STRLCPY/Osmedeus

Release v4.1.0
j3ssie committed 2 years ago

3ee3e48d

1 parent 04aff8d7

■ ■ ■ ■ ■ ■

cmd/exec.go

		skipped 43 lines
44	44		for _, t := range options.Scan.Inputs {
45	45		// start to run scripts
46	46		options.Scan.ROptions = core.ParseInput(t, options)
47		-	for _, script := range scripts {
48		-	script = core.ResolveData(script, options.Scan.ROptions)
	47	+	for _, rscript := range scripts {
	48	+	script = core.ResolveData(rscript, options.Scan.ROptions)
49	49		utils.InforF("Script: %v", script)
50		-	runner.RunScript(script, options)
	50	+	runner.RunScript(script)
51	51		}
52	52		}
53	53
		skipped 3 lines

■ ■ ■ ■ ■ ■

cmd/usage.go

		skipped 86 lines
87	87		h += " osmedeus health cloud\n"
88	88		h += " osmedeus version --json \n"
89	89		h += " osmedeus update \n"
	90	+	h += " osmedeus update --vuln\n"
90	91		h += " osmedeus update --force --clean \n"
91	92		h += " osmedeus utils tmux ls \n"
92	93		h += " osmedeus utils tmux logs -A -l 10 \n"
		skipped 41 lines
134	135		h += " osmedeus report list\n"
135	136		h += " osmedeus report view --raw -t target.com\n"
136	137		h += " osmedeus report view --static -t target.com\n"
137		-	h += " osmedeus report view --raw --static --ip <your-public-ip> -t target.com\n"
	138	+	h += " osmedeus report view --static --ip 0 -t target.com\n"
138	139		return h
139	140		}
140	141
		skipped 57 lines

■ ■ ■ ■ ■ ■

core/external.go

		skipped 14 lines
15	15
16	16		// special scripts
17	17		vm.Set(Cleaning, func(call otto.FunctionCall) otto.Value {
18		-	execution.Cleaning(call.Argument(0).String(), r.Opt)
	18	+	if r.Opt.NoClean {
	19	+	utils.InforF("Disabled Cleaning")
	20	+	return otto.Value{}
	21	+	}
	22	+	execution.Cleaning(call.Argument(0).String(), r.Reports)
19	23		return otto.Value{}
20	24		})
21	25
		skipped 228 lines

