Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

eyewitness: init at v20201021.1 #101893

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Conversation

@redvers
Copy link
Member

@redvers redvers commented Oct 28, 2020

Motivation for this change

EyeWitness is a tool that I use on a daily basis to evaluate large swathes of network services that I am responsible for. It is a headless application which takes as input a list of URLs and outputs screenshots and source-code for each item in the list.

To test:

nix-shell -p eyewitness
EyeWitness.py --single https://nixos.org/

(You can see example output of the above here: https://evil.red/2020-10-28_032409/report.html)

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
@SuperSandro2000
Copy link
Member

@SuperSandro2000 SuperSandro2000 commented Oct 28, 2020

@redvers Can you please fix the eval error?

called without required argument 'xlibs', at 

@redvers
Copy link
Member Author

@redvers redvers commented Oct 29, 2020

@redvers Can you please fix the eval error?

called without required argument 'xlibs', at 

Fixed - AND it works on aarch64 swoon

@SuperSandro2000
Copy link
Member

@SuperSandro2000 SuperSandro2000 commented Oct 31, 2020

Result of nixpkgs-review pr 101893 run on x86_64-linux 1

1 package built:
  • eyewitness

@redvers
Copy link
Member Author

@redvers redvers commented Nov 6, 2020

firefox
geckodriver
xorg.xorgserver
python37
Copy link
Member

@andir andir Nov 9, 2020

I am not sure what the best approach here is. Usually I just pass a single python script into these expressions. That one python version is generated via python3.withPackages (p: [ p.netaddr p.selenium … ] ).

  • We should probably avoid hard coding python version 3.7 if we can. Just using python 3 should be sufficient.
  • Why did you add pip as dependency? Does it try to install packages during runtime?

Copy link
Member

@andir andir Nov 9, 2020

cc @FRidh on the matter of how we pass python envs these days.

Copy link
Member Author

@redvers redvers Nov 13, 2020

Done.

Copy link
Member

@andir andir Nov 21, 2020

This is still using python3.7 explicitly unless really required we should use python3 here.

Copy link
Member

@SuperSandro2000 SuperSandro2000 Dec 28, 2020

I think this part needs some revisiting.

@SuperSandro2000
Copy link
Member

@SuperSandro2000 SuperSandro2000 commented Nov 23, 2020

Can you rebase this branch on master to fix the eval error?

@redvers redvers force-pushed the add_eyewitness branch from 2d8489b to f95be69 Nov 23, 2020
@redvers
Copy link
Member Author

@redvers redvers commented Nov 23, 2020

Result of nixpkgs-review pr 101893 1

1 package built:
  • eyewitness


stdenv.mkDerivation rec {
pname = "eyewitness";
version = "v20201021.1";
Copy link
Member

@SuperSandro2000 SuperSandro2000 Dec 28, 2020

Suggested change
version = "v20201021.1";
version = "20201021.1";

src = fetchFromGitHub {
owner = "FortyNorthSecurity";
repo = "EyeWitness";
rev = version;
Copy link
Member

@SuperSandro2000 SuperSandro2000 Dec 28, 2020

Suggested change
rev = version;
rev = "v${version}";

firefox
geckodriver
xorg.xorgserver
python37
Copy link
Member

@SuperSandro2000 SuperSandro2000 Dec 28, 2020

I think this part needs some revisiting.


doCheck = false;

meta = with stdenv.lib; {
Copy link
Member

@SuperSandro2000 SuperSandro2000 Jan 18, 2021

Suggested change
meta = with stdenv.lib; {
meta = with lib; {

homepage = "https://github.com/FortyNorthSecurity/EyeWitness";
maintainers = with maintainers; [ redvers ];
platforms = platforms.linux;
license = licenses.gpl3;
Copy link
Member

@SuperSandro2000 SuperSandro2000 Jan 18, 2021

gpl3Plus or gpl3Only?

@fabaff
Copy link
Member

@fabaff fabaff commented Feb 13, 2021

The latest release is v20210205.1.

Related to #81418

@redvers
Copy link
Member Author

@redvers redvers commented Feb 13, 2021

Thanks - I thought this PR was mothballed - I'll get to addressing the above issues a little later today.

@SuperSandro2000 SuperSandro2000 marked this pull request as draft Feb 14, 2021
@stale
Copy link

@stale stale bot commented Aug 13, 2021

I marked this as stale due to inactivity. → More info

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants