owtf.utils package

Submodules

owtf.utils.app module

owtf.utils.app

class owtf.utils.app.Application(*args, **kwargs)[source]

Bases: tornado.web.Application

owtf.utils.commands module

owtf.utils.commands

owtf.utils.commands.get_command(argv)[source]

Format command to remove directory and space-separated arguments.

Params list argv:
 Arguments for the CLI.
Returns:Arguments without directory and space-separated arguments.
Return type:list

owtf.utils.error module

owtf.utils.error

The error handler provides a centralised control for aborting the application and logging errors for debugging later.

owtf.utils.error.abort_framework(message)[source]

Abort the OWTF framework.

Warning:If it happens really early and framework.core.Core has note been instantiated yet, sys.exit() is called with error code -1
Parameters:message (str) – Descriptive message about the abort.
Returns:full message explaining the abort.
Return type:str
owtf.utils.error.user_abort(level, partial_output='')[source]

This function handles the next steps when a user presses Ctrl-C

Parameters:
  • level (str) – The level which was aborted
  • partial_output (str) – Partial output generated by the command or plugin
Returns:

Message to present to the user

Return type:

str

owtf.utils.error.get_option_from_user(options)[source]

Give the user options to select

Parameters:options (str) – Set of available options for the user
Returns:The different options for the user to choose from
Return type:str
class owtf.utils.error.SentryProxy(sentry_client)[source]

Bases: object

Simple proxy for sentry client that logs to stderr even if no sentry client exists.

capture_exception(exc_info=None, **kwargs)[source]
owtf.utils.error.get_sentry_client(sentry_key='')[source]
owtf.utils.error.log_and_exit_handler(signum, frame)[source]
owtf.utils.error.setup_signal_handlers()[source]

Setup the handlers

owtf.utils.file module

owtf.utils.file

class owtf.utils.file.FileOperations[source]

Bases: object

static codecs_open(*args, **kwargs)[source]

Call the original function while checking for errors. If owtf_clean parameter is not explicitely passed or if it is set to True, it force OWTF to properly exit.

static create_missing_dirs(*args, **kwargs)[source]

Call the original function while checking for errors. If owtf_clean parameter is not explicitely passed or if it is set to True, it force OWTF to properly exit.

static dump_file(*args, **kwargs)[source]

Call the original function while checking for errors. If owtf_clean parameter is not explicitely passed or if it is set to True, it force OWTF to properly exit.

static make_dirs(*args, **kwargs)[source]

Call the original function while checking for errors. If owtf_clean parameter is not explicitely passed or if it is set to True, it force OWTF to properly exit.

static mkdir(*args, **kwargs)[source]

Call the original function while checking for errors. If owtf_clean parameter is not explicitely passed or if it is set to True, it force OWTF to properly exit.

static open(*args, **kwargs)[source]

Call the original function while checking for errors. If owtf_clean parameter is not explicitely passed or if it is set to True, it force OWTF to properly exit.

static rm_tree(*args, **kwargs)[source]

Call the original function while checking for errors. If owtf_clean parameter is not explicitely passed or if it is set to True, it force OWTF to properly exit.

owtf.utils.file.catch_io_errors(func)[source]

Decorator on I/O functions. If an error is detected, force OWTF to quit properly.

owtf.utils.file.clean_temp_storage_dirs(owtf_pid)[source]

Rename older temporary directory to avoid any further confusions.

Returns:
Return type:None
owtf.utils.file.cleanup_target_dirs(target_url)[source]

Cleanup the directories for the specific target

Returns:None
Return type:None
owtf.utils.file.create_output_dir_target(target_url)[source]

Creates output directories for the target URL

Parameters:target_url (str) – The target URL
Returns:None
Return type:None
owtf.utils.file.create_temp_storage_dirs(owtf_pid)[source]

Create a temporary directory in /tmp with pid suffix.

Returns:
Return type:None
owtf.utils.file.directory_access(path, mode)[source]

Check if a directory can be accessed in the specified mode by the current user.

Parameters:
  • path (str) – Directory path.
  • mode (str) – Access type.
Returns:

Valid access rights

Return type:

str

owtf.utils.file.get_dir_worker_logs()[source]

Returns the output directory for the worker logs

Returns:Path to output directory for the worker logs
Return type:str
owtf.utils.file.get_file_as_list(filename)[source]

Get file contents as a list

Parameters:filename (str) – File path
Returns:Output list of the content
Return type:list
owtf.utils.file.get_log_path(process_name)[source]

Get the log file path based on the process name :param process_name: Process name :type process_name: str :return: Path to the specific log file :rtype: str

owtf.utils.file.get_logs_dir()[source]

Get log directory by checking if abs or relative path is provided in config file

owtf.utils.file.get_output_dir()[source]

Gets the output directory for the session

Returns:The path to the output directory
Return type:str
owtf.utils.file.get_output_dir_target()[source]

Returns the output directory for the targets

Returns:Path to output directory
Return type:str
owtf.utils.file.get_target_dir(target_url)[source]

