Subversion Repositories vnag

Rev

Rev 42 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 42 Rev 59
Line 1... Line 1...
1 
<?php /* <ViaThinkSoftSignature>
 1 
<?php /* <ViaThinkSoftSignature>
2 
tnq+qJ0FVMFjtw0VxxXU3yGcuwQtR+YxngRuF612pYRja0m6907iUi6E2uuTAiK6d
 2 
d5Ch9xyUxv3Bu3N2jbIjfBn2mP062FT5Kdj1z31EUW9w+rJMXfvaeidWQfLapqU7c
3 
lCx969+n5MBG0N9yM/vPLKowBodxgEAaE5PlS5cfU2WKqbPbrAI6yWjfMruy5OzOi
 3 
uIAztDKoRCMsAsvZYSB1zD8+pi0ClJYGbiB+/7ACt1TSVOvtrWxE9lsWXIOjLA0Ft
4 
KV2wIIWY+QR9HuNDKvO5TQjFMaLvXdOqNZp+bCP/YDiLJ4oq8s470/z4MZu/jz1ou
 4 
YeccOh4Mf/JFtLbLyo/xQofsIy+9umKQ1fbhgrcmJfaWY07QeoZVE7HHauTZA+ld6
5 
2pLzyjyDdaMAjrphpGrG9BY0eS1j9EQo88Kv9sFJrmOR+QNRawiMSL1Vuy5XxbriO
 5 
HyjNklTAc9b3tcFQBp9bgB3p4Pt28y6irIqDhaqvBja8F2oCK7FCZQFwE/JF0UKT/
6 
VH65ZkZ6hs7NPsojgKM50OQUUmRiMi99S2CCqQHPh2O0VaZMB9hQ4NiWN5wyjExMN
 6 
PMOJ0VtzC1p72SiOWMg4U0+hMi4Sre48SuSOiUtLaF14GdzfATGOxOqyFvFAFXClh
7 
v5vVpWLFDwG20YKNWdfPd/hADcJ+W3E17RuDbRqphzEJlHcgKgLMULmCCT0H7XWb3
 7 
qUqgxXmQTFJCZzGW2rga9BJw35zTYy/jtWLN8nGFG+S2c7e+IJAqN+iDMD7I+NyRd
8 
NP3iKqVJOGnt7SVDXPKsNbjP2oA6/gAOpBZptV/i95f0kplJ69T7AxVmoNg9dWJnA
 8 
jjZKqDjXDZrIolL6KP2yl4WPtVD8iaJcgrxUQD+TQiJkcjvSEp2DVN0OETDFUzlx2
9 
JMOmpteZCmdZQV7vKbPvCLVOTMh9/Q9OFe877kjRaEAQJaPtrdus4Q8uhvghRFiiL
 9 
Jr9hc14n7z78ebkTgNToAGauBvfyFRCEyRBcXyS9VluTd23g3ICXY0qdWJUhf4zpz
10 
yuJbsZgIAnZvliEe9jDBPCFxTC4tMDqoG5rXRltz4J+Ig52L9AWq0bSf9+AywMjdT
 10 
PJPdgAVmO1X8kPaVB97GI2iQDqIMFLr6PEre6GTaB893B3lrej8sTdAiV8WPlzKmZ
11 
c1jS22mBcqC0rx2cmKZl/AWutrBisVeQweAaipRncW85wyZMWgSB3lowbMKZHNqZV
 11 
LHxxUr2uQdIT2NkLbvvzNSoJKsWXKdmbvWk3Oy+VYGH9LEjw+bRTweubH36gYf4to
12 
YCZt7QSxUGPZAIKy51i6QivhJaaQhvnCZW3lkQGZLqruuXU7QJzw6BzW+aMz+kWqM
 12 
QpoiUcnQ4B1f9GxDUp455aPtN9HmY7dOb4YehyWCFKge/1PUoT3/omz4cRlz5+8QM
13 
wMHANFDgw/VusaSWW4a+oaYCyygKRiRkb2YQE8U2EObxkaDDEhquWLHhqEJ8F8kly
 13 
aYOB1/UgdeCUS674R3tzhr28LhNfJ8J4pyXzOVjVsmBkmMd+he/4MJcXWyDYDWpVl
14 
2aZghC94ryvIkMmjUCOhxJ9a429MyDrochi4RLI9OkYF4WmF4AkqFnqYJWf73kRUV
 14 
AMA700hkscLcwktA25TDd/Qh5vjF4i6dWcNlIbFxdaKyN9PTs/0T+Jza0JaDmZagW
15 
mLpohXJGLaRp5e0Q7dxJto9hy/I/6yntTREvnDkm19cY8lHceJPRv3YbuSVybMha4
 15 
gYD5R4+ei44asrZ37oAg9CjOeDm7FKRuMYiMaw/08LAYGQKFxgIAsMdcKOHya4By/
16 
9nf3KgaF4hmAwogIqTcSb5f18uqMC+Pp4sZaChQnpbC+K7StY7lI3dWL/MINHUGRX
 16 
5yVVEVLihCLKdvdn0u9d1d2BQHZS0n2KNG4cMQxnNKVjjTXDybRbyB2C0pp2S9YXN
17 
yM702pX2l/WSbflcWcvHaPoOkfkvJwP+R5BZ/GIB5F5Yv5Q4K4BDNs23u2stvbzuK
 17 
V9WWzveDY5m8jYrZ9wFjvbHeJHfFNXMrkN1k4U7mYM5Be2Mu2+MYA/Xw2oLtzmmyt
18 
6NyheDgjSRF+PckMy8AmIHtGMn4wBTbw+mH+nmBnN6HmQgqM6zHpU1CwVw1Q/c2IP
 18 
9WxiCO0B4TrEKOJYV1jC7BDWoAAHNnDxFoOJo+dm/hjTU3XOaWSpsxTURYFR/Ltn5
19 
xihKexQelORhik6WyUWXR8GPT4PAFUOkIKV3ayKibd2zLDAd3YM3J4uDbEwp3vg/b
 19 
G1yakcUq18mS5c2BEXpwXaJq5+f3QP5COzEcrvgGqBJRfpy0JxsRtKAzTQpADzRtR
20 
neIWy36vzf6xGnPFig0qobZGIisfVMMpvnZkXA9c67K6LFNEx1eOlW6Cx068NZqZW
 20 
8jI68XrP4y9FrcUazM4RPp+U8dRY2zjMas559t7Xb7RysHRpFxf2SZ+Xj0SVQZEsj
21 
l1s/Q8qJ8UjnPurbrQ4k1v62ZHMy3s9LbiNRyMEt5kdjCMFNuc1jWGpLwp2rw5WKC
 21 
YOATRaQdV+a6haeDvB346iJIjVaNY6SaaMPI5JEhAr79BM6nJCXIu7HT9DCBWvhbG
22 
O5yx+62O5GPX+qZpkIjxZwe/3woj5dGiFFdsCo4afv4KitzI3czXMCDgiL4oTanQQ
 22 
MCePzFjOa4XRB1vaCJo5jolQUWyy0pFLKD5VbimI63wd1a5KqRPmtSFAu+/nQ3aKC
23 
g==
 23 
Q==
24 
</ViaThinkSoftSignature> */ ?>
 24 
</ViaThinkSoftSignature> */ ?>
25 
<?php
 25 
<?php
26 
 
