Skip to content

Commit e6b3e9e

Browse files
bamhm182bamhm182
committed
hid internal functions/etc
1 parent bf54c31 commit e6b3e9e

File tree

16 files changed

+142
-140
lines changed

16 files changed

+142
-140
lines changed

src/synack/_handler.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ class Handler:
1111
def __init__(self, state=State(), **kwargs):
1212
self.state = state
1313

14-
for name, subclass in Plugin.registry.items():
14+
for name, subclass in Plugin._registry.items():
1515
instance = subclass(self.state)
1616
setattr(self, name.lower(), instance)
1717

@@ -21,8 +21,8 @@ def __init__(self, state=State(), **kwargs):
2121
if hasattr(self.state, key):
2222
setattr(self.state, key, kwargs.get(key))
2323

24-
self.login()
24+
self._login()
2525

26-
def login(self):
26+
def _login(self):
2727
if self.state.login:
2828
self.auth.get_api_token()

src/synack/plugins/alerts.py

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -19,23 +19,23 @@ def __init__(self, *args, **kwargs):
1919
super().__init__(*args, **kwargs)
2020
for plugin in ['Db']:
2121
setattr(self,
22-
plugin.lower(),
23-
self.registry.get(plugin)(self.state))
22+
'_'+plugin.lower(),
23+
self._registry.get(plugin)(self._state))
2424

2525
def email(self, subject='Test Alert', message='This is a test'):
2626
message += f'\nTime: {datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")}'
2727
msg = email.message.EmailMessage()
2828
msg.set_content(message)
2929
msg['Subject'] = subject
30-
msg['From'] = self.state.smtp_email_from
31-
msg['To'] = self.state.smtp_email_to
30+
msg['From'] = self._state.smtp_email_from
31+
msg['To'] = self._state.smtp_email_to
3232

33-
if self.state.smtp_starttls:
34-
server = smtplib.SMTP_SSL(self.state.smtp_server, self.state.smtp_port)
33+
if self._state.smtp_starttls:
34+
server = smtplib.SMTP_SSL(self._state.smtp_server, self._state.smtp_port)
3535
else:
36-
server = smtplib.SMTP(self.state.smtp_server, self.state.smtp_port)
36+
server = smtplib.SMTP(self._state.smtp_server, self._state.smtp_port)
3737

38-
server.login(self.state.smtp_username, self.state.smtp_password)
38+
server.login(self._state.smtp_username, self._state.smtp_password)
3939
server.send_message(msg)
4040

4141
def sanitize(self, message):
@@ -61,15 +61,15 @@ def sanitize(self, message):
6161

6262
def slack(self, message='This is a test', channel=None):
6363
if channel is None:
64-
channel = self.state.slack_channel
64+
channel = self._state.slack_channel
6565
warnings.filterwarnings("ignore")
6666
requests.post('https://slack.com/api/chat.postMessage',
6767
data=json.dumps({
6868
'text': message,
6969
'channel': channel,
7070
}),
7171
headers={
72-
'Authorization': f'Bearer {self.state.slack_app_token}',
72+
'Authorization': f'Bearer {self._state.slack_app_token}',
7373
'Content-Type': 'application/json'
7474
},
7575
verify=False)

src/synack/plugins/api.py

Lines changed: 13 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ class Api(Plugin):
1313
def __init__(self, *args, **kwargs):
1414
super().__init__(*args, **kwargs)
1515
for plugin in ['Debug', 'Db']:
16-
setattr(self, plugin.lower(), self.registry.get(plugin)(self.state))
16+
setattr(self, '_'+plugin.lower(), self._registry.get(plugin)(self._state))
1717

1818
def login(self, method, path, **kwargs):
1919
"""Modify API Request for Login
@@ -55,13 +55,12 @@ def notifications(self, method, path, **kwargs):
5555

5656
if not kwargs.get('headers'):
5757
kwargs['headers'] = dict()
58-
auth = "Bearer " + self.state.notifications_token
58+
auth = "Bearer " + self._state.notifications_token
5959
kwargs['headers']['Authorization'] = auth
6060

6161
res = self.request(method, url, **kwargs)
6262
if res.status_code == 422:
63-
self.db.notifications_token = ''
64-
self.state.notifications_token = ''
63+
self._db.notifications_token = ''
6564
return res
6665

6766
def request(self, method, path, attempts=0, **kwargs):
@@ -85,12 +84,12 @@ def request(self, method, path, attempts=0, **kwargs):
8584

8685
warnings.filterwarnings("ignore")
8786
verify = False
88-
proxies = self.state.proxies if self.state.use_proxies else None
87+
proxies = self._state.proxies if self._state.use_proxies else None
8988

9089
if 'synack.com/api/' in url:
9190
headers = {
92-
'Authorization': f'Bearer {self.state.api_token}',
93-
'user_id': self.state.user_id
91+
'Authorization': f'Bearer {self._state.api_token}',
92+
'user_id': self._state.user_id
9493
}
9594
else:
9695
headers = dict()
@@ -100,44 +99,44 @@ def request(self, method, path, attempts=0, **kwargs):
10099
data = kwargs.get('data')
101100