■ ■ ■ ■ ■ ■

core/module.go

1	+	package core
2	+
3	+	import (
4	+	"context"
5	+	"fmt"
6	+	"path"
7	+	"strings"
8	+	"sync"
9	+	"time"
10	+
11	+	"github.com/spf13/cast"
12	+
13	+	"github.com/fatih/color"
14	+	"github.com/j3ssie/osmedeus/execution"
15	+	"github.com/j3ssie/osmedeus/libs"
16	+	"github.com/j3ssie/osmedeus/utils"
17	+	"github.com/panjf2000/ants"
18	+	)
19	+
20	+	// RunModule run the module
21	+	func (r *Runner) RunModule(module libs.Module) {
22	+	// get reports path
23	+	module = ResolveReports(module, r.Params)
24	+
25	+	// check if resume enable or not
26	+	if (r.Opt.Resume \|\| module.Resume) && !module.Forced {
27	+	if CheckResume(module) {
28	+	utils.BlockF(module.Name, "Resume detected")
29	+	return
30	+	}
31	+	}
32	+
33	+	r.CurrentModule = module.Name
34	+	timeStart := time.Now()
35	+	utils.BannerF("MODULES", fmt.Sprintf("%v - %v", module.Name, module.Desc))
36	+
37	+	// create report record first because I don't want to wait for them to show up in UI until the module done
38	+	r.DBNewReports(module)
39	+
40	+	// pre-run
41	+	utils.BlockF(module.Name, "Running prepare scripts")
42	+	r.RunScripts(module.PreRun)
43	+
44	+	// main part
45	+	utils.BlockF(module.Name, "Start run main steps")
46	+	err := r.RunSteps(module.Steps)
47	+	if err != nil {
48	+	utils.BadBlockF(module.Name, fmt.Sprintf("got exit call"))
49	+	}
50	+
51	+	// post-run
52	+	utils.BlockF(module.Name, "Running conclusion scripts")
53	+	r.RunScripts(module.PostRun)
54	+
55	+	// print the reports file
56	+	utils.PrintLine()
57	+	printReports(module)
58	+
59	+	// create report record first because we don't want to wait it show up in UI until the module done
60	+	r.DBNewReports(module)
61	+
62	+	// estimate time
63	+	elapsedTime := time.Since(timeStart).Seconds()
64	+	utils.BlockF("Elapsed Time", fmt.Sprintf("Done module %v in %v", color.HiCyanString(module.Name), color.HiMagentaString("%vs", elapsedTime)))
65	+	r.RunningTime += cast.ToInt(elapsedTime)
66	+	utils.PrintLine()
67	+	r.DBUpdateScan()
68	+	r.DBUpdateTarget()
69	+	}
70	+
71	+	// RunScripts run list of scripts
72	+	func (r *Runner) RunScripts(scripts []string) string {
73	+	if r.Opt.Timeout != "" {
74	+	timeout := utils.CalcTimeout(r.Opt.Timeout)
75	+	utils.DebugF("Run scripts with %v seconds timeout", timeout)
76	+	r.RunScriptsWithTimeOut(r.Opt.Timeout, scripts)
77	+	return ""
78	+	}
79	+
80	+	for _, script := range scripts {
81	+	outScript := r.RunScript(script)
82	+	if strings.Contains(outScript, "exit") {
83	+	return outScript
84	+	}
85	+	}
86	+	return ""
87	+	}
88	+
89	+	// RunScriptsWithTimeOut run list of scripts with timeout
90	+	func (r *Runner) RunScriptsWithTimeOut(timeoutRaw string, scripts []string) string {
91	+	timeout := utils.CalcTimeout(timeoutRaw)
92	+	utils.DebugF("Run scripts with %v seconds timeout", timeout)
93	+
94	+	c := context.Background()
95	+	deadline := time.Now().Add(time.Duration(timeout) * time.Second)
96	+	c, cancel := context.WithDeadline(c, deadline)
97	+	defer cancel()
98	+
99	+	go func() {
100	+	for _, script := range scripts {
101	+	outScript := r.RunScript(script)
102	+	if strings.Contains(outScript, "exit") {
103	+	return
104	+	}
105	+	}
106	+	cancel()
107	+	}()
108	+
109	+	select {
110	+	case <-c.Done():
111	+	utils.DebugF("Scripts done")
112	+	return ""
113	+	case <-time.After(time.Duration(timeout) * time.Second):
114	+	utils.BadBlockF("timeout", fmt.Sprintf("Scripts got timeout after %v", color.HiMagentaString(timeoutRaw)))
115	+	}
116	+	return ""
117	+	}
118	+
119	+	// RunScript really run a script
120	+	func (r *Runner) RunScript(script string) string {
121	+	return r.ExecScript(script)
122	+	}
123	+
124	+	// RunSteps run list of steps
125	+	func (r *Runner) RunSteps(steps []libs.Step) error {
126	+	var stepOut string
127	+	for _, step := range steps {
128	+	r.DoneStep += 1
129	+
130	+	if step.Timeout != "" {
131	+	// timeout should be: 30, 30m, 1h
132	+	timeout := utils.CalcTimeout(step.Timeout)
133	+	if timeout != 0 {
134	+	stepOut, _ = r.RunStepWithTimeout(timeout, step)
135	+	if strings.Contains(stepOut, "exit") {
136	+	return fmt.Errorf("got exit call")
137	+	}
138	+	continue
139	+	}
140	+	}
141	+
142	+	stepOut, _ = r.RunStep(step)
143	+	if strings.Contains(stepOut, "exit") {
144	+	return fmt.Errorf("got exit call")
145	+	}
146	+	}
147	+	return nil
148	+	}
149	+
150	+	// RunStepWithTimeout run step with timeout
151	+	func (r *Runner) RunStepWithTimeout(timeout int, step libs.Step) (out string, err error) {
152	+	utils.DebugF("Run step with %v seconds timeout", timeout)
153	+	prefix := fmt.Sprintf("timeout -k 1m %vs ", timeout)
154	+
155	+	// prepare the os command with prefix timeout first
156	+	var preFixCommands []string
157	+	for _, command := range step.Commands {
158	+	preFixCommand := command
159	+	if !strings.Contains(command, "timeout") {
160	+	preFixCommand = prefix + command
161	+	}
162	+	preFixCommands = append(preFixCommands, preFixCommand)
163	+	}
164	+	step.Commands = preFixCommands
165	+
166	+	// override global timeout
167	+	r.Opt.Timeout = step.Timeout
168	+	return r.RunStep(step)
169	+	}
170	+
171	+	func (r *Runner) RunStep(step libs.Step) (string, error) {
172	+	var output string
173	+	if step.Label != "" {
174	+	utils.BlockF("Start-Step", color.HiCyanString(step.Label))
175	+	}
176	+
177	+	// checking required file
178	+	err := r.CheckRequired(step.Required, r.Opt)
179	+	if err != nil {
180	+	return output, fmt.Errorf("missing requirements")
181	+	}
182	+
183	+	// check conditions and run reverse step
184	+	err = r.CheckCondition(step.Conditions)
185	+	if err != nil {
186	+	if len(step.RCommands) == 0 && len(step.RScripts) == 0 {
187	+	return output, fmt.Errorf("conditions not met")
188	+	}
189	+
190	+	// run reverse commands
191	+	utils.InforF("Condition false, run the reverse commands")
192	+	if len(step.RCommands) > 0 {
193	+	r.RunCommands(step.RCommands, step.Std)
194	+	}
195	+	// run reverse scripts
196	+	if len(step.RScripts) > 0 {
197	+	output = r.RunScripts(step.RScripts)
198	+	if strings.Contains(output, "exit") {
199	+	return output, nil
200	+	}
201	+	}
202	+	return output, nil
203	+	}
204	+
205	+	// run the step in loop mode
206	+	if step.Source != "" {
207	+	return r.RunStepWithSource(step)
208	+	}
209	+	//
210	+
211	+	if len(step.Commands) > 0 {
212	+	r.RunCommands(step.Commands, step.Std)
213	+	}
214	+	if len(step.Scripts) > 0 {
215	+	output = r.RunScripts(step.Scripts)
216	+	if strings.Contains(output, "exit") {
217	+	return output, nil
218	+	}
219	+	}
220	+
221	+	// run ose here
222	+	if len(step.Ose) > 0 {
223	+	for _, ose := range step.Ose {
224	+	r.RunOse(ose)
225	+	}
226	+	}
227	+
228	+	// post scripts
229	+	if len(step.PConditions) > 0 \|\| len(step.PScripts) > 0 {
230	+	err := r.CheckCondition(step.PConditions)
231	+	if err == nil {
232	+	if len(step.PScripts) > 0 {
233	+	r.RunScripts(step.PScripts)
234	+	}
235	+	}
236	+	}
237	+	if step.Label != "" {
238	+	utils.BlockF("Done-Step", color.HiCyanString(step.Label))
239	+	}
240	+	return output, nil
241	+
242	+	}
243	+
244	+	// RunStepWithSource really run a step
245	+	func (r *Runner) RunStepWithSource(step libs.Step) (out string, err error) {
246	+	////// Start to run step but in loop mode
247	+	utils.DebugF("Run step with Source: %v", step.Source)
248	+	data := utils.ReadingLines(step.Source)
249	+	if len(data) <= 0 {
250	+	return out, fmt.Errorf("missing source")
251	+	}
252	+	if step.Threads != "" {
253	+	step.Parallel = cast.ToInt(step.Threads)
254	+	}
255	+	if step.Parallel == 0 {
256	+	step.Parallel = 1
257	+	}
258	+
259	+	// skip concurrency part
260	+	if step.Parallel == 1 {
261	+	for index, line := range data {
262	+	customParams := make(map[string]string)
263	+	customParams["line"] = line
264	+	customParams["line_id"] = fmt.Sprintf("%v-%v", path.Base(line), index)
265	+	customParams["_id_"] = fmt.Sprintf("%v", index)
266	+	customParams["_line_"] = execution.StripName(line)
267	+
268	+	if len(step.Commands) > 0 {
269	+	r.RunCommands(step.Commands, step.Std)
270	+	}
271	+
272	+	if len(step.Ose) > 0 {
273	+	for _, ose := range step.Ose {
274	+	r.RunOse(ose)
275	+	}
276	+	}
277	+
278	+	if len(step.Scripts) > 0 {
279	+	r.RunScripts(step.Scripts)
280	+	}
281	+
282	+	// post scripts
283	+	if len(step.PConditions) > 0 \|\| len(step.PScripts) > 0 {
284	+	err := r.CheckCondition(step.PConditions)
285	+	if err == nil {
286	+	if len(step.PScripts) > 0 {
287	+	r.RunScripts(step.PScripts)
288	+	}
289	+	}
290	+	}
291	+
292	+	}
293	+
294	+	if step.Label != "" {
295	+	utils.BlockF("Done-Step", color.HiCyanString(step.Label))
296	+	}
297	+	return out, nil
298	+	}
299	+
300	+	/////////////
301	+	// run multiple steps in concurrency mode
302	+
303	+	utils.DebugF("Run step in Parallel: %v", step.Parallel)
304	+	var wg sync.WaitGroup
305	+	p, _ := ants.NewPoolWithFunc(step.Parallel, func(i interface{}) {
306	+	r.startStepJob(i)
307	+	wg.Done()
308	+	}, ants.WithPreAlloc(true))
309	+	defer p.Release()
310	+
311	+	//var mu sync.Mutex
312	+	for index, line := range data {
313	+	//mu.Lock()
314	+	customParams := make(map[string]string)
315	+	//localOptions := libs.Options{}
316	+	customParams["line"] = line
317	+	customParams["line_id"] = fmt.Sprintf("%v-%v", path.Base(line), index)
318	+	customParams["_id_"] = fmt.Sprintf("%v", index)
319	+	customParams["_line_"] = execution.StripName(line)
320	+
321	+	// make completely new Step
322	+	localStep := libs.Step{}
323	+
324	+	for _, cmd := range step.Commands {
325	+	localStep.Commands = append(localStep.Commands, AltResolveVariable(cmd, customParams))
326	+	}
327	+	for _, cmd := range step.RCommands {
328	+	localStep.RCommands = append(localStep.RCommands, AltResolveVariable(cmd, customParams))
329	+	}
330	+
331	+	if len(step.Ose) > 0 {
332	+	for _, ose := range step.Ose {
333	+	localStep.Ose = append(localStep.Ose, AltResolveVariable(ose, customParams))
334	+	}
335	+	}
336	+
337	+	for _, script := range step.RScripts {
338	+	localStep.RScripts = append(localStep.RScripts, AltResolveVariable(script, customParams))
339	+	}
340	+
341	+	for _, script := range step.Scripts {
342	+	localStep.Scripts = append(localStep.Scripts, AltResolveVariable(script, customParams))
343	+	}
344	+
345	+	for _, script := range step.PConditions {
346	+	localStep.PConditions = append(localStep.PConditions, AltResolveVariable(script, customParams))
347	+	}
348	+	for _, script := range step.PScripts {
349	+	localStep.PScripts = append(localStep.PScripts, AltResolveVariable(script, customParams))
350	+	}
351	+
352	+	wg.Add(1)
353	+	err = p.Invoke(localStep)
354	+	if err != nil {
355	+	utils.ErrorF("Error in parallel: %v", err)
356	+	}
357	+	//mu.Unlock()
358	+	}
359	+
360	+	wg.Wait()
361	+	if step.Label != "" {
362	+	utils.BlockF("Done-Step", color.HiCyanString(step.Label))
363	+	}
364	+	return out, nil
365	+	}
366	+
367	+	func (r *Runner) startStepJob(j interface{}) {
368	+	localStep := j.(libs.Step)
369	+
370	+	err := r.CheckCondition(localStep.Conditions)
371	+
372	+	if err != nil {
373	+	// run reverse commands
374	+	if len(localStep.RCommands) > 0 {
375	+	r.RunCommands(localStep.RCommands, localStep.Std)
376	+	}
377	+	if len(localStep.RScripts) > 0 {
378	+	r.RunScripts(localStep.RScripts)
379	+	}
380	+	} else {
381	+	if len(localStep.Commands) > 0 {
382	+	r.RunCommands(localStep.Commands, localStep.Std)
383	+	}
384	+	}
385	+
386	+	if len(localStep.Ose) > 0 {
387	+	for _, ose := range localStep.Ose {
388	+	r.RunOse(ose)
389	+	}
390	+	}
391	+
392	+	if len(localStep.Scripts) > 0 {
393	+	r.RunScripts(localStep.Scripts)
394	+	}
395	+
396	+	// post scripts
397	+	if len(localStep.PConditions) > 0 \|\| len(localStep.PScripts) > 0 {
398	+	err := r.CheckCondition(localStep.PConditions)
399	+	if err == nil {
400	+	if len(localStep.PScripts) > 0 {
401	+	r.RunScripts(localStep.PScripts)
402	+	}
403	+	}
404	+	}
405	+	}
406	+

