swagger/scan/passive/
mod.rs

1use super::*;
2mod auth;
3pub use auth::*;
4mod general;
5pub use general::*;
6mod type_checks;
7pub use type_checks::*;
8mod utils;
9pub use utils::*;
10mod additional_checks;
11use strum::IntoEnumIterator;
12
13#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
14pub enum PassiveScanType {
15    Full,
16    Partial(Vec<PassiveChecks>),
17}
18
19impl Default for PassiveScanType {
20    fn default() -> Self {
21        Self::Full
22    }
23}
24#[derive(Debug, Clone, Serialize, Default, PartialEq, Eq)]
25pub struct PassiveSwaggerScan<T>
26where
27    T: Serialize,
28{
29    swagger: T,
30    swagger_value: Value,
31    //alerts:Vec<iveChecks>>,
32    verbosity: u8,
33    pub passive_checks: Vec<PassiveChecks>,
34}
35impl<T: OAS + Serialize + for<'de> Deserialize<'de>> PassiveSwaggerScan<T> {
36    pub fn new(swagger_value: Value) -> Result<Self, &'static str> {
37        match serde_json::from_value::<T>(swagger_value.clone()) {
38            Ok(swagger) => Ok(PassiveSwaggerScan {
39                swagger,
40                swagger_value,
41                passive_checks: vec![],
42                verbosity: 0,
43            }),
44            Err(e) => {
45                println!("{:?}", e);
46                Err("Failed at deserializing swagger value to a swagger struct, please check the swagger definition")
47            }
48        }
49    }
50
51    pub fn run(&mut self, tp: PassiveScanType) {
52        //->Vec<PassiveChecks>{
53        match tp {
54            PassiveScanType::Full => {
55                for check in PassiveChecks::iter() {
56                    self.passive_checks.push(self.run_check(check));
57                }
58            }
59            PassiveScanType::Partial(checks) => {
60                for check in checks {
61                    self.passive_checks.push(self.run_check(check));
62                }
63            }
64        };
65    }
66
67    pub fn print(&self, verbosity: u8) {
68        match verbosity {
69            0 => {
70                //print_checks_table(&self.passive_checks);
71                //print_alerts_table(&self.passive_checks);
72                print_passive_alerts_verbose(self.passive_checks.clone());
73            }
74            1 => print_passive_alerts(self.passive_checks.clone()),
75            2 => (), //print_failed_checks_table(&self.passive_checks),
76            _ => (),
77        }
78    }
79    pub fn print_to_file_string(&self) -> String {
80        let mut string = String::new();
81        for check in &self.passive_checks {
82            string.push_str(&format!(
83                "CHECK: {:?}\tALERTS:{}\tTOP SEVERITY:{:?}\n",
84                check.name(),
85                check.inner().len(),
86                check.top_severity()
87            ));
88            for alert in check.inner() {
89                string.push_str(&format!(
90                    "LEVEL:{:?}\tLOCATION:{:?}\tDESCRIPTION:{:?}\n",
91                    alert.level, alert.location, alert.description
92                ));
93            }
94        }
95        string
96    }
97}
98impl PassiveChecks {
99    pub fn parse_check_list(list: Vec<String>, exclude: bool) -> Vec<PassiveChecks> {
100        let mut checks = Vec::new();
101        for check in list.iter() {
102            let check = Self::from_string(check);
103            if let Some(c) = check {
104                checks.push(c);
105            }
106        }
107        if exclude {
108            let mut ex_checks: Vec<_> = Self::iter().collect();
109            ex_checks.retain(|x| !checks.contains(x));
110            return ex_checks;
111        }
112        checks
113    }
114}
swagger/scan/passive/mod.rs

swagger/scan/passive/
mod.rs
