + + # Use Docker `latest` tag convention + [ "$VERSION" == "develop" ] && VERSION=latest + + echo IMAGE_ID=$IMAGE_ID + echo VERSION=$VERSION + + docker tag $IMAGE_NAME $IMAGE_ID:$VERSION + docker push $IMAGE_ID:$VERSION diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..141d537d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,40 @@ +# first stage, build Vega + +FROM ubuntu:xenial + +WORKDIR /vega + +ADD . /vega + +RUN apt-get update && apt-get install -y \ + libwebkitgtk-1.0 \ + openjdk-8-jre-headless \ + ant \ + python3 \ + python3-pip \ + git \ + xvfb \ + && rm -rf /var/lib/apt/lists/* + +RUN pip3 install py4j + +RUN ant + +# second stage, extract Vega + +FROM ubuntu:xenial + +WORKDIR /vega + +RUN apt-get update && apt-get install -y \ + unzip \ + openjdk-8-jre-headless \ + libwebkitgtk-1.0 \ + xvfb \ + && rm -rf /var/lib/apt/lists/* + +COPY --from=0 /vega/build/stage/I.VegaBuild/VegaBuild-linux.gtk.x86_64.zip . + +RUN unzip VegaBuild-linux.gtk.x86_64.zip -d . + + diff --git a/Installation.md b/Installation.md new file mode 100644 index 00000000..177b8044 --- /dev/null +++ b/Installation.md @@ -0,0 +1,61 @@ +# Installation + +This installation guide has been tested on Ubuntu 16.04.6 LTS. + +## Installing Requirements + +It is necessary to use Python 3. This installation guide has been tested with Python 3.5.2 and pip 8.1.1. + +* Install libwebkit ([necessary for Vega](https://github.com/subgraph/Vega/wiki/Troubleshooting)) + ``` + sudo apt install libwebkitgtk-1.0 + ``` +* Install Java 8 + ``` + sudo apt install openjdk-8-jre-headless + ``` +* Choose the right java version (Java 8) + ``` + sudo update-alternatives --config java + ``` +* Install ant + ``` + sudo apt install ant + ``` +* Install xvfb (necessary to run Vega without GUI) + ``` + sudo apt install xvfb + ``` +* Install py4j + ``` + pip3 install py4j + ``` + +## Building Vega + +* Clone this repository + ``` + git clone https://github.com/anneborcherding/Vega.git + ``` + ``` + cd Vega + ``` +* Build Vega using ant + ``` + ant + ``` +* The resulting zip-file can be found in `build/stage/I.VegaBuild/` +* Copy the zip-file to a location of your choice und unzip it. We will call this folder `path/to/vega`. + +## Running Vega + +* If you wish to run Vega using the GUI, run `./Vega` in `path/to/vega`. +* If you wish to run Vega using the Python API, adapt `example.py` to your needs, copy it to `path/to/vega` and run it + ``` + python3 example.py + ``` + +# Trouble Shooting + +* Make sure that you have installed all the requirements +* Permission denied exception by xvfb-run: Make sure to use the right path for Vega. It needs to point to the executable. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 00000000..4f6331a5 --- /dev/null +++ b/README.md @@ -0,0 +1,58 @@ +# Python Interface for Vega + +This code adds a rudimentary Python interface to Vega using [py4j](https://github.com/bartdag/py4j). With this, it is possible to automatically configure and run scans as well as getting the results of Vega. +An installation guidline for Ubuntu 16.04 is given [here](Installation.md). You may also have a look at the installation instructions for Vega given [here](https://github.com/subgraph/Vega/wiki/Building-Vega). + +An example of how to use the Python interface is presented in the following (and can also be found in [example.py](example.py)). +Values that can be set for Vega can be found in [MyScanExecutor](platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/MyScanExecutor.java) and [AlertExporter](platform/com.subgraph.vega.export/src/com/subgraph/vega/export/AlertExporter.java). + + +``` +import subprocess as sp +import time +import shlex +import shutil +import os + +from py4j.java_gateway import JavaGateway +from py4j.java_collections import ListConverter + + +target = "192.168.0.2" +result_path = "./results" +authentication = "admin:admin" +vega_path = "/path/to/vega/Vega" +#seconds to wait for Vega to start +wait_time = 10 + + +# checking if xvfb exists +if(shutil.which("xvfb-run") == None): + raise MissingDependency('xvfb cannot be found. Please install xvfb to use the python interface of Vega.') + +# run vega +cmd = "xvfb-run -a " + vega_path +#process gets a new group ID so it can be stopped (including all additional created processes) later +vega_process = sp.Popen(shlex.split(cmd), preexec_fn=os.setsid) +print("Started Vega from %s" % str(vega_path)) +time.sleep(wait_time) + +# init vega classes +gateway = JavaGateway() +scanex = gateway.entry_point.getMyScanExecutor() +alertExporter = gateway.entry_point.getAlertExporter() + +# set values +scanex.setTarget(target) +alertExporter.setPath(result_path) + +scanex.runScan() + +alertExporter.exportAlertsOfLastScan() + +try: + os.killpg(os.getpgif(process.pid), signatl.SIGTERM) + process.wait() +except Exception: + pass +``` diff --git a/build.xml b/build.xml index 14f68b2d..0f5a45f2 100644 --- a/build.xml +++ b/build.xml @@ -8,6 +8,13 @@ + + + + lib.dir: dependencies + + Classpath: ${classpathProp} + diff --git a/build/config/build.properties b/build/config/build.properties index 639c821a..c3360336 100644 --- a/build/config/build.properties +++ b/build/config/build.properties @@ -15,12 +15,7 @@ archivePrefix=vega collectingFolder=${archivePrefix} configs= \ - win32, win32, x86 & \ - win32,win32,x86_64 & \ - linux, gtk, x86 & \ - linux, gtk, x86_64 & \ - macosx, cocoa, x86 & \ - macosx, cocoa, x86_64 + linux, gtk, x86_64 # By default PDE creates one archive (result) per entry listed in the configs property. # Setting this value to true will cause PDE to only create one output containing all diff --git a/dependencies/lib/py4j0.10.6.jar b/dependencies/lib/py4j0.10.6.jar new file mode 100644 index 00000000..5a5115e8 Binary files /dev/null and b/dependencies/lib/py4j0.10.6.jar differ diff --git a/example.py b/example.py new file mode 100644 index 00000000..3b440d87 --- /dev/null +++ b/example.py @@ -0,0 +1,47 @@ +import subprocess as sp +import time +import shlex +import shutil +import os + +from py4j.java_gateway import JavaGateway +from py4j.java_collections import ListConverter + + +target = "192.168.0.2" +result_path = "./results" +authentication = "admin:admin" +vega_path = "/path/to/vega/Vega" +#seconds to wait for Vega to start +wait_time = 10 + + +# checking if xvfb exists +if(shutil.which("xvfb-run") == None): + raise MissingDependency('xvfb cannot be found. Please install xvfb to use the python interface of Vega.') + +# run vega +cmd = "xvfb-run -a " + vega_path +#process gets a new group ID so it can be stopped (including all additional created processes) later +vega_process = sp.Popen(shlex.split(cmd), preexec_fn=os.setsid) +print("Started Vega from %s" % str(vega_path)) +time.sleep(wait_time) + +# init vega classes +gateway = JavaGateway() +scanex = gateway.entry_point.getMyScanExecutor() +alertExporter = gateway.entry_point.getAlertExporter() + +# set values +scanex.setTarget(target) +alertExporter.setPath(result_path) + +scanex.runScan() + +alertExporter.exportAlertsOfLastScan() + +try: + os.killpg(os.getpgif(process.pid), signatl.SIGTERM) + process.wait() +except Exception: + pass \ No newline at end of file diff --git a/licenses/jsoup.txt b/licenses/jsoup.txt index f14f4465..4f0b1dcb 100644 --- a/licenses/jsoup.txt +++ b/licenses/jsoup.txt @@ -1,6 +1,7 @@ ============================================================ Notices for file(s): - /Vega/platform/com.subgraph.vega.application/extra-bundles/jsoup-1.7.2-SNAPSHOT.jar + /Vega/platform/com.subgraph.vega.application/extra-bundles/org.jsoup_1.3.3.vega.jar + /Vega/platform/com.subgraph.vega.application/extra-bundles/org.jsoup.source_1.3.3.vega.jar License text from http://jsoup.org/license ------------------------------------------------------------ @@ -15,4 +16,4 @@ Permission is hereby granted, free of