 26 
 
27 
/*
 27 
/*
28 
 * VNag - Nagios Framework for PHP
 28 
 * VNag - Nagios Framework for PHP
Line 55... Line 55...
55 
                $this->addExpectedArgument($this->argDomain = new VNagArgument('d', 'domain', VNagArgument::VALUE_REQUIRED, 'domainOrFile', 'Domain(s) or subdomain(s), separated by comma, to be checked or a file containing domain names.'));
 55 
                $this->addExpectedArgument($this->argDomain = new VNagArgument('d', 'domain', VNagArgument::VALUE_REQUIRED, 'domainOrFile', 'Domain(s) or subdomain(s), separated by comma, to be checked or a file containing domain names.'));
56 
                $this->addExpectedArgument($this->argPrivateAPI = new VNagArgument('p', 'privateapi', VNagArgument::VALUE_REQUIRED, 'privateApiUrl', 'A link to your private API (https://www.openbugbounty.org/api/2/...../). Cannot be used together with argument \'-d\'.'));
 56 
                $this->addExpectedArgument($this->argPrivateAPI = new VNagArgument('p', 'privateapi', VNagArgument::VALUE_REQUIRED, 'privateApiUrl', 'A link to your private API (https://www.openbugbounty.org/api/2/...../). Cannot be used together with argument \'-d\'.'));
57 
                $this->addExpectedArgument($this->argIgnoredIds = new VNagArgument('i', 'ignoredids', VNagArgument::VALUE_REQUIRED, 'ignoredIds', 'Comma separated list of submission IDs that shall be defined as fixed (because OpenBugBounty often does not mark fixed bugs as fixed, even if you tell them that you have fixed them...)'));
 57 
                $this->addExpectedArgument($this->argIgnoredIds = new VNagArgument('i', 'ignoredids', VNagArgument::VALUE_REQUIRED, 'ignoredIds', 'Comma separated list of submission IDs that shall be defined as fixed (because OpenBugBounty often does not mark fixed bugs as fixed, even if you tell them that you have fixed them...)'));
58 
        }
 58 
        }
59 
 
