def Email(content):
list_email = parser.Parser(content).getmail()
if len(list_email) > 1:
output.Output().plus('Found Emails: %s' %
str(list_email).split('[')[1].split(']')[0])
elif len(list_email) == 1:
output.Output().plus('Found Email: %s' % list_email[0])
def IP(content):
list_ip = parser.Parser(content).getip()
if len(list_ip) > 1:
output.Output().plus('Found Private IP: %s' %
str(list_ip).split('[')[1].split(']')[0])
elif len(list_ip) == 1:
output.Output().plus('Found Private IP: %s' % list_ip[0])
def Card(content):
cc = parser.Parser(content).getcc()
if len(cc) > 1:
output.Output().plus('Found Credit Cards: %s' %
str(cc).split('[')[1].split(']')[0])
elif len(cc) == 1:
output.Output().plus('Found Credit Card: %s' % cc[0])
def run(headers):
if headers['set-cookie']:
cookie = headers['set-cookie']
else:
cookie = None
if cookie != None:
if re.search(r'domain=\S*',cookie,re.I):
output.Output().plus('Cookies are only accessible to this domain: %s'%re.findall(r'domain=(.+?)[\;]',cookie,re.I)[0])
if not re.search('httponly',cookie,re.I):
output.Output().plus('Cookies created without HTTPOnly Flag.')
if not re.search('secure',cookie,re.I):
output.Output().plus('Cookies created without Secure Flag.')
def __init__(self, agent, proxy, redirect, timeout, links, cookie):
self.links = links
self.cookie = cookie
self.output = output.Output()
self.agent = agent
self.proxy = proxy
self.redirect = redirect
self.timeout = timeout
def __init__(self, agent, proxy, redirect, timeout, url, cookie):
self.agent = agent
self.proxy = proxy
self.redirect = redirect
self.timeout = timeout
self.url = url
self.cookie = cookie
self.output = output.Output()
def __init__(self, agent, proxy, redirect, timeout, url, cookie):
self.url = url
self.cookie = cookie
self.output = output.Output()
self.request = request.Request(agent=agent,
proxy=proxy,
redirect=redirect,
timeout=timeout)
def __init__(self, agent, proxy, redirect, timeout, url, cookie):
self.url = url
self.output = output.Output()
self.ip = ip.Ip(agent=agent,
proxy=proxy,
redirect=redirect,
timeout=timeout,
url=url,
cookie=cookie)
def __init__(self, agent, proxy, redirect, timeout, url, cookie):
self.url = url
self.cookie = cookie
self.output = output.Output()
self.request = request.Request(
agent=
'() { foo;}; echo Content-Type: text/plain ; echo ; cat /etc/passwd',
proxy=proxy,
redirect=redirect,
timeout=timeout)
def __init__(self, agent, proxy, redirect, timeout, links, cookie):
self.links = links
self.cookie = cookie
self.check = utils.Checker()
self.output = output.Output()
self.param = parameters
self.request = request.Request(agent=agent,
proxy=proxy,
redirect=redirect,
timeout=timeout)
def run(headers):
fields = ('Accept', 'Accept-Charset', 'Accept-Encoding',
'Accept-Language', 'Accept-Datetime', 'Authorization',
'Connection', 'Cookie', 'Content-Length', 'Content-MD5',
'Content-Type', 'Expect', 'From', 'Host', 'If-Match',
'If-Modified-Since', 'If-None-Match', 'If-Range',
'If-Unmodified-Since', 'Max-Forwards', 'Origin', 'Pragma',
'Proxy-Authorization', 'Range', 'Referer', 'User-Agent',
'Upgrade', 'Via', 'Warning', 'X-Requested-With',
'X-Forwarded-For', 'X-Forwarded-Host', 'X-Forwarded-Proto',
'Front-End-Https', 'X-Http-Method-Override',
'X-ATT-DeviceId', 'X-Wap-Profile', 'Proxy-Connection',
'Accept-Ranges', 'Age', 'Allow', 'Cache-Control',
'Content-Encoding', 'Content-Language', 'Content-Length',
'Content-Location', 'Content-MD5', 'Content-Disposition',
'Content-Range', 'Content-Type', 'Date', 'ETag', 'Expires',
'Last-Modified', 'Link', 'Location', 'Proxy-Authenticate',
'Refresh', 'Retry-After', 'Server', 'Set-Cookie', 'Status',
'Strict-Transport-Security', 'Trailer', 'Transfer-Encoding',
'Vary', 'WWW-Authenticate', 'X-Frame-Options',
'Public-Key-Pins', 'X-XSS-Protection',
'Content-Security-Policy', 'X-Content-Security-Policy',
'X-WebKit-CSP', 'X-Content-Type-Options', 'X-Powered-By',
'Keep-Alive', 'Content-language', 'X-UA-Compatible')
if not re.search(r'X-Frame-Options', str(headers.keys()), re.I):
output.Output().plus('X-Frame-Options header is not present.')
