Rev 42 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 42 | Rev 59 | ||
---|---|---|---|
Line 1... | Line 1... | ||
1 | <?php /* <ViaThinkSoftSignature> |
1 | <?php /* <ViaThinkSoftSignature> |
2 | tnq+qJ0FVMFjtw0VxxXU3yGcuwQtR+YxngRuF612pYRja0m6907iUi6E2uuTAiK6d |
2 | d5Ch9xyUxv3Bu3N2jbIjfBn2mP062FT5Kdj1z31EUW9w+rJMXfvaeidWQfLapqU7c |
3 | lCx969+n5MBG0N9yM/vPLKowBodxgEAaE5PlS5cfU2WKqbPbrAI6yWjfMruy5OzOi |
3 | uIAztDKoRCMsAsvZYSB1zD8+pi0ClJYGbiB+/7ACt1TSVOvtrWxE9lsWXIOjLA0Ft |
4 | KV2wIIWY+QR9HuNDKvO5TQjFMaLvXdOqNZp+bCP/YDiLJ4oq8s470/z4MZu/jz1ou |
4 | YeccOh4Mf/JFtLbLyo/xQofsIy+9umKQ1fbhgrcmJfaWY07QeoZVE7HHauTZA+ld6 |
5 | 2pLzyjyDdaMAjrphpGrG9BY0eS1j9EQo88Kv9sFJrmOR+QNRawiMSL1Vuy5XxbriO |
5 | HyjNklTAc9b3tcFQBp9bgB3p4Pt28y6irIqDhaqvBja8F2oCK7FCZQFwE/JF0UKT/ |
6 | VH65ZkZ6hs7NPsojgKM50OQUUmRiMi99S2CCqQHPh2O0VaZMB9hQ4NiWN5wyjExMN |
6 | PMOJ0VtzC1p72SiOWMg4U0+hMi4Sre48SuSOiUtLaF14GdzfATGOxOqyFvFAFXClh |
7 | v5vVpWLFDwG20YKNWdfPd/hADcJ+W3E17RuDbRqphzEJlHcgKgLMULmCCT0H7XWb3 |
7 | qUqgxXmQTFJCZzGW2rga9BJw35zTYy/jtWLN8nGFG+S2c7e+IJAqN+iDMD7I+NyRd |
8 | NP3iKqVJOGnt7SVDXPKsNbjP2oA6/gAOpBZptV/i95f0kplJ69T7AxVmoNg9dWJnA |
8 | jjZKqDjXDZrIolL6KP2yl4WPtVD8iaJcgrxUQD+TQiJkcjvSEp2DVN0OETDFUzlx2 |
9 | JMOmpteZCmdZQV7vKbPvCLVOTMh9/Q9OFe877kjRaEAQJaPtrdus4Q8uhvghRFiiL |
9 | Jr9hc14n7z78ebkTgNToAGauBvfyFRCEyRBcXyS9VluTd23g3ICXY0qdWJUhf4zpz |
10 | yuJbsZgIAnZvliEe9jDBPCFxTC4tMDqoG5rXRltz4J+Ig52L9AWq0bSf9+AywMjdT |
10 | PJPdgAVmO1X8kPaVB97GI2iQDqIMFLr6PEre6GTaB893B3lrej8sTdAiV8WPlzKmZ |
11 | c1jS22mBcqC0rx2cmKZl/AWutrBisVeQweAaipRncW85wyZMWgSB3lowbMKZHNqZV |
11 | LHxxUr2uQdIT2NkLbvvzNSoJKsWXKdmbvWk3Oy+VYGH9LEjw+bRTweubH36gYf4to |
12 | YCZt7QSxUGPZAIKy51i6QivhJaaQhvnCZW3lkQGZLqruuXU7QJzw6BzW+aMz+kWqM |
12 | QpoiUcnQ4B1f9GxDUp455aPtN9HmY7dOb4YehyWCFKge/1PUoT3/omz4cRlz5+8QM |
13 | wMHANFDgw/VusaSWW4a+oaYCyygKRiRkb2YQE8U2EObxkaDDEhquWLHhqEJ8F8kly |
13 | aYOB1/UgdeCUS674R3tzhr28LhNfJ8J4pyXzOVjVsmBkmMd+he/4MJcXWyDYDWpVl |
14 | 2aZghC94ryvIkMmjUCOhxJ9a429MyDrochi4RLI9OkYF4WmF4AkqFnqYJWf73kRUV |
14 | AMA700hkscLcwktA25TDd/Qh5vjF4i6dWcNlIbFxdaKyN9PTs/0T+Jza0JaDmZagW |
15 | mLpohXJGLaRp5e0Q7dxJto9hy/I/6yntTREvnDkm19cY8lHceJPRv3YbuSVybMha4 |
15 | gYD5R4+ei44asrZ37oAg9CjOeDm7FKRuMYiMaw/08LAYGQKFxgIAsMdcKOHya4By/ |
16 | 9nf3KgaF4hmAwogIqTcSb5f18uqMC+Pp4sZaChQnpbC+K7StY7lI3dWL/MINHUGRX |
16 | 5yVVEVLihCLKdvdn0u9d1d2BQHZS0n2KNG4cMQxnNKVjjTXDybRbyB2C0pp2S9YXN |
17 | yM702pX2l/WSbflcWcvHaPoOkfkvJwP+R5BZ/GIB5F5Yv5Q4K4BDNs23u2stvbzuK |
17 | V9WWzveDY5m8jYrZ9wFjvbHeJHfFNXMrkN1k4U7mYM5Be2Mu2+MYA/Xw2oLtzmmyt |
18 | 6NyheDgjSRF+PckMy8AmIHtGMn4wBTbw+mH+nmBnN6HmQgqM6zHpU1CwVw1Q/c2IP |
18 | 9WxiCO0B4TrEKOJYV1jC7BDWoAAHNnDxFoOJo+dm/hjTU3XOaWSpsxTURYFR/Ltn5 |
19 | xihKexQelORhik6WyUWXR8GPT4PAFUOkIKV3ayKibd2zLDAd3YM3J4uDbEwp3vg/b |
19 | G1yakcUq18mS5c2BEXpwXaJq5+f3QP5COzEcrvgGqBJRfpy0JxsRtKAzTQpADzRtR |
20 | neIWy36vzf6xGnPFig0qobZGIisfVMMpvnZkXA9c67K6LFNEx1eOlW6Cx068NZqZW |
20 | 8jI68XrP4y9FrcUazM4RPp+U8dRY2zjMas559t7Xb7RysHRpFxf2SZ+Xj0SVQZEsj |
