diff --git a/w3af/core/controllers/dependency_check/external/npmjs.py b/w3af/core/controllers/dependency_check/external/npmjs.py new file mode 100644 index 0000000000..161eb53b16 --- /dev/null +++ b/w3af/core/controllers/dependency_check/external/npmjs.py @@ -0,0 +1,49 @@ +""" +npmjs.py + +Copyright 2018 CustomBread + +This file is part of w3af, http://w3af.org/ . + +w3af is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation version 2 of the License. + +w3af is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with w3af; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +""" +import subprocess + +from w3af.core.controllers.misc.which import which + + +def npmjs_is_installed(): + """ + :return: True if npmjs is installed and we were able to parse the version. + """ + paths_to_npm = which('npm') + if not paths_to_npm: + return False + + paths_to_npm = paths_to_npm[0] + + try: + version = subprocess.check_output('%s --version' % paths_to_npm, shell=True) + except subprocess.CalledProcessError: + return False + + version = version.strip() + version_split = version.split('.') + + # Just check that the version has the format 6.4.1 + if len(version_split) != 3: + return False + + return True diff --git a/w3af/core/controllers/dependency_check/platforms/base_platform.py b/w3af/core/controllers/dependency_check/platforms/base_platform.py index 3670104829..665b801775 100644 --- a/w3af/core/controllers/dependency_check/platforms/base_platform.py +++ b/w3af/core/controllers/dependency_check/platforms/base_platform.py @@ -19,8 +19,10 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA """ +import platform from ..requirements import CORE_PIP_PACKAGES, GUI_PIP_PACKAGES, CORE, GUI from ..external.retirejs import retirejs_is_installed +from ..external.npmjs import npmjs_is_installed class Platform(object): @@ -56,10 +58,21 @@ def get_missing_external_commands(): return instructions @staticmethod - def retirejs_handler(): - if retirejs_is_installed(): + def npmjs_handler(): + if npmjs_is_installed(): return [] + dist_name, dist_version, _ = platform.dist() + # See official doc on https://github.com/nodesource/distributions + if dist_name == 'debian' or dist_name == 'ubuntu': + return ['curl -sL https://deb.nodesource.com/setup_11.x | sudo -E bash -;sudo apt-get install -y nodejs'] + if dist_name == 'fedora' or 'openbsd' in platform.system().lower() or 'SuSE' in dist_name or 'redhat' in dist_name: + return ['curl -sL https://deb.nodesource.com/setup_11.x | bash -'] + return ['echo "please install npm pakage and using npm install retire'] + @staticmethod + def retirejs_handler(): + if npmjs_is_installed() and retirejs_is_installed(): + return [] return ['npm install -g retire'] - EXTERNAL_COMMAND_HANDLERS = [retirejs_handler] + EXTERNAL_COMMAND_HANDLERS = [npmjs_handler, retirejs_handler]