■ ■ ■ ■ ■ ■

core/parse.go

		skipped 3 lines
4	4		"bytes"
5	5		"fmt"
6	6		"github.com/Jeffail/gabs/v2"
	7	+	"github.com/fatih/color"
7	8		"github.com/spf13/cast"
8	9		"golang.org/x/net/publicsuffix"
9	10		"io/ioutil"
		skipped 21 lines
31	32		return buf.String()
32	33		}
33	34
	35	+	// ResolveSlice resolve template from signature file
	36	+	func ResolveSlice(slice []string, data map[string]string) (resolveSlice []string) {
	37	+	for _, s := range slice {
	38	+	resolveSlice = append(resolveSlice, ResolveData(s, data))
	39	+	}
	40	+	return resolveSlice
	41	+	}
	42	+
	43	+	// AltResolveVariable just like ResolveVariable but looking for [[.var]]
	44	+	func AltResolveVariable(format string, data map[string]string) string {
	45	+	t := template.Must(template.New("").Delims("[[", "]]").Parse(format))
	46	+	buf := &bytes.Buffer{}
	47	+	err := t.Execute(buf, data)
	48	+	if err != nil {
	49	+	return format
	50	+	}
	51	+	return buf.String()
	52	+	}
	53	+
	54	+
34	55		// ParseFlow parse mode file
35	56		func ParseFlow(flowFile string) (libs.Flow, error) {
36		-	utils.DebugF("Parsing workflow at: %v", flowFile)
	57	+	utils.DebugF("Parsing workflow at: %v", color.HiGreenString(flowFile))
37	58		var flow libs.Flow
38	59		yamlFile, err := ioutil.ReadFile(flowFile)
39	60		if err != nil {
		skipped 14 lines
54	75
55	76		// ParseModules parse module file
56	77		func ParseModules(moduleFile string) (libs.Module, error) {
57		-	utils.DebugF("Parsing module at: %v", moduleFile)
	78	+	utils.DebugF("Parsing module at: %v", color.HiCyanString(moduleFile))
58	79
59	80		var module libs.Module
60	81
		skipped 101 lines
162	183		return ROptions
163	184		}
164	185
165		-	// MoreParams get more params from module or cli
166		-	func MoreParams(module libs.Module, options *libs.Options) {
167		-	ROptions := options.Scan.ROptions
168		-	if len(ROptions) == 0 {
169		-	ROptions = make(map[string]string)
170		-	}
171		-
172		-	// params from module file
173		-	if len(module.Params) > 0 {
174		-	for _, param := range module.Params {
175		-	for k, v := range param {
176		-	// skip params if override: false
177		-	_, exist := ROptions[k]
178		-	if module.ForceParams && exist {
179		-	utils.DebugF("Skip Override param: %v --> %v", v, k)
180		-	continue
181		-	}
182		-
183		-	v = ResolveData(v, ROptions)
184		-	if strings.HasPrefix(v, "~/") {
185		-	v = utils.NormalizePath(v)
186		-	}
187		-	ROptions[k] = v
188		-	}
189		-	}
190		-	}
191		-
192		-	// more params from -p flag
193		-	if len(options.Scan.Params) > 0 {
194		-	params := ParseParams(options.Scan.Params)
195		-	if len(params) > 0 {
196		-	for k, v := range params {
197		-	v = ResolveData(v, ROptions)
198		-	ROptions[k] = v
199		-	}
200		-	}
201		-	}
202		-
203		-	options.Scan.ROptions = ROptions
204		-	}
205	186
206	187		// ParseParams parse more params from cli
207	188		func ParseParams(rawParams []string) map[string]string {
		skipped 103 lines

■ ■ ■ ■ ■ ■

core/report.go

		skipped 105 lines
106	106		reportName := cast.ToString(report.S("report_name").Data())
107	107		reportPath := cast.ToString(report.S("report_path").Data())
108	108
	109	+	if !utils.FileExists(reportPath) {
	110	+	continue
	111	+	}
	112	+
109	113		row := []string{
110	114		ws.Name(), moduleName, processReport(options, reportName), processReport(options, reportPath),
111	115		}
		skipped 48 lines

