Example 1 with HostProcess
use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.
the class ActiveScan method hostProgress.
@Override
public void hostProgress(int id, String hostAndPort, String msg, int percentage) {
// Calculate the percentage based on the average of all of the host processes
// This is an approximation as different host process make significantly different times
int tot = 0;
for (HostProcess process : this.getHostProcesses()) {
tot += process.getPercentageComplete();
}
this.progress = tot / this.getHostProcesses().size();
}
Also used :
HostProcess(org.parosproxy.paros.core.scanner.HostProcess)
Example 2 with HostProcess
use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.
the class ActiveScanAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
ApiResponse result;
ActiveScan activeScan = null;
ScanPolicy policy;
int categoryId;
switch(name) {
case VIEW_STATUS:
activeScan = getActiveScan(params);
int progress = 0;
if (activeScan != null) {
progress = activeScan.getProgress();
}
result = new ApiResponseElement(name, String.valueOf(progress));
break;
case VIEW_SCANS:
ApiResponseList resultList = new ApiResponseList(name);
for (GenericScanner2 scan : controller.getAllScans()) {
Map<String, String> map = new HashMap<>();
map.put("id", Integer.toString(scan.getScanId()));
map.put("progress", Integer.toString(scan.getProgress()));
map.put("state", ((ActiveScan) scan).getState().name());
resultList.addItem(new ApiResponseSet<String>("scan", map));
}
result = resultList;
break;
case VIEW_SCAN_PROGRESS:
resultList = new ApiResponseList(name);
activeScan = getActiveScan(params);
if (activeScan != null) {
for (HostProcess hp : activeScan.getHostProcesses()) {
ApiResponseList hpList = new ApiResponseList("HostProcess");
resultList.addItem(new ApiResponseElement("id", XMLStringUtil.escapeControlChrs(hp.getHostAndPort())));
for (Plugin plugin : hp.getCompleted()) {
long timeTaken = plugin.getTimeFinished().getTime() - plugin.getTimeStarted().getTime();
int reqs = hp.getPluginRequestCount(plugin.getId());
if (hp.isSkipped(plugin)) {
String skippedReason = hp.getSkippedReason(plugin);
if (skippedReason == null) {
skippedReason = Constant.messages.getString("ascan.progress.label.skipped");
} else {
skippedReason = Constant.messages.getString("ascan.progress.label.skippedWithReason", skippedReason);
}
hpList.addItem(createPluginProgressEntry(plugin, skippedReason, timeTaken, reqs));
} else {
hpList.addItem(createPluginProgressEntry(plugin, "Complete", timeTaken, reqs));
}
}
for (Plugin plugin : hp.getRunning()) {
int pc = hp.getTestCurrentCount(plugin) * 100 / hp.getTestTotalCount();
// That might happen if more nodes are being scanned that the ones enumerated at the beginning.
if (pc >= 100) {
pc = 99;
}
long timeTaken = new Date().getTime() - plugin.getTimeStarted().getTime();
int reqs = hp.getPluginRequestCount(plugin.getId());
hpList.addItem(createPluginProgressEntry(plugin, pc + "%", timeTaken, reqs));
}
for (Plugin plugin : hp.getPending()) {
if (hp.isSkipped(plugin)) {
String skippedReason = hp.getSkippedReason(plugin);
if (skippedReason == null) {
skippedReason = Constant.messages.getString("ascan.progress.label.skipped");
} else {
skippedReason = Constant.messages.getString("ascan.progress.label.skippedWithReason", skippedReason);
}
hpList.addItem(createPluginProgressEntry(plugin, skippedReason, 0, 0));
} else {
hpList.addItem(createPluginProgressEntry(plugin, "Pending", 0, 0));
}
}
resultList.addItem(hpList);
}
}
result = resultList;
break;
case VIEW_MESSAGES_IDS:
resultList = new ApiResponseList(name);
activeScan = getActiveScan(params);
if (activeScan != null) {
synchronized (activeScan.getMessagesIds()) {
for (Integer id : activeScan.getMessagesIds()) {
resultList.addItem(new ApiResponseElement("id", id.toString()));
}
}
}
result = resultList;
break;
case VIEW_ALERTS_IDS:
resultList = new ApiResponseList(name);
activeScan = getActiveScan(params);