charge, to any person obtaining a copy of The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file diff --git a/licenses/py4j.txt b/licenses/py4j.txt new file mode 100644 index 00000000..3e14ba92 --- /dev/null +++ b/licenses/py4j.txt @@ -0,0 +1,33 @@ +============================================================ +Notices for file(s): + /Vega/platform/com.subgraph.vega.application/extra-bundles/py4j0.10.6.jar + +License text from https://github.com/bartdag/py4j/blob/master/LICENSE.txt +------------------------------------------------------------ + +Copyright (c) 2009-2018, Barthelemy Dagenais and individual contributors. All +rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +- Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +- The name of the author may not be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/IScan.java b/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/IScan.java index ac9fc2d4..58a65474 100644 --- a/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/IScan.java +++ b/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/IScan.java @@ -13,6 +13,7 @@ import java.net.URI; import java.util.List; +import com.subgraph.vega.api.model.alerts.IScanInstance; import com.subgraph.vega.api.scanner.modules.IScannerModule; public interface IScan { @@ -48,4 +49,8 @@ public interface IScan { void pauseScan(); void unpauseScan(); boolean isPausedScan(); + + IScanInstance getScanInstance(); + + void useAllModules(); } diff --git a/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/modules/IScannerModuleRegistry.java b/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/modules/IScannerModuleRegistry.java index 1cfbd0f3..6f7e45f2 100644 --- a/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/modules/IScannerModuleRegistry.java +++ b/platform/com.subgraph.vega.api/src/com/subgraph/vega/api/scanner/modules/IScannerModuleRegistry.java @@ -16,9 +16,11 @@ public interface IScannerModuleRegistry { final static int PROXY_SCAN_ID = -1; void runDomTests(); List getResponseProcessingModules(); + List getAllResponseProcessingModules(); List updateResponseProcessingModules(List currentModules); List getBasicModules(); + List getAllBasicModules(); List updateBasicModules(List currentModules); } diff --git a/platform/com.subgraph.vega.application/.classpath b/platform/com.subgraph.vega.application/.classpath index 16d067f2..c99309a9 100644 --- a/platform/com.subgraph.vega.application/.classpath +++ b/platform/com.subgraph.vega.application/.classpath @@ -1,7 +1,12 @@ + + + + + diff --git a/platform/com.subgraph.vega.application/META-INF/MANIFEST.MF b/platform/com.subgraph.vega.application/META-INF/MANIFEST.MF index e74967c4..a95c12ac 100644 --- a/platform/com.subgraph.vega.application/META-INF/MANIFEST.MF +++ b/platform/com.subgraph.vega.application/META-INF/MANIFEST.MF @@ -14,9 +14,12 @@ Import-Package: com.subgraph.vega.api.console, com.subgraph.vega.api.events, com.subgraph.vega.api.http.requests, com.subgraph.vega.api.model, + com.subgraph.vega.api.model.identity, com.subgraph.vega.api.paths, com.subgraph.vega.api.vuge, + com.subgraph.vega.export, com.subgraph.vega.ui.http, + com.subgraph.vega.ui.scanner, com.subgraph.vega.ui.util.images, com.subgraph.vega.ui.util.preferences, org.apache.http;version="4.1.0", @@ -25,3 +28,5 @@ Import-Package: com.subgraph.vega.api.console, org.eclipse.ui.internal.console Export-Package: com.subgraph.vega.ui.util Service-Component: OSGI-INF/path-finder.xml, OSGI-INF/console.xml +Bundle-ClassPath: extra-bundles/py4j0.10.6.jar, + . diff --git a/platform/com.subgraph.vega.application/build.properties b/platform/com.subgraph.vega.application/build.properties index 807acfe7..fb4752cf 100644 --- a/platform/com.subgraph.vega.application/build.properties +++ b/platform/com.subgraph.vega.application/build.properties @@ -5,5 +5,6 @@ bin.includes = plugin.xml,\ icons/,\ splash.bmp,\ plugin_customization.ini,\ - OSGI-INF/ + OSGI-INF/,\ + extra-bundles/py4j0.10.6.jar source.. = src/ diff --git a/platform/com.subgraph.vega.application/build.xml b/platform/com.subgraph.vega.application/build.xml new file mode 100644 index 00000000..f658fcf8 --- /dev/null +++ b/platform/com.subgraph.vega.application/build.xml @@ -0,0 +1,406 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/platform/com.subgraph.vega.application/extra-bundles/py4j0.10.6.jar b/platform/com.subgraph.vega.application/extra-bundles/py4j0.10.6.jar new file mode 100644 index 00000000..5a5115e8 Binary files /dev/null and b/platform/com.subgraph.vega.application/extra-bundles/py4j0.10.6.jar differ diff --git a/platform/com.subgraph.vega.application/javaCompiler...args b/platform/com.subgraph.vega.application/javaCompiler...args new file mode 100644 index 00000000..0dbd22e5 --- /dev/null +++ b/platform/com.subgraph.vega.application/javaCompiler...args @@ -0,0 +1,104 @@ +#ADAPTER#ACCESS#com.subgraph.vega.api/bin/[+com/subgraph/vega/api/console/*:+com/subgraph/vega/api/events/*:+com/subgraph/vega/api/http/requests/*:+com/subgraph/vega/api/model/*:+com/subgraph/vega/api/paths/*:+com/subgraph/vega/api/vuge/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.api/@dot[+com/subgraph/vega/api/console/*:+com/subgraph/vega/api/events/*:+com/subgraph/vega/api/http/requests/*:+com/subgraph/vega/api/model/*:+com/subgraph/vega/api/paths/*:+com/subgraph/vega/api/vuge/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/com.google.guava_21.0.0.v20170206-1425.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/javax.annotation_1.2.0.v201602091430.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.osgi_3.12.50.v20170928-1321.jar[~org/eclipse/core/runtime/adaptor/*:~org/eclipse/core/runtime/internal/adaptor/*:+org/eclipse/equinox/log/*:+org/eclipse/osgi/container/*:+org/eclipse/osgi/container/builders/*:+org/eclipse/osgi/container/namespaces/*:+org/eclipse/osgi/framework/console/*:+org/eclipse/osgi/framework/eventmgr/*:~org/eclipse/osgi/framework/internal/reliablefile/*:+org/eclipse/osgi/framework/log/*:~org/eclipse/osgi/framework/util/*:~org/eclipse/osgi/internal/debug/*:~org/eclipse/osgi/internal/framework/*:~org/eclipse/osgi/internal/hookregistry/*:~org/eclipse/osgi/internal/loader/*:~org/eclipse/osgi/internal/loader/buddy/*:~org/eclipse/osgi/internal/loader/classpath/*:~org/eclipse/osgi/internal/loader/sources/*:~org/eclipse/osgi/internal/location/*:~org/eclipse/osgi/internal/messages/*:~org/eclipse/osgi/internal/provisional/service/security/*:~org/eclipse/osgi/internal/provisional/verifier/*:~org/eclipse/osgi/internal/service/security/*:~org/eclipse/osgi/internal/serviceregistry/*:~org/eclipse/osgi/internal/signedcontent/*:~org/eclipse/osgi/internal/url/*:+org/eclipse/osgi/launch/*:+org/eclipse/osgi/report/resolution/*:+org/eclipse/osgi/service/datalocation/*:+org/eclipse/osgi/service/debug/*:+org/eclipse/osgi/service/environment/*:+org/eclipse/osgi/service/localization/*:+org/eclipse/osgi/service/pluginconversion/*:+org/eclipse/osgi/service/resolver/*:+org/eclipse/osgi/service/runnable/*:+org/eclipse/osgi/service/security/*:+org/eclipse/osgi/service/urlconversion/*:+org/eclipse/osgi/signedcontent/*:~org/eclipse/osgi/storage/*:~org/eclipse/osgi/storage/bundlefile/*:~org/eclipse/osgi/storage/url/reference/*:+org/eclipse/osgi/storagemanager/*:+org/eclipse/osgi/util/*:+org/osgi/dto/*:+org/osgi/framework/*:+org/osgi/framework/dto/*:+org/osgi/framework/hooks/bundle/*:+org/osgi/framework/hooks/resolver/*:+org/osgi/framework/hooks/service/*:+org/osgi/framework/hooks/weaving/*:+org/osgi/framework/launch/*:+org/osgi/framework/namespace/*:+org/osgi/framework/startlevel/*:+org/osgi/framework/startlevel/dto/*:+org/osgi/framework/wiring/*:+org/osgi/framework/wiring/dto/*:+org/osgi/resource/*:+org/osgi/resource/dto/*:+org/osgi/service/condpermadmin/*:+org/osgi/service/log/*:+org/osgi/service/packageadmin/*:+org/osgi/service