-
-
Notifications
You must be signed in to change notification settings - Fork 450
/
Copy pathlinebuf.py
353 lines (292 loc) · 12 KB
/
linebuf.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
"""Provide advanced line-buffers for phpsploit session settings"""
import os
import hashlib
import random
from abc import ABC, abstractmethod
import utils.path
from ui.color import colorize
class AbstractLineBuffer(ABC):
r"""Abstract base-class to implement LineBuffer classes
value (mandatory argument):
---------------------------
If `value` is a tuple() or list():
- object's 1st item is used as *parent-filepath.
- object's 2nd item is used as *buffer-data.
>>> AbstractLineBuffer( ['/tmp/data.txt', 'multi\nline\ncontent'] )
If `value` is a str() and starts with 'file://':
- the string after 'file://' is used as *parent-filepath.
- file's content is used as *buffer-data.
>>> AbstractLineBuffer("file:///tmp/data.txt")
Otherwise:
`str(value)` is used as *buffer-data.
object is an *orphan-buffer.
>>> AbstractLineBuffer("nulti\nline\ncontent")
validator (optional argument):
------------------------------
A `validator` callable (function) can optionally be provided to check
the validity of buffer's *usable-value.
It should raise a ValueError() if passed value is invalid.
Methods:
--------
__str__() get a colored string representation of the object.
__call__() get the *usable-value of the buffer.
__iadd__() allow strings being concatenated to the end of buffer.
If string starts with 'file://', object is bound to corresponding
file path (*file-bound-buffer).
__getitem__() get elements of object in the form [filepath, buffer].
_raw_value() get a simple representation of the object, based on python
built-ins, suitable to be dumped with pickle for later restauration.
update() try to replace buffer with *parent-filepath's content
Lexic:
------
*parent-filepath:
`self.file`
Filesystem file path string, whose content is used by
current object to feed *buffer-data.
*buffer-data:
`self.buffer`
A string representing current object's internal data buffer.
*file-bound-buffer:
A buffer whose value is taken from a file path (*parent-filepath).
If file is readable, buffer is upgraded with file content.
If not readable, current buffer is kept until the file becomes
accessible again.
*orphan-buffer:
A buffer that is not a *file-bound-buffer, i.e. no *parent-filepath
is defined.
*usable-value:
The final value used by phpsploit. It depends on child classes.
MultilineBuffer() uses the whole buffer as usable value.
RandLineBuffer() uses a random line from buffer as usable value.
"""
def __init__(self, value, validator=None):
if not hasattr(self, "desc"):
raise NotImplementedError("`desc` (description) attribute"
"is not defined")
if validator is None:
validator = (lambda x: x)
if not callable(validator):
raise TypeError("`validator` is not callable()")
self._validator = validator
if not isinstance(value, (list, tuple)):
value = str(value)
# if value is list/tuple:
if type(value) is not str: # pylint: disable=unidiomatic-typecheck
self.file = value[0]
self.buffer = value[1]
# if value is a 'file://' string
elif value[7:] and value[:7].lower() == "file://":
self.file = utils.path.truepath(value[7:])
try:
with open(self.file, 'r') as file:
self.buffer = file.read()
except OSError:
raise ValueError("not a readable file: «%s»" % self.file)
# if value is just a string
else:
self.file = None
self.buffer = value
def __call__(self, call=True):
"""Get current buffer's *usable-value
`call` (bool): If True, and *usable-value is callable,
return called *usable-value
"""
usable_value = self._validator(self.buffer)
if call and callable(usable_value):
return usable_value()
return usable_value
@abstractmethod
def __str__(self):
"""Get a colored string representation of current object
>>> MultiLineBuffer("monoline")
monoline
>>> MultiLineBuffer("file:///etc/passwd")
<MultiLine@/etc/passwd (24 lines)>
>>> MultiLineBuffer("line1\\nline2")
<MultiLine (2 lines)>
"""
def __iadd__(self, new):
"""allow strings being concatenated to the end of buffer.
If string starts with 'file://', suffix is used as new
*parent-filepath
>>> x = MultiLineBuffer("choice1")
>>> x
choice1
>>> x += "choice2"
>>> x += "file:///tmp/foo"
>>> x
<MultiLine@/tmp/foo (2 choices)>
"""
if not isinstance(new, str):
msg = "Can't convert '{}' object to str implicitly"
raise TypeError(msg.format(type(new).__name__))
new += os.linesep
# if string starts with 'file://', use it as *parent-filepath
lines = len(new.splitlines())
if lines == 1 and new[7:] and new[:7] == "file://":
result = self.__class__(self.buffer, self._validator)
result.file = new[7:].strip()
return result
# otherwise, concatenate normal string to buffer
buffer = self.buffer
if buffer[-1] not in "\r\n":
buffer += os.linesep
buffer += new
return self.__class__(buffer, self._validator)
def __getitem__(self, item):
"""dump object as an iterable of the form:
[*parent-filepath, *buffer-data]
>>> tuple(MultiLineBuffer(["/file/path", "buffer"])
("/file/path", "buffer")
"""
if item in [0, "file"]:
return self.file
if item in [1, "buffer"]:
return self.buffer
raise IndexError(self.__class__.__name__+" index out of range")
def __getattribute__(self, name):
"""automatically update self.buffer from self.file
whenever it is possible
"""
if name == "buffer" and self.file:
try:
with open(self.file, 'r') as file:
buffer = file.read()
if self._buffer_is_valid(buffer):
self.buffer = buffer
except OSError:
pass
return super().__getattribute__(name)
def _raw_value(self):
"""convert object into a built-in data type (tuple).
