Search in sources :

Example 1 with HostProcess

use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.

the class ActiveScan method hostProgress.

@Override
public void hostProgress(int id, String hostAndPort, String msg, int percentage) {
    // Calculate the percentage based on the average of all of the host processes
    // This is an approximation as different host process make significantly different times 
    int tot = 0;
    for (HostProcess process : this.getHostProcesses()) {
        tot += process.getPercentageComplete();
    }
    this.progress = tot / this.getHostProcesses().size();
}
Also used : HostProcess(org.parosproxy.paros.core.scanner.HostProcess)

Example 2 with HostProcess

use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.

the class ActiveScanAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    ApiResponse result;
    ActiveScan activeScan = null;
    ScanPolicy policy;
    int categoryId;
    switch(name) {
        case VIEW_STATUS:
            activeScan = getActiveScan(params);
            int progress = 0;
            if (activeScan != null) {
                progress = activeScan.getProgress();
            }
            result = new ApiResponseElement(name, String.valueOf(progress));
            break;
        case VIEW_SCANS:
            ApiResponseList resultList = new ApiResponseList(name);
            for (GenericScanner2 scan : controller.getAllScans()) {
                Map<String, String> map = new HashMap<>();
                map.put("id", Integer.toString(scan.getScanId()));
                map.put("progress", Integer.toString(scan.getProgress()));
                map.put("state", ((ActiveScan) scan).getState().name());
                resultList.addItem(new ApiResponseSet<String>("scan", map));
            }
            result = resultList;
            break;
        case VIEW_SCAN_PROGRESS:
            resultList = new ApiResponseList(name);
            activeScan = getActiveScan(params);
            if (activeScan != null) {
                for (HostProcess hp : activeScan.getHostProcesses()) {
                    ApiResponseList hpList = new ApiResponseList("HostProcess");
                    resultList.addItem(new ApiResponseElement("id", XMLStringUtil.escapeControlChrs(hp.getHostAndPort())));
                    for (Plugin plugin : hp.getCompleted()) {
                        long timeTaken = plugin.getTimeFinished().getTime() - plugin.getTimeStarted().getTime();
                        int reqs = hp.getPluginRequestCount(plugin.getId());
                        if (hp.isSkipped(plugin)) {
                            String skippedReason = hp.getSkippedReason(plugin);
                            if (skippedReason == null) {
                                skippedReason = Constant.messages.getString("ascan.progress.label.skipped");
                            } else {
                                skippedReason = Constant.messages.getString("ascan.progress.label.skippedWithReason", skippedReason);
                            }
                            hpList.addItem(createPluginProgressEntry(plugin, skippedReason, timeTaken, reqs));
                        } else {
                            hpList.addItem(createPluginProgressEntry(plugin, "Complete", timeTaken, reqs));
                        }
                    }
                    for (Plugin plugin : hp.getRunning()) {
                        int pc = hp.getTestCurrentCount(plugin) * 100 / hp.getTestTotalCount();
                        // That might happen if more nodes are being scanned that the ones enumerated at the beginning.
                        if (pc >= 100) {
                            pc = 99;
                        }
                        long timeTaken = new Date().getTime() - plugin.getTimeStarted().getTime();
                        int reqs = hp.getPluginRequestCount(plugin.getId());
                        hpList.addItem(createPluginProgressEntry(plugin, pc + "%", timeTaken, reqs));
                    }
                    for (Plugin plugin : hp.getPending()) {
                        if (hp.isSkipped(plugin)) {
                            String skippedReason = hp.getSkippedReason(plugin);
                            if (skippedReason == null) {
                                skippedReason = Constant.messages.getString("ascan.progress.label.skipped");
                            } else {
                                skippedReason = Constant.messages.getString("ascan.progress.label.skippedWithReason", skippedReason);
                            }
                            hpList.addItem(createPluginProgressEntry(plugin, skippedReason, 0, 0));
                        } else {
                            hpList.addItem(createPluginProgressEntry(plugin, "Pending", 0, 0));
                        }
                    }
                    resultList.addItem(hpList);
                }
            }
            result = resultList;
            break;
        case VIEW_MESSAGES_IDS:
            resultList = new ApiResponseList(name);
            activeScan = getActiveScan(params);
            if (activeScan != null) {
                synchronized (activeScan.getMessagesIds()) {
                    for (Integer id : activeScan.getMessagesIds()) {
                        resultList.addItem(new ApiResponseElement("id", id.toString()));
                    }
                }
            }
            result = resultList;
            break;
        case VIEW_ALERTS_IDS:
            resultList = new ApiResponseList(name);
            activeScan = getActiveScan(params);
            if (activeScan != null) {
                synchronized (activeScan.getAlertsIds()) {
                    for (Integer id : activeScan.getAlertsIds()) {
                        resultList.addItem(new ApiResponseElement("id", id.toString()));
                    }
                }
            }
            result = resultList;
            break;
        case VIEW_EXCLUDED_FROM_SCAN:
            result = new ApiResponseList(name);
            Session session = Model.getSingleton().getSession();
            List<String> regexs = session.getExcludeFromScanRegexs();
            for (String regex : regexs) {
                ((ApiResponseList) result).addItem(new ApiResponseElement("regex", regex));
            }
            break;
        case VIEW_SCANNERS:
            policy = getScanPolicyFromParams(params);
            List<Plugin> scanners = policy.getPluginFactory().getAllPlugin();
            categoryId = getParam(params, PARAM_CATEGORY_ID, -1);
            if (categoryId != -1 && !hasPolicyWithId(categoryId)) {
                throw new ApiException(ApiException.Type.DOES_NOT_EXIST, PARAM_CATEGORY_ID);
            }
            resultList = new ApiResponseList(name);
            for (Plugin scanner : scanners) {
                if (categoryId == -1 || categoryId == scanner.getCategory()) {
                    resultList.addItem(new ScannerApiResponse(policy, scanner));
                }
            }
            result = resultList;
            break;
        case VIEW_POLICIES:
            policy = getScanPolicyFromParams(params);
            String[] policies = Category.getAllNames();
            resultList = new ApiResponseList(name);
            for (String pluginName : policies) {
                categoryId = Category.getCategory(pluginName);
                Plugin.AttackStrength attackStrength = getPolicyAttackStrength(policy, categoryId);
                Plugin.AlertThreshold alertThreshold = getPolicyAlertThreshold(policy, categoryId);
                Map<String, String> map = new HashMap<>();
                map.put("id", String.valueOf(categoryId));
                map.put("name", pluginName);
                map.put("attackStrength", attackStrength == null ? "" : String.valueOf(attackStrength));
                map.put("alertThreshold", alertThreshold == null ? "" : String.valueOf(alertThreshold));
                map.put("enabled", String.valueOf(isPolicyEnabled(policy, categoryId)));
                resultList.addItem(new ApiResponseSet<String>("policy", map));
            }
            result = resultList;
            break;
        case VIEW_SCAN_POLICY_NAMES:
            resultList = new ApiResponseList(name);
            for (String policyName : controller.getPolicyManager().getAllPolicyNames()) {
                resultList.addItem(new ApiResponseElement("policy", policyName));
            }
            result = resultList;
            break;
        case VIEW_ATTACK_MODE_QUEUE:
            result = new ApiResponseElement(name, String.valueOf(controller.getAttackModeStackSize()));
            break;
        case VIEW_OPTION_EXCLUDED_PARAM_LIST:
        case VIEW_EXCLUDED_PARAMS:
            resultList = new ApiResponseList(name);
            List<ScannerParamFilter> excludedParams = controller.getScannerParam().getExcludedParamList();
            for (int i = 0; i < excludedParams.size(); i++) {
                resultList.addItem(new ExcludedParamApiResponse(excludedParams.get(i), i));
            }
            result = resultList;
            break;
        case VIEW_EXCLUDED_PARAM_TYPES:
            resultList = new ApiResponseList(name);
            for (Entry<Integer, String> type : ScannerParamFilter.getTypes().entrySet()) {
                Map<String, String> typeData = new HashMap<>();
                typeData.put("id", Integer.toString(type.getKey()));
                typeData.put("name", type.getValue());
                resultList.addItem(new ApiResponseSet<String>("type", typeData));
            }
            result = resultList;
            break;
        default:
            throw new ApiException(ApiException.Type.BAD_VIEW);
    }
    return result;
}
Also used : AlertThreshold(org.parosproxy.paros.core.scanner.Plugin.AlertThreshold) HashMap(java.util.HashMap) ScannerParamFilter(org.parosproxy.paros.core.scanner.ScannerParamFilter) ApiResponse(org.zaproxy.zap.extension.api.ApiResponse) ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement) ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) Date(java.util.Date) HostProcess(org.parosproxy.paros.core.scanner.HostProcess) GenericScanner2(org.zaproxy.zap.model.GenericScanner2) Plugin(org.parosproxy.paros.core.scanner.Plugin) Session(org.parosproxy.paros.model.Session) ApiException(org.zaproxy.zap.extension.api.ApiException)

Example 3 with HostProcess

use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.

the class ScanProgressDialog method updateProgress.

/**
     * Updates the scan progress shown by the dialogue (scanners' progress/state and chart).
     */
private void updateProgress() {
    // Start panel data settings
    HostProcess hp = getSelectedHostProcess();
    if (scan.getHostProcesses() != null && hp != null) {
        // Update the main table entries
        model.updateValues(scan, hp);
        if (scan.isStopped()) {
            this.stopThread = true;
        }
        if (chart != null) {
            ResponseCountSnapshot snapshot = scan.getRequestHistory();
            while (snapshot != null) {
                try {
                    Second second = new Second(snapshot.getDate());
                    this.seriesTotal.add(second, snapshot.getTotal());
                    this.series100.add(second, snapshot.getResp100());
                    this.series200.add(second, snapshot.getResp200());
                    this.series300.add(second, snapshot.getResp300());
                    this.series400.add(second, snapshot.getResp400());
                    this.series500.add(second, snapshot.getResp500());
                    snapshot = scan.getRequestHistory();
                    for (Plugin plugin : scan.getHostProcesses().get(0).getRunning()) {
                        if (!labelsAdded.contains(plugin.getName())) {
                            // Add a vertical line with the plugin name
                            ValueMarker vm = new ValueMarker(plugin.getTimeStarted().getTime());
                            double center = chart.getXYPlot().getRangeAxis().getRange().getCentralValue();
                            if (lastCentre != center) {
                                if (lastCentre != -1) {
                                    // Move the existing labels so they stay in the centre
                                    @SuppressWarnings("rawtypes") List annotations = chart.getXYPlot().getAnnotations();
                                    for (Object o : annotations) {
                                        if (o instanceof XYTextAnnotation) {
                                            XYTextAnnotation annotation = (XYTextAnnotation) o;
                                            annotation.setY(center);
                                        }
                                    }
                                }
                                lastCentre = center;
                            }
                            XYTextAnnotation updateLabel = new XYTextAnnotation(plugin.getName(), plugin.getTimeStarted().getTime(), center);
                            updateLabel.setFont(FontUtils.getFont("Sans Serif"));
                            updateLabel.setRotationAnchor(TextAnchor.BASELINE_CENTER);
                            updateLabel.setTextAnchor(TextAnchor.BASELINE_CENTER);
                            updateLabel.setRotationAngle(-3.14 / 2);
                            updateLabel.setPaint(Color.black);
                            chart.getXYPlot().addDomainMarker(vm, Layer.BACKGROUND);
                            chart.getXYPlot().addAnnotation(updateLabel);
                            labelsAdded.add(plugin.getName());
                        }
                    }
                } catch (Exception e) {
                    log.error(e.getMessage(), e);
                    snapshot = null;
                }
            }
        }
    }
}
Also used : HostProcess(org.parosproxy.paros.core.scanner.HostProcess) XYTextAnnotation(org.jfree.chart.annotations.XYTextAnnotation) Second(org.jfree.data.time.Second) List(java.util.List) ArrayList(java.util.ArrayList) ValueMarker(org.jfree.chart.plot.ValueMarker) HeadlessException(java.awt.HeadlessException) Plugin(org.parosproxy.paros.core.scanner.Plugin)

Example 4 with HostProcess

use of org.parosproxy.paros.core.scanner.HostProcess in project zaproxy by zaproxy.

the class ScanProgressDialog method setActiveScan.

/**
     * Set the scan that will be shown in this dialog.
     * 
     * @param scan the active scan, might be {@code null}.
     */
public void setActiveScan(ActiveScan scan) {
    this.scan = scan;
    if (scan == null) {
        return;
    }
    getHostSelect().removeAll();
    for (HostProcess hp : scan.getHostProcesses()) {
        getHostSelect().addItem(hp.getHostAndPort());
    }
    Thread thread = new Thread() {

        @Override
        public void run() {
            while (!stopThread) {
                SwingUtilities.invokeLater(new Runnable() {

                    @Override
                    public void run() {
                        updateProgress();
                    }
                });
                try {
                    sleep(200);
                } catch (InterruptedException e) {
                // Ignore
                }
            }
        }
    };
    thread.start();
}
Also used : HostProcess(org.parosproxy.paros.core.scanner.HostProcess)

Aggregations

HostProcess (org.parosproxy.paros.core.scanner.HostProcess)4 Plugin (org.parosproxy.paros.core.scanner.Plugin)2 HeadlessException (java.awt.HeadlessException)1 ArrayList (java.util.ArrayList)1 Date (java.util.Date)1 HashMap (java.util.HashMap)1 List (java.util.List)1 XYTextAnnotation (org.jfree.chart.annotations.XYTextAnnotation)1 ValueMarker (org.jfree.chart.plot.ValueMarker)1 Second (org.jfree.data.time.Second)1 AlertThreshold (org.parosproxy.paros.core.scanner.Plugin.AlertThreshold)1 ScannerParamFilter (org.parosproxy.paros.core.scanner.ScannerParamFilter)1 Session (org.parosproxy.paros.model.Session)1 ApiException (org.zaproxy.zap.extension.api.ApiException)1 ApiResponse (org.zaproxy.zap.extension.api.ApiResponse)1 ApiResponseElement (org.zaproxy.zap.extension.api.ApiResponseElement)1 ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)1 GenericScanner2 (org.zaproxy.zap.model.GenericScanner2)1