/permissionadmin/*:+org/osgi/service/resolver/*:+org/osgi/service/startlevel/*:+org/osgi/service/url/*:+org/osgi/util/tracker/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.osgi.compatibility.state_1.1.0.v20170516-1513.jar[~org/eclipse/core/runtime/adaptor/*:~org/eclipse/core/runtime/internal/adaptor/*:+org/eclipse/equinox/log/*:+org/eclipse/osgi/container/*:+org/eclipse/osgi/container/builders/*:+org/eclipse/osgi/container/namespaces/*:+org/eclipse/osgi/framework/console/*:+org/eclipse/osgi/framework/eventmgr/*:~org/eclipse/osgi/framework/internal/reliablefile/*:+org/eclipse/osgi/framework/log/*:~org/eclipse/osgi/framework/util/*:~org/eclipse/osgi/internal/debug/*:~org/eclipse/osgi/internal/framework/*:~org/eclipse/osgi/internal/hookregistry/*:~org/eclipse/osgi/internal/loader/*:~org/eclipse/osgi/internal/loader/buddy/*:~org/eclipse/osgi/internal/loader/classpath/*:~org/eclipse/osgi/internal/loader/sources/*:~org/eclipse/osgi/internal/location/*:~org/eclipse/osgi/internal/messages/*:~org/eclipse/osgi/internal/provisional/service/security/*:~org/eclipse/osgi/internal/provisional/verifier/*:~org/eclipse/osgi/internal/service/security/*:~org/eclipse/osgi/internal/serviceregistry/*:~org/eclipse/osgi/internal/signedcontent/*:~org/eclipse/osgi/internal/url/*:+org/eclipse/osgi/launch/*:+org/eclipse/osgi/report/resolution/*:+org/eclipse/osgi/service/datalocation/*:+org/eclipse/osgi/service/debug/*:+org/eclipse/osgi/service/environment/*:+org/eclipse/osgi/service/localization/*:+org/eclipse/osgi/service/pluginconversion/*:+org/eclipse/osgi/service/resolver/*:+org/eclipse/osgi/service/runnable/*:+org/eclipse/osgi/service/security/*:+org/eclipse/osgi/service/urlconversion/*:+org/eclipse/osgi/signedcontent/*:~org/eclipse/osgi/storage/*:~org/eclipse/osgi/storage/bundlefile/*:~org/eclipse/osgi/storage/url/reference/*:+org/eclipse/osgi/storagemanager/*:+org/eclipse/osgi/util/*:+org/osgi/dto/*:+org/osgi/framework/*:+org/osgi/framework/dto/*:+org/osgi/framework/hooks/bundle/*:+org/osgi/framework/hooks/resolver/*:+org/osgi/framework/hooks/service/*:+org/osgi/framework/hooks/weaving/*:+org/osgi/framework/launch/*:+org/osgi/framework/namespace/*:+org/osgi/framework/startlevel/*:+org/osgi/framework/startlevel/dto/*:+org/osgi/framework/wiring/*:+org/osgi/framework/wiring/dto/*:+org/osgi/resource/*:+org/osgi/resource/dto/*:+org/osgi/service/condpermadmin/*:+org/osgi/service/log/*:+org/osgi/service/packageadmin/*:+org/osgi/service/permissionadmin/*:+org/osgi/service/resolver/*:+org/osgi/service/startlevel/*:+org/osgi/service/url/*:+org/osgi/util/tracker/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.html/bin/[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.html/@dot[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.jsoup_1.7.2.v201411291515.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.httpcomponents.httpcore_4.4.6.v20170210-0925.jar[+org/apache/http/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.httpcomponents.httpclient_4.5.2.v20170210-0925.jar[+org/apache/http/client/methods/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.commons.codec_1.9.0.v20170208-1614.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.commons.logging_1.1.1.v201101211721.jar[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.http/bin/[+com/subgraph/vega/ui/http/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.http/@dot[+com/subgraph/vega/ui/http/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.httpeditor/bin/[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.httpeditor/@dot[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.hexeditor/bin/[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.hexeditor/@dot[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.ui_3.109.0.v20170411-1742.jar[~org/eclipse/ui/internal/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.runtime_3.13.0.v20170207-1030.jar[~org/eclipse/core/internal/preferences/legacy/*:~org/eclipse/core/internal/runtime/*:+org/eclipse/core/runtime/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/javax.inject_1.0.0.v20091030.jar[+javax/inject/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.equinox.common_3.9.0.v20170207-1454.jar[~org/eclipse/core/internal/boot/*:~org/eclipse/core/internal/runtime/*:+org/eclipse/core/runtime/*:+org/eclipse/equinox/events/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.felix.gogo.command_0.10.0.v201209301215.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.osgi.services_3.6.0.v20170228-1906.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.osgi.util_3.4.0.v20170111-1608.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/javax.xml_1.3.4.v201005080400.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/javax.servlet_3.1.0.v201410161800.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.jobs_3.9.2.v20171030-1027.jar[~org/eclipse/core/internal/jobs/*:+org/eclipse/core/runtime/jobs/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.equinox.registry_3.7.0.v20170222-1344.jar[~org/eclipse/core/internal/adapter/*:~org/eclipse/core/internal/registry/*:~org/eclipse/core/internal/registry/osgi/*:~org/eclipse/core/internal/registry/spi/*:+org/eclipse/core/runtime/*:+org/eclipse/core/runtime/dynamichelpers/*:+org/eclipse/core/runtime/spi/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.equinox.preferences_3.7.0.v20170126-2132.jar[~org/eclipse/core/internal/preferences/*:~org/eclipse/core/internal/preferences/exchange/*:+org/eclipse/core/runtime/preferences/*:+org/osgi/service/prefs/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.contenttype_3.6.0.v20170207-1037.jar[~org/eclipse/core/internal/content/*:+org/eclipse/core/runtime/content/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.equinox.app_1.3.400.v20150715-1528.jar[+org/eclipse/equinox/app/*:~org/eclipse/equinox/internal/app/*:+org/osgi/service/application/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.swt_3.106.2.v20171129-0543.jar[+org/eclipse/swt/*:+org/eclipse/swt/accessibility/*:+org/eclipse/swt/awt/*:+org/eclipse/swt/browser/*:+org/eclipse/swt/custom/*:+org/eclipse/swt/dnd/*:+org/eclipse/swt/events/*:+org/eclipse/swt/graphics/*:+org/eclipse/swt/layout/*:+org/eclipse/swt/opengl/*:+org/eclipse/swt/printing/*:+org/eclipse/swt/program/*:+org/eclipse/swt/widgets/*:~org/eclipse/swt/internal/*:~org/eclipse/swt/internal/image/*:~org/eclipse/swt/internal/accessibility/gtk/*:~org/eclipse/swt/internal/cairo/*:~org/eclipse/swt/internal/gtk/*:~org/eclipse/swt/internal/mozilla/*:~org/eclipse/swt/internal/opengl/glx/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.swt.gtk.linux.x86_64_3.106.2.v20171129-0543.jar[+org/eclipse/swt/*:+org/eclipse/swt/accessibility/*:+org/eclipse/swt/awt/*:+org/eclipse/swt/browser/*:+org/eclipse/swt/custom/*:+org/eclipse/swt/dnd/*:+org/eclipse/swt/events/*:+org/eclipse/swt/graphics/*:+org/eclipse/swt/layout/*:+org/eclipse/swt/opengl/*:+org/eclipse/swt/printing/*:+org/eclipse/swt/program/*:+org/eclipse/swt/widgets/*:~org/eclipse/swt/internal/*:~org/eclipse/swt/internal/image/*:~org/eclipse/swt/internal/accessibility/gtk/*:~org/eclipse/swt/internal/cairo/*:~org/eclipse/swt/internal/gtk/*:~org/eclipse/swt/internal/mozilla/*:~org/eclipse/swt/internal/opengl/glx/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.jface_3.13.2.v20171022-1656.jar[+org/eclipse/jface/*:+org/eclipse/jface/action/*:+org/eclipse/jface/action/images/*:+org/eclipse/jface/bindings/*:+org/eclipse/jface/bindings/keys/*:+org/eclipse/jface/bindings/keys/formatting/*:+org/eclipse/jface/commands/*:+org/eclipse/jface/contexts/*:+org/eclipse/jface/dialogs/*:+org/eclipse/jface/dialogs/images/*:+org/eclipse/jface/fieldassist/*:+org/eclipse/jface/fieldassist/images/*:+org/eclipse/jface/images/*:~org/eclipse/jface/internal/*:~org/eclipse/jface/internal/provisional/action/*:+org/eclipse/jface/layout/*:+org/eclipse/jface/menus/*:+org/eclipse/jface/operation/*:+org/eclipse/jface/preference/*:+org/eclipse/jface/preference/images/*:+org/eclipse/jface/resource/*:+org/eclipse/jface/util/*:+org/eclipse/jface/viewers/*:+org/eclipse/jface/viewers/deferred/*:+org/eclipse/jface/window/*:+org/eclipse/jface/wizard/*:+org/eclipse/jface/wizard/images/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.commands_3.9.0.v20170530-1048.jar[+org/eclipse/core/commands/*:+org/eclipse/core/commands/common/*:+org/eclipse/core/commands/contexts/*:+org/eclipse/core/commands/operations/*:+org/eclipse/core/commands/util/*:~org/eclipse/core/internal/commands/operations/*:~org/eclipse/core/internal/commands/util/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.equinox.bidi_1.1.0.v20160728-1031.