4759283117

Build Type

push

github

Committed by GitHub

Commit Message

Merge pull request #123 from cisagov/lineage/skeleton

Run Details

141 of 473 branches covered (29.81%)

Branch coverage included in aggregate %.

9 of 24 new or added lines in 10 files covered. (37.5%)

223 existing lines in 5 files now uncovered.

298 of 1270 relevant lines covered (23.46%)

1.41 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/tools/gophish_cleaner.py

"""Remove an assessment or elements of an assessment in Gophish.

Usage:
  gophish-cleaner (--assessment | --campaigns | --groups | --pages | --smtp | --templates) [--log-level=LEVEL] ASSESSMENT_ID SERVER API_KEY
  gophish-cleaner (-h | --help)
  gophish-cleaner --version

Options:
  API_KEY                   Gophish API key.
  ASSESSMENT_ID             ID of the assessment to remove data from.
  SERVER                    Full URL to Gophish server.
  -a --assessment           Remove all data for the specified assessment.
  -c --campaigns            Remove all campaigns from the specified assessment.
  -g --groups               Remove all users and groups from the specified assessment.
  -p --pages                Remove all landing pages from the specified assessment.
  -s --smtp                 Remove all sender profiles from the specified assessment.
  -t --templates            Remove all email templates from the specified assessment.
  -h --help                 Show this screen.
  --version                 Show version.
  -l --log-level=LEVEL      If specified, then the log level will be set to
                            the specified value.  Valid values are "debug", "info",
                            "warning", "error", and "critical". [default: info]
"""

# import IPython; IPython.embed() #<<< BREAKPOINT >>>
# sys.exit(0)

# Standard Python Libraries
import logging
import sys
from typing import Dict

# Third-Party Libraries
from docopt import docopt
import urllib3

# cisagov Libraries
from tools.connect import connect_api

from ._version import __version__

# Disable "Insecure Request" warning: Gophish uses a self-signed certificate
# as default for https connections, which can not be  verified by a third
# party; thus, an SSL insecure request warning is produced.
urllib3.disable_warnings()


def confirm_id(element, assessment_id):
    """Display confirmation message and return response."""
    while True:
        if element != "assessment":
            logging.warning(
                "NOTE: THIS WILL REMOVE ALL %s DATA ASSOCIATED WITH ASSESSMENT %s",
                element.upper(),
                assessment_id,
            )
            # Bandit complains about the input() function, but it is safe to
            # use in Python 3, which is required by this project.
            confirm = input("Is this really what you want to do?(y/n) ")  # nosec

        else:
            logging.warning(
                "NOTE: THIS WILL REMOVE ALL DATA ASSOCIATED WITH ASSESSMENT %s",
                assessment_id,
            )
            # Bandit complains about the input() function, but it is safe to
            # use in Python 3, which is required by this project.
            confirm = input("Is this really what you want to do?(y/n) ")  # nosec

        if confirm.lower() == "y":
            return True

        else:
            return False


def remove_assessment(api, assessment_id):
    """Remove all elements of an assessment."""
    if (
        not remove_campaigns(api, assessment_id)
        or not remove_smtp(api, assessment_id)
        or not remove_group(api, assessment_id)
        or not remove_template(api, assessment_id)
        or not remove_page(api, assessment_id)
    ):
        success = False

    else:
        logging.info("Successfully removed all elements of %s", assessment_id)
        success = True

    return success


def remove_campaigns(api, assessment_id):
    """Remove all campaigns from an assessment."""
    allCampaigns = api.campaigns.get()

    for campaign in allCampaigns:
        if campaign.name.startswith(assessment_id):
            api.campaigns.delete(campaign.id)

    return True


def remove_smtp(api, assessment_id):
    """Remove all SMTP from an assessment."""
    allSMTP = api.smtp.get()

    for smtp in allSMTP:
        if smtp.name.startswith(assessment_id):
            api.smtp.delete(smtp.id)

    return True


def remove_page(api, assessment_id):
    """Remove all pages from an assessment."""
    allPages = api.pages.get()

    for page in allPages:
        if page.name.startswith(assessment_id):
            api.pages.delete(page.id)

    return True


def remove_group(api, assessment_id):
    """Remove all groups from an assessment."""
    allGroups = api.groups.get()

    for group in allGroups:
        if group.name.startswith(assessment_id):
            api.groups.delete(group.id)

    return True


def remove_template(api, assessment_id):
    """Remove all templates from an assessment."""
    allTemplates = api.templates.get()

    for template in allTemplates:
        if template.name.startswith(assessment_id):
            api.templates.delete(template.id)

    return True


def main() -> None:
    """Set up logging, connect to API, remove assessment data."""
    args: Dict[str, str] = docopt(__doc__, version=__version__)

