Ejemplo n.º 1
0
def find(parameters, request):

    headers = {}
    for header in request.headers:
        headers[header.lower()] = request.headers[header]

    for parameter in parameters['headers']['required']:
        loname = parameter['name'].lower()
        if loname in headers:
            value = headers[loname]
            if parameter['values'] is None or value.lower() in map(
                    lambda x: x.lower(), parameter['values']):
                prompt.text(parameter['name'], value)
            else:
                prompt.warning(parameter['name'], value)
        else:
            prompt.error(parameter['name'], None)

    for parameter in parameters['headers']['removed']:
        loname = parameter['name'].lower()
        if loname in headers:
            value = headers[loname]
            prompt.error(parameter['name'], value)
        else:
            prompt.text(parameter['name'], None)
Ejemplo n.º 2
0
def find(parameters):

    found_data = False
    prompt.text('Scan admin...', '')
    prompt.separator()

    for parameter in parameters['admin']:
        for path in parameter['path']:
            request = requests.get(parameters['url'] + path,
                                   allow_redirects=False)
            if 200 == request.status_code:
                hash = hashlib.md5(request.content).hexdigest()
                if hash != parameters['hash']:
                    prompt.error(
                        path if 32 >= len(path) else path[:28] + '[...]',
                        'Path exists')
                    found_data = True

    if not found_data:
        prompt.text(' > No data found', '')
Ejemplo n.º 3
0
def find(parameters, request):

    found_data = False
    tree = html.fromstring(request.content)

    for parameter in parameters['content']:

        if 'selector' in parameter:
            values = tree.xpath(parameter['selector'])
            if values:
                for value in values:
                    prompt.text(parameter['name'], value)
                    found_data = True

        if 'regex' in parameter:
            if not isinstance(parameter['regex'], list):
                parameter['regex'] = [parameter['regex']]
            for regex in parameter['regex']:
                values = re.findall(regex, request.content)
                if values:
                    for value in values:
                        if not isinstance(value, tuple):
                            value = [value]
                        prompt.text(parameter['name'], ' ' . join(value))
                        found_data = True

    if not found_data:
        prompt.text(' > No data found', '')
Ejemplo n.º 4
0
def find(parameters, request):

    try:
        uri = urlparse(parameters['url'])
        cert = ssl.get_server_certificate((uri.netloc, 443))
        x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                               cert)
        prompt.text('SSL', "Oui")
        prompt.text(
            'SSL expiration date',
            datetime.strptime(x509.get_notAfter().decode('ascii'),
                              '%Y%m%d%H%M%SZ').strftime('%Y-%m-%d %H:%M:%S'))
    except socket.error:
        prompt.text('SSL', "Non")
        pass
Ejemplo n.º 5
0
def find(parameters):

    found_data = False
    prompt.text('Scan files...', '')
    prompt.separator()

    for parameter in parameters['files']['removed']:
        for test_file in parameter['files']:
            request = requests.get(parameters['url'] + '/' + test_file,
                                   allow_redirects=False)
            if 200 == request.status_code:
                hash_file = hashlib.md5(request.content).hexdigest()
                if hash_file != parameters['hash']:
                    prompt.error(
                        test_file if 32 >= len(test_file) else test_file[:28] +
                        '[...]', 'File exists')
                    found_data = True
                    if 'interpreter' in parameter.keys():
                        category = parameter['interpreter']['category']
                        if category not in matches.keys():
                            matches[category] = []

                        if 'json' == parameter['interpreter']['type']:
                            json_data = request.json()
                            if isinstance(json_data, list):
                                for items in json_data:
                                    value = ''
                                    for path in parameter['interpreter'][
                                            'path']:
                                        try:
                                            value += str(items[path]) + ':'
                                        except NameError:
                                            err = 1
                                    if value and value not in matches[category]:
                                        matches[category].append(
                                            value.strip(':'))
                            else:
                                for path in parameter['interpreter']['path']:
                                    try:
                                        for item in json_data[path]:
                                            value = str(
                                                item
                                            ) + ':' + json_data[path][item]
                                            if value and value not in matches[
                                                    category]:
                                                matches[category].append(value)
                                    except NameError:
                                        err = 1

    if not found_data:
        prompt.text(' > No data found', '')
    else:
        print('')
        prompt.text('Critical data', '')
        prompt.separator()
        if matches:
            for category in matches:
                prompt.error(category, '')
                for index in matches[category]:
                    prompt.error(' > ', index)
        else:
            prompt.text(' > No data found', '')