if (activeScan != null) {
synchronized (activeScan.getAlertsIds()) {
for (Integer id : activeScan.getAlertsIds()) {
resultList.addItem(new ApiResponseElement("id", id.toString()));
}
}
}
result = resultList;
break;
case VIEW_EXCLUDED_FROM_SCAN:
result = new ApiResponseList(name);
Session session = Model.getSingleton().getSession();
List<String> regexs = session.getExcludeFromScanRegexs();
for (String regex : regexs) {
((ApiResponseList) result).addItem(new ApiResponseElement("regex", regex));
}
break;
case VIEW_SCANNERS:
policy = getScanPolicyFromParams(params);
List<Plugin> scanners = policy.getPluginFactory().getAllPlugin();
categoryId = getParam(params, PARAM_CATEGORY_ID, -1);
if (categoryId != -1 && !hasPolicyWithId(categoryId)) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, PARAM_CATEGORY_ID);
}
resultList = new ApiResponseList(name);
for (Plugin scanner : scanners) {
if (categoryId == -1 || categoryId == scanner.getCategory()) {
resultList.addItem(new ScannerApiResponse(policy, scanner));
}
}
result = resultList;
break;
case VIEW_POLICIES:
policy = getScanPolicyFromParams(params);
String[] policies = Category.getAllNames();
resultList = new ApiResponseList(name);
for (String pluginName : policies) {
categoryId = Category.getCategory(pluginName);
Plugin.AttackStrength attackStrength = getPolicyAttackStrength(policy, categoryId);
Plugin.AlertThreshold alertThreshold = getPolicyAlertThreshold(policy, categoryId);
Map<String, String> map = new HashMap<>();
map.put("id", String.valueOf(categoryId));
map.put("name", pluginName);
map.put("attackStrength", attackStrength == null ? "" : String.valueOf(attackStrength));
map.put("alertThreshold", alertThreshold == null ? "" : String.valueOf(alertThreshold));
map.put("enabled", String.valueOf(isPolicyEnabled(policy, categoryId)));
resultList.addItem(new ApiResponseSet<String>("policy", map));
}
result = resultList;
break;
case VIEW_SCAN_POLICY_NAMES:
resultList = new ApiResponseList(name);
for (String policyName : controller.getPolicyManager().getAllPolicyNames()) {
resultList.addItem(new ApiResponseElement("policy", policyName));
}
result = resultList;
break;
case VIEW_ATTACK_MODE_QUEUE:
result = new ApiResponseElement(name, String.valueOf(controller.getAttackModeStackSize()));
break;
case VIEW_OPTION_EXCLUDED_PARAM_LIST:
case VIEW_EXCLUDED_PARAMS:
resultList = new ApiResponseList(name);
List<ScannerParamFilter> excludedParams = controller.getScannerParam().getExcludedParamList();
for (int i = 0; i < excludedParams.size(); i++) {
resultList.addItem(new ExcludedParamApiResponse(excludedParams.get(i), i));
}
result = resultList;
break;
case VIEW_EXCLUDED_PARAM_TYPES:
resultList = new ApiResponseList(name);
for (Entry<Integer, String> type : ScannerParamFilter.getTypes().entrySet()) {
Map<String, String> typeData = new HashMap<>();
typeData.put("id", Integer.toString(type.getKey()));
typeData.put("name", type.getValue());
resultList.addItem(new ApiResponseSet<String>("type", typeData));
}
result = resultList;
break;
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
return result;
}
Also used :
AlertThreshold(org.parosproxy.paros.core.scanner.Plugin.AlertThreshold)
HashMap(java.util.HashMap)
ScannerParamFilter(org.parosproxy.paros.core.scanner.ScannerParamFilter)
ApiResponse(org.zaproxy.zap.extension.api.ApiResponse)
ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement)
ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList)
Date(java.util.Date)
HostProcess(org.parosproxy.paros.core.scanner.HostProcess)
GenericScanner2(org.zaproxy.zap.model.GenericScanner2)
Plugin(org.parosproxy.paros.core.scanner.Plugin)
Session(org.parosproxy.paros.model.Session)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Example 3 with HostProcess
use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.
the class ScanProgressDialog method updateProgress.
/**
* Updates the scan progress shown by the dialogue (scanners' progress/state and chart).
