Partial fix for #31

owtf · Dec 10, 2015 · 12fdd96 · 12fdd96
1 parent 1e0a2b7
commit 12fdd96
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 1 deletion.
diff --git a/framework/interface/api_handlers.py b/framework/interface/api_handlers.py
@@ -1,3 +1,5 @@
+import os
+import tornado.gen
 import tornado.web
 from BaseHTTPServer import BaseHTTPRequestHandler
 from StringIO import StringIO
@@ -771,3 +773,33 @@ def post(self):
             cprint("\n")
             cprint("I/O error at event writing: ({0}): {1}".format(e.errno, e.strerror))
             cprint("\n")
+
+
+class AutoUpdaterHandler(custom_handlers.APIRequestHandler):
+    """
+    * Notify on the home page if the repo is at its latest commit from upstream
+    """
+    SUPPORTED_METHODS = ['GET']
+
+    @tornado.gen.coroutine
+    def get(self):
+        client = tornado.httpclient.AsyncHTTPClient()
+        response = yield client.fetch("https://api.github.com/repos/owtf/owtf/commits/develop",
+                                  user_agent='OWTF')
+
+        info = json.loads(response.body)
+        root_dir = self.get_component("config").RootDir
+
+        # check if the root dir is a git repository
+        if os.path.exists(os.path.join(root_dir, '.git')):
+            command = ('git log -n 1 --pretty=format:"%H"')
+            commit_hash = os.popen(command).read()
+        else:
+            commit_hash = ''
+
+        # now compare the commit_hash with the latest tag
+        if commit_hash != info["sha"]:
+            self.write("Seems that your repository is older than the upstream. The lastest commit is \
+                from"+info["commit"]["messsage"]+". \nPlease update, it may resolve some issues!")
+        else:
+            self.write('Seems like you are running latest version. Happy Pwning!')
diff --git a/framework/interface/templates/home.html b/framework/interface/templates/home.html
@@ -18,4 +18,22 @@ <h1>Offensive Web Testing Framework!</h1>
     </p>
     <p><a class="btn btn-primary btn-lg" role="button" href="http://owtf.org" target="_blank">Learn more</a></p>
 </div>
+
+<script>
+
+var mySpace = {
+    auto_updater_url:"{{ auto_updater_api_url }}",
+};
+
+$(document).ready(function(){
+    $.ajax({
+        'url': mySpace.auto_updater_url,
+        'headers': {'Access-Control-Allow-Origin': '*'},
+        'type' : 'GET',
+        'success' : function(data) {              
+            alertInfo(data);
+        },
+    });
+});
+</script>
 {% end %}
diff --git a/framework/interface/ui_handlers.py b/framework/interface/ui_handlers.py
@@ -19,7 +19,9 @@ def get(self):
 class Home(custom_handlers.UIRequestHandler):
     SUPPORTED_METHODS = ['GET']
     def get(self):
-        self.render('home.html')
+        self.render('home.html',
+                auto_updater_api_url=self.reverse_url('auto_updater_api_url'),
+                )
 
 
 class TransactionLog(custom_handlers.UIRequestHandler):

diff --git a/framework/interface/urls.py b/framework/interface/urls.py
@@ -34,6 +34,7 @@ def get_handlers():
         tornado.web.url(r'/api/worklist/search/?$', api_handlers.WorklistSearchHandler, name='worklist_search_api_url'),
         tornado.web.url(r'/api/configuration/?$', api_handlers.ConfigurationHandler, name='configuration_api_url'),
         tornado.web.url(r'/api/plugnhack/?$', api_handlers.PlugnhackHandler, name='plugnhack_api_url'),
+        tornado.web.url(r'/api/update/?$', api_handlers.AutoUpdaterHandler, name='auto_updater_api_url'),
 
         (r'/static/(.*)', tornado.web.StaticFileHandler, {'path': config.FrameworkConfigGet('STATICFILES_DIR')}),
         tornado.web.url(r'/output_files/(.*)', ui_handlers.FileRedirectHandler, name='file_redirect_url'),