Issue with custom_plugins_folder
adithyanaresh opened this issue · 6 comments
Hi,
I tried to write a custom plugin for a tool and i was able to follow exactly from documentation : https://docs.faradaysec.com/Basic-plugin-development/
I tried testing it with the faraday-plugins process-report --custom-plugins-folder /home/faraday/.faraday/custom_plugins --plugin_id <plugin-id> /file.json command and its working fine.
But when i try to update the server.ini with custom_plugins_folder option or update the faraday server with faraday-manage settings -a update reports and give input to custom_plugins_folder to point at the custom plugins directory, the custom plugin isn't picked up at all. Can anyone help me with this issue.
Hi @adithyanaresh , the custom plugins folder can be setup using faraday-manage, but it needs a restart of the app to pick up the changes.
Try-it out and let us know.
Cheers!
Thank you for the response @ezk06eer : I did try that but it still doesnt show up in the available list of plugins and everytime i need to use —custom-plugins-folder option to parse the report and invoke the plugin. I dont get to parse it in the UI directly. Is creating the PR to plugins the only option to see it by default in list-plugins command ??
@adithyanaresh Here is a full tested example
Create the plugin in the folder
vagrant@ubuntu-focal:~/.faraday/custom_plugins$ pwd
/home/vagrant/.faraday/custom_plugins
vagrant@ubuntu-focal:~/.faraday/custom_plugins$ ls -l
total 4
drwxrwxr-x 3 vagrant vagrant 4096 Sep 23 13:40 example
vagrant@ubuntu-focal:~/.faraday/custom_plugins$ ls -l example/
total 8
-rw-rw-r-- 1 vagrant vagrant 0 Dec 14 2021 __init__.py
drwxrwxr-x 2 vagrant vagrant 4096 Dec 14 2021 __pycache__
-rw-rw-r-- 1 vagrant vagrant 1993 Sep 23 13:40 plugin.py
Configure the custom plugins folder with faraday-manage
vagrant@ubuntu-focal:~/.faraday/custom_plugins$ faraday-manage settings -a update reports
Update settings for: reports
2022-09-23T13:41:20+0000 - faraday.server.app - INFO {MainThread} [pid:1582] [app.py:562 - create_app()] Using redis storage for sessions: host=localhost port=6379 db=0
2022-09-23T13:41:20+0000 - faraday.server.app - INFO {MainThread} [pid:1582] [app.py:586 - create_app()] Sessions identifier: sessions_
/home/vagrant/.venv/faraday/lib/python3.8/site-packages/flask_limiter/extension.py:317: UserWarning: Using the in-memory storage for tracking rate limits as no storage was explicitly specified. This is not recommended for production use. See: https://flask-limiter.readthedocs.io#configuring-a-storage-backend for documentation about configuring the storage backend.
warnings.warn(
2022-09-23T13:41:20+0000 - faraday.integrations.base - INFO {MainThread} [pid:1582] [base.py:48 - __init__()] Loading integration [whd]
2022-09-23T13:41:20+0000 - faraday.integrations.base - INFO {MainThread} [pid:1582] [base.py:48 - __init__()] Loading integration [gitlab]
2022-09-23T13:41:20+0000 - faraday.integrations.base - INFO {MainThread} [pid:1582] [base.py:48 - __init__()] Loading integration [servicenow]
2022-09-23T13:41:20+0000 - faraday.integrations.base - INFO {MainThread} [pid:1582] [base.py:48 - __init__()] Loading integration [jira]
custom_plugins_folder []: /home/vagrant/.faraday/custom_plugins
Do you confirm your changes on reports?
----------------------
custom_plugins_folder: /home/vagrant/.faraday/custom_plugins
[Y/n]: y
Updated!!
Restart faraday to load the configuration and import the report
The only thing please check you plugin becase I found out that the documentation its not updated.
Here is the fixed example
from urllib.parse import urlparse
from faraday_plugins.plugins.plugin import PluginXMLFormat
import xml.etree.ElementTree as ET
class ExampleToolXmlParser:
def __init__(self, xml_output):
self.vulns = self.parse_xml(xml_output)
def parse_xml(self, xml_output):
vulns = []
tree = ET.fromstring(xml_output)
items = tree.iterfind('details/item')
for item in items:
ip = item.get('ip')
os = item.get('os')
uri = item.find('uri').text
url = urlparse(uri)
hostname = [url.netloc]
path = url.path
if url.scheme == 'https':
port = 443
else:
port = 80
issue = item.find('issue')
severity = issue.get('severity')
issue_text = issue.text
vuln = {'ip': ip, 'uri': uri, 'os': os,
'hostname': hostname, 'port': port, 'path': path,
'issue_text': issue_text, 'severity': severity}
vulns.append(vuln)
return vulns
class ExampleToolPlugin(PluginXMLFormat):
def __init__(self, *arg, **kwargs):
super().__init__(*arg, **kwargs)
self.identifier_tag = "example_tool"
self.id = "example_tool"
self.name = "Name of the tool"
self.plugin_version = "0.0.1"
def parseOutputString(self, output, debug=False):
parser = ExampleToolXmlParser(output)
for vuln in parser.vulns:
h_id = self.createAndAddHost(vuln['ip'], vuln['os'], hostnames=vuln['hostname'])
s_id = self.createAndAddServiceToHost(h_id, 'webserver', protocol='tcp', ports=vuln['port'])
v_id = self.createAndAddVulnWebToService(h_id, s_id, vuln['issue_text'], severity=vuln['severity'],
path=vuln['path'])
def createPlugin(*args, **kwargs):
return ExampleToolPlugin(*args, **kwargs)
The lines that were wrong are this
def createPlugin(*args, **kwargs):
return ExampleToolPlugin(*args, **kwargs)
And this
def __init__(self, *arg, **kwargs):
super().__init__(*arg, **kwargs)
I will close it, because it is working.
If you have more questions just post it here
Thanks for the detail explanation @aenima-x : I tried all possible ways of installation to get it to working. I even made the changes to DEFAULT_CUSTOM_PLUGINS_FOLDER = "/home/faraday/.faraday/custom_plugins" in reports.py to have it hardcoded, but with no luck.
This is the server response on the tool, plugin is validated but file is not being mapped to plugin somehow. Could you please help me here.
For what I see in the logs the problem is not with the configuration in faraday, but with the plugin itself.
If you test it with faraday-plugins process-report it works ok?
Do you want to send me the plugin and the file?