OWASP O2 Platform Blog

Extrating OWASP Chapter data via MediaWiki API and viewing it

Here is a script that uses O2’s MediaWiki API to extract OWASP’s chapter information from its WIKI.

Once the data is collected, a mini gui is used to show it:

var topPanel = panel.clear().add_Panel();
var owaspWiki = new OwaspWikiAPI(false);

var treeView = topPanel.add_TreeView();
var textArea = topPanel.insert_Right().add_TextArea();
var webBrowser = textArea.insert_Below().add_WebBrowser_Control();
Action<List<string>,TreeNode, bool> loadArea = null;
var addedCategories = new List<string>();

treeView.afterSelect<string>(
    (page)=>{
                textArea.set_Text(page);
                var wikiText = owaspWiki.wikiText(page);
                var htmlCode = owaspWiki.html(page);
                textArea.set_Text(wikiText);
                webBrowser.open(htmlCode.save());
                
            });
       
loadArea = (pages, parentNode, addChapters) =>
        {                       
            foreach(var page in pages)
            {
                if (page.contains("Category") && addedCategories.contains(page).isFalse())
                {                   
                    addedCategories.add(page);
                    var categoryNode = parentNode.add_Node(page);                   
                    var chaptersInArea = owaspWiki.pagesInCategory(page);       
                   
                    loadArea(chaptersInArea, categoryNode , true);
                   
                }
                else
                    if (addChapters)
                        parentNode.add_Node(page);
            }
        };


var chapters = owaspWiki.pagesInCategory("Category:OWASP Chapter");
//var chapters = @"C:\O2\_tempDir\2-8-2012\tmpA92F.tmp.xml".load<List<string>>();
loadArea(chapters,treeView.rootNode(),false);       

treeView.selectFirst();
//return pages.size();

return "ok";
//O2File:OwaspWikiAPI.cs
//O2Ref:O2_Misc_Microsoft_MPL_Libs.dll

February 8, 2012 Posted by | MediaWiki, OWASP | Leave a comment

OWASP MediaWiki Tool – File Uploader (O2 Script)

Following a request from a fellow OWASP Leader for an easier way to upload files to the OWASP wiki, here is an O2 script that allows the uploading of file(s) by just drag-and-droping then from a local folder (note that not all file types are currenly supported by the OWASP Wiki).

The script is called “Tool – OWASP Wiki – File Uploader.h2” and here is what the GUI looks like:

This script supports the upload of all files in a folder, but be careful when using it, since (in this version) there is no stop botton, and if you make a mistake, you might end uploading the wrong files to the OWASP wiki 🙂

The script was created using the very powerful O2 MediaWiki APIs, who can also be seen in action in these two YouTube videos:

Here is this script source code:

var userAccount = @"accounts.xml".credential("owasp.dinis");     
var permitedFileTypes = "vsd, odp, gif, png, jpg, jpeg, doc, ppt, mp3, pdf, psd, zip, tar, tar.gz, tar.bz2, jar, docx, pptx, xls, xlsx";
//var topPanel = panel.clear().add_Panel();
var topPanel = "Tool - OWASP Wiki - File Uploader : {0}".format(permitedFileTypes).popupWindow(1000,500); 
topPanel.insert_LogViewer();

var actionsPanel = topPanel.insert_Above(40,"Actions");
var recentChanges = topPanel.insert_Right("Recent Changes to OWASP Wiki"); 
var filesToUpload = topPanel.insert_Left(recentChanges.width()/2, "Files To Upload").add_TreeView();
var filesUploaded = topPanel.add_GroupBox("Files Uploaded").add_TextArea().wordWrap(false);
Label messageLabel = null;

var wikiApi = new OwaspWikiAPI(false);

Action showRecentChanges = `
    ()=>{
            wikiApi.add_Table_with_RecentChanges(recentChanges.clear());
        };
Action login =
    ()=>{
            if (userAccount.isNull())
                userAccount = ascx_AskUserForLoginDetails.ask();
           
            if (userAccount.isNull() || userAccount.UserName.inValid() )
                messageLabel.set_Text("Error, no user provided ").textColor(Color.Red);
            else
            {
                messageLabel.set_Text("Logging in as user: {0}".format(userAccount.UserName)).textColor(Color.DarkOrange);
                if (wikiApi.login(userAccount.UserName, userAccount.Password))
                {
                    messageLabel.set_Text("Logged in OK as: {0}".format(userAccount.UserName)).textColor(Color.Green);    
                    filesToUpload.enabled(true);
                    filesUploaded.enabled(true);
                    //showRecentChanges();
                    return;
                }               
                messageLabel.set_Text("Failed to Login as : {0}".format(userAccount.UserName)).textColor(Color.Red);    
            }
            userAccount = null;           
        };
Action<string> uploadFile =
    (fileToUpload)=>{       
                        filesToUpload.add_Node(fileToUpload);
                        filesToUpload.pink();
                        O2Thread.mtaThread(
                            ()=>{
                                    var fileUrl = wikiApi.uploadImage(fileToUpload);
                                    if (fileUrl.valid())
                                    {
                                        filesUploaded.append_Line("Uploaded OK: {0} ->".line() +
                                                                  "\t{1}", fileToUpload , fileUrl);
                                        messageLabel.set_Text("Uploaded file: {0}".format(fileToUpload)).textColor(Color.Black);
                                        showRecentChanges();
                                    }
                                    else
                                        filesUploaded.append_Line("Error uploading: {0}", fileToUpload);
                                    filesToUpload.white();                                                                       
                                });                       
                    };
                   
messageLabel = actionsPanel.add_Link("refresh recent changes table", ()=>showRecentChanges())
                            .append_Link("Login", ()=> login())
                            .append_Label("").autoSize();

 
filesToUpload.enabled(false);
filesUploaded.enabled(false);
messageLabel.set_Text("To Upload files, please login");
filesToUpload.add_Node("After login, drop file here to upload");
filesToUpload.onDrop(
    (fileOrDir)=>
        {
            if(fileOrDir.dirExists())
                 foreach(var file in fileOrDir.files())
                     uploadFile(file);
            else
                uploadFile(fileOrDir);
        });

login();

showRecentChanges();

//O2File:OwaspWikiAPI.cs
//O2File:ISecretData.cs
//O2File:ascx_AskUserForLoginDetails

November 14, 2011 Posted by | MediaWiki, OWASP | Leave a comment