*/
private void updateProgress() {
// Start panel data settings
HostProcess hp = getSelectedHostProcess();
if (scan.getHostProcesses() != null && hp != null) {
// Update the main table entries
model.updateValues(scan, hp);
if (scan.isStopped()) {
this.stopThread = true;
}
if (chart != null) {
ResponseCountSnapshot snapshot = scan.getRequestHistory();
while (snapshot != null) {
try {
Second second = new Second(snapshot.getDate());
this.seriesTotal.add(second, snapshot.getTotal());
this.series100.add(second, snapshot.getResp100());
this.series200.add(second, snapshot.getResp200());
this.series300.add(second, snapshot.getResp300());
this.series400.add(second, snapshot.getResp400());
this.series500.add(second, snapshot.getResp500());
snapshot = scan.getRequestHistory();
for (Plugin plugin : scan.getHostProcesses().get(0).getRunning()) {
if (!labelsAdded.contains(plugin.getName())) {
// Add a vertical line with the plugin name
ValueMarker vm = new ValueMarker(plugin.getTimeStarted().getTime());
double center = chart.getXYPlot().getRangeAxis().getRange().getCentralValue();
if (lastCentre != center) {
if (lastCentre != -1) {
// Move the existing labels so they stay in the centre
@SuppressWarnings("rawtypes") List annotations = chart.getXYPlot().getAnnotations();
for (Object o : annotations) {
if (o instanceof XYTextAnnotation) {
XYTextAnnotation annotation = (XYTextAnnotation) o;
annotation.setY(center);
}
}
}
lastCentre = center;
}
XYTextAnnotation updateLabel = new XYTextAnnotation(plugin.getName(), plugin.getTimeStarted().getTime(), center);
updateLabel.setFont(FontUtils.getFont("Sans Serif"));
updateLabel.setRotationAnchor(TextAnchor.BASELINE_CENTER);
updateLabel.setTextAnchor(TextAnchor.BASELINE_CENTER);
updateLabel.setRotationAngle(-3.14 / 2);
updateLabel.setPaint(Color.black);
chart.getXYPlot().addDomainMarker(vm, Layer.BACKGROUND);
chart.getXYPlot().addAnnotation(updateLabel);
labelsAdded.add(plugin.getName());
}
}
} catch (Exception e) {
log.error(e.getMessage(), e);
snapshot = null;
}
}
}
}
}
Also used :
HostProcess(org.parosproxy.paros.core.scanner.HostProcess)
XYTextAnnotation(org.jfree.chart.annotations.XYTextAnnotation)
Second(org.jfree.data.time.Second)
List(java.util.List)
ArrayList(java.util.ArrayList)
ValueMarker(org.jfree.chart.plot.ValueMarker)
HeadlessException(java.awt.HeadlessException)
Plugin(org.parosproxy.paros.core.scanner.Plugin)
Example 4 with HostProcess
use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.
the class ScanProgressDialog method setActiveScan.
/**
* Set the scan that will be shown in this dialog.
*
* @param scan the active scan, might be {@code null}.
*/
public void setActiveScan(ActiveScan scan) {
this.scan = scan;
if (scan == null) {
return;
}
getHostSelect().removeAll();
for (HostProcess hp : scan.getHostProcesses()) {
getHostSelect().addItem(hp.getHostAndPort());
}
Thread thread = new Thread() {
@Override
public void run() {
while (!stopThread) {
SwingUtilities.invokeLater(new Runnable() {
@Override
public void run() {
updateProgress();
}
});
try {
sleep(200);
} catch (InterruptedException e) {
// Ignore
}
}
}
};
thread.start();
}
Also used :
HostProcess(org.parosproxy.paros.core.scanner.HostProcess)
Aggregations
HostProcess (org.parosproxy.paros.core.scanner.HostProcess)4
Plugin (org.parosproxy.paros.core.scanner.Plugin)2
HeadlessException (java.awt.HeadlessException)1
ArrayList (java.util.ArrayList)1
Date (java.util.Date)1
HashMap (java.util.HashMap)1
List (java.util.List)1
XYTextAnnotation (org.jfree.chart.annotations.XYTextAnnotation)1
ValueMarker (org.jfree.chart.plot.ValueMarker)1
Second (org.jfree.data.time.Second)1
AlertThreshold (org.parosproxy.paros.core.scanner.Plugin.AlertThreshold)1
ScannerParamFilter (org.parosproxy.paros.core.scanner.ScannerParamFilter)1
Session (org.parosproxy.paros.model.Session)1
ApiException (org.zaproxy.zap.extension.api.ApiException)1
ApiResponse (org.zaproxy.zap.extension.api.ApiResponse)1
ApiResponseElement (org.zaproxy.zap.extension.api.ApiResponseElement)1
ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)1
GenericScanner2 (org.zaproxy.zap.model.GenericScanner2)1