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.ui.workbench_3.110.1.v20170704-1208.jar[+org/eclipse/ui/*:+org/eclipse/ui/about/*:+org/eclipse/ui/actions/*:+org/eclipse/ui/activities/*:+org/eclipse/ui/application/*:+org/eclipse/ui/branding/*:+org/eclipse/ui/browser/*:+org/eclipse/ui/commands/*:+org/eclipse/ui/contexts/*:+org/eclipse/ui/databinding/*:+org/eclipse/ui/dialogs/*:+org/eclipse/ui/dnd/*:+org/eclipse/ui/fieldassist/*:+org/eclipse/ui/handlers/*:+org/eclipse/ui/help/*:~org/eclipse/ui/internal/*:~org/eclipse/ui/internal/about/*:~org/eclipse/ui/internal/actions/*:~org/eclipse/ui/internal/activities/*:~org/eclipse/ui/internal/activities/ws/*:~org/eclipse/ui/internal/application/*:~org/eclipse/ui/internal/browser/*:~org/eclipse/ui/internal/commands/*:~org/eclipse/ui/internal/contexts/*:~org/eclipse/ui/internal/decorators/*:~org/eclipse/ui/internal/dialogs/*:~org/eclipse/ui/internal/dialogs/cpd/*:~org/eclipse/ui/internal/dnd/*:~org/eclipse/ui/internal/e4/compatibility/*:~org/eclipse/ui/internal/editorsupport/*:~org/eclipse/ui/internal/expressions/*:~org/eclipse/ui/internal/handlers/*:~org/eclipse/ui/internal/help/*:~org/eclipse/ui/internal/intro/*:~org/eclipse/ui/internal/keys/*:~org/eclipse/ui/internal/keys/model/*:~org/eclipse/ui/internal/layout/*:~org/eclipse/ui/internal/menus/*:~org/eclipse/ui/internal/misc/*:~org/eclipse/ui/internal/model/*:~org/eclipse/ui/internal/operations/*:~org/eclipse/ui/internal/part/*:~org/eclipse/ui/internal/preferences/*:~org/eclipse/ui/internal/progress/*:~org/eclipse/ui/internal/provisional/application/*:~org/eclipse/ui/internal/quickaccess/*:~org/eclipse/ui/internal/registry/*:~org/eclipse/ui/internal/services/*:~org/eclipse/ui/internal/splash/*:~org/eclipse/ui/internal/statushandlers/*:~org/eclipse/ui/internal/testing/*:~org/eclipse/ui/internal/themes/*:~org/eclipse/ui/internal/tweaklets/*:~org/eclipse/ui/internal/util/*:~org/eclipse/ui/internal/wizards/*:~org/eclipse/ui/internal/wizards/preferences/*:+org/eclipse/ui/intro/*:+org/eclipse/ui/keys/*:+org/eclipse/ui/menus/*:+org/eclipse/ui/model/*:+org/eclipse/ui/operations/*:+org/eclipse/ui/part/*:+org/eclipse/ui/plugin/*:+org/eclipse/ui/preferences/*:+org/eclipse/ui/progress/*:+org/eclipse/ui/services/*:+org/eclipse/ui/splash/*:+org/eclipse/ui/statushandlers/*:+org/eclipse/ui/swt/*:+org/eclipse/ui/themes/*:+org/eclipse/ui/views/*:+org/eclipse/ui/wizards/*:?**/*] +#ADAPTER#ACCESS#com.ibm.icu_58.2.0.v20170418-1837/icu-data.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/com.ibm.icu_58.2.0.v20170418-1837.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.core.commands_0.12.100.v20170513-0428.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.expressions_3.6.0.v20170207-1037.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.core.contexts_1.6.0.v20170322-1144.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.core.di_1.6.100.v20170421-1418.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.core.di.annotations_1.6.0.v20170119-2002.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.core.services_2.1.0.v20170407-0928.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.workbench_1.5.1.v20170815-1446.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.model.workbench_2.0.1.v20170713-1800.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.emf.ecore_2.13.0.v20170609-0707.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.emf.common_2.13.0.v20170609-0707.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.resources_3.12.0.v20170417-1558.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.ant.core_3.5.0.v20170509-2149.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.variables_3.4.0.v20170113-2056.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.filesystem_1.7.0.v20170406-1337.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.filesystem.linux.x86_64_1.2.200.v20140124-1940.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.emf.xpath_0.2.0.v20160630-0728.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.commons.jxpath_1.3.0.v200911051830.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.services_1.3.0.v20170307-2032.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.di_1.2.100.v20170414-1137.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.core.di.extensions.supplier_0.15.0.v20170407-0928.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.core.di.extensions_0.15.0.v20170228-1728.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.emf.ecore.change_2.11.0.v20170609-0707.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.emf.ecore.xmi_2.13.0.v20170609-0707.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.workbench.renderers.swt_0.14.101.v20170713-1343.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.workbench.swt_0.14.101.v20170710-1119.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.databinding_1.6.100.v20170515-1119.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.databinding.observable_1.6.100.v20170515-1119.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.core.databinding.property_1.6.100.v20170515-1119.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.jface.databinding_1.8.100.v20170503-1507.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.css.core_0.12.101.v20170712-1547.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.w3c.css.sac_1.3.1.v200903091627.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.batik.css_1.8.0.v20170214-1941.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.apache.batik.util_1.8.0.v20170214-1941.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.w3c.dom.svg_1.1.0.v201011041433.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.w3c.dom.smil_1.0.1.v200903091627.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.css.swt_0.13.1.v20170808-1940.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.bindings_0.12.1.v20170823-1632.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.workbench3_0.14.0.v20160630-0740.jar[+org/eclipse/ui/testing/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.css.swt.theme_0.11.0.v20170312-2302.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.swt.gtk_1.0.200.v20170513-0428.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.widgets_1.2.0.v20160630-0736.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.help_3.8.1.v20170815-1448.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.e4.ui.workbench.addons.swt_1.3.1.v20170319-1442.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.jface.text_3.12.1.v20171114-1359.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.text_3.6.100.v20170203-0814.jar[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.tags/bin/[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.tags/@dot[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.util/bin/[+com/subgraph/vega/ui/util/images/*:+com/subgraph/vega/ui/util/preferences/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.util/@dot[+com/subgraph/vega/ui/util/images/*:+com/subgraph/vega/ui/util/preferences/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.export/bin/[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.export/@dot[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.export/bin[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.export/lib/freemarker.jar[?