 59 
 
60 
        protected function get_cache_dir() {
 - 
 
61 
                $homedir = @getenv('HOME');
 - 
 
62 
                if ($homedir) {
 - 
 
63 
                        $try = "${homedir}/.vnag_obb_cache";
 - 
 
64 
                        if (is_dir($try)) return $try;
 - 
 
65 
                        if (@mkdir($try)) return $try;
 - 
 
66 
                }
 - 
 
67 
 
 - 
 
68 
                $user = posix_getpwuid(posix_geteuid());
 - 
 
69 
                if (isset($user['dir'])) {
 - 
 
70 
                        $homedir = $user['dir'];
 - 
 
71 
                        $try = "${homedir}/.vnag_obb_cache";
 - 
 
72 
                        if (is_dir($try)) return $try;
 - 
 
73 
                        if (@mkdir($try)) return $try;
 - 
 
74 
                }
 - 
 
75 
 
 - 
 
76 
                if (isset($user['name'])) {
 - 
 
77 
                        $username = $user['name'];
 - 
 
78 
                        $try = "/tmp/vnag_obb_cache";
 - 
 
79 
                        if (is_dir($try)) return $try;
 - 
 
80 
                        if (@mkdir($try)) return $try;
 - 
 
81 
                }
 - 
 
82 
 
 - 
 
83 
                return false; // should usually never happen
 - 
 
84 
        }
 - 
 
85 
 
 - 
 
86 
        function is_ignored($id) {
 60 
        function is_ignored($id) {
87 
                $ids = $this->argIgnoredIds->getValue();
 61 
                $ids = $this->argIgnoredIds->getValue();
88 
                if (empty($ids)) return false;
 62 
                if (empty($ids)) return false;
89 
 
 63 
 
90 
                $ids = explode(',', $ids);
 64 
                $ids = explode(',', $ids);
Line 112... Line 86...
112 
                $unfixed_ignored = 0;
 86 
                $unfixed_ignored = 0;
113 
 
 87 
 
114 
                $this->setStatus(VNag::STATUS_OK);
 88 
                $this->setStatus(VNag::STATUS_OK);
115 
 
 89 
 
116 
                $domain = strtolower($domain);
 90 
                $domain = strtolower($domain);
- 
 
 91 
                $url = 'https://www.openbugbounty.org/api/1/search/?domain='.urlencode($domain);
117 
                $cache_file = $this->get_cache_dir() . '/' . md5($domain);
 92 
                $cache_file = $this->get_cache_dir() . '/' . sha1($url);
118 
 
 93 
 
119 
                if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) {
 94 
                if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) {
120 
                        $cont = @file_get_contents($cache_file);
 95 
                        $cont = @file_get_contents($cache_file);
121 
                        if (!$cont) throw new Exception("Failed to get contents from $cache_file");
 96 
                        if (!$cont) throw new Exception("Failed to get contents from $cache_file");
122 
                } else {
 97 
                } else {
123 
                        $url = 'https://www.openbugbounty.org/api/1/search/?domain='.urlencode($domain);
 - 
 
124 
                        $cont = @file_get_contents($url);
 98 
                        $cont = @file_get_contents($url);
125 
                        if (!$cont) throw new Exception("Failed to get contents from $url");
 99 
                        if (!$cont) throw new Exception("Failed to get contents from $url");
126 
                        file_put_contents($cache_file, $cont);
 100 
                        file_put_contents($cache_file, $cont);
127 
                }
 101 
                }
128 
 
 102 
 
Line 151... Line 125...
151 
                return array($fixed, $unfixed, $unfixed_ignored);
 125 
                return array($fixed, $unfixed, $unfixed_ignored);
152 
        }
 126 
        }
153 
 
 127 
 
154 
        function get_privateapi_data($url, $max_cache_time = 3600) { // TODO: make cache time configurable via config
 128 
        function get_privateapi_data($url, $max_cache_time = 3600) { // TODO: make cache time configurable via config
155 
                $url = strtolower($url);
 129 
                $url = strtolower($url);
156 
                $cache_file = $this->get_cache_dir() . '/' . md5($url);
 130 
                $cache_file = $this->get_cache_dir() . '/' . sha1($url);
157 
 
 131 
 
158 
                if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) {
 132 
                if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) {
159 
                        $cont = @file_get_contents($cache_file);
 133 
                        $cont = @file_get_contents($cache_file);
160 
                        if (!$cont) throw new Exception("Failed to get contents from $url");
 134 
                        if (!$cont) throw new Exception("Failed to get contents from $url");
161 
                } else {
 135 
                } else {