Search in sources :

Example 6 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class ExtensionActiveScan method startScan.

@Override
public int startScan(String name, Target target, User user, Object[] contextSpecificObjects) {
    if (name == null) {
        name = target.getDisplayName();
    }
    switch(Control.getSingleton().getMode()) {
        case safe:
            throw new InvalidParameterException("Scans are not allowed in Safe mode");
        case protect:
            List<StructuralNode> nodes = target.getStartNodes();
            if (nodes != null) {
                for (StructuralNode node : nodes) {
                    if (node instanceof StructuralSiteNode) {
                        SiteNode siteNode = ((StructuralSiteNode) node).getSiteNode();
                        if (!siteNode.isIncludedInScope()) {
                            throw new InvalidParameterException("Scans are not allowed on nodes not in scope Protected mode " + target.getStartNode().getHierarchicNodeName());
                        }
                    }
                }
            }
            // No problem
            break;
        case standard:
            // No problem
            break;
        case attack:
            // No problem
            break;
    }
    int id = this.ascanController.startScan(name, target, user, contextSpecificObjects);
    if (View.isInitialised()) {
        ActiveScan scanner = this.ascanController.getScan(id);
        // So the UI get updated
        scanner.addScannerListener(getActiveScanPanel());
        this.getActiveScanPanel().scannerStarted(scanner);
        this.getActiveScanPanel().switchView(scanner);
        this.getActiveScanPanel().setTabFocus();
    }
    return id;
}
Also used : StructuralSiteNode(org.zaproxy.zap.model.StructuralSiteNode) InvalidParameterException(java.security.InvalidParameterException) StructuralNode(org.zaproxy.zap.model.StructuralNode) SiteNode(org.parosproxy.paros.model.SiteNode) StructuralSiteNode(org.zaproxy.zap.model.StructuralSiteNode)

Example 7 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class ExtensionActiveScan method startScanAllInScope.

public void startScanAllInScope() {
    SiteNode snroot = (SiteNode) Model.getSingleton().getSession().getSiteTree().getRoot();
    this.startScan(new Target(snroot, null, true, true));
}
Also used : Target(org.zaproxy.zap.model.Target) SiteNode(org.parosproxy.paros.model.SiteNode) StructuralSiteNode(org.zaproxy.zap.model.StructuralSiteNode)

Example 8 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class FormBasedAuthenticationMethodType method getPopupFlagLoginRequestMenuFactory.

/**
	 * Gets the popup menu factory for flagging login requests.
	 * 
	 * @return the popup flag login request menu factory
	 */
private PopupMenuItemSiteNodeContextMenuFactory getPopupFlagLoginRequestMenuFactory() {
    PopupMenuItemSiteNodeContextMenuFactory popupFlagLoginRequestMenuFactory = new PopupMenuItemSiteNodeContextMenuFactory(Constant.messages.getString("context.flag.popup")) {

        private static final long serialVersionUID = 8927418764L;

        @Override
        public PopupMenuItemContext getContextMenu(Context context, String parentMenu) {
            return new PopupMenuItemContext(context, parentMenu, MessageFormat.format(Constant.messages.getString("authentication.method.fb.popup.login.request"), context.getName())) {

                private static final long serialVersionUID = 1967885623005183801L;

                private ExtensionUserManagement usersExtension;

                private Context uiSharedContext;

                /**
					 * Make sure the user acknowledges the Users corresponding to this context will
					 * be deleted.
					 * 
					 * @return true, if successful
					 */
                private boolean confirmUsersDeletion(Context uiSharedContext) {
                    usersExtension = (ExtensionUserManagement) Control.getSingleton().getExtensionLoader().getExtension(ExtensionUserManagement.NAME);
                    if (usersExtension != null) {
                        if (usersExtension.getSharedContextUsers(uiSharedContext).size() > 0) {
                            int choice = JOptionPane.showConfirmDialog(this, Constant.messages.getString("authentication.dialog.confirmChange.label"), Constant.messages.getString("authentication.dialog.confirmChange.title"), JOptionPane.OK_CANCEL_OPTION);
                            if (choice == JOptionPane.CANCEL_OPTION) {
                                return false;
                            }
                        }
                    }
                    return true;
                }