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.scanner/bin/[+com/subgraph/vega/ui/scanner/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.scanner/@dot[+com/subgraph/vega/ui/scanner/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.scanner/bin[+com/subgraph/vega/ui/scanner/*:?**/*] +#ADAPTER#ACCESS#com.subgraph.vega.ui.scanner/lib/freemarker-gae-2.3.20.jar[+com/subgraph/vega/ui/scanner/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.ui.forms_3.7.101.v20170815-1446.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.ui.console_3.7.1.v20170728-0806.jar[+org/eclipse/ui/console/*:~org/eclipse/ui/internal/console/*:?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.ui.workbench.texteditor_3.10.100.v20170426-2021.jar[?**/*] +#ADAPTER#ACCESS#Downloads/eclipse-rcp-oxygen-2-linux-gtk-x86_64/eclipse/plugins/org.eclipse.compare.core_3.6.100.v20170516-0820.jar[?**/*] diff --git a/platform/com.subgraph.vega.application/plugin.xml b/platform/com.subgraph.vega.application/plugin.xml index d535baa2..5c59e807 100644 --- a/platform/com.subgraph.vega.application/plugin.xml +++ b/platform/com.subgraph.vega.application/plugin.xml @@ -193,4 +193,4 @@ - + \ No newline at end of file diff --git a/platform/com.subgraph.vega.application/src/com/subgraph/vega/application/Application.java b/platform/com.subgraph.vega.application/src/com/subgraph/vega/application/Application.java index 7c46946a..517611d7 100644 --- a/platform/com.subgraph.vega.application/src/com/subgraph/vega/application/Application.java +++ b/platform/com.subgraph.vega.application/src/com/subgraph/vega/application/Application.java @@ -34,6 +34,8 @@ import com.subgraph.vega.application.logging.LogFormatter; import com.subgraph.vega.application.logging.LogHandler; +//new imports +import py4j.GatewayServer; /** * This class controls all aspects of the application's execution */ @@ -44,6 +46,14 @@ public class Application implements IApplication { */ public Object start(IApplicationContext context) throws Exception { + + //new code + + GatewayServer gatewayserver = new GatewayServer(new EntryPoint(this)); + gatewayserver.start(); + System.out.println("Gateway server started!!"); + + //end of new code Display display = PlatformUI.createDisplay(); setupLogging(); @@ -113,7 +123,7 @@ private void setupLogging() { rootLogger.addHandler(handler); } - rootLogger.setLevel(Level.WARNING); + rootLogger.setLevel(Level.FINEST); } private boolean setupWorkspace() { diff --git a/platform/com.subgraph.vega.application/src/com/subgraph/vega/application/EntryPoint.java b/platform/com.subgraph.vega.application/src/com/subgraph/vega/application/EntryPoint.java new file mode 100644 index 00000000..9d528ce1 --- /dev/null +++ b/platform/com.subgraph.vega.application/src/com/subgraph/vega/application/EntryPoint.java @@ -0,0 +1,39 @@ +package com.subgraph.vega.application; + +import com.subgraph.vega.ui.scanner.*; +import com.subgraph.vega.export.*; + +public class EntryPoint { + + private MyScanExecutor myScanEx; + private Application myApplication; + private AlertExporter myAlertExporter; + + public EntryPoint() { + myScanEx = new MyScanExecutor(); + myApplication = null; + myAlertExporter = new AlertExporter(); + } + + public EntryPoint(Application application) { + myApplication = application; + myScanEx = new MyScanExecutor(); + myAlertExporter = new AlertExporter(); + } + + public MyScanExecutor getMyScanExecutor(){ + return myScanEx; + } + + public Application getApplication() { + return myApplication; + } + + public AlertExporter getAlertExporter() { + return myAlertExporter; + } + + +} + + diff --git a/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/AlertExporter.java b/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/AlertExporter.java index 5ed5639b..85fc8c33 100644 --- a/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/AlertExporter.java +++ b/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/AlertExporter.java @@ -9,6 +9,9 @@ import java.util.List; import java.util.logging.Level; import java.util.logging.Logger; +import java.util.ArrayList; +import java.util.Date; +import java.lang.Thread; import org.eclipse.core.runtime.IStatus; import org.eclipse.core.runtime.Status; @@ -28,6 +31,12 @@ public class AlertExporter { IScanAlertRepository alertRepository; ReportRenderer renderer; private final Logger logger = Logger.getLogger("alert-exporter"); + private String path = ""; + + public void setPath(String path) + { + this.path = path; + } public AlertExporter(IWorkspace workspace) { @@ -37,20 +46,78 @@ public AlertExporter(IWorkspace workspace) { public AlertExporter() { renderer = new ReportRenderer(createTemplateLoader()); + //alertRepository = Activator.getDefault().getModel().getCurrentWorkspace().getScanAlertRepository(); } public void exportAlertsbyList(List alerts) { writeFile("/tmp/test2.html", renderer.renderList(alerts)); } - public void exportAllAlerts() { - + public void exportAlertsOfLastScan(){ + System.out.println("started exporting..."); + if(alertRepository == null) + { + alertRepository = Activator.getDefault().getModel().getCurrentWorkspace().getScanAlertRepository(); + } + if(path.length() == 0) + { + path = "/tmp/test.html"; + } List scanInstances = alertRepository.getAllScanInstances(); + + IScanInstance newestInstance = null; //scanInstances.get(0); + Date newestInstanceStartTime = null; //newestInstance.getStartTime(); + + int i = 0; + for (IScanInstance s : scanInstances) { + i++; + if(s == null || s.getStartTime() == null) + { + continue; + } + + if(newestInstance == null || + (s.getStartTime().after(newestInstanceStartTime) & + ((s.getScanStatus() == IScanInstance.SCAN_CANCELLED) || (s.getScanStatus() == IScanInstance.SCAN_COMPLETED)))) + { + newestInstance = s; + newestInstanceStartTime = s.getStartTime(); + } + } + + writeFile(path,renderer.renderList(newestInstance.getAllAlerts())); + + } + + public void exportAllAlerts() { + System.out.println("started exporting..."); + if(alertRepository == null) + { + alertRepository = Activator.getDefault().getModel().getCurrentWorkspace().getScanAlertRepository(); + } + if(path.length() == 0) + { + path = "/tmp/test.html"; + } + List scanInstances = alertRepository.getAllScanInstances(); + System.out.println("finished finding all instances."); + int i = 0; + List scanInstanceAlerts = new ArrayList(); + scanInstanceAlerts.addAll(scanInstances.get(0).getAllAlerts()); for (IScanInstance s : scanInstances) { - List scanInstanceAlerts = s.getAllAlerts(); - writeFile("/tmp/test.html",renderer.renderList(scanInstanceAlerts)); + i++; + if(s.getStartTime() == null || !