102101
if method.upper() == 'GET':
103-
res = self.state.session.get(url,
102+
res = self._state.session.get(url,
104103
headers=headers,
105104
proxies=proxies,
106105
params=query,
107106
verify=verify)
108107
elif method.upper() == 'HEAD':
109-
res = self.state.session.head(url,
108+
res = self._state.session.head(url,
110109
headers=headers,
111110
proxies=proxies,
112111
params=query,
113112
verify=verify)
114113
elif method.upper() == 'PATCH':
115-
res = self.state.session.patch(url,
114+
res = self._state.session.patch(url,
116115
json=data,
117116
headers=headers,
118117
proxies=proxies,
119118
verify=verify)
120119
elif method.upper() == 'POST':
121120
if 'urlencoded' in headers.get('Content-Type', ''):
122-
res = self.state.session.post(url,
121+
res = self._state.session.post(url,
123122
data=data,
124123
headers=headers,
125124
proxies=proxies,
126125
verify=verify)
127126
else:
128-
res = self.state.session.post(url,
127+
res = self._state.session.post(url,
129128
json=data,
130129
headers=headers,
131130
proxies=proxies,
132131
verify=verify)
133132
elif method.upper() == 'PUT':
134-
res = self.state.session.put(url,
133+
res = self._state.session.put(url,
135134
headers=headers,
136135
proxies=proxies,
137136
params=data,
138137
verify=verify)
139138

140-
self.debug.log("Network Request",
139+
self._debug.log("Network Request",
141140
f"{res.status_code} -- {method.upper()} -- {url}" +
142141
f"\n\tHeaders: {headers}" +
143142
f"\n\tQuery: {query}" +

src/synack/plugins/auth.py

Lines changed: 20 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -13,21 +13,21 @@ def __init__(self, *args, **kwargs):
1313
super().__init__(*args, **kwargs)
1414
for plugin in ['Api', 'Db', 'Duo', 'Users']:
1515
setattr(self,
16-
plugin.lower(),
17-
self.registry.get(plugin)(self.state))
16+
'_'+plugin.lower(),
17+
self._registry.get(plugin)(self._state))
1818

1919
def get_api_token(self):
2020
"""Log in to get a new API token."""
21-
if self.users.get_profile():
22-
return self.state.api_token
21+
if self._users.get_profile():
22+
return self._state.api_token
2323
csrf = self.get_login_csrf()
2424
duo_auth_url = None
2525
grant_token = None
2626
if csrf:
2727
auth_response = self.get_authentication_response(csrf)
2828
duo_auth_url = auth_response.get('duo_auth_url', '')
2929
if duo_auth_url:
30-
grant_token = self.duo.get_grant_token(duo_auth_url)
30+
grant_token = self._duo.get_grant_token(duo_auth_url)
3131
if grant_token:
3232
url = 'https://platform.synack.com/'
3333
headers = {
@@ -36,20 +36,19 @@ def get_api_token(self):
3636
query = {
3737
"grant_token": grant_token
3838
}
39-
res = self.api.request('GET',
39+
res = self._api.request('GET',
4040
url + 'token',
4141
headers=headers,
4242
query=query)
4343
if res.status_code == 200:
4444
j = res.json()
45-
self.db.api_token = j.get('access_token')
46-
self.state.api_token = j.get('access_token')
45+
self._db.api_token = j.get('access_token')
4746
self.set_login_script()
4847
return j.get('access_token')
4948

5049
def get_login_csrf(self):
5150
"""Get the CSRF Token from the login page"""
52-
res = self.api.request('GET', 'https://login.synack.com')
51+
res = self._api.request('GET', 'https://login.synack.com')
5352
m = re.search('<meta name="csrf-token" content="([^"]*)"',
5453
res.text)
5554
return m.group(1)
@@ -60,10 +59,10 @@ def get_authentication_response(self, csrf):
6059
'X-CSRF-Token': csrf
6160
}
6261
data = {
63-
'email': self.state.email,
64-
'password': self.state.password
62+
'email': self._state.email,
63+
'password': self._state.password
6564
}
66-
res = self.api.login('POST',
65+
res = self._api.login('POST',
6766
'authenticate',
6867
headers=headers,
6968
data=data)
@@ -76,13 +75,17 @@ def get_authentication_response(self, csrf):
7675

7776
def get_notifications_token(self):
7877
"""Request a new Notifications Token"""
79-
res = self.api.request('GET', 'users/notifications_token')
78+
res = self._api.request('GET', 'users/notifications_token')
8079
if res.status_code == 200:
8180
j = res.json()
82-
self.db.notifications_token = j['token']
83-
self.state.notifications_token = j['token']
81+
self._db.notifications_token = j['token']
8482
return j['token']
8583

