Commit 862fa112 authored by Benjamin "Ziirish" SANS's avatar Benjamin "Ziirish" SANS

update demo with a new moderator user

parent 0e1b8383
......@@ -47,6 +47,9 @@ G_CELERY = False
G_SCOOKIE = True
G_DEMO = False
G_DSN = u''
G_PIWIK_URL = u''
G_PIWIK_SCRIPT = u'piwik.php'
G_PIWIK_ID = 0
G_APPSECRET = u'random'
G_COOKIETIME = 14
G_SESSIONTIME = 5
......@@ -83,6 +86,9 @@ class BUIServer(Flask):
'plugins': G_PLUGINS,
'demo': G_DEMO,
'dsn': G_DSN,
'piwik_url': G_PIWIK_URL,
'piwik_script': G_PIWIK_SCRIPT,
'piwik_id': G_PIWIK_ID,
},
'UI': {
'refresh': G_REFRESH,
......@@ -181,6 +187,9 @@ class BUIServer(Flask):
'boolean'
)
self.config['BUI_DSN'] = self.conf.safe_get('dsn')
self.config['BUI_PIWIK_URL'] = self.conf.safe_get('piwik_url')
self.config['BUI_PIWIK_SCRIPT'] = self.conf.safe_get('piwik_script')
self.config['BUI_PIWIK_ID'] = self.conf.safe_get('piwik_id', 'integer')
self.bind = self.config['BUI_BIND'] = self.conf.safe_get('bind')
version = self.conf.safe_get('version', 'integer')
if unittest and version != 1:
......
......@@ -17,7 +17,7 @@
<p>
{{ _("
<strong>Hello!</strong> Welcome to Burp-UI's demo.
You can login with either <em>admin</em> / <em>admin</em> or with <em>demo</em> / <em>demo</em>.
You can login with either <em>admin</em> / <em>admin</em>, <em>moderator</em> / <em>moderator</em> or with <em>demo</em> / <em>demo</em>.
") }}
</p>
</div>
......
......@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PROJECT VERSION\n"
"Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
"POT-Creation-Date: 2018-05-01 15:07+0200\n"
"POT-Creation-Date: 2018-05-07 16:20+0200\n"
"PO-Revision-Date: 2017-03-07 12:04-0300\n"
"Last-Translator: Pablo Estigarribia <pablodav@gmail.com>\n"
"Language: es\n"
......@@ -1532,7 +1532,6 @@ msgstr ""
#: burpui/templates/admin-authorizations.html:142
#: burpui/templates/admin-authorizations.html:162
#: burpui/templates/admin-authorizations.html:252
#: burpui/templates/admin/authentication.html:26
#: burpui/templates/admin/sessions.html:49
#: burpui/templates/client-browse.html:142 burpui/templates/user.html:58
#: burpui/templates/user.html:92 burpui/templates/user.html:121
......@@ -2132,19 +2131,20 @@ msgstr "Seleccionar todo"
msgid "Deselect all"
msgstr "Quitar selección"
#: burpui/templates/js/clients.js:22 burpui/templates/js/clients.js:30
#: burpui/templates/macros.html:173
msgid "now"
msgstr "ahora"
#: burpui/templates/notifications.html:18
msgid ""
"\n"
" <strong>Hello!</strong> Welcome to Burp-UI's demo.\n"
" You can login with either <em>admin</em> / <em>admin</em>"
" or with <em>demo</em> / <em>demo</em>.\n"
" You can login with either <em>admin</em> / "
"<em>admin</em>, <em>moderator</em> / <em>moderator</em> or with "
"<em>demo</em> / <em>demo</em>.\n"
" "
msgstr ""
"\n"
" <strong> ¡Hola! </strong> Bienvenido a burp-UI de demostración. \n"
"Puede ingresar con <em> admin </em> / <em> admin </em> o con <em> demo "
"</em> / <em> demo</em>. \n"
" "
#: burpui/templates/servers-report.html:10
msgid "Global report"
......@@ -2608,7 +2608,7 @@ msgstr "ejecutándose"
#: burpui/templates/js/client.js:19 burpui/templates/js/client.js:26
#: burpui/templates/js/client.js:36 burpui/templates/js/clients.js:20
#: burpui/templates/js/clients.js:172
#: burpui/templates/js/clients.js:169
msgid "idle"
msgstr "inactivo"
......@@ -2628,11 +2628,7 @@ msgstr "Eliminar tarea iniciada"
msgid "never"
msgstr "nunca"
#: burpui/templates/js/clients.js:22 burpui/templates/js/clients.js:30
msgid "now"
msgstr "ahora"
#: burpui/templates/js/clients.js:170
#: burpui/templates/js/clients.js:167
msgid "view"
msgstr "ver"
......@@ -2770,3 +2766,20 @@ msgstr ""
#~ msgid "Authenticate users against local PAM database"
#~ msgstr ""
#~ msgid ""
#~ "\n"
#~ " <strong>Hello!</strong> Welcome to Burp-UI's demo.\n"
#~ " You can login with "
#~ "either <em>admin</em> / <em>admin</em> "
#~ "<em>moderator</em> / <em>moderator</em> or "
#~ "with <em>demo</em> / <em>demo</em>.\n"
#~ " "
#~ msgstr ""
#~ "\n"
#~ " <strong> ¡Hola! </strong> Bienvenido a burp-UI de demostración. \n"
#~ "Puede ingresar con <em> admin </em> "
#~ "/ <em> admin </em>, <em>moderator</em> /"
#~ " <em>moderator</em> o con <em> demo "
#~ "</em> / <em> demo </em>. \n"
#~ " "
......@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PROJECT VERSION\n"
"Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
"POT-Creation-Date: 2018-05-01 15:07+0200\n"
"POT-Creation-Date: 2018-05-07 16:20+0200\n"
"PO-Revision-Date: 2016-08-25 15:19+0200\n"
"Last-Translator: Ziirish <hi+burpui@ziirish.me>\n"
"Language: fr\n"
......@@ -1183,7 +1183,6 @@ msgstr ""
#: burpui/templates/admin-authorizations.html:142
#: burpui/templates/admin-authorizations.html:162
#: burpui/templates/admin-authorizations.html:252
#: burpui/templates/admin/authentication.html:26
#: burpui/templates/admin/sessions.html:49
#: burpui/templates/client-browse.html:142 burpui/templates/user.html:58
#: burpui/templates/user.html:92 burpui/templates/user.html:121
......@@ -1787,19 +1786,26 @@ msgstr "Tout sélectionner"
msgid "Deselect all"
msgstr "Tout dé-sélectionner"
#: burpui/templates/js/clients.js:22 burpui/templates/js/clients.js:30
#: burpui/templates/macros.html:173
msgid "now"
msgstr "maintenant"
#: burpui/templates/notifications.html:18
msgid ""
"\n"
" <strong>Hello!</strong> Welcome to Burp-UI's demo.\n"
" You can login with either <em>admin</em> / <em>admin</em>"
" or with <em>demo</em> / <em>demo</em>.\n"
" You can login with either <em>admin</em> / "
"<em>admin</em>, <em>moderator</em> / <em>moderator</em> or with "
"<em>demo</em> / <em>demo</em>.\n"
" "
msgstr ""
"\n"
" <strong>Bonjour !</strong> Bienvenue sur la demo de Burp-"
"UI.\n"
" Vous pouvez vous connecter avec les comptes "
"<em>admin</em> / <em>admin</em> ou <em>demo</em> / <em>demo</em>.\n"
"<em>admin</em> / <em>admin</em>, <em>moderator</em> / <em>moderator</em> "
"ou <em>demo</em> / <em>demo</em>.\n"
#: burpui/templates/servers-report.html:10
msgid "Global report"
......@@ -2269,7 +2275,7 @@ msgstr "en cours"
#: burpui/templates/js/client.js:19 burpui/templates/js/client.js:26
#: burpui/templates/js/client.js:36 burpui/templates/js/clients.js:20
#: burpui/templates/js/clients.js:172
#: burpui/templates/js/clients.js:169
msgid "idle"
msgstr "en attente"
......@@ -2289,11 +2295,7 @@ msgstr "Tâche de suppression lancée"
msgid "never"
msgstr "jamais"
#: burpui/templates/js/clients.js:22 burpui/templates/js/clients.js:30
msgid "now"
msgstr "maintenant"
#: burpui/templates/js/clients.js:170
#: burpui/templates/js/clients.js:167
msgid "view"
msgstr "voir"
......