((s.getScanStatus() == IScanInstance.SCAN_CANCELLED) || (s.getScanStatus() == IScanInstance.SCAN_COMPLETED))) + { + continue; + } + System.out.println("save instance nr. " + i); + System.out.println("alerts: " + s.getAllAlerts().size()); + System.out.println("starttime: " + s.getStartTime()); + scanInstanceAlerts.addAll(s.getAllAlerts()); + } + writeFile(path,renderer.renderList(scanInstanceAlerts)); } public void exportbyScanInstance(IScanInstance scanInstance) { diff --git a/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/ReportRenderer.java b/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/ReportRenderer.java index eadbf89f..8bd4755e 100644 --- a/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/ReportRenderer.java +++ b/platform/com.subgraph.vega.export/src/com/subgraph/vega/export/ReportRenderer.java @@ -146,7 +146,7 @@ public String reportSummary(List alerts) { output += "Summary\n"; output += "\n"; output += "\n\n"; - output += "\n\n"; + output += "\n\n"; HashMap severityTotals = new HashMap(); @@ -161,7 +161,7 @@ public String reportSummary(List alerts) { for (Severity s : Severity.values()) { if ((reportSummary.get(s) != null) && (reportSummary.get(s).isEmpty() == false)) { - output += "\n"; + output += "\n"; for (String alertTitle : reportSummary.get(s).keySet()) { output += "\n"; } diff --git a/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/ScannerModuleRepository.java b/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/ScannerModuleRepository.java index 7b6af2f3..c11f67df 100644 --- a/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/ScannerModuleRepository.java +++ b/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/ScannerModuleRepository.java @@ -123,6 +123,16 @@ public List getResponseProcessingModules() { } return modules; } + + @Override + public List getAllResponseProcessingModules() { + final List modules = new ArrayList(); + for(ScriptedModule m: scriptLoader.getReallyAllModules()) { + if(m.getModuleType() == ModuleScriptType.RESPONSE_PROCESSOR) + modules.add(new ResponseProcessorScript(m)); + } + return modules; + } @Override public List getBasicModules() { @@ -133,6 +143,16 @@ public List getBasicModules() { } return modules; } + + @Override + public List getAllBasicModules() { + final List modules = new ArrayList(); + for(ScriptedModule m: scriptLoader.getReallyAllModules()) { + if(m.getModuleType() == ModuleScriptType.BASIC_MODULE) + modules.add(new BasicModuleScript(m)); + } + return modules; + } protected void setPathFinder(IPathFinder pathFinder) { this.pathFinder = pathFinder; diff --git a/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/scripting/ScriptLoader.java b/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/scripting/ScriptLoader.java index fa511330..9c99377e 100644 --- a/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/scripting/ScriptLoader.java +++ b/platform/com.subgraph.vega.scanner.modules/src/com/subgraph/vega/impl/scanner/modules/scripting/ScriptLoader.java @@ -101,11 +101,27 @@ public List getAllModulesByType(ModuleScriptType type) { } return result; } + + public List getReallyAllModulesByType(ModuleScriptType type) { + final List result = new ArrayList(); + synchronized(modulePathMap) { + for(ScriptedModule m: modulePathMap.values()) { + if((type == null || type == m.getModuleType())) { + result.add(m); + } + } + } + return result; + } public List getAllModules() { return getAllModulesByType(null); } + public List getReallyAllModules(){ + return getReallyAllModulesByType(null); + } + public Scriptable getPreludeScope() { return preludeLoader.getPreludeScope(); } diff --git a/platform/com.subgraph.vega.scanner/src/com/subgraph/vega/impl/scanner/Scan.java b/platform/com.subgraph.vega.scanner/src/com/subgraph/vega/impl/scanner/Scan.java index b446ef00..64befde2 100644 --- a/platform/com.subgraph.vega.scanner/src/com/subgraph/vega/impl/scanner/Scan.java +++ b/platform/com.subgraph.vega.scanner/src/com/subgraph/vega/impl/scanner/Scan.java @@ -267,6 +267,15 @@ private void reloadModules() { basicModules = moduleRegistry.updateBasicModules(basicModules); } } + + public void useAllModules() + { + IScannerModuleRegistry moduleRegistry = scanner.getScannerModuleRegistry(); + responseProcessingModules = moduleRegistry.getAllResponseProcessingModules(); + basicModules = moduleRegistry.getAllBasicModules(); + responseProcessingModules = moduleRegistry.updateResponseProcessingModules(responseProcessingModules); + basicModules = moduleRegistry.updateBasicModules(basicModules); + } public Scanner getScanner() { return scanner; diff --git a/platform/com.subgraph.vega.ui.scanner/.classpath b/platform/com.subgraph.vega.ui.scanner/.classpath index 07d16cb7..4f5fdc6e 100644 --- a/platform/com.subgraph.vega.ui.scanner/.classpath +++ b/platform/com.subgraph.vega.ui.scanner/.classpath @@ -4,5 +4,6 @@ + diff --git a/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/MyScanExecutor.java b/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/MyScanExecutor.java new file mode 100644 index 00000000..cb0ef672 --- /dev/null +++ b/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/MyScanExecutor.java @@ -0,0 +1,392 @@ +/******************************************************************************* + * Copyright (c) 2011 Subgraph. + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v1.0 + * which accompanies this distribution, and is available at + * http://www.eclipse.org/legal/epl-v10.html + * + * Contributors: + * Subgraph - initial API and implementation + ******************************************************************************/ +package com.subgraph.vega.ui.scanner; + +import java.net.HttpCookie; +import java.net.URI; +import java.util.ArrayList; +import java.util.Calendar; +import java.util.Collection; +import java.util.Collections; +import java.util.List; + +import org.apache.http.cookie.Cookie; +import org.apache.http.impl.cookie.BasicClientCookie; +import org.eclipse.jface.preference.IPreferenceStore; + +import com.subgraph.vega.api.scanner.IScan; +import com.subgraph.vega.api.model.alerts.IScanInstance; +import com.subgraph.vega.api.model.scope.ITargetScope; +import com.subgraph.vega.api.scanner.IScanner; +import com.subgraph.vega.api.scanner.IScannerConfig; +import com.subgraph.vega.ui.scanner.preferences.IPreferenceConstants; + +/*---new imports---*/ +import com.subgraph.vega.api.util.UriTools; +//import com.subgraph.vega.export.Activator; + +import java.util.Arrays; +import java.util.Set; +import java.util.HashSet; +import com.subgraph.vega.api.model.identity.*; + +public class MyScanExecutor { + + private boolean scanRunning = false; + private String target = "127.0.0.1"; + private String userAgent = "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; Vega/1.0"; + private List cookieList = new ArrayList(); + private List excludedParameters = Arrays.asList("csrfmiddlewaretoken","__viewstateencrypted","__eventvalidation", + "__eventtarget","__viewstate","xsrftoken","csrftoken","anticsrf","__eventargument"); + private String identity = ""; + private boolean logAllRequests = false; + private boolean displayDebugOutput = false; + private int maxRequestsPerSecond = 25; + private int maxScanDescendants = 8192; + private int maxScanChildren = 512; + private int maxScanDepth = 16; + private int maxScanDuplicatePaths = 3; + private int maxResponseLength = 1024; + private boolean useAllModules = false; + + + public boolean isUseAllModules() { + return useAllModules; + } + + public void setUseAllModules(boolean useAllModules) { + this.useAllModules = useAllModules; + } + + public String getTarget() { + return target; + } + + public void setTarget(String target) { + this.target = target; + } + + public String getUserAgent() { + return userAgent; + } + + public void setUserAgent(String userAgent) { + this.userAgent = userAgent; + } + + public List getCookieList() { + return cookieList; + } + + public void setCookieList(List cookieList) { + this.cookieList = cookieList; + } + + public List getExcludedParameters() { + return excludedParameters; + } + + public void setExcludedParameters(List excludedParameters) { + this.excludedParameters = excludedParameters; + } + + public String getIdentity() { + return identity; + } + + public boolean setIdentity(String name, String username, String password) { + + IIdentityModel identityModel = Activator.getDefault().getModel().getCurrentWorkspace().getIdentityModel(); + IIdentity myIdentity = identityModel.createIdentity(); + + myIdentity.setName(name); + IAuthMethodRfc2617 myAuthMethod = Activator.getDefault().getModel().getCurrentWorkspace().getIdentityModel().createAuthMethodRfc2617(); + myAuthMethod.setAuthScheme(IAuthMethodRfc2617.AuthScheme.AUTH_SCHEME_BASIC); + myAuthMethod.setUsername(username); + myAuthMethod.setPassword(password); + myIdentity.setAuthMethod(myAuthMethod); + + IIdentity