if not re.search(r'Strict-Transport-Security', str(headers.keys()),
re.I):
output.Output().plus(
'Strict-Transport-Security header is not present.')
if not re.search(r'x-xss-protection', str(headers.keys()), re.I):
output.Output().plus('X-XSS-Protection header is not present.')
try:
for key in headers.keys():
if key not in fields:
output.Output().plus(
'Uncommon header "%s" found, with contents: %s' %
(key, headers[key]))
except Exception, e:
pass
def __init__(self, agent, proxy, redirect, timeout, url, cookie):
self.url = url
self.cookie = cookie
self.output = output.Output()
self.email = email.Email(agent=agent,
proxy=proxy,
redirect=redirect,
timeout=timeout,
url=url,
cookie=cookie)
def __init__(self, agent, proxy, redirect, timeout, url, cookie):
self.url = url
self.cookie = cookie
self.forms = forms.Forms()
self.output = output.Output()
self.ucheck = urlcheck.UrlCheck()
self.parser = urlparser.UrlParser(url)
self.extract = urlextract.UrlExtract()
self.request = request.Request(agent=agent,
proxy=proxy,
redirect=redirect,
timeout=timeout)
def __init__(self, agent, proxy, redirect, timeout, url, cookie):
self.url = url
self.cookie = cookie
self.check = utils.Checker()
self.output = output.Output()
self.parser = utils.Parser(self.url)
self.form = form.Form(agent=agent,
proxy=proxy,
redirect=redirect,
timeout=timeout,
url=url,
cookie=cookie)
self.request = request.Request(agent=agent,
proxy=proxy,
redirect=redirect,
timeout=timeout)
class Spaghetti(object):
bn = banner.Banner()
pr = output.Output()
pa = urlparser
ma = manager
nw = ("")
def main(self,argv):
agent = ragent.RAgent()
redir = True
time = None
proxy = None
cookie = None
if len(sys.argv) < 2:
self.bn.usage(True)
try:
opts,arg = getopt.getopt(
argv,'u:s:',['url=','scan=','crawler','agent=','random-agent','redirect=',
'timeout=','cookie=','proxy=','verbose','version','help']
)
except getopt.error,e:
self.bn.usage(True)
for o,a in opts:
if o in ('-u','--url'):
self.url = self.target(a)
if o in ('-s','--scan'):
self.scan = a
if o in ('--crawler'):pass
if o in ('--agent'):
agent = str(a)
if o in ('--random-agent'):pass
if o in ('--redirect'):
redir = a
if o in ('--timeout'):
time = a
if o in ('--cookie'):
cookie = a
if o in ('--proxy'):
proxy = a
#if o in ("--headers"):pass
if o in ('--verbose'):pass
if o in ('--version'):
self.bn.version(True)
if o in ('--help'):
self.bn.usage(True)
# starting
self.bn.banner()
self.strftime()
if not hasattr(self,'scan'):
self.scan = str(0)
self.pr.info('Scan argument is not defined, setting to default value %s'%(self.scan))
if self.scan == "6":
pass
else:
self.ma.fingerprints(agent,proxy,redir,time,self.url,cookie)
# crawler
if self.scan == '0' or self.scan == '3':
print self.nw
urls = self.ma.crawling(
agent,proxy,redir,time,self.url,cookie)
if urls==[]:urls.append(self.url)
# scan options
if self.scan == '0':
self.ma.bruteforce(
agent,proxy,redir,time,self.url,cookie)
self.ma.disc(
agent,proxy,redir,time,self.url,cookie)
self.ma.attacks(
agent,proxy,redir,time,urls,cookie)
self.ma.others(
agent,proxy,redir,time,self.url,cookie)
self.ma.vuln(
agent,proxy,redir,time,self.url,cookie)
if self.scan == '1':
self.ma.bruteforce(
agent,proxy,redir,time,self.url,cookie)
if self.scan == '2':
self.ma.disc(
agent,proxy,redir,time,self.url,cookie)
if self.scan == '3':
self.ma.attacks(
agent,proxy,redir,time,urls,cookie)
if self.scan == '4':
self.ma.others(
agent,proxy,redir,time,self.url,cookie)
if self.scan == '5':
self.ma.vuln(
agent,proxy,redir,time,self.url,cookie)
if self.scan == '6':
self.ma.fingerprints(
agent,proxy,redir,time,self.url,cookie)
print self.nw
if self.scan == '3':
self.ma.attacks(
agent,proxy,redir,time,urls,cookie)
if self.scan == '4':
self.ma.others(
agent,proxy,redir,time,self.url,cookie)
if self.scan == '5':
self.ma.vuln(
agent,proxy,redir,time,self.url,cookie)
if self.scan == '6':
self.ma.fingerprints(
agent,proxy,redir,time,self.url,cookie)
print self.nw
def strftime(self):
self.pr.plus('URL: %s'%self.url)
self.pr.plus('Started: %s'%(str(time.strftime('%d/%m/%Y %H:%M:%S'))))
print self.nw
def target(self,url):
u = self.pa.UrlParser(url).host_path()
if u == None:
sys.exit(self.pr.less('Url not found, please try with target url!'))