21 | l1s/Q8qJ8UjnPurbrQ4k1v62ZHMy3s9LbiNRyMEt5kdjCMFNuc1jWGpLwp2rw5WKC |
21 | YOATRaQdV+a6haeDvB346iJIjVaNY6SaaMPI5JEhAr79BM6nJCXIu7HT9DCBWvhbG |
22 | O5yx+62O5GPX+qZpkIjxZwe/3woj5dGiFFdsCo4afv4KitzI3czXMCDgiL4oTanQQ |
22 | MCePzFjOa4XRB1vaCJo5jolQUWyy0pFLKD5VbimI63wd1a5KqRPmtSFAu+/nQ3aKC |
23 | g== |
23 | Q== |
24 | </ViaThinkSoftSignature> */ ?> |
24 | </ViaThinkSoftSignature> */ ?> |
25 | <?php |
25 | <?php |
26 | 26 | ||
27 | /* |
27 | /* |
28 | * VNag - Nagios Framework for PHP |
28 | * VNag - Nagios Framework for PHP |
Line 55... | Line 55... | ||
55 | $this->addExpectedArgument($this->argDomain = new VNagArgument('d', 'domain', VNagArgument::VALUE_REQUIRED, 'domainOrFile', 'Domain(s) or subdomain(s), separated by comma, to be checked or a file containing domain names.')); |
55 | $this->addExpectedArgument($this->argDomain = new VNagArgument('d', 'domain', VNagArgument::VALUE_REQUIRED, 'domainOrFile', 'Domain(s) or subdomain(s), separated by comma, to be checked or a file containing domain names.')); |
56 | $this->addExpectedArgument($this->argPrivateAPI = new VNagArgument('p', 'privateapi', VNagArgument::VALUE_REQUIRED, 'privateApiUrl', 'A link to your private API (https://www.openbugbounty.org/api/2/...../). Cannot be used together with argument \'-d\'.')); |
56 | $this->addExpectedArgument($this->argPrivateAPI = new VNagArgument('p', 'privateapi', VNagArgument::VALUE_REQUIRED, 'privateApiUrl', 'A link to your private API (https://www.openbugbounty.org/api/2/...../). Cannot be used together with argument \'-d\'.')); |
57 | $this->addExpectedArgument($this->argIgnoredIds = new VNagArgument('i', 'ignoredids', VNagArgument::VALUE_REQUIRED, 'ignoredIds', 'Comma separated list of submission IDs that shall be defined as fixed (because OpenBugBounty often does not mark fixed bugs as fixed, even if you tell them that you have fixed them...)')); |
57 | $this->addExpectedArgument($this->argIgnoredIds = new VNagArgument('i', 'ignoredids', VNagArgument::VALUE_REQUIRED, 'ignoredIds', 'Comma separated list of submission IDs that shall be defined as fixed (because OpenBugBounty often does not mark fixed bugs as fixed, even if you tell them that you have fixed them...)')); |
58 | } |
58 | } |
59 | 59 | ||
60 | protected function get_cache_dir() { |
- | |
61 | $homedir = @getenv('HOME'); |
- | |
62 | if ($homedir) { |
- | |
63 | $try = "${homedir}/.vnag_obb_cache"; |
- | |
64 | if (is_dir($try)) return $try; |
- | |
65 | if (@mkdir($try)) return $try; |
- | |
66 | } |
- | |
67 | - | ||
68 | $user = posix_getpwuid(posix_geteuid()); |
- | |
69 | if (isset($user['dir'])) { |
- | |
70 | $homedir = $user['dir']; |
- | |
71 | $try = "${homedir}/.vnag_obb_cache"; |
- | |
72 | if (is_dir($try)) return $try; |
- | |
73 | if (@mkdir($try)) return $try; |
- | |
74 | } |
- | |
75 | - | ||
76 | if (isset($user['name'])) { |
- | |
77 | $username = $user['name']; |
- | |
78 | $try = "/tmp/vnag_obb_cache"; |
- | |
79 | if (is_dir($try)) return $try; |
- | |
80 | if (@mkdir($try)) return $try; |
- | |
81 | } |
- | |
82 | - | ||
83 | return false; // should usually never happen |
- | |
84 | } |
- | |
85 | - | ||
86 | function is_ignored($id) { |
60 | function is_ignored($id) { |
87 | $ids = $this->argIgnoredIds->getValue(); |
61 | $ids = $this->argIgnoredIds->getValue(); |
88 | if (empty($ids)) return false; |
62 | if (empty($ids)) return false; |
89 | 63 | ||
90 | $ids = explode(',', $ids); |
64 | $ids = explode(',', $ids); |
Line 112... | Line 86... | ||
112 | $unfixed_ignored = 0; |
86 | $unfixed_ignored = 0; |
113 | 87 | ||
114 | $this->setStatus(VNag::STATUS_OK); |
88 | $this->setStatus(VNag::STATUS_OK); |
115 | 89 | ||
116 | $domain = strtolower($domain); |
90 | $domain = strtolower($domain); |
- | 91 | $url = 'https://www.openbugbounty.org/api/1/search/?domain='.urlencode($domain); |
|
117 | $cache_file = $this->get_cache_dir() . '/' . md5($domain); |
92 | $cache_file = $this->get_cache_dir() . '/' . sha1($url); |
118 | 93 | ||
119 | if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) { |
94 | if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) { |
120 | $cont = @file_get_contents($cache_file); |
95 | $cont = @file_get_contents($cache_file); |
121 | if (!$cont) throw new Exception("Failed to get contents from $cache_file"); |
96 | if (!$cont) throw new Exception("Failed to get contents from $cache_file"); |
122 | } else { |
97 | } else { |
123 | $url = 'https://www.openbugbounty.org/api/1/search/?domain='.urlencode($domain); |
- | |
124 | $cont = @file_get_contents($url); |
98 | $cont = @file_get_contents($url); |
125 | if (!$cont) throw new Exception("Failed to get contents from $url"); |
99 | if (!$cont) throw new Exception("Failed to get contents from $url"); |
126 | file_put_contents($cache_file, $cont); |
100 | file_put_contents($cache_file, $cont); |
127 | } |
101 | } |
128 | 102 | ||
Line 151... | Line 125... | ||
151 | return array($fixed, $unfixed, $unfixed_ignored); |
125 | return array($fixed, $unfixed, $unfixed_ignored); |
152 | } |
126 | } |
153 | 127 | ||
154 | function get_privateapi_data($url, $max_cache_time = 3600) { // TODO: make cache time configurable via config |
128 | function get_privateapi_data($url, $max_cache_time = 3600) { // TODO: make cache time configurable via config |
155 | $url = strtolower($url); |
129 | $url = strtolower($url); |
156 | $cache_file = $this->get_cache_dir() . '/' . md5($url); |
130 | $cache_file = $this->get_cache_dir() . '/' . sha1($url); |
157 | 131 | ||
158 | if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) { |
132 | if (file_exists($cache_file) && (time()-filemtime($cache_file) < $max_cache_time)) { |
159 | $cont = @file_get_contents($cache_file); |
133 | $cont = @file_get_contents($cache_file); |
160 | if (!$cont) throw new Exception("Failed to get contents from $url"); |
134 | if (!$cont) throw new Exception("Failed to get contents from $url"); |
161 | } else { |
135 | } else { |