Architecture - owtf/reboot GitHub Wiki
Reboot Architecture
Goals
The OWTF reboot architecture aims for scalability first! It also aims for efficiency and modularity.
It relies on a distributed system composed of a Hero, Grunts and Peons. The Hero is used by the users via a Web User Interface (WebUI) or a Command Line Interface (CLI). The users add their targets and request different plugins to be run against pre-selected targets.
Overview
+------+ +------+ +------+ +------+ +------+ +------+
|Peon 1| |Peon 2| |Peon n| |Peon 1| |Peon 2| |Peon n|
+---+--+ +---+--+ +---+--+ +---+--+ +---+--+ +---+--+
| | | | | |
| | | | | |
+-----------------+ +-----------------+
| |
+---v---+ +---v---+
|Grunt 1+-----------+ |Grunt n|
+--+----+ | +-------+
| |
| |
|Get TT |Push TD
| |
| +-----+-v---+
+--------> TT | TD |
|Queue|Queue|
+-----------+
| Hero |
+-----^-----+
|
+----v----+
User +-------->WebUI/CLI|
+--+ +---------+
Definition
User
The User is the one using OWTF Reboot.
Task Todo
A Task Todo (TT) consists of an action that was requested by a User. A TT is saved into a Queue by the Hero. The Grunts retrieve the TTs from the Queue.
In details, a TT is a string composed of the following elements:
+----+-----------+--------+-------------+
| ID | Timestamp | Target | Plugin Code |
+----+-----------+--------+-------------+
- ID is a unique value identifying a TT.
- Timestamp is the time at which the TT was requested by the User.
- Target is the target against which the plugin should be run.
- Plugin Code is the code of the plugin which has to be run against the Target.
Task Done
A Task Done (TD) consists of the result of an action that was requested by a User. A TD is saved into a Queue by the Grunt. A TD is retrieved from the Queue by the Hero.
In details, a TD is a string composed of the following elements:
+----+-----------+--------+
| ID | Timestamp | Result |
+----+-----------+--------+
- ID is the unique value received in the TT request.
- Timestamp is the time at which the TD was completed by the Grunt.
- Result is the result of the Plugin Code that has been run against the Target.
Hero
The Hero is the piece of software that fills the TT Queue and empties the TD Queue. The Hero is unique. Only one instance of Hero is allowed in OWTF Reboot. The Hero will be running on the User's machine.
Grunt
The Grunt is the piece of software that empties the TT Queue and fills the TD Queue. Several instances of Grunt are allowed but only once instance per machine. At least one Grunt must be present in order to use OWTF Reboot.
Peon
The Peon is the piece of software that executes a TT and generates a TD. Several instances of Peon are allowed per machine. At least one Peon must be present in order to use OWTF Reboot.
Protocol in Insecure Environment
This paragraph describes the protocol used by OWTF Reboot when speaking over insecure environment, such as the Internet. The protocol is used between the Hero and the Grunts to dispatch and collect the results of the plugins run against one or several targets.
The protocol does not describe the security aspect of the exchanges (such as authentication, authentification and encryption). Such specifities are described in the wiki page #TODO: Create dedicated Wiki web page for the security details of the exchanges).
Overview
- The Hero creates a Task Todo.
- The Hero saves the TT into the TT Queue.
- The first Grunt which accepts the TT removes it from the TT Queue to prevent other Grunts to accept it.
- When the TT is done, the Grunt which accepted it saves the results into the Task Done Queue.
- The Hero retrieves the TD from the TD Queue.
- The Hero merges the results in its database.
Edge cases
No Grunt took the TT
In the case where no Grunt took the TT, the Hero waits until a timeout value Y is reached (Y being defined by the User).
In the case where no Grunt took the TT after Z attempts (Z defined by the User), the Hero reports the error to the user and cancels the TT.