■ ■ ■ ■ ■ ■

core/routine.go

1	-	package core
2	-
3	-	import (
4	-	"context"
5	-	"errors"
6	-	"fmt"
7	-	"path"
8	-	"strings"
9	-	"sync"
10	-	"time"
11	-
12	-	"github.com/spf13/cast"
13	-
14	-	"github.com/fatih/color"
15	-	"github.com/j3ssie/osmedeus/execution"
16	-	"github.com/j3ssie/osmedeus/libs"
17	-	"github.com/j3ssie/osmedeus/utils"
18	-	"github.com/jinzhu/copier"
19	-	"github.com/panjf2000/ants"
20	-	)
21	-
22	-	// RunModule run the module
23	-	func (r *Runner) RunModule(module libs.Module, options libs.Options) {
24	-	// get more params
25	-	MoreParams(module, &options)
26	-	// get reports path
27	-	options.Module = ResolveReports(module, options)
28	-	r.LoadEngineScripts()
29	-
30	-	// check if resume enable or not
31	-	if (options.Resume \|\| module.Resume) && !module.Forced {
32	-	if CheckResume(options) {
33	-	utils.BlockF(module.Name, "Resume detected")
34	-	return
35	-	}
36	-	}
37	-
38	-	r.CurrentModule = module.Name
39	-	timeStart := time.Now()
40	-	utils.BannerF("MODULES", fmt.Sprintf("%v - %v", module.Name, options.Module.Desc))
41	-
42	-	// create report record first because I don't want to wait for them to show up in UI until the module done
43	-	r.DBNewReports(module)
44	-
45	-	// pre-run
46	-	utils.BlockF(module.Name, "Running prepare scripts")
47	-	r.RunScripts(module.PreRun, options)
48	-
49	-	// main part
50	-	utils.BlockF(module.Name, "Start run main steps")
51	-	err := r.RunSteps(module.Steps, options)
52	-	if err != nil {
53	-	utils.BadBlockF(module.Name, fmt.Sprintf("got exit call"))
54	-	}
55	-
56	-	// post-run
57	-	utils.BlockF(module.Name, "Running conclusion scripts")
58	-	r.RunScripts(module.PostRun, options)
59	-
60	-	// print the reports file
61	-	utils.PrintLine()
62	-	printReports(options)
63	-
64	-	// create report record first because we don't want to wait it show up in UI until the module done
65	-	r.DBNewReports(module)
66	-
67	-	// estimate time
68	-	elapsedTime := time.Since(timeStart).Seconds()
69	-	utils.BlockF("Elapsed Time", fmt.Sprintf("Done module %v in %v", color.HiCyanString(module.Name), color.HiMagentaString("%vs", elapsedTime)))
70	-	r.RunningTime += cast.ToInt(elapsedTime)
71	-	utils.PrintLine()
72	-	r.DBUpdateScan()
73	-	r.DBUpdateTarget()
74	-	}
75	-
76	-	// RunScripts run list of scripts
77	-	func (r *Runner) RunScripts(scripts []string, options libs.Options) string {
78	-	if options.Timeout != "" {
79	-	timeout := utils.CalcTimeout(options.Timeout)
80	-	utils.DebugF("Run scripts with %v seconds timeout", timeout)
81	-	r.RunScriptsWithTimeOut(options.Timeout, scripts, options)
82	-	return ""
83	-	}
84	-
85	-	for _, script := range scripts {
86	-	outScript := r.RunScript(script, options)
87	-	if strings.Contains(outScript, "exit") {
88	-	return outScript
89	-	}
90	-	}
91	-	return ""
92	-	}
93	-
94	-	// RunScriptsWithTimeOut run list of scripts with timeout
95	-	func (r *Runner) RunScriptsWithTimeOut(timeoutRaw string, scripts []string, options libs.Options) string {
96	-	timeout := utils.CalcTimeout(timeoutRaw)
97	-	utils.DebugF("Run scripts with %v seconds timeout", timeout)
98	-
99	-	c := context.Background()
100	-	deadline := time.Now().Add(time.Duration(timeout) * time.Second)
101	-	c, cancel := context.WithDeadline(c, deadline)
102	-	defer cancel()
103	-
104	-	go func() {
105	-	for _, script := range scripts {
106	-	outScript := r.RunScript(script, options)
107	-	if strings.Contains(outScript, "exit") {
108	-	return
109	-	}
110	-	}
111	-	cancel()
112	-	}()
113	-
114	-	select {
115	-	case <-c.Done():
116	-	utils.DebugF("Scripts done")
117	-	return ""
118	-	case <-time.After(time.Duration(timeout) * time.Second):
119	-	utils.BadBlockF("timeout", fmt.Sprintf("Scripts got timeout after %v", color.HiMagentaString(timeoutRaw)))
120	-	}
121	-	return ""
122	-	}
123	-
124	-	// RunScript really run a script
125	-	func (r *Runner) RunScript(script string, options libs.Options) string {
126	-	execScript := ResolveData(script, options.Scan.ROptions)
127	-	return r.ExecScript(execScript)
128	-	}
129	-
130	-	// RunSteps run list of steps
131	-	func (r *Runner) RunSteps(steps []libs.Step, options libs.Options) error {
132	-	var stepOut string
133	-	for _, step := range steps {
134	-	r.DoneStep += 1
135	-	if step.Timeout != "" {
136	-	step.Timeout = ResolveData(step.Timeout, options.Scan.ROptions)
137	-	// timeout should be: 30, 30m, 1h
138	-	timeout := utils.CalcTimeout(step.Timeout)
139	-	if timeout != 0 {
140	-	stepOut, _ = r.RunStepWithTimeout(timeout, step, options)
141	-	if strings.Contains(stepOut, "exit") {
142	-	return errors.New("got exit call")
143	-	}
144	-	continue
145	-	}
146	-	}
147	-
148	-	stepOut, _ = r.RunStep(step, options)
149	-	if strings.Contains(stepOut, "exit") {
150	-	return errors.New("got exit call")
151	-	}
152	-	}
153	-	return nil
154	-	}
155	-
156	-	// RunStepWithTimeout run step with timeout
157	-	func (r *Runner) RunStepWithTimeout(timeout int, step libs.Step, options libs.Options) (string, error) {
158	-	utils.DebugF("Run step with %v seconds timeout", timeout)
159	-	prefix := fmt.Sprintf("timeout -k 1m %vs ", timeout)
160	-
161	-	// prepare the os command with prefix timeout first
162	-	var preFixCommands []string
163	-	for _, command := range step.Commands {
164	-	preFixCommand := command
165	-	if !strings.Contains(command, "timeout") {
166	-	preFixCommand = prefix + command
167	-	}
168	-	preFixCommands = append(preFixCommands, preFixCommand)
169	-	}
170	-	step.Commands = preFixCommands
171	-
172	-	// override global timeout
173	-	options.Timeout = step.Timeout
174	-	output, _ := r.RunStep(step, options)
175	-	return output, nil
176	-	}
177	-
178	-	// RunStep really run a step
179	-	func (r *Runner) RunStep(step libs.Step, options libs.Options) (string, error) {
180	-	var output string
181	-	if step.Label != "" {
182	-	utils.BlockF("Start-Step", color.HiCyanString(step.Label))
183	-	}
184	-
185	-	// checking required file
186	-	err := r.CheckRequired(step.Required, r.Opt)
187	-	if err != nil {
188	-	return output, errors.New("missing requirements")
189	-	}
190	-
191	-	// check conditions and run reverse step
192	-	err = r.CheckCondition(step.Conditions, r.Opt)
193	-	if err != nil {
194	-	if len(step.RCommands) == 0 && len(step.RScripts) == 0 {
195	-	return output, errors.New("conditions not met")
196	-	}
197	-