return str(u)
if __name__ == "__main__":
try:
main = Spaghetti().main(sys.argv[1:])
except KeyboardInterrupt:
sys.exit(output.Output().less('Keyboard Interrupt by User!!'))
class Spaghetti(object):
ban = banner.Banner()
output = output.Output()
def main(self,kwargs):
agent = "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0"
redirect = True
timeout = None
cookie = None
proxy = None
default_scan = "5"
# args...
if len(sys.argv) < 2:
self.ban.usage(True)
try:
opts,args = getopt.getopt(kwargs,'u:s:',['url=','scan=','agent=','random-agent',
'redirect=','timeout=','cookie=','proxy=','verbose','version','help'])
except getopt.error,e:
self.ban.usage(True)
for o,a in opts:
if o in ('-u','--url'):
self.url = utils.Parser(a).host_path()
if not self.url:
self.output.less('Try with target url!')
sys.exit(0)
if o in ('-s','--scan'):
self.scan = a
if self.scan not in ('0','1','2','3','4','5'):
self.output.less('Check scan option and try!')
sys.exit(0)
if o in ('--agent'):
agent = a
if o in ('--random-agent'):
pass
if o in ('--redirect'):
redirect = a
if o in ('--timeout'):
timeout = a
if o in ('--cookie'):
cookie = a
if o in ('--proxy'):
proxy = a
if o in ('--verbose'):
pass
if o in ('--version'):
self.ban.version(True)
if o in ('--help'):
self.ban.usage(True)
self.fingerprints(
agent,proxy,redirect,timeout,self.url,cookie
)
urls = self.crawler(
agent,proxy,redirect,timeout,self.url,cookie)
#
if urls == None or urls == []: urls == []; urls.append(self.url)
#
#Check if --scan is set or else set default value
if not hasattr(self, "scan"):
self.scan = default_scan
self.output.info('Argument --scan is not defined. Setting to default value %s'%default_scan)
if self.scan == "0":
self.broken(
agent,proxy,redirect,timeout,self.url,cookie
)
self.disclosure(
agent,proxy,redirect,timeout,self.url,cookie
)
self.injection(
agent,proxy,redirect,timeout,urls,cookie
)
self.other(
agent,proxy,redirect,timeout,self.url,cookie
)
self.vulns(
agent,proxy,redirect,timeout,self.url,cookie
)
elif self.scan == "1":
self.broken(
agent,proxy,redirect,timeout,self.url,cookie
)
elif self.scan == "2":
self.disclosure(
agent,proxy,redirect,timeout,self.url,cookie
)
elif self.scan == "3":
self.injection(
agent,proxy,redirect,timeout,urls,cookie
)
elif self.scan == "4":
self.other(
agent,proxy,redirect,timeout,self.url,cookie
)
elif self.scan == "5":
self.vulns(
agent,proxy,redirect,timeout,self.url,cookie
)
def other(self,a,p,r,t,u,c):
other.Other(
agent=a,proxy=p,redirect=r,timeout=t,url=u,cookie=c
).run(
)
def vulns(self,a,p,r,t,u,c):
vulns.Vulns(
agent=a,proxy=p,redirect=r,timeout=t,url=u,cookie=c
).run(
)
def crawler(self,a,p,r,t,u,c):
return crawler.Crawler(
agent=a,proxy=p,redirect=r,timeout=t,url=u,cookie=c
).process(
)
def starttime(self):
self.output.plus('Target: %s'%self.url)
self.output.plus('Starting: %s'%time.strftime('%d/%m/%Y %H:%M:%S'))
print ""
if __name__ == "__main__":
try:
main = Spaghetti()
main.main(sys.argv[1:])
except KeyboardInterrupt:
sys.exit(output.Output().less('Exiting...'))