    # Set up logging
    log_level = args["--log-level"]
    try:
        logging.basicConfig(
            format="\n%(levelname)s: %(message)s", level=log_level.upper()
        )
    except ValueError:
        logging.critical(
            '"%s" is not a valid logging level.  Possible values are debug, info, warning, and error.',
            log_level,
        )
        sys.exit(1)

    else:
        # Connect to API
        try:
            api = connect_api(args["API_KEY"], args["SERVER"])
            logging.debug("Connected to: %s", args["SERVER"])
        except Exception as e:
            logging.critical(e.args[0])
            sys.exit(1)

    assessment_id = args["ASSESSMENT_ID"]

    if args["--campaigns"] and confirm_id("CAMPAIGNS", assessment_id):
        success = remove_campaigns(api, assessment_id)

    elif args["--smtp"] and confirm_id("SMTPS", assessment_id):
        success = remove_smtp(api, assessment_id)

    elif args["--pages"] and confirm_id("PAGES", assessment_id):
        success = remove_page(api, assessment_id)

    elif args["--groups"] and confirm_id("GROUPS", assessment_id):
        success = remove_group(api, assessment_id)

    elif args["--templates"] and confirm_id("TEMPLATES", assessment_id):
        success = remove_template(api, assessment_id)

    elif args["--assessment"] and confirm_id("assessment", assessment_id):
        success = remove_assessment(api, assessment_id)

    else:
        success = False

    if not success:
        sys.exit(-1)