198	-	// run reverse commands
199	-	utils.InforF("Condition false, run the reverse commands")
200	-	if len(step.RCommands) > 0 {
201	-	RunCommands(step.RCommands, step.Std, r.Opt)
202	-	}
203	-	// run reverse scripts
204	-	if len(step.RScripts) > 0 {
205	-	output = r.RunScripts(step.RScripts, r.Opt)
206	-	if strings.Contains(output, "exit") {
207	-	return output, nil
208	-	}
209	-	}
210	-	return output, nil
211	-	}
212	-
213	-	if step.Source == "" {
214	-	if len(step.Commands) > 0 {
215	-	RunCommands(step.Commands, step.Std, r.Opt)
216	-	}
217	-	if len(step.Scripts) > 0 {
218	-	output = r.RunScripts(step.Scripts, r.Opt)
219	-	if strings.Contains(output, "exit") {
220	-	return output, nil
221	-	}
222	-	}
223	-
224	-	// run ose here
225	-	if len(step.Ose) > 0 {
226	-	for _, ose := range step.Ose {
227	-	r.RunOse(ose)
228	-	}
229	-	}
230	-
231	-	// post scripts
232	-	if len(step.PConditions) > 0 \|\| len(step.PScripts) > 0 {
233	-	err := r.CheckCondition(step.PConditions, r.Opt)
234	-	if err == nil {
235	-	if len(step.PScripts) > 0 {
236	-	r.RunScripts(step.PScripts, r.Opt)
237	-	}
238	-	}
239	-	}
240	-	if step.Label != "" {
241	-	utils.BlockF("Done-Step", color.HiCyanString(step.Label))
242	-	}
243	-	return output, nil
244	-	}
245	-
246	-	////// Start to run step but in loop mode
247	-
248	-	source := ResolveData(step.Source, r.Target)
249	-	utils.DebugF("Run step with Source: %v", source)
250	-	data := utils.ReadingLines(source)
251	-	if len(data) <= 0 {
252	-	return output, errors.New("missing source")
253	-	}
254	-	if step.Threads != "" {
255	-	step.Threads = ResolveData(step.Threads, r.Target)
256	-	step.Parallel = cast.ToInt(step.Threads)
257	-	}
258	-	if step.Parallel == 0 {
259	-	step.Parallel = 1
260	-	}
261	-
262	-	// skip concurrency part
263	-	if step.Parallel == 1 {
264	-	for index, line := range data {
265	-	r.Target["line"] = line
266	-	r.Target["line_id"] = fmt.Sprintf("%v-%v", path.Base(line), index)
267	-	r.Target["_id_"] = fmt.Sprintf("%v", index)
268	-	r.Target["_line_"] = execution.StripName(line)
269	-	if len(step.Commands) > 0 {
270	-	RunCommands(step.Commands, step.Std, options)
271	-	}
272	-
273	-	if len(step.Ose) > 0 {
274	-	for _, ose := range step.Ose {
275	-	r.RunOse(ose)
276	-	}
277	-	}
278	-
279	-	if len(step.Scripts) > 0 {
280	-	r.RunScripts(step.Scripts, options)
281	-	}
282	-
283	-	// post scripts
284	-	if len(step.PConditions) > 0 \|\| len(step.PScripts) > 0 {
285	-	err := r.CheckCondition(step.PConditions, options)
286	-	if err == nil {
287	-	if len(step.PScripts) > 0 {
288	-	r.RunScripts(step.PScripts, options)
289	-	}
290	-	}
291	-	}
292	-
293	-	}
294	-
295	-	if step.Label != "" {
296	-	utils.BlockF("Done-Step", color.HiCyanString(step.Label))
297	-	}
298	-	return output, nil
299	-	}
300	-
301	-	/////////////
302	-	// run multiple steps in concurrency mode
303	-
304	-	utils.DebugF("Run step in Parallel: %v", step.Parallel)
305	-	var wg sync.WaitGroup
306	-	p, _ := ants.NewPoolWithFunc(step.Parallel, func(i interface{}) {
307	-	r.startStepJob(i)
308	-	wg.Done()
309	-	}, ants.WithPreAlloc(true))
310	-	defer p.Release()
311	-
312	-	var mu sync.Mutex
313	-	for index, line := range data {
314	-	mu.Lock()
315	-	localOptions := libs.Options{}
316	-	copier.Copy(&localOptions, &options)
317	-	localOptions.Scan.ROptions["line"] = line
318	-	localOptions.Scan.ROptions["line_id"] = fmt.Sprintf("%v-%v", path.Base(line), index)
319	-	localOptions.Scan.ROptions["_id_"] = fmt.Sprintf("%v", index)
320	-	localOptions.Scan.ROptions["_line_"] = execution.StripName(line)
321	-
322	-	// make completely new Step
323	-	localStep := libs.Step{}
324	-
325	-	for _, cmd := range step.Commands {
326	-	localStep.Commands = append(localStep.Commands, ResolveData(cmd, localOptions.Scan.ROptions))
327	-	}
328	-	for _, cmd := range step.RCommands {
329	-	localStep.RCommands = append(localStep.RCommands, ResolveData(cmd, localOptions.Scan.ROptions))
330	-	}
331	-
332	-	if len(step.Ose) > 0 {
333	-	for _, ose := range step.Ose {
334	-	localStep.Ose = append(localStep.Ose, ResolveData(ose, localOptions.Scan.ROptions))
335	-	}
336	-	}
337	-
338	-	for _, script := range step.RScripts {
339	-	localStep.RScripts = append(localStep.RScripts, ResolveData(script, localOptions.Scan.ROptions))
340	-	}
341	-
342	-	for _, script := range step.Scripts {
343	-	localStep.Scripts = append(localStep.Scripts, ResolveData(script, localOptions.Scan.ROptions))
344	-	}
345	-
346	-	for _, script := range step.PConditions {
347	-	localStep.PConditions = append(localStep.PConditions, ResolveData(script, localOptions.Scan.ROptions))
348	-	}
349	-	for _, script := range step.PScripts {
350	-	localStep.PScripts = append(localStep.PScripts, ResolveData(script, localOptions.Scan.ROptions))
351	-	}
352	-
353	-	job := stepJob{
354	-	options: localOptions,
355	-	step: localStep,
356	-	}
357	-	wg.Add(1)
358	-	_ = p.Invoke(job)
359	-	mu.Unlock()
360	-	}
361	-
362	-	wg.Wait()
363	-	if step.Label != "" {
364	-	utils.BlockF("Done-Step", color.HiCyanString(step.Label))
365	-	}
366	-	return output, nil
367	-	}
368	-
369	-	type stepJob struct {
370	-	options libs.Options
371	-	step libs.Step
372	-	}
373	-
374	-	func (r *Runner) startStepJob(j interface{}) {
375	-	job := j.(stepJob)
376	-	localOptions := job.options
377	-	localStep := job.step
378	-
379	-	err := r.CheckCondition(localStep.Conditions, localOptions)
380	-
381	-	if err != nil {
382	-	// run reverse commands
383	-	if len(localStep.RCommands) > 0 {
384	-	RunCommands(localStep.RCommands, localStep.Std, localOptions)
385	-	}
386	-	if len(localStep.RScripts) > 0 {
387	-	r.RunScripts(localStep.RScripts, localOptions)
388	-	}
389	-	} else {
390	-	if len(localStep.Commands) > 0 {
391	-	RunCommands(localStep.Commands, localStep.Std, localOptions)
392	-	}
393	-	}
394	-
395	-	if len(localStep.Ose) > 0 {
396	-	for _, ose := range localStep.Ose {
397	-	r.RunOse(ose)
398	-	}
399	-	}
400	-
401	-	if len(localStep.Scripts) > 0 {
402	-	r.RunScripts(localStep.Scripts, localOptions)
403	-	}
404	-
405	-	// post scripts
406	-	if len(localStep.PConditions) > 0 \|\| len(localStep.PScripts) > 0 {
407	-	err := r.CheckCondition(localStep.PConditions, localOptions)
408	-	if err == nil {
409	-	if len(localStep.PScripts) > 0 {
410	-	r.RunScripts(localStep.PScripts, localOptions)
411	-	}
412	-	}
413	-	}
414	-	}
415	-

■ ■ ■ ■ ■ ■

core/runner.go

		skipped 6 lines
7	7		"github.com/j3ssie/osmedeus/execution"
8	8		"github.com/j3ssie/osmedeus/libs"
9	9		"github.com/j3ssie/osmedeus/utils"
	10	+	"github.com/panjf2000/ants"
10	11		"github.com/robertkrimen/otto"
11	12		"github.com/thoas/go-funk"
12	13		"os"
13	14		"strings"
	15	+	"sync"
14	16		)
15	17
16	18		// Runner runner struct to start a job
		skipped 24 lines
41	43		RuntimeFile string
42	44
43	45		RoutineModules []string
	46	+	Reports []string
44	47		Routines []libs.Routine
45	48
46		-	// RunTime *otto.Otto
47		-	VM *otto.Otto
48		-
	49	+	VM *otto.Otto
49	50		TargetObj database.Target
50	51		ScanObj database.Scan
51	52
52	53		Target map[string]string
	54	+	// this is same as targets but won't change during the execution time
	55	+	Params map[string]string
53	56		}
54	57
55	58		// InitRunner init runner
		skipped 47 lines
103	106		}
104	107		}
105	108		}
106		-
107	109		}
108	110
109	111		// generate routines
		skipped 73 lines
183	185		}
184	186		}
185	187
	188	+	// PrepareParams prepare global params
	189	+	func (r *Runner) PrepareParams() {
	190	+	r.Params = r.Target
	191	+
	192	+	// looking for more params from each module
	193	+	for _, routine := range r.Routines {
	194	+	for _, module := range routine.ParsedModules {
	195	+	// params from module file
	196	+	if len(module.Params) > 0 {
	197	+	for _, param := range module.Params {
	198	+	for k, v := range param {
	199	+	// skip params if override: false
	200	+	_, exist := r.Params[k]
	201	+	if module.ForceParams && exist {
	202	+	utils.DebugF("Skip Override param: %v --> %v", v, k)
	203	+	continue
	204	+	}
	205	+
	206	+	v = ResolveData(v, r.Params)
	207	+	if strings.HasPrefix(v, "~/") {
	208	+	v = utils.NormalizePath(v)
	209	+	}
	210	+	r.Params[k] = v
	211	+	}
	212	+	}
	213	+	}
	214	+
	215	+	// more params from -p flag
	216	+	if len(r.Opt.Scan.Params) > 0 {
	217	+	params := ParseParams(r.Opt.Scan.Params)
	218	+	if len(params) > 0 {
	219	+	for k, v := range params {
	220	+	v = ResolveData(v, r.Params)
	221	+	r.Params[k] = v
	222	+	}
	223	+	}
	224	+	}
	225	+	}
	226	+	}
	227	+
	228	+	r.ResolveRoutine()
	229	+
	230	+	}
	231	+
	232	+	// ResolveRoutine resolve the module name first
	233	+	func (r *Runner) ResolveRoutine() {
	234	+	var routines []libs.Routine
	235	+
	236	+	for _, rawRoutine := range r.Routines {
	237	+
	238	+	var routine libs.Routine
	239	+	for _, module := range rawRoutine.ParsedModules {
	240	+	module = ResolveReports(module, r.Params)
	241	+
	242	+	r.Reports = append(r.Reports, module.Report.Final...)
	243	+	module.PreRun = ResolveSlice(module.PreRun, r.Params)
	244	+
	245	+	// steps
	246	+	for i, step := range module.Steps {
	247	+	module.Steps[i].Timeout = ResolveData(step.Timeout, r.Params)
	248	+	module.Steps[i].Threads = ResolveData(step.Threads, r.Params)
	249	+	module.Steps[i].Label = ResolveData(step.Label, r.Params)
	250	+	module.Steps[i].Std = ResolveData(step.Std, r.Params)
	251	+	module.Steps[i].Source = ResolveData(step.Source, r.Params)
	252	+
	253	+	module.Steps[i].Conditions = ResolveSlice(step.Conditions, r.Params)
	254	+	module.Steps[i].Required = ResolveSlice(step.Required, r.Params)
	255	+
	256	+	module.Steps[i].Commands = ResolveSlice(step.Commands, r.Params)
	257	+	module.Steps[i].Scripts = ResolveSlice(step.Scripts, r.Params)
	258	+
	259	+	module.Steps[i].RCommands = ResolveSlice(step.RCommands, r.Params)
	260	+	module.Steps[i].RScripts = ResolveSlice(step.RScripts, r.Params)
	261	+	module.Steps[i].PConditions = ResolveSlice(step.PConditions, r.Params)
	262	+	module.Steps[i].PScripts = ResolveSlice(step.PScripts, r.Params)
	263	+	module.Steps[i].Ose = ResolveSlice(step.Ose, r.Params)
	264	+	}
	265	+
	266	+	module.PostRun = ResolveSlice(module.PostRun, r.Params)
	267	+	routine.ParsedModules = append(routine.ParsedModules, module)
	268	+	}
	269	+
	270	+	routines = append(routines, routine)
	271	+	}
	272	+	r.Routines = routines
	273	+	}
	274	+
186	275		func (r *Runner) Start() {
187	276		err := r.Validator()
188	277		if err != nil {
		skipped 17 lines
206	295		r.DBNewTarget()
207	296		r.DBNewScan()
208	297		r.StartScanNoti()
	298	+	r.LoadEngineScripts()
	299	+
	300	+	r.PrepareParams()
209	301
210	302		/////
211	303		/* really start the scan here */
212		-	r.StartRoutine()
	304	+	r.StartRoutines()
213	305		/////
214	306
215	307		BackupWorkspace(r.Opt)
		skipped 4 lines
220	312		utils.WriteToFile(r.DoneFile, "done")
221	313		}
222	314
223		-	// StartRoutine start the scan
224		-	func (r *Runner) StartRoutine() {
225		-	for _, routine := range r.Routines {
226		-	for _, module := range routine.ParsedModules {
227		-	module = ResolveReports(module, r.Opt)
228		-	module.ForceParams = r.ForceParams
229		-	r.Opt.Module = module
230		-
231		-	// check exclude options
232		-	if funk.ContainsString(r.Opt.Exclude, module.Name) {
233		-	utils.BadBlockF(module.Name, fmt.Sprintf("Module Got Excluded"))
234		-	continue
235		-	}
236	315
237		-	rTimeout := r.Opt.Timeout
238		-	if module.MTimeout != "" {
239		-	rTimeout = ResolveData(module.MTimeout, r.Target)
240		-	}
	316	+	// StartRoutines start the scan
	317	+	func (r *Runner) StartRoutines() {
	318	+	for _, routine := range r.Routines {
	319	+	// start each section of modules
	320	+	utils.DebugF("Start routine: %v", len(routine.ParsedModules))
	321	+	r.RunRoutine(routine.ParsedModules)
	322	+	}
	323	+	}
241	324
242		-	if rTimeout != "" {
243		-	timeout := utils.CalcTimeout(rTimeout)
244		-	if timeout < 43200 {
245		-	// run the module but with timeout
246		-	r.RunModulesWithTimeout(rTimeout, module, r.Opt)
247		-	continue
248		-	}
249		-	}
	325	+	func (r *Runner) RunRoutine(modules []libs.Module) {
	326	+	var wg sync.WaitGroup
	327	+	p, _ := ants.NewPoolWithFunc(r.Opt.Concurrency*10, func(m interface{}) {
	328	+	module := m.(libs.Module)
	329	+	r.RunModule(module)
	330	+	wg.Done()
	331	+	}, ants.WithPreAlloc(true))
	332	+	defer p.Release()
250	333
251		-	r.RunModule(module, r.Opt)
	334	+	for _, module := range modules {
	335	+	if funk.ContainsString(r.Opt.Exclude, module.Name) {
	336	+	utils.BadBlockF(module.Name, fmt.Sprintf("Module Got Excluded"))
	337	+	continue
252	338		}
	339	+
	340	+	p.Invoke(module)
	341	+	wg.Add(1)
253	342		}
	343	+
	344	+	wg.Wait()
254	345		}
255	346

■ ■ ■ ■ ■ ■

core/runtime.go

		skipped 45 lines
46	46		}
47	47
48	48		utils.DebugF("-- Start ose:\n\n%s", scriptName)
49		-	scriptContent = ResolveData(scriptContent, r.Target)
50	49		r.ExecScript(scriptContent)
51	50		utils.DebugF("-- Done ose: %s", scriptName)
52	51		}
		skipped 400 lines

■ ■ ■ ■ ■ ■

core/step.go

		skipped 21 lines
22	22		defer cancel()
23	23
24	24		go func() {
25		-	r.RunModule(module, options)
	25	+	r.RunModule(module)
26	26		cancel()
27	27		}()
28	28
		skipped 8 lines
37	37		}
38	38
39	39		// CheckResume check resume report
40		-	func CheckResume(options libs.Options) bool {
41		-	for _, report := range options.Module.Report.Final {
	40	+	func CheckResume(module libs.Module) bool {
	41	+	for _, report := range module.Report.Final {
42	42		if !strings.Contains(report, ".osmedeus/storages") && !utils.FileExists(report) {
43	43		return false
44	44		}
		skipped 2 lines
47	47		}
48	48
49	49		// ResolveReports resolve real path of reports
50		-	func ResolveReports(module libs.Module, options libs.Options) libs.Module {
	50	+	func ResolveReports(module libs.Module, params map[string]string) libs.Module {
51	51		var final []string
52	52		var noti []string
53	53		var diff []string
54	54		for _, report := range module.Report.Final {
55		-	final = append(final, ResolveData(report, options.Scan.ROptions))
	55	+	final = append(final, ResolveData(report, params))
56	56		}
57	57
58	58		for _, report := range module.Report.Noti {
59		-	noti = append(noti, ResolveData(report, options.Scan.ROptions))
	59	+	noti = append(noti, ResolveData(report, params))
60	60		}
61	61
62	62		for _, report := range module.Report.Diff {
63		-	diff = append(diff, ResolveData(report, options.Scan.ROptions))
	63	+	diff = append(diff, ResolveData(report, params))
64	64		}
65	65
66	66		module.Report.Final = final
		skipped 2 lines
69	69		return module
70	70		}
71	71
	72	+
	73	+	// print all report
	74	+	func printReports(module libs.Module) {
	75	+	var files []string
	76	+	files = append(files, module.Report.Final...)
	77	+	files = append(files, module.Report.Noti...)
	78	+	files = append(files, module.Report.Diff...)
	79	+
	80	+	reports := funk.UniqString(files)
	81	+	utils.BannerF("REPORT", module.Name)
	82	+	for _, report := range reports {
	83	+	if !utils.FileExists(report) && utils.EmptyFile(report, 0) {
	84	+	if !utils.FolderExists(report) && utils.EmptyDir(report) {
	85	+	continue
	86	+	}
	87	+	}
	88	+	utils.BlockF("report", report)
	89	+	}
	90	+	}
	91	+
72	92		// CheckRequired check if required file exist or not
73	93		func (r *Runner) CheckRequired(requires []string, options libs.Options) error {
74	94		if len(requires) == 0 {
		skipped 2 lines
77	97
78	98		utils.DebugF("Checking require: %v", requires)
79	99		for _, require := range requires {
80		-	require = ResolveData(require, options.Scan.ROptions)
	100	+	//require = ResolveData(require, options.Scan.ROptions)
81	101
82	102		if strings.Contains(require, "(") && strings.Contains(require, ")") {
83	103		validate := r.ConditionExecScript(require)
		skipped 16 lines
100	120		}
101	121
102	122		// CheckCondition check if required file exist or not
103		-	func (r *Runner) CheckCondition(conditions []string, options libs.Options) error {
	123	+	func (r *Runner) CheckCondition(conditions []string) error {
104	124		if len(conditions) == 0 {
105	125		return nil
106	126		}
107	127		for _, require := range conditions {
108		-	require = ResolveData(require, options.Scan.ROptions)
109		-	validate := r.ConditionExecScript(require)
110		-	if !validate {
	128	+	if !r.ConditionExecScript(require) {
111	129		return fmt.Errorf("condition not met: %s", require)
112	130		}
113	131		}
		skipped 1 lines
115	133		}
116	134
117	135		// RunCommands run list of commands in parallel
118		-	func RunCommands(commands []string, std string, options libs.Options) string {
	136	+	func (r *Runner) RunCommands(commands []string, std string) string {
119	137		var wg sync.WaitGroup
120	138		var output string
121	139		var err error
122	140
123		-	for _, rawCommand := range commands {
124		-	command := ResolveData(rawCommand, options.Scan.ROptions)
	141	+	for _, command := range commands {
125	142		wg.Add(1)
126	143		// don't run too much command at once
127		-	go func() {
	144	+	go func(command string) {
128	145		defer wg.Done()
129	146		var out string
130	147		if std != "" {
		skipped 3 lines
134	151		}
135	152
136	153		if err != nil {
137		-	utils.DebugF("error running command: %v", command)
	154	+	utils.DebugF("error running command: %v -- %v", command, err)
138	155		}
139	156
140	157		if out != "" {
141	158		output += out
142	159		}
143		-	}()
	160	+	}(command)
144	161		}
145	162		wg.Wait()
146	163
		skipped 3 lines
150	167		return output
151	168		}
152	169
153		-	// print all report
154		-	func printReports(options libs.Options) {
155		-	var files []string
156		-	files = append(files, options.Module.Report.Final...)
157		-	files = append(files, options.Module.Report.Noti...)
158		-	files = append(files, options.Module.Report.Diff...)
159		-
160		-	reports := funk.UniqString(files)
161		-	utils.BannerF("REPORT", options.Module.Name)
162		-	for _, report := range reports {
163		-	if !utils.FileExists(report) && utils.EmptyFile(report, 0) {
164		-	if !utils.FolderExists(report) && utils.EmptyDir(report) {
165		-	continue
166		-	}
167		-	}
168		-	utils.BlockF("report", report)
169		-	}
170		-	}
171		-

