about summary refs log tree commit diff
path: root/pkgs/tools/security/xsser/default.nix
blob: c1d93c03f7e4e6bcccea188b874d9a9af9f9316c (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
{ lib, buildPythonApplication, fetchFromGitHub, wrapGAppsHook3, gobject-introspection, gtk3, pango
, pillow, pycurl, beautifulsoup4, pygeoip, pygobject3, cairocffi, selenium }:

buildPythonApplication rec {
  pname = "xsser";
  version = "1.8.4";

  src = fetchFromGitHub {
    owner = "epsylon";
    repo = pname;
    rev = "478242e6d8e1ca921e0ba8fa59b50106fa2f7312";
    sha256 = "MsQu/r1C6uXawpuVTuBGhWNqCSZ9S2DIx15Lpo7L4RI=";
  };

  postPatch = ''
    # Replace relative path with absolute store path
    find . -type f -exec sed -i "s|core/fuzzing/user-agents.txt|$out/share/xsser/fuzzing/user-agents.txt|g" {} +

    # Replace absolute path references with store paths
    substituteInPlace core/main.py --replace /usr $out
    substituteInPlace gtk/xsser.desktop --replace /usr $out
    substituteInPlace setup.py --replace /usr/share share
  '';

  nativeBuildInputs = [ wrapGAppsHook3 gobject-introspection ];

  buildInputs = [
    gtk3
    pango
  ];

  propagatedBuildInputs = [
    pillow
    pycurl
    beautifulsoup4
    pygeoip
    pygobject3
    cairocffi
    selenium
  ];

  # Project has no tests
  doCheck = false;

  dontWrapGApps = true;
  preFixup = ''
    makeWrapperArgs+=("''${gappsWrapperArgs[@]}")
  '';

  postInstall = ''
    install -D core/fuzzing/user-agents.txt $out/share/xsser/fuzzing/user-agents.txt
  '';

  meta = with lib; {
    description = "Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications";
    mainProgram = "xsser";
    homepage = "https://xsser.03c8.net/";
    license = licenses.gpl3Only;
    maintainers = with maintainers; [ emilytrau ];
  };
}