1	"""Remove an assessment or elements of an assessment in Gophish.
2
3	Usage:
4	gophish-cleaner (--assessment \| --campaigns \| --groups \| --pages \| --smtp \| --templates) [--log-level=LEVEL] ASSESSMENT_ID SERVER API_KEY
5	gophish-cleaner (-h \| --help)
6	gophish-cleaner --version
7
8	Options:
9	API_KEY Gophish API key.
10	ASSESSMENT_ID ID of the assessment to remove data from.
11	SERVER Full URL to Gophish server.
12	-a --assessment Remove all data for the specified assessment.
13	-c --campaigns Remove all campaigns from the specified assessment.
14	-g --groups Remove all users and groups from the specified assessment.
15	-p --pages Remove all landing pages from the specified assessment.
16	-s --smtp Remove all sender profiles from the specified assessment.
17	-t --templates Remove all email templates from the specified assessment.
18	-h --help Show this screen.
19	--version Show version.
20	-l --log-level=LEVEL If specified, then the log level will be set to
21	the specified value. Valid values are "debug", "info",
22	"warning", "error", and "critical". [default: info]
23	"""
24
25	# import IPython; IPython.embed() #<<< BREAKPOINT >>>
26	# sys.exit(0)
27
28	# Standard Python Libraries
29	import logging	×
30	import sys	×
31	from typing import Dict	×
32
33	# Third-Party Libraries
34	from docopt import docopt	×
NEW 35	import urllib3	×
36
37	# cisagov Libraries
38	from tools.connect import connect_api	×
39
40	from ._version import __version__	×
41
42	# Disable "Insecure Request" warning: Gophish uses a self-signed certificate
43	# as default for https connections, which can not be verified by a third
44	# party; thus, an SSL insecure request warning is produced.
NEW 45	urllib3.disable_warnings()	×
46
47
48	def confirm_id(element, assessment_id):	×
49	"""Display confirmation message and return response."""
50	while True:
51	if element != "assessment":	×
52	logging.warning(	×
53	"NOTE: THIS WILL REMOVE ALL %s DATA ASSOCIATED WITH ASSESSMENT %s",
54	element.upper(),
55	assessment_id,
56	)
57	# Bandit complains about the input() function, but it is safe to
58	# use in Python 3, which is required by this project.
59	confirm = input("Is this really what you want to do?(y/n) ") # nosec	×
60
61	else:
62	logging.warning(	×
63	"NOTE: THIS WILL REMOVE ALL DATA ASSOCIATED WITH ASSESSMENT %s",
64	assessment_id,
65	)
66	# Bandit complains about the input() function, but it is safe to
67	# use in Python 3, which is required by this project.
68	confirm = input("Is this really what you want to do?(y/n) ") # nosec	×
69
70	if confirm.lower() == "y":	×
71	return True	×
72
73	else:
74	return False	×
75
76
77	def remove_assessment(api, assessment_id):	×
78	"""Remove all elements of an assessment."""
79	if (	×
80	not remove_campaigns(api, assessment_id)
81	or not remove_smtp(api, assessment_id)
82	or not remove_group(api, assessment_id)
83	or not remove_template(api, assessment_id)
84	or not remove_page(api, assessment_id)
85	):
86	success = False	×
87
88	else:
89	logging.info("Successfully removed all elements of %s", assessment_id)	×
90	success = True	×
91
92	return success	×
93
94
95	def remove_campaigns(api, assessment_id):	×
96	"""Remove all campaigns from an assessment."""
97	allCampaigns = api.campaigns.get()	×
98
99	for campaign in allCampaigns:	×
100	if campaign.name.startswith(assessment_id):	×
101	api.campaigns.delete(campaign.id)	×
102
103	return True	×
104
105
106	def remove_smtp(api, assessment_id):	×
107	"""Remove all SMTP from an assessment."""
108	allSMTP = api.smtp.get()	×
109
110	for smtp in allSMTP:	×
111	if smtp.name.startswith(assessment_id):	×
112	api.smtp.delete(smtp.id)	×
113
114	return True	×
115
116
117	def remove_page(api, assessment_id):	×
118	"""Remove all pages from an assessment."""
119	allPages = api.pages.get()	×
120
121	for page in allPages:	×
122	if page.name.startswith(assessment_id):	×
123	api.pages.delete(page.id)	×
124
125	return True	×
126
127
128	def remove_group(api, assessment_id):	×
129	"""Remove all groups from an assessment."""
130	allGroups = api.groups.get()	×
131
132	for group in allGroups:	×
133	if group.name.startswith(assessment_id):	×
134	api.groups.delete(group.id)	×
135
136	return True	×
137
138
139	def remove_template(api, assessment_id):	×
140	"""Remove all templates from an assessment."""
141	allTemplates = api.templates.get()	×
142
143	for template in allTemplates:	×
144	if template.name.startswith(assessment_id):	×
145	api.templates.delete(template.id)	×
146
147	return True	×
148
149
150	def main() -> None:	×
151	"""Set up logging, connect to API, remove assessment data."""
152	args: Dict[str, str] = docopt(__doc__, version=__version__)	×
153
154	# Set up logging
155	log_level = args["--log-level"]	×
156	try:	×
157	logging.basicConfig(	×
158	format="\n%(levelname)s: %(message)s", level=log_level.upper()
159	)
160	except ValueError:	×
161	logging.critical(	×
162	'"%s" is not a valid logging level. Possible values are debug, info, warning, and error.',
163	log_level,
164	)
165	sys.exit(1)	×
166
167	else:
168	# Connect to API
169	try:	×
170	api = connect_api(args["API_KEY"], args["SERVER"])	×
171	logging.debug("Connected to: %s", args["SERVER"])	×
172	except Exception as e:	×
173	logging.critical(e.args[0])	×
174	sys.exit(1)	×
175
176	assessment_id = args["ASSESSMENT_ID"]	×
177
178	if args["--campaigns"] and confirm_id("CAMPAIGNS", assessment_id):	×
179	success = remove_campaigns(api, assessment_id)	×
180
181	elif args["--smtp"] and confirm_id("SMTPS", assessment_id):	×
182	success = remove_smtp(api, assessment_id)	×
183
184	elif args["--pages"] and confirm_id("PAGES", assessment_id):	×
185	success = remove_page(api, assessment_id)	×
186
187	elif args["--groups"] and confirm_id("GROUPS", assessment_id):	×
188	success = remove_group(api, assessment_id)	×
189
190	elif args["--templates"] and confirm_id("TEMPLATES", assessment_id):	×
191	success = remove_template(api, assessment_id)	×
192
193	elif args["--assessment"] and confirm_id("assessment", assessment_id):	×
194	success = remove_assessment(api, assessment_id)	×
195
196	else:
197	success = False	×
198
199	if not success:	×
200	sys.exit(-1)	×

cisagov / gophish-tools / 4759283117

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous