def _rm_file(self):
'''
Stop the server, remove the file from the webroot.
'''
# Remove the file
filename = self._rfi_url.getFileName()
os.remove(os.path.join(get_home_dir(), 'webroot', filename))
def _rm_file(self):
'''
Stop the server, remove the file from the webroot.
'''
# Remove the file
filename = self._rfi_url.getFileName()
os.remove(os.path.join(get_home_dir(), 'webroot', filename))
def _local_test_inclusion(self, freq):
'''
Check for RFI using a local web server
@param freq: A fuzzableRequest object
@return: None, everything is saved to the kb
'''
#
# The listen address is an empty string when I have no default route
#
# Only work if:
# - The listen address is private and the target address is private
# - The listen address is public and the target address is public
#
if self._listen_address == '':
return
is_listen_priv = is_private_site(self._listen_address)
is_target_priv = is_private_site(freq.getURL().getDomain())
if (is_listen_priv and is_target_priv) or \
not (is_listen_priv or is_target_priv):
om.out.debug('RFI test using local web server for URL: ' +
freq.getURL())
om.out.debug('w3af is running a webserver')
try:
# Create file for remote inclusion
self._create_file()
# Start web server
webroot = os.path.join(get_home_dir(), 'webroot')
webserver.start_webserver(self._listen_address,
self._listen_port, webroot)
# Perform the real work
self._test_inclusion(freq)
except Exception, e:
msg = 'An error occurred while running local webserver: "%s"' % str(
e)
om.out.error(msg)
finally:
def _create_file(self):
'''
Create random name file php with random php content. To be used in the
remote file inclusion test.
'''
# First, generate the php file to be included.
rand1 = createRandAlNum(9)
rand2 = createRandAlNum(9)
filename = createRandAlNum()
php_code = '<? \n echo "%s";\n echo "%s";\n ?>' % (rand1, rand2)
# Write the php to the webroot
file_handler = open(os.path.join(get_home_dir(), 'webroot', filename), 'w')
file_handler.write(php_code)
file_handler.close()
# Define the required parameters
netloc = self._listen_address +':' + str(self._listen_port)
path = '/'+filename
self._rfi_url = url_object.from_parts('http', netloc, path, None, None, None)
self._rfi_result = rand1 + rand2
def _local_test_inclusion(self, freq):
'''
Check for RFI using a local web server
@param freq: A fuzzableRequest object
@return: None, everything is saved to the kb
'''
#
# The listen address is an empty string when I have no default route
#
# Only work if:
# - The listen address is private and the target address is private
# - The listen address is public and the target address is public
#
if self._listen_address == '':
return
is_listen_priv = is_private_site(self._listen_address)
is_target_priv = is_private_site(freq.getURL().getDomain())
if (is_listen_priv and is_target_priv) or \
not (is_listen_priv or is_target_priv):
om.out.debug('RFI test using local web server for URL: ' + freq.getURL())
om.out.debug('w3af is running a webserver')
try:
# Create file for remote inclusion
self._create_file()
# Start web server
webroot = os.path.join(get_home_dir(), 'webroot')
webserver.start_webserver(self._listen_address,
self._listen_port, webroot)
# Perform the real work
self._test_inclusion(freq)
except Exception,e:
msg = 'An error occurred while running local webserver: "%s"' % str(e)
om.out.error( msg )
finally:
def _create_file(self):
'''
Create random name file php with random php content. To be used in the
remote file inclusion test.
'''
# First, generate the php file to be included.
rand1 = createRandAlNum(9)
rand2 = createRandAlNum(9)
filename = createRandAlNum()
php_code = '<? \n echo "%s";\n echo "%s";\n ?>' % (rand1, rand2)
# Write the php to the webroot
file_handler = open(os.path.join(get_home_dir(), 'webroot', filename),
'w')
file_handler.write(php_code)
file_handler.close()
# Define the required parameters
netloc = self._listen_address + ':' + str(self._listen_port)
path = '/' + filename
self._rfi_url = url_object.from_parts('http', netloc, path, None, None,
None)
self._rfi_result = rand1 + rand2