checkIdentity = identityModel.getIdentityByName(name); + if(checkIdentity == null) + { + //no identity like this exists + identityModel.store(myIdentity); + this.identity = name; + System.out.println("Identity stored."); + } else + { + IAuthMethod checkAuthMethod = checkIdentity.getAuthMethod(); + //assert: we only have basic authentication (only type available for python) + if(checkAuthMethod.getType() == IAuthMethod.AuthMethodType.AUTH_METHOD_RFC2617) + { + IAuthMethodRfc2617 checkAuthMethod_basic = (IAuthMethodRfc2617) checkAuthMethod; + if(checkAuthMethod_basic.getUsername().equals(username) && + checkAuthMethod_basic.getPassword().equals(password)) + { + //exact same identity is already stored and can be used. + System.out.println("Using existing idenity."); + this.identity = name; + }else + { + //identity with same name but different credentials already exists + System.out.println("A differing identity with this name already exists (needs to be unique)!"); + return false; + } + } + } + + return true; + } + + public boolean isLogAllRequests() { + return logAllRequests; + } + + public void setLogAllRequests(boolean logAllRequests) { + this.logAllRequests = logAllRequests; + } + + public boolean isDisplayDebugOutput() { + return displayDebugOutput; + } + + public void setDisplayDebugOutput(boolean displayDebugOutput) { + this.displayDebugOutput = displayDebugOutput; + } + + public int getMaxRequestsPerSecond() { + return maxRequestsPerSecond; + } + + public void setMaxRequestsPerSecond(int maxRequestsPerSecond) { + this.maxRequestsPerSecond = maxRequestsPerSecond; + } + + public int getMaxScanDescendants() { + return maxScanDescendants; + } + + public void setMaxScanDescendants(int maxScanDescendants) { + this.maxScanDescendants = maxScanDescendants; + } + + public int getMaxScanChildren() { + return maxScanChildren; + } + + public void setMaxScanChildren(int maxScanChildren) { + this.maxScanChildren = maxScanChildren; + } + + public int getMaxScanDepth() { + return maxScanDepth; + } + + public void setMaxScanDepth(int maxScanDepth) { + this.maxScanDepth = maxScanDepth; + } + + public int getMaxScanDuplicatePaths() { + return maxScanDuplicatePaths; + } + + public void setMaxScanDuplicatePaths(int maxScanDuplicatePaths) { + this.maxScanDuplicatePaths = maxScanDuplicatePaths; + } + + public int getMaxResponseLength() { + return maxResponseLength; + } + + public void setMaxResponseLength(int maxResponseLength) { + this.maxResponseLength = maxResponseLength; + } + + public String runScan() { + final IScanner scanner = Activator.getDefault().getScanner(); + final IScan scan = scanner.createScan(); + //final Collection identities = Activator.getDefault().getModel().getCurrentWorkspace().getIdentityModel().getAllIdentities(); + String result = null; + if(scanRunning) { + scan.stopScan(); + System.out.println("Error. Tried starting a scan but there was already a scan running."); + } else { + result = maybeLaunchScanFromWizard(scanner, scan); + } + IScanInstance scanInstance = scan.getScanInstance(); + if(scanInstance.getScanStatus() == IScanInstance.SCAN_AUDITING || scanInstance.getScanStatus() == IScanInstance.SCAN_PROBING || + scanInstance.getScanStatus() == IScanInstance.SCAN_STARTING) + { + waitForScanToFinish(scanInstance); + } + + return result; + } + + private void waitForScanToFinish(IScanInstance s) + { + while(s.getScanStatus() == IScanInstance.SCAN_AUDITING || s.getScanStatus() == IScanInstance.SCAN_PROBING || + s.getScanStatus() == IScanInstance.SCAN_STARTING) + { + try{ + Thread.sleep(1000); + }catch(InterruptedException e) + { + break; + } + } + } + + private String maybeLaunchScanFromWizard(IScanner scanner, IScan scan) { + + /*---new code---*/ + + //--------scan target--------------// + + //final ITargetScope scanTargetScope = wizard.getScanTargetScope(); + //if(scanTargetScope == null) { + // return null; + //} + + ITargetScope scanTargetScope; + scanTargetScope = Activator.getDefault().getModel().getCurrentWorkspace().getTargetScopeManager().createNewScope(); + scanTargetScope.clear(); + if(UriTools.isTextValidURI(target)) { + scanTargetScope.addScopeURI(UriTools.getURIFromText(target)); + } + System.out.println("Using target "+ target); + + final IScannerConfig config = scan.getConfig(); + config.setScanTargetScope(scanTargetScope); + config.setUserAgent(userAgent); + System.out.println("Using userAgent "+ userAgent); + + //--------cookies--------// + + //config.setCookieList(getCookieListForScope(wizard.getCookieStringList(), scanTargetScope)); + + config.setCookieList(getCookieListForScope(cookieList, scanTargetScope)); + System.out.println("Using cookieList: "); + for(int i = 0; i < cookieList.size(); i++) + { + System.out.print(cookieList.get(i) + ", "); + } + System.out.print("\n"); + + //-------identity-------// + + //if no fitting identity has been found, the identity in the config will be null. + // This is the same as it has been before. + + // config.setScanIdentity(wizard.getScanIdentity()); + + + final Collection identities = Activator.getDefault().getModel().getCurrentWorkspace().getIdentityModel().getAllIdentities(); + IIdentity myid = null; + for(IIdentity id : identities) + { + if(id.getName().equals(identity)){ + myid = id; + break; + } + } + if(!(myid == null)) + { + System.out.println("Using id "+ myid.getName()); + } + + config.setScanIdentity(myid); + + //-------excluded parameters-------// + + //config.setExcludedParameterNames(wizard.getExcludedParameterNames()); + + Set excludedParametersSet = new HashSet(); + for(int i = 0; i < excludedParameters.size(); i++) + { + excludedParametersSet.add(excludedParameters.get(i)); + } + + config.setExcludedParameterNames(excludedParametersSet); + + + final IPreferenceStore preferences = Activator.getDefault().getPreferenceStore(); + config.setLogAllRequests(logAllRequests); + config.setDisplayDebugOutput(displayDebugOutput); + config.setMaxRequestsPerSecond(maxRequestsPerSecond); + config.setMaxDescendants(maxScanDescendants); + config.setMaxChildren(maxScanChildren); + config.setMaxDepth(maxScanDepth); + config.setMaxDuplicatePaths(maxScanDuplicatePaths); + config.setMaxResponseKilobytes(maxResponseLength); + + if(useAllModules) + { + scan.useAllModules(); + } + + + //end of changes + + final Thread probeThread = new Thread(new ScanProbeTask(scan)); + probeThread.start(); + synchronized (probeThread) { + try{ + probeThread.wait(); + }catch (InterruptedException e) + { + e.printStackTrace(); + } + } + + return target; + } + + private List getCookieListForScope(List cookieStringList, ITargetScope scope) { + final List cookies = new ArrayList(); + for(URI uri: scope.getScopeURIs()) { + cookies.addAll(getCookieList(cookieStringList, uri)); + } + return cookies; + } + + // gross hack + private List getCookieList(List cookieStringList, URI uri) { + if (cookieStringList.size() != 0) { + ArrayList cookieList = new ArrayList(cookieStringList.size()); + for (String cookieString: cookieStringList) { + List parseList = HttpCookie.parse(cookieString); + for (HttpCookie cookie: parseList) { + BasicClientCookie cp = new BasicClientCookie(cookie.getName(), cookie.getValue()); + cp.setComment(cookie.getComment()); + if (cookie.getDomain() != null) { + cp.setDomain(cookie.getDomain()); + } else { + // just set it to the target host for now - may need something slightly less specific + cp.setDomain(uri.getHost()); + } + long maxAge = cookie.getMaxAge(); + if (maxAge > 0) { + Calendar calendar = Calendar.getInstance(); + calendar.add(Calendar.SECOND, (int) maxAge); + cp.setExpiryDate(calendar.getTime()); + } + cp.setPath(cookie.getPath()); + cp.setSecure(cookie.getSecure()); + cp.setVersion(cookie.getVersion()); + cookieList.add(cp); + } + } + return cookieList; + } + return