......@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PROJECT VERSION\n"
"Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
"POT-Creation-Date: 2018-05-01 15:07+0200\n"
"POT-Creation-Date: 2018-05-07 16:20+0200\n"
"PO-Revision-Date: 2017-07-16 10:36+0100\n"
"Last-Translator: Enrico204 <enrico204@gmail.com>\n"
"Language: it\n"
......@@ -1474,7 +1474,6 @@ msgstr ""
#: burpui/templates/admin-authorizations.html:142
#: burpui/templates/admin-authorizations.html:162
#: burpui/templates/admin-authorizations.html:252
#: burpui/templates/admin/authentication.html:26
#: burpui/templates/admin/sessions.html:49
#: burpui/templates/client-browse.html:142 burpui/templates/user.html:58
#: burpui/templates/user.html:92 burpui/templates/user.html:121
......@@ -2072,19 +2071,20 @@ msgstr "Seleziona tutto"
msgid "Deselect all"
msgstr "Deseleziona tutto"
#: burpui/templates/js/clients.js:22 burpui/templates/js/clients.js:30
#: burpui/templates/macros.html:173
msgid "now"
msgstr "ora"
#: burpui/templates/notifications.html:18
msgid ""
"\n"
" <strong>Hello!</strong> Welcome to Burp-UI's demo.\n"
" You can login with either <em>admin</em> / <em>admin</em>"
" or with <em>demo</em> / <em>demo</em>.\n"
" You can login with either <em>admin</em> / "
"<em>admin</em>, <em>moderator</em> / <em>moderator</em> or with "
"<em>demo</em> / <em>demo</em>.\n"
" "
msgstr ""
"\n"
" <strong>Ciao!</strong> Benvenuto alla demo di Burp-UI.\n"
" Puoi autenticarti sia come <em>admin</em> / "
"<em>admin</em> sia come <em>demo</em> / <em>demo</em>.\n"
" "
#: burpui/templates/servers-report.html:10
msgid "Global report"
......@@ -2546,7 +2546,7 @@ msgstr "in corso"
#: burpui/templates/js/client.js:19 burpui/templates/js/client.js:26
#: burpui/templates/js/client.js:36 burpui/templates/js/clients.js:20
#: burpui/templates/js/clients.js:172
#: burpui/templates/js/clients.js:169
msgid "idle"
msgstr "inattivo"
......@@ -2566,11 +2566,7 @@ msgstr "Funzione di eliminazione lanciata"
msgid "never"
msgstr "mai"
#: burpui/templates/js/clients.js:22 burpui/templates/js/clients.js:30
msgid "now"
msgstr "ora"
#: burpui/templates/js/clients.js:170
#: burpui/templates/js/clients.js:167
msgid "view"
msgstr "vista"
......@@ -2696,3 +2692,21 @@ msgstr ""
#~ msgid "Authenticate users against local PAM database"
#~ msgstr ""
#~ msgid ""
#~ "\n"
#~ " <strong>Hello!</strong> Welcome to Burp-UI's demo.\n"
#~ " You can login with "
#~ "either <em>admin</em> / <em>admin</em> "
#~ "<em>moderator</em> / <em>moderator</em> or "
#~ "with <em>demo</em> / <em>demo</em>.\n"
#~ " "
#~ msgstr ""
#~ "\n"
#~ " <strong>Ciao!</strong> Benvenuto "
#~ "alla demo di Burp-UI.\n"
#~ " Puoi autenticarti sia come "
#~ "<em>admin</em> / <em>admin</em>, <em>moderator</em>"
#~ " / <em>moderator</em> sia come "
#~ "<em>demo</em> / <em>demo</em>.\n"
#~ " "
......@@ -38,6 +38,9 @@ acl = basic
prefix = none
demo = true
dsn = @DSN@
piwik_url = @PIWIK_URL@
piwik_script = @PIWIK_SCRIPT@
piwik_id = @PIWIK_ID@
[UI]
# refresh interval of the pages in seconds
......@@ -192,8 +195,38 @@ noserverrestore = true
#priority = 2
#admin = password
#user1 = otherpassword
admin = pbkdf2:sha1:1000$Jeoy7tqS$ce50e82698ef11f1ee0442ab1227a742118d1cb2
demo = pbkdf2:sha1:1000$eSmvMm2z$a95240bef1682d3469f1141a015b6f5cf18c9de2
admin = pbkdf2:sha256:50000$tBmBFbIb$645e36483a936aa2c54ba7f4b0908e8fd45aebdcddc07343b11bac099732c61d
demo = pbkdf2:sha256:50000$Rd7VUJ9Z$2e91276223d6371ec83bbad7e96c207bee940994e718be44ef274403f3de4a26
moderator = pbkdf2:sha256:50000$vLjiLsda$c848e929190a5cf8e237caf35032bef4a0e73469152d9c89b4cc803ffd9c4d51
## acl engine global options
#[ACL]