Gets the specific directory for a target in the target output directory

Parameters:target_url (str) – Target URL for which directory path is needed
Returns:Path to the target URL specific directory
Return type:str

owtf.utils.formatters module

owtf.utils.formatters

CLI string formatting

class owtf.utils.formatters.ConsoleFormatter(fmt=None, datefmt=None)[source]

Bases: logging.Formatter

Custom formatter to show logging messages differently on Console

debug_fmt = '\x1b[92m[*] {}\x1b[0m'
error_fmt = '\x1b[91m[-] {}\x1b[0m'
format(record)[source]

Choose format according to record level

Parameters:record (str) – Record to format
Returns:Formatted string
Return type:str
info_fmt = '\x1b[94m[+] {}\x1b[0m'
warn_fmt = '\x1b[93m[!] {}\x1b[0m'
class owtf.utils.formatters.FileFormatter(*args, **kwargs)[source]

Bases: logging.Formatter

Custom formatter for log files

owtf.utils.http module

owtf.utils.http

owtf.utils.http.deep_update(source, overrides)[source]

Update a nested dictionary or similar mapping.

Modify source in place.

Return type:collections.Mapping
owtf.utils.http.derive_http_method(method, data)[source]

Derives the HTTP method from Data, etc

Parameters:
  • method (str) – Method to check
  • data (str) – Data to check
Returns:

Method found

Return type:

str

owtf.utils.http.extract_method(wrapped_method)[source]

Gets original method if wrapped_method was decorated

Return type:any([types.FunctionType, types.MethodType])
owtf.utils.http.is_method(method)[source]

owtf.utils.ip module

owtf.utils.ip

owtf.utils.ip.get_ip_from_hostname(hostname)[source]

Get IP from the hostname

Parameters:hostname (str) – Target hostname
Returns:IP address of the target hostname
Return type:str
owtf.utils.ip.get_ips_from_hostname(hostname)[source]

Get IPs from the hostname

Parameters:hostname (str) – Target hostname
Returns:IP addresses of the target hostname as a list
Return type:list
owtf.utils.ip.hostname_is_ip(hostname, ip)[source]

Test if the hostname is an IP.

Parameters:
  • hostname (str) – the hostname of the target.
  • ip (str) – the IP (v4 or v6) of the target.
Returns:

True if the hostname is an IP, False otherwise.

Return type:

bool

owtf.utils.ip.is_internal_ip(ip)[source]

Parses the input IP and checks if it is a private IP

Parameters:ip (str) – IP address
Returns:True if it is a private IP, otherwise False
Return type:bool

owtf.utils.logger module

owtf.utils.logger

class owtf.utils.logger.OWTFLogger[source]

Bases: object

disable_console_logging(**kwargs)[source]

Disables console logging

Note

Must be called from inside the process because we should remove handler for that root logger. Since we add console handler in the last, we can remove the last handler to disable console logging

Parameters:kwargs (dict) – Additional arguments to the logger
Returns:
Return type:None
enable_logging(**kwargs)[source]

Enables both file and console logging

Note

  • process_name <– can be specified in kwargs
  • Must be called from inside the process because we are kind of overriding the root logger
Parameters:kwargs (dict) – Additional arguments to the logger
Returns:
Return type:None

owtf.utils.process module

owtf.utils.process

owtf.utils.process.check_pid(pid)[source]

Check whether pid exists in the current process table. UNIX only.

Parameters:pid (int) – Pid to check
Returns:True if pid exists, else false
Return type:bool

owtf.utils.pycompat module

owtf.utils.pycompat

Helpers for compatibility between Python 2.x and 3.x.

owtf.utils.pycompat.iteritems(d, **kw)[source]
owtf.utils.pycompat.iterkeys(d, **kw)[source]
owtf.utils.pycompat.iterlists(d, **kw)[source]
owtf.utils.pycompat.itervalues(d, **kw)[source]
owtf.utils.pycompat.u(s)[source]

owtf.utils.signals module

owtf.utils.signals

Most of it taken from the Flask code.

owtf.utils.strings module

owtf.utils.strings

owtf.utils.strings.add_to_dict(from_dict, to_dict)[source]

Add the items from dict a with copy attribute to dict b

Parameters:
  • from_dict (dict) – Dict to copy from
  • to_dict (dict) – Dict to copy to
Returns:

None

Return type:

None

owtf.utils.strings.gen_secure_random_str()[source]
owtf.utils.strings.get_as_list(key_list)[source]

Get values for keys in a list

Parameters:key_list (list) – List of keys
Returns:List of corresponding values
Return type:list
owtf.utils.strings.get_header_list(key)[source]

Get list from a string of values for a key

Parameters:key (str) – Key
Returns:List of values
Return type:list
owtf.utils.strings.get_random_str(len)[source]

Function returns random strings of length len

Parameters:len (int) – Length
Returns:Random generated string
Return type:str
owtf.utils.strings.is_convertable(value, conv)[source]

Convert a value

Parameters:
  • value
  • conv
Returns:

Return type:

owtf.utils.strings.list_to_dict_keys(list)[source]