Collections.emptyList(); + } +} diff --git a/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanExecutor.java b/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanExecutor.java index f0190b6b..88c5342c 100644 --- a/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanExecutor.java +++ b/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanExecutor.java @@ -34,6 +34,12 @@ import com.subgraph.vega.ui.scanner.wizards.NewScanWizard; import com.subgraph.vega.ui.scanner.wizards.NewWizardDialog; +/*---new imports---*/ +import com.subgraph.vega.api.util.UriTools; +import java.util.Arrays; +import java.util.Set; +import java.util.HashSet; + public class ScanExecutor { public String runScan(Shell shell, String target) { @@ -53,7 +59,7 @@ public String runScan(Shell shell, String target) { } private String maybeLaunchScanFromWizard(Shell shell, NewScanWizard wizard, IScanner scanner, IScan scan) { - + final ITargetScope scanTargetScope = wizard.getScanTargetScope(); if(scanTargetScope == null) { return null; @@ -62,9 +68,16 @@ private String maybeLaunchScanFromWizard(Shell shell, NewScanWizard wizard, ISca final IScannerConfig config = scan.getConfig(); config.setScanTargetScope(scanTargetScope); config.setUserAgent(IPreferenceConstants.P_USER_AGENT); + + config.setCookieList(getCookieListForScope(wizard.getCookieStringList(), scanTargetScope)); + + config.setScanIdentity(wizard.getScanIdentity()); - config.setExcludedParameterNames(wizard.getExcludedParameterNames()); + + + config.setExcludedParameterNames(wizard.getExcludedParameterNames()); + final IPreferenceStore preferences = Activator.getDefault().getPreferenceStore(); config.setLogAllRequests(preferences.getBoolean(IPreferenceConstants.P_LOG_ALL_REQUESTS)); config.setDisplayDebugOutput(preferences.getBoolean(IPreferenceConstants.P_DISPLAY_DEBUG_OUTPUT)); diff --git a/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanProbeTask.java b/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanProbeTask.java index 279b7c9f..64b95122 100644 --- a/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanProbeTask.java +++ b/platform/com.subgraph.vega.ui.scanner/src/com/subgraph/vega/ui/scanner/ScanProbeTask.java @@ -31,6 +31,11 @@ public class ScanProbeTask implements Runnable { this.shell = shell; this.scan = scan; } + + ScanProbeTask(IScan scan) { + this.shell = null; + this.scan = scan; + } @Override public void run() { @@ -51,26 +56,33 @@ public void run() { private void processTargetURI(final URI uri) { final IScanProbeResult probeResult = scan.probeTargetUri(uri); - shell.getDisplay().syncExec(new Runnable() { + if(!processProbeResult(uri, probeResult)) { + cancelScan = true; + } + /*shell.getDisplay().syncExec(new Runnable() { @Override public void run() { if(!processProbeResult(uri, probeResult)) { cancelScan = true; } } - }); + });*/ } private boolean processProbeResult(URI uri, IScanProbeResult probeResult) { if(probeResult.getProbeResultType() == ProbeResultType.PROBE_CONNECT_FAILED) { - MessageDialog.openError(shell, "Failed to connect to target", probeResult.getFailureMessage()); + //MessageDialog.openError(shell, "Failed to connect to target", probeResult.getFailureMessage()); + System.out.println("Failed to connect to target. " + probeResult.getFailureMessage()); return false; } else if(probeResult.getProbeResultType() == ProbeResultType.PROBE_REDIRECT) { final URI redirectURI = probeResult.getRedirectTarget(); if(!isTrivialRedirect(uri, redirectURI)) { - String message = "Target address "+ uri + " redirects to address "+ redirectURI + "\n\n"+ - "Would you like to add "+ redirectURI +" to the scope?"; - boolean doit = MessageDialog.openQuestion(shell, "Follow Redirect?", message); + //String message = "Target address "+ uri + " redirects to address "+ redirectURI + "\n\n"+ + // "Would you like to add "+ redirectURI +" to the scope?"; + System.out.println("Target address "+ uri + " redirects to address "+ redirectURI + "\n\n"+ + "I added "+ redirectURI +" to the scope."); + //boolean doit = MessageDialog.openQuestion(shell, "Follow Redirect?", message); + boolean doit = true; if(!doit) { return false; } @@ -80,7 +92,8 @@ private boolean processProbeResult(URI uri, IScanProbeResult probeResult) { return true; } else if(probeResult.getProbeResultType() == ProbeResultType.PROBE_REDIRECT_FAILED) { - MessageDialog.openError(shell, "Redirect failure", probeResult.getFailureMessage()); + //MessageDialog.openError(shell, "Redirect failure", probeResult.getFailureMessage()); + System.out.println("Redirect Failure. " + probeResult.getFailureMessage()); return false; } return true; diff --git a/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageOne.java b/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageOne.java index 2fa012fb..d5e40c51 100644 --- a/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageOne.java +++ b/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageOne.java @@ -68,7 +68,8 @@ public void widgetSelected(SelectionEvent e) { htmlButton.addSelectionListener(new SelectionAdapter() { public void widgetSelected(SelectionEvent e) { - choice = htmlButton.getText(); + //choice = htmlButton.getText(); + choice = "HTML"; } }); diff --git a/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageThree.java b/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageThree.java index 9ce383ff..1a87da87 100644 --- a/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageThree.java +++ b/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageThree.java @@ -18,6 +18,8 @@ import org.eclipse.swt.widgets.Shell; import org.eclipse.swt.widgets.Text; +import com.subgraph.vega.export.AlertExporter; + public class ExportWizardPageThree extends WizardPage { protected FileDialog dialog; @@ -52,6 +54,8 @@ public void createControl(Composite parent) { textField.setSize(VISIBLE_PATH_LENGTH, textField.getSize().y); Button button = new Button(container, SWT.NONE); button.setText("Open"); + + final Composite parent1 = parent; GridData buttonGridData = new GridData(); buttonGridData.horizontalSpan = 2; @@ -66,7 +70,7 @@ public void createControl(Composite parent) { @Override public void widgetSelected(SelectionEvent e) { - doFileDialog(parent.getShell()); + doFileDialog(parent1.getShell()); } @Override @@ -89,6 +93,11 @@ public void widgetDefaultSelected(SelectionEvent e) { setPageComplete(false); setControl(container); + /*System.out.println("Started myexporter."); + AlertExporter myexporter = new AlertExporter(); + myexporter.exportAllAlerts(); + System.out.println("Finished myexporter.");*/ + } private void doFileDialog(Shell shell) { diff --git a/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageTwo.java b/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageTwo.java index ce8c59d3..61c520c8 100644 --- a/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageTwo.java +++ b/platform/com.subgraph.vega.ui.util/src/com/subgraph/vega/ui/util/export/ExportWizardPageTwo.java @@ -82,12 +82,12 @@ public void createControl(Composite parent) { @Override public void widgetSelected(SelectionEvent e) { - if (selectAllButton.getSelection() == true) { + //if (selectAllButton.getSelection() == true) { for (TreeItem t: alertsTree.getItems()) { t.setChecked(true); setPageComplete(true); } - } + //} treeContainer.setOrigin (0, 10); @@ -165,9 +165,9 @@ public void treeCollapsed (TreeEvent e) { public void widgetSelected(SelectionEvent e) { TreeItem ti = (TreeItem) e.item; if (ti.getChecked() == false) { - if (selectAllButton.getSelection() == true) { + /*if (selectAllButton.getSelection() == true) { selectAllButton.setSelection(false); - } + }*/ }
FINDINGSTOTAL
FINDINGSTOTAL
"+ this.severityToString(s) + ""+severityTotals.get(s)+"
"+ this.severityToString(s) + ""+severityTotals.get(s)+"
" + alertTitle + "" + reportSummary.get(s).get(alertTitle) + "