84+
def set_api_token_invalid(self):
85+
res = self._api.request('POST', 'logout')
86+
if res.status_code == 200:
87+
self._db.api_token = ''
88+
8689
def set_login_script(self):
8790
script = "let forceLogin = () => {" +\
8891
"const loc = window.location;" +\
@@ -92,7 +95,7 @@ def set_login_script(self):
9295
"(function() {" +\
9396
"sessionStorage.setItem('shared-session-com.synack.accessToken'" +\
9497
",'" +\
95-
self.state.api_token +\
98+
self._state.api_token +\
9699
"');" +\
97100
"setTimeout(forceLogin,60000);" +\
98101
"let btn = document.createElement('button');" +\
@@ -104,7 +107,7 @@ def set_login_script(self):
104107
"document.getElementsByClassName('onboarding-form')[0]" +\
105108
".appendChild(btn)}" +\
106109
")();"
107-
with open(self.state.config_dir / 'login.js', 'w') as fp:
110+
with open(self._state.config_dir / 'login.js', 'w') as fp:
108111
fp.write(script)
109112

110113
return script

src/synack/plugins/base.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
class Plugin:
2-
registry = {}
2+
_registry = {}
33

44
def __init_subclass__(cls, **kwargs):
55
super().__init_subclass__(**kwargs)
6-
cls.registry[cls.__name__] = cls
6+
cls._registry[cls.__name__] = cls
77

88
def __init__(self, state, **kwargs):
9-
self.state = state
9+
self._state = state

src/synack/plugins/db.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@
2323
class Db(Plugin):
2424
def __init__(self, *args, **kwargs):
2525
super().__init__(*args, **kwargs)
26-
self.sqlite_db = self.state.config_dir / 'synackapi.db'
26+
self.sqlite_db = self._state.config_dir / 'synackapi.db'
2727

2828
self.set_migration()
2929

@@ -414,15 +414,15 @@ def ports(self):
414414

415415
@property
416416
def proxies(self):
417-
if self.state.http_proxy is None:
417+
if self._state.http_proxy is None:
418418
http_proxy = self.get_config('http_proxy')
419419
else:
420-
http_proxy = self.state.http_proxy
420+
http_proxy = self._state.http_proxy
421421

422-
if self.state.https_proxy is None:
422+
if self._state.https_proxy is None:
423423
https_proxy = self.get_config('https_proxy')
424424
else:
425-
https_proxy = self.state.https_proxy
425+
https_proxy = self._state.https_proxy
426426

427427
return {
428428
'http': http_proxy,

src/synack/plugins/debug.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,10 +13,10 @@ def __init__(self, *args, **kwargs):
1313
super().__init__(*args, **kwargs)
1414
for plugin in ['Db']:
1515
setattr(self,
16-
plugin.lower(),
17-
self.registry.get(plugin)(self.state))
16+
'_'+plugin.lower(),
17+
self._registry.get(plugin)(self._state))
1818

1919
def log(self, title, message):
20-
if self.state.debug:
20+
if self._state.debug:
2121
t = datetime.strftime(datetime.now(), "%Y-%m-%d %H:%M:%S")
2222
print(f'{t} -- {title.upper()}\n\t{message}')

src/synack/plugins/duo.py

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ def __init__(self, *args, **kwargs):
1818
for plugin in ['Api', 'Db', 'Utils']:
1919
setattr(self,
2020
'_'+plugin.lower(),
21-
self.registry.get(plugin)(self.state))
21+
self._registry.get(plugin)(self._state))
2222

2323
self._auth_url = None
2424
self._base_url = None
@@ -180,7 +180,7 @@ def _get_txid(self):
180180
'sid': self._sid
181181
}
182182

183-
if self.state.otp_secret:
183+
if self._state.otp_secret:
184184
data['passcode'] = self._hotp
185185

186186
res = self._api.request('POST',
@@ -189,13 +189,13 @@ def _get_txid(self):
189189
data=data)
190190
if res.status_code == 200:
191191
self._txid = res.json().get('response', {}).get('txid', '')
192-
if self.state.otp_secret:
192+
if self._state.otp_secret:
193193
self._db.otp_count += 1
194194

195195
def _get_mfa_details(self):
196-
if self.state.otp_secret:
196+
if self._state.otp_secret:
197197
self._device = 'null'
198-
self._hotp = pyotp.HOTP(s=self.state.otp_secret).generate_otp(self.state.otp_count)
198+
self._hotp = pyotp.HOTP(s=self._state.otp_secret).generate_otp(self._state.otp_count)
199199
self._factor = 'Passcode'
200200
return
201201

@@ -248,7 +248,7 @@ def _get_status(self):
248248
if res.status_code == 200:
249249
status_enum = res.json().get('response', {}).get('status_enum', -1)
250250
message_enum = res.json().get('message_enum', -1)
251-
self._status = res.json().get('response', {}).get('status', -1)
251+
self._status = res.json().get('response', {}).get('result', 'UNKNOWN')
252252
if status_enum == 5 or self._status == 'SUCCESS': # Valid Code
253253
break
254254
elif status_enum == 6: # Push Notification Declined (Normal)

0 commit comments

Comments
 (0)