def rec(target):
processed.add(target)
urlPrint = (target + (' ' * 60))[:60]
print('%s Parsing %-40s' % (run, urlPrint), end='\r')
url = getUrl(target, True)
params = getParams(target, '', True)
if '=' in target: # if there's a = in the url, there should be GET parameters
inps = []
for name, value in params.items():
inps.append({'name': name, 'value': value})
forms.append({0: {'action': url, 'method': 'get', 'inputs': inps}})
raw_response = requester(url, params, True)
response = raw_response.text
js = js_extractor(response)
scripts = script_extractor(response)
for each in retirejs(url, response, checkedScripts):
all_outdated_js.append(each)
all_techs.extend(wappalyzer(raw_response, js, scripts))
parsed_response = zetanize(response)
forms.append(parsed_response)
matches = re.finditer(
r'<[aA][^>]*?(?:href|HREF)=[\'"`]?([^>]*?)[\'"`]?>', response)
for link in matches: # iterate over the matches
# remove everything after a "#" to deal with in-page anchors
link = link.group(1).split('#')[0]
this_url = handle_anchor(target, link)
if urlparse(this_url).netloc == host:
storage.add(this_url)
def retireJs(url, response):
vulnerable_component = list()
scripts = js_extractor(response)
for index, script in enumerate(scripts):
if script not in getVar('checkedScripts'):
updateVar('checkedScripts', script, 'add')
uri = handle_anchor(url, script)
response = requester(uri, '', getVar('headers'), True,
getVar('delay'), getVar('timeout')).text
result = main_scanner(uri, response)
if result:
component_report = dict()
logger.red_line()
logger.good('Vulnerable component: ' + result['component'] +
' v' + result['version'])
logger.info('Component location: %s' % uri)
details = result['vulnerabilities']
logger.info('Total vulnerabilities: %i' % len(details))
component_report['vulnerable_component'] = result[
'component'] + ' v' + result['version']
component_report['component_location'] = uri
component_report['total_vulnerabilities'] = len(details)
component_report['details'] = list()
for detail in details:
detail_report = dict()
identifiers = detail['identifiers']
summary = identifiers.get('summary', "None")
severity = identifiers.get('severity', "None")
_cve = identifiers.get('CVE', ["None"])
cve = _cve[0]
logger.info('%sSummary:%s %s' % (green, end, summary))
logger.info('Severity: %s' % severity)
logger.info('CVE: %s' % cve)
detail_report['summary'] = summary
detail_report['severity'] = severity
detail_report['cve'] = cve
component_report['details'].append(detail_report)
logger.red_line()
print("\n{}\n".format(component_report))
vulnerable_component.append(component_report)
return vulnerable_component
def retireJs(url, response):
scripts = js_extractor(response)
for script in scripts:
if script not in getVar('checkedScripts'):
updateVar('checkedScripts', script, 'add')
uri = handle_anchor(url, script)
response = requester(uri, '', getVar('headers'), True,
getVar('delay'), getVar('timeout')).text
result = main_scanner(uri, response)
if result:
logger.red_line()
logger.good('Vulnerable component: ' + result['component'] +
' v' + result['version'])
logger.info('Component location: %s' % uri)
details = result['vulnerabilities']
logger.info('Total vulnerabilities: %i' % len(details))
for detail in details:
logger.info('%sSummary:%s %s' %
(green, end, detail['identifiers']['summary']))
logger.info('Severity: %s' % detail['severity'])
logger.info('CVE: %s' % detail['identifiers']['CVE'][0])
logger.red_line()