                @Override
                public void performAction(SiteNode sn) {
                    // Manually create the UI shared contexts so any modifications are done
                    // on an UI shared Context, so changes can be undone by pressing Cancel
                    SessionDialog sessionDialog = View.getSingleton().getSessionDialog();
                    sessionDialog.recreateUISharedContexts(Model.getSingleton().getSession());
                    uiSharedContext = sessionDialog.getUISharedContext(this.getContext().getIndex());
                    // Do the work/changes on the UI shared context
                    if (this.getContext().getAuthenticationMethod() instanceof FormBasedAuthenticationMethod) {
                        log.info("Selected new login request via PopupMenu. Changing existing Form-Based Authentication instance for Context " + getContext().getIndex());
                        FormBasedAuthenticationMethod method = (FormBasedAuthenticationMethod) uiSharedContext.getAuthenticationMethod();
                        try {
                            method.setLoginRequest(sn);
                        } catch (Exception e) {
                            log.error("Failed to set login request: " + e.getMessage(), e);
                            return;
                        }
                        // Show the session dialog without recreating UI Shared contexts
                        View.getSingleton().showSessionDialog(Model.getSingleton().getSession(), ContextAuthenticationPanel.buildName(this.getContext().getIndex()), false);
                    } else {
                        log.info("Selected new login request via PopupMenu. Creating new Form-Based Authentication instance for Context " + getContext().getIndex());
                        FormBasedAuthenticationMethod method = new FormBasedAuthenticationMethod();
                        try {
                            method.setLoginRequest(sn);
                        } catch (Exception e) {
                            log.error("Failed to set login request: " + e.getMessage(), e);
                            return;
                        }
                        if (!confirmUsersDeletion(uiSharedContext)) {
                            log.debug("Cancelled change of authentication type.");
                            return;
                        }
                        uiSharedContext.setAuthenticationMethod(method);
                        // Show the session dialog without recreating UI Shared contexts
                        // NOTE: First init the panels of the dialog so old users data gets
                        // loaded and just then delete the users
                        // from the UI data model, otherwise the 'real' users from the
                        // non-shared context would be loaded
                        // and would override any deletions made.
                        View.getSingleton().showSessionDialog(Model.getSingleton().getSession(), ContextAuthenticationPanel.buildName(this.getContext().getIndex()), false, new Runnable() {

                            @Override
                            public void run() {
                                // save as well
                                if (usersExtension != null)
                                    usersExtension.removeSharedContextUsers(uiSharedContext);
                            }
                        });
                    }
                }
            };
        }

        @Override
        public int getParentMenuIndex() {
            return 3;
        }
    };
    return popupFlagLoginRequestMenuFactory;
}
Also used : Context(org.zaproxy.zap.model.Context) PopupMenuItemContext(org.zaproxy.zap.view.popup.PopupMenuItemContext) RecordContext(org.parosproxy.paros.db.RecordContext) ExtensionUserManagement(org.zaproxy.zap.extension.users.ExtensionUserManagement) PopupMenuItemContext(org.zaproxy.zap.view.popup.PopupMenuItemContext) SessionDialog(org.parosproxy.paros.view.SessionDialog) PopupMenuItemSiteNodeContextMenuFactory(org.zaproxy.zap.view.popup.PopupMenuItemSiteNodeContextMenuFactory) URIException(org.apache.commons.httpclient.URIException) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) ApiException(org.zaproxy.zap.extension.api.ApiException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ConfigurationException(org.apache.commons.configuration.ConfigurationException) IOException(java.io.IOException) DatabaseException(org.parosproxy.paros.db.DatabaseException) SiteNode(org.parosproxy.paros.model.SiteNode)

Example 9 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class ReportLastScan method siteXML.

private void siteXML(StringBuilder report) {
    SiteMap siteMap = Model.getSingleton().getSession().getSiteTree();
    SiteNode root = (SiteNode) siteMap.getRoot();
    int siteNumber = root.getChildCount();
    for (int i = 0; i < siteNumber; i++) {
        SiteNode site = (SiteNode) root.getChildAt(i);
        String siteName = ScanPanel.cleanSiteName(site, true);
        String[] hostAndPort = siteName.split(":");
        boolean isSSL = (site.getNodeName().startsWith("https"));
        String siteStart = "<site name=\"" + XMLStringUtil.escapeControlChrs(site.getNodeName()) + "\"" + " host=\"" + XMLStringUtil.escapeControlChrs(hostAndPort[0]) + "\"" + " port=\"" + XMLStringUtil.escapeControlChrs(hostAndPort[1]) + "\"" + " ssl=\"" + String.valueOf(isSSL) + "\"" + ">";
        StringBuilder extensionsXML = getExtensionsXML(site);
        String siteEnd = "</site>";
        report.append(siteStart);
        report.append(extensionsXML);
        report.append(siteEnd);
    }
}
Also used : SiteMap(org.parosproxy.paros.model.SiteMap) SiteNode(org.parosproxy.paros.model.SiteNode)

Example 10 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class SiteMapPanel method getTreeSite.

/**
	 * This method initializes treeSite	
	 * 	
	 * @return javax.swing.JTree	
	 */
public JTree getTreeSite() {
    if (treeSite == null) {
        treeSite = new JTree(new DefaultTreeModel(new DefaultMutableTreeNode()));
        treeSite.setShowsRootHandles(true);
        treeSite.setName("treeSite");
        treeSite.setToggleClickCount(1);
        treeSite.addTreeSelectionListener(new javax.swing.event.TreeSelectionListener() {

            @Override
            public void valueChanged(javax.swing.event.TreeSelectionEvent e) {
                SiteNode node = (SiteNode) treeSite.getLastSelectedPathComponent();
                if (node == null) {
                    return;
                }
                if (!node.isRoot()) {
                    HttpMessage msg = null;
                    try {
                        msg = node.getHistoryReference().getHttpMessage();
                    } catch (Exception e1) {
                        // ZAP: Log exceptions
                        log.warn(e1.getMessage(), e1);
                        return;
                    }
                    getView().displayMessage(msg);
                    // ZAP: Call SiteMapListenners
                    for (SiteMapListener listener : listeners) {
                        listener.nodeSelected(node);
                    }
                } else {
                    // ZAP: clear the views when the root is selected
                    getView().displayMessage(null);
                }
            }
        });
        treeSite.setComponentPopupMenu(new SitesCustomPopupMenu());
        // ZAP: Add custom tree cell renderer.
        DefaultTreeCellRenderer renderer = new SiteMapTreeCellRenderer(listeners);
        treeSite.setCellRenderer(renderer);
    }
    return treeSite;
}
Also used : DefaultMutableTreeNode(javax.swing.tree.DefaultMutableTreeNode) DefaultTreeModel(javax.swing.tree.DefaultTreeModel) DefaultTreeCellRenderer(javax.swing.tree.DefaultTreeCellRenderer) DatabaseException(org.parosproxy.paros.db.DatabaseException) JTree(javax.swing.JTree) SiteMapTreeCellRenderer(org.zaproxy.zap.view.SiteMapTreeCellRenderer) HttpMessage(org.parosproxy.paros.network.HttpMessage) SiteMapListener(org.zaproxy.zap.view.SiteMapListener) SiteNode(org.parosproxy.paros.model.SiteNode)

Aggregations

SiteNode (org.parosproxy.paros.model.SiteNode)53 DatabaseException (org.parosproxy.paros.db.DatabaseException)10 HistoryReference (org.parosproxy.paros.model.HistoryReference)10 JTree (javax.swing.JTree)9 Target (org.zaproxy.zap.model.Target)8 SiteMap (org.parosproxy.paros.model.SiteMap)7 ArrayList (java.util.ArrayList)6 TreePath (javax.swing.tree.TreePath)6 Alert (org.parosproxy.paros.core.scanner.Alert)6 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)4 Context (org.zaproxy.zap.model.Context)4 StructuralSiteNode (org.zaproxy.zap.model.StructuralSiteNode)4 IOException (java.io.IOException)3 InvalidParameterException (java.security.InvalidParameterException)3 List (java.util.List)3 PatternSyntaxException (java.util.regex.PatternSyntaxException)3 ImageIcon (javax.swing.ImageIcon)3 DefaultTreeModel (javax.swing.tree.DefaultTreeModel)3 URIException (org.apache.commons.httpclient.URIException)3 Session (org.parosproxy.paros.model.Session)3