Convert a list to dict with keys from list items

Parameters:list (list) – list to convert
Returns:The newly formed dictionary
Return type:dict
owtf.utils.strings.merge_dicts(a, b)[source]

Returns a by-value copy contained the merged content of the 2 passed dictionaries

Parameters:
  • a (dict) – Dict a
  • b (dict) – Dict b
Returns:

New merge dict

Return type:

dict

owtf.utils.strings.multi_replace(text, replace_dict, simple_text=False)[source]

Recursive multiple replacement function :param text: Text to replace :type text: str :param replace_dict: The parameter dict to be replaced with :type replace_dict: dict :return: The modified text after replacement :rtype: str

owtf.utils.strings.multi_replace_dict(text, replace_dict)[source]

Perform multiple replacements in one go using the replace dictionary in format: { ‘search’ : ‘replace’ }

Parameters:
  • text (str) – Text to replace
  • replace_dict (dict) – The replacement strings in a dict
Returns:

str

Return type:

owtf.utils.strings.pad_key(key)[source]

Add delimiters.

Parameters:key (str) – Key to pad
Returns:Padded key string
Return type:str
owtf.utils.strings.paths_exist(path_list)[source]

Check if paths in the list exist

Parameters:path_list (list) – The list of paths to check
Returns:True if valid paths, else False
Return type:bool
owtf.utils.strings.remove_blanks_list(src)[source]

Removes empty elements from the list

Parameters:src (list) – List
Returns:New list without blanks
Return type:list
owtf.utils.strings.scrub_output(output)[source]

Remove all ANSI control sequences from the output

Parameters:output (str) – Output to scrub
Returns:Scrubbed output
Return type:str
owtf.utils.strings.str2bool(string)[source]

Converts a string to a boolean

Parameters:string (str) – String to convert
Returns:Boolean equivalent
Return type:bool
owtf.utils.strings.str_to_dict(string)[source]

Convert a string to a dict

Parameters:string (str) – String to convert
Returns:Resultant dict
Return type:dict
owtf.utils.strings.strip_key(key)[source]

Replaces key with empty space

Parameters:key (str) – Key to clear
Returns:Empty key
Return type:str
owtf.utils.strings.to_str(byte)[source]
owtf.utils.strings.truncate_lines(str, num_lines, eol='\n')[source]

Truncate and remove EOL characters

Parameters:
  • str (str) – String to truncate
  • num_lines (int) – Number of lines to process
  • EOL (char) – EOL char
Returns:

Joined string after truncation

Return type:

str

owtf.utils.strings.utf8(string)[source]
owtf.utils.strings.wipe_bad_chars(filename)[source]

The function wipes bad characters from name of output file

Parameters:filename (str) – The file name to scrub
Returns:New replaced file filename
Return type:str

owtf.utils.timer module

owtf.utils.timer

The time module allows the rest of the framework to time how long it takes for certain actions to execute and present this information in both seconds and human-readable form.

class owtf.utils.timer.Timer(datetime_format='%d/%m/%Y-%H:%M')[source]

Bases: object

end_timer(offset='0')[source]

Sets the end of the timer

Parameters:offset (str) – Timer index
Returns:
Return type:None
static get_current_date_time()[source]

Current timestamp

Returns:The current time as a timestamp
Return type:datetime
get_current_date_time_as_str()[source]

Returns a datetime object as a string in a particular format

Returns:Datetime object in string form
Return type:str
get_elapsed_time(offset='0')[source]

Gets the time elapsed between now and start of the timer in Unix epoch

Parameters:offset (str) – Timer index
Returns:Time difference
Return type:datetime
get_elapsed_time_as_str(offset='0')[source]

Returns the time elapsed a nice readable string

Parameters:offset (str) – Timer index
Returns:Time elapsed as a string
Return type:str
get_end_date_time(offset='0')[source]

Get the end time for the timer

Parameters:offset (str) – Timer index
Returns:End time for the timer as a timestamp
Return type:datetime
get_end_date_time_as_str(offset='0')[source]

Get the end time for the timer as a string

Parameters:offset (str) – Timer index
Returns:End time for the timer as a string
Return type:str
get_start_date_time(offset='0')[source]

Get the start time for the timer

Parameters:offset (str) – Timer index
Returns:Start time for the timer as a timestamp
Return type:datetime
get_start_date_time_as_str(offset='0')[source]

Get the start time for the timer as a string

Parameters:offset (str) – Timer index
Returns:Start time for the timer as a string
Return type:str
get_time_as_str(timedelta)[source]

Get the time difference as a human readable string

Parameters:timedelta (datetime.timedelta) – Time difference
Returns:Human readable form for the timedelta
Return type:str
get_time_human(seconds_str)[source]

Generates the human readable string for the timestamp

Parameters:seconds_str (str) – Unix style timestamp
Returns:Timestamp in a human readable string
Return type:str
start_timer(offset='0')[source]

Adds a start time to the timer

Parameters:offset (str) – Timer index
Returns:The start time for the timer
Return type:datetime
timers = {}

Module contents