Format:
(*parent-filepath, *buffer-data)
>>> x = MultiLineBuffer("data")
>>> x._raw_value()
(None, "data")
"""
return tuple(self)
@abstractmethod
def _buffer_is_valid(self, buffer):
"""check if `buffer` string is valid for current class
"""
# pylint: disable=too-few-public-methods
class MultiLineBuffer(AbstractLineBuffer):
r"""A LineBuffer supporting multi-line buffers.
Buffer's *usable-value is set to the whole buffer's content,
even if it's multi-line.
"""
desc = r"""
{var} is a MultiLineBuffer. It supports multi-line buffers.
* To edit/show buffer with text editor, run this command:
> set {var} +
"""
def __init__(self, value, validator=None):
super().__init__(value, validator)
self._validator(self.buffer)
def __str__(self):
"""Get a colored string representation of current object
>>> MultiLineBuffer("monoline")
monoline
>>> MultiLineBuffer("file:///etc/passwd")
<MultiLine@/etc/passwd (24 lines)>
>>> MultiLineBuffer("line1\\nline2")
<MultiLine (2 lines)>
"""
# if buffer has a single line, use it as representation:
if not self.file and len(self.buffer.splitlines()) == 1:
return str(self._validator(self.buffer.strip()))
# otherwise, use complex representation:
obj_id = self.file
if not obj_id:
obj_id = hashlib.md5(self.buffer.encode('utf-8')).hexdigest()
lines_str = " (%s lines)" % len(self.buffer.splitlines())
return colorize("%BoldBlack", "<", "%BoldBlue", "MultiLine",
"%BasicCyan", "@", "%Bold", obj_id, "%BasicBlue",
lines_str, "%BoldBlack", ">")
def _buffer_is_valid(self, buffer):
"""return True if buffer is not empty"""
return bool(buffer.strip())
class RandLineBuffer(AbstractLineBuffer):
r"""A LineBuffer supporting random-choice multi-line buffers.
Buffer's *usable-value is set to a random valid choice between
lines composing the buffer.
"""
desc = r"""
{var} is a RandLineBuffer. It supports multiple values.
If {var} contains multiple lines (choices), a random
one is used as value each time the setting is used.
* EXAMPLE:
The HTTP_USER_AGENT setting has multiple strings as default value.
Each time an HTTP request is sent, a random User-Agent is used from
the list of choices (run `set HTTP_USER_AGENT` to show setting).
* To edit/show buffer with text editor, run this command:
> set {var} +
"""
def __init__(self, value, validator=None):
super().__init__(value, validator)
if len(self.buffer.splitlines()) == 1:
# if single choice, submit it to _validator() to validate it
# important, so real exception is returned in case of failure
self._validator(self.buffer.splitlines()[0])
elif not self.choices():
# if multi choice, at least one line must be usable
raise ValueError("couldn't find an *usable-choice"
" from buffer lines")
def __call__(self, call=True):
"""Get a random *usable-value from buffer lines.
`call` (bool): If True, and *usable-value is callable,
return called *usable-value
"""
obj = random.choice(self.choices())
if call and callable(obj):
return obj()
return obj
def __str__(self):
"""Get a colored string representation of current object
>>> RandLineBuffer("singleChoice")
singleChoice
>>> RandLineBuffer("file:///etc/passwd")
<RandLine@/etc/passwd (24 choices)>
>>> RandLineBuffer("choice1\\nchoice2")
<RandLine (2 choices)>
"""
# if buffer has a single line, use it as representation:
if not self.file and len(self.buffer.splitlines()) == 1:
return str(self._validator(self.buffer.strip()))
# otherwise, use complex representation:
obj_id = self.file
if not obj_id:
obj_id = hashlib.md5(self.buffer.encode('utf-8')).hexdigest()
num = len(self.choices())
choices = " (%s choice%s)" % (num, ('', 's')[num > 1])
return colorize("%BoldBlack", "<", "%BoldBlue", "RandLine",
"%BasicCyan", "@", "%Bold", obj_id, "%BasicBlue",
choices, "%BoldBlack", ">")
def _buffer_is_valid(self, buffer):
"""return True if at least one line is a valid
*usable-choice candidate
"""
return bool(self.choices(buffer))
def choices(self, buffer=None):
"""get a list of potential *usable-value lines. I.e. lines
validated by self._validator().
Empty lines and comment lines (starting with '#') are ignored.
If `buffer` argument is None (default), *buffer-data (self.buffer)
is used.
"""
if buffer is None:
buffer = self.buffer
if not isinstance(buffer, str):
raise ValueError("`buffer` must be a string")
# return a list of valid choices only
result = []
for line in buffer.splitlines():
line = line.strip()
if line and not line.startswith('#'):
try:
usable_value = self._validator(line)
except: # pylint: disable=bare-except
continue
result.append(usable_value)
return result