■ ■ ■ ■ ■ ■

core/update.go

		skipped 245 lines
246	246		}
247	247		}
248	248
249		-
250		-	func UpdateVuln(opt libs.Options) {
	249	+	func UpdateVuln(opt libs.Options) {
251	250		utils.InforF("Updating Vulnerability Database only")
252	251
253	252		//// update vulnerability signatures
		skipped 98 lines

■ ■ ■ ■ ■ ■

distribute/command.go

		skipped 69 lines
70	70		}
71	71
72	72		// create record on UI
73		-	c.Opt.Module = core.ResolveReports(parsedModule, c.Opt)
	73	+	c.Opt.Module = core.ResolveReports(parsedModule, c.Target)
74	74		database.DBNewReports(parsedModule, &c.Runner.TargetObj)
75	75		return
76	76		}
		skipped 27 lines
104	104		continue
105	105		}
106	106		// create record on UI
107		-	c.Opt.Module = core.ResolveReports(parsedModule, c.Opt)
	107	+	c.Opt.Module = core.ResolveReports(parsedModule, c.Target)
108	108		database.DBNewReports(c.Opt.Module, &c.Runner.TargetObj)
109	109		}
110	110		}
		skipped 69 lines

■ ■ ■ ■ ■ ■

distribute/scan.go

		skipped 227 lines
228	228		// really start to run pre commands
229	229		for _, script := range c.Opt.Cloud.LocalPreRun {
230	230		script = core.ResolveData(script, c.Target)
231		-	c.Runner.RunScript(script, c.Opt)
	231	+	c.Runner.RunScript(script)
232	232		}
233	233		return nil
234	234		}
		skipped 5 lines
240	240		// for running local steps
241	241		utils.DebugF("Running local steps")
242	242		for _, step := range c.Opt.Cloud.LocalSteps {
243		-	c.Runner.RunStep(step, c.Opt)
	243	+	c.Runner.RunStep(step)
244	244		}
245	245		}
246	246
		skipped 5 lines
252	252		// really start to run pre commands
253	253		for _, script := range c.Opt.Cloud.LocalPostRun {
254	254		script = core.ResolveData(script, c.Target)
255		-	c.Runner.RunScript(script, c.Opt)
	255	+	c.Runner.RunScript(script)
256	256		}
257	257		return nil
258	258		}
		skipped 1 lines

■ ■ ■ ■ ■ ■

execution/clean.go

		skipped 19 lines
20	20		"github.com/j3ssie/osmedeus/utils"
21	21		)
22	22
23		-	// Cleaning cleaning tmp data of workspaces
24		-	func Cleaning(folder string, options libs.Options) {
25		-	if options.NoClean {
26		-	utils.InforF("Disabled Cleaning")
27		-	return
28		-	}
	23	+	// Cleaning the execution directory
	24	+	func Cleaning(folder string, reports []string) {
29	25		utils.DebugF("Cleaning result: %v", folder)
30		-	// don't remove file in report part
31		-	var reports []string
32		-	reports = append(reports, options.Module.Report.Final...)
33		-	reports = append(reports, options.Module.Report.Noti...)
34		-	reports = append(reports, options.Module.Report.Diff...)
35		-
36	26		// list all the file
37	27		items, err := filepath.Glob(fmt.Sprintf("%v/*", folder))
38	28		if err != nil {
		skipped 469 lines

■ ■ ■ ■ ■ ■

libs/step.go

skipped 25 lines
26 26 PConditions []string
27 27 PScripts []string
28 28
29 - //Output []string
30 29 Std string
31 30 }
32 31

All occurrences

■ ■ ■ ■ ■ ■

libs/update.go

		skipped 12 lines
13	13		UpdateFolder string
14	14		UpdateDate string
15	15		CleanOldData bool
16		-	VulnUpdate bool
	16	+	VulnUpdate bool
17	17		GenerateMeta string
18	18		ForceUpdate bool
19	19		IsUpdateBin bool
		skipped 10 lines

■ ■ ■ ■ ■ ■

libs/version.go

		skipped 3 lines
4	4
5	5		const (
6	6		// VERSION of this project
7		-	VERSION = "v4.0.3"
	7	+	VERSION = "v4.1.0"
8	8		// DESC description of the tool
9	9		DESC = "A Workflow Engine for Offensive Security"
10	10		// BINARY name of osmedeus
		skipped 17 lines

■ ■ ■ ■ ■ ■

test-workflows/parallel.yaml

1	+	name: flow-with-params
2	+	desc: run normal routine
3	+	type: sample
4	+
5	+	params:
6	+	- firstTimeout: '5s'
7	+
8	+	routines:
9	+	- modules:
10	+	- parallel
11	+	- parallel2
12	+	- modules:
13	+	- timeout-module
14	+
15	+

■ ■ ■ ■ ■ ■

test-workflows/sample/parallel.yaml

1	+	name: parallel1
2	+	desc: Run dirbscan scan on list of HTTP file
3	+
4	+	params:
5	+	- limit: '5000'
6	+
7	+	steps:
8	+	- label: 'Start step 111'
9	+	commands:
10	+	- "echo '---> {{.Target}} '"
11	+	- "seq {{.limit}} > /tmp/source.txt"
12	+
13	+	- source: '/tmp/source.txt'
14	+	threads: '200'
15	+	commands:
16	+	- "echo '---> [[.line]]'"
17	+	# - "sleep 1 && echo '---> done [[.line]]'"
18	+
19	+	- commands:
20	+	- "echo 'done parallel 111111'"

■ ■ ■ ■ ■ ■

test-workflows/sample/parallel2.yaml

1	+	name: parallel2
2	+	desc: Run dirbscan scan on list of HTTP file
3	+
4	+	steps:
5	+	- label: 'Start step 222'
6	+	commands:
7	+	- "sleep 5"
8	+	- "echo '==>>>> {{.Target}} '"
9	+
10	+	- commands:
11	+	- "echo 'done parallel 2222'"
12	+

■ ■ ■ ■ ■ ■

test-workflows/sample/timeout-module.yaml

1	1		name: timeout-module
2		-	# mtimeout: '{{.firstTimeout}}'
3		-
4		-	params:
5		-	- runSlow: 'true'
	2	+	desc:
6	3
7	4		steps:
8		-	# - conditions:
9		-	# - '{{.runSlow}} == true'
10		-	# commands:
11		-	# - "echo '---> Slow '"
12		-	# rcommands:
13		-	# - "echo '<---- Reverse '"
14		-
15		-	- required:
16		-	- "/tmp/not-exist"
17		-	commands:
18		-	- "sleep 20 && echo '---> done sleep 20s'"
19		-
	5	+	- commands:
	6	+	- "echo '==> Done here <=="

■ ■ ■ ■ ■ ■

test-workflows/serial.yaml

1	+	name: flow-with-params
2	+	desc: run normal routine
3	+	type: sample
4	+
5	+	params:
6	+	- firstTimeout: '5s'
7	+
8	+	routines:
9	+	- modules:
10	+	- parallel
11	+
12	+
13	+

		skipped 25 lines
26	26		PConditions []string
27	27		PScripts []string
28	28
29		-	//Output []string
30	29		Std string
31	30		}
32	31

Release v4.1.0