## Enable extended matching rules (enabled by default)
## If the rule is a string like 'user1 = desk*', it will match any client that
## matches 'desk*' no mater what agent it is attached to.
## If it is a coma separated list of strings like 'user1 = desk*,laptop*' it
## will match the first matching rule no mater what agent it is attached to.
## If it is a dict like:
## user1 = '{"agents": ["srv*", "www*"], "clients": ["desk*", "laptop*"]}'
## It will also validate against the agent name.
#extended = true
## If you don't explicitly specify ro/rw grants, what should we assume?
#assume_rw = true
## Enable 'legacy' behavior
## Since v0.6.0, if you don't specify the agents name explicitly, users will be
## granted on every agents where a client matches user's ACL. If you enable the
## 'legacy' behavior, you will need to specify the agents explicitly.
## Note: enabling this option will also disable the extended mode
#legacy = false
## The inheritance order maters, it means depending the order you choose,
## the ACL engine won't handle the grants the same way.
## By default, ACL inherited by groups will have lower priority, unless you
## choose otherwise
#inverse_inheritance = false
## If you specify agents and clients separately, should we link them implicitly?
## For instance, '{"agents": ["agent1", "agent2"], "clients": ["client1", "client2"]}'
## will become: '{"agents": {"agent1": ["client1", "client2"], "agent2": ["client1", "client2"]}}'
#implicit_link = true
## basicacl specific options
## Note: in case you leave this section commented, the user 'admin' will have
......@@ -210,7 +243,9 @@ demo = pbkdf2:sha1:1000$eSmvMm2z$a95240bef1682d3469f1141a015b6f5cf18c9de2
## a user can access on a specific Agent
#user4 = '{"agent1": ["client6", "client7"], "agent2": ["client8"]}'
admin = admin
demo = '{"Burp1": ["demo2"]}'
@moderator = '{"agents": {"ro": "Burp1", "rw": "Burp2"}}'
+moderator = moderator
demo = '{"agents": {"Burp1": ["demo2"]}}'
## If you set standalone to 'false', add at least one section like this per
## bui-agent
......
......@@ -4,12 +4,12 @@
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//ziirish.info/piwik/";
_paq.push(['setTrackerUrl', u+'piwik.php']);
_paq.push(['setSiteId', 4]);
var u="{{ config.BUI_PIWIK_URL }}";
_paq.push(['setTrackerUrl', u+'{{ config.BUI_PIWIK_SCRIPT }}']);
_paq.push(['setSiteId', {{ config.BUI_PIWIK_ID }}]);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<noscript><p><img src="//ziirish.info/piwik/piwik.php?idsite=4" style="border:0;" alt="" /></p></noscript>
<noscript><p><img src="{{ config.BUI_PIWIK_URL }}{{ config.BUI_PIWIK_SCRIPT }}?idsite={{ config.BUI_PIWIK_ID }}" style="border:0;" alt="" /></p></noscript>
<!-- End Piwik Code -->
......@@ -35,6 +35,9 @@ appStart () {
rand=$(dd if=/dev/urandom bs=256 count=1 2>/dev/null | base64 | sed ':a;N;$!ba;s/\n//g')
sed -i -r "s'@RANDOM@'$rand'" /etc/burp/burpui.cfg
sed -i -r "s'@DSN@'$SENTRY_DSN'" /etc/burp/burpui.cfg
sed -i -r "s'@PIWIK_URL@'$SPIWIK_URL'" /etc/burp/burpui.cfg
sed -i -r "s'@PIWIK_SCRIPT@'$PIWIK_SCRIPT'" /etc/burp/burpui.cfg
sed -i -r "s'@PIWIK_ID@'$PIWIK_ID'" /etc/burp/burpui.cfg
# patch demo with piwik
REP=$(cat ${CONFIG_DIR}/patch/piwik.patch)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment