def root_domain(url):
if not is_ip_address(url.get_domain()):
return [
url.get_root_domain(),
]
return []
def _get_common_virtual_hosts(self, base_url):
"""
Get a list of common virtual hosts based on the target domain
:param base_url: The target URL object.
:return: A list of possible domain names that could be hosted in the
same web server that "domain".
"""
domain = base_url.get_domain()
root_domain = base_url.get_root_domain()
for subdomain in self.COMMON_VHOSTS:
# intranet
yield subdomain
# It doesn't make any sense to create subdomains based no an
# IP address, they will look like intranet.192.168.1.2 , and
# are invalid domains
if is_ip_address(domain):
continue
# intranet.www.targetsite.com
yield subdomain + '.' + domain
# intranet.targetsite.com
yield subdomain + '.' + root_domain
# intranet.targetsite
yield subdomain + '.' + root_domain.split('.')[0]
def _get_common_virtual_hosts(self, fuzzable_request):
"""
Get a list of common virtual hosts based on the target domain
:param fuzzable_request: The fuzzable request as received by the plugin
:return: A list of possible domain names that could be hosted in the
same web server that "domain".
"""
base_url = fuzzable_request.get_url().base_url()
domain = base_url.get_domain()
root_domain = base_url.get_root_domain()
for subdomain in self.COMMON_VHOSTS:
# intranet
yield subdomain
# It doesn't make any sense to create subdomains based no an
# IP address, they will look like intranet.192.168.1.2 , and
# are invalid domains
if is_ip_address(domain):
continue
# intranet.www.target.com
yield subdomain + '.' + domain
# intranet.target.com
yield subdomain + '.' + root_domain
# intranet.target
yield subdomain + '.' + root_domain.split('.')[0]
def validate(self, value):
if value is None:
return None
if not is_ip_address(value):
msg = 'Invalid IP address specified ("%s")' % value
raise BaseFrameworkException(msg)
return value
def validate(self, value):
if value is None:
return None
if not is_ip_address(value):
msg = 'Invalid IP address specified ("%s")' % value
raise BaseFrameworkException(msg)
return value
def get_root_domain(self):
"""
Get the root domain name. Examples:
input: www.ciudad.com.ar
output: ciudad.com.ar
input: i.love.myself.ru
output: myself.ru
Code taken from: http://getoutfoxed.com/node/41
TODO: If you ever want to improve this code section, you might be
interested in https://pypi.python.org/pypi/tldextract , which
seems to be really updated and supported.
The (minor) down side is that they HTTP GET the GTOP_LEVEL_DOMAINS
each time you start the library for the first time.
"""
# break authority into two parts: subdomain(s), and base authority
# e.g. images.google.com --> [images, google.com]
# www.popo.com.au --> [www, popo.com.au]
def split_authority(aAuthority):
# walk down from right, stop at (but include) first non-toplevel
# domain
chunks = re.split("\.", aAuthority)
chunks.reverse()
base_authority = ""
subdomain = ""
found_break = 0
for chunk in chunks:
if not found_break:
base_authority = chunk + (
".", "")[base_authority == ""] + base_authority
else:
subdomain = chunk + (".", "")[subdomain == ""] + subdomain
if chunk not in GTOP_LEVEL_DOMAINS:
found_break = 1
return [subdomain, base_authority]
# def to split URI into its parts, returned as URI object
def decompose_uri():
return split_authority(self.get_domain())[1]
if is_ip_address(self.netloc):
# An IP address has no "root domain"
return self.netloc
else:
return decompose_uri()
def get_root_domain(self):
"""
Get the root domain name. Examples:
input: www.ciudad.com.ar
output: ciudad.com.ar
input: i.love.myself.ru
output: myself.ru
Code taken from: http://getoutfoxed.com/node/41
TODO: If you ever want to improve this code section, you might be
interested in https://pypi.python.org/pypi/tldextract , which
seems to be really updated and supported.
The (minor) down side is that they HTTP GET the GTOP_LEVEL_DOMAINS
each time you start the library for the first time.
"""
# break authority into two parts: subdomain(s), and base authority
# e.g. images.google.com --> [images, google.com]
# www.popo.com.au --> [www, popo.com.au]
def split_authority(aAuthority):
# walk down from right, stop at (but include) first non-toplevel
# domain
chunks = re.split("\.", aAuthority)
chunks.reverse()
base_authority = ""
subdomain = ""
found_break = 0
for chunk in chunks:
if not found_break:
base_authority = chunk + (
".", "")[base_authority == ""] + base_authority
else:
subdomain = chunk + (".", "")[subdomain == ""] + subdomain
if chunk not in GTOP_LEVEL_DOMAINS:
found_break = 1
return [subdomain, base_authority]
# def to split URI into its parts, returned as URI object
def decompose_uri():
return split_authority(self.get_domain())[1]
if is_ip_address(self.netloc):
# An IP address has no "root domain"
return self.netloc
else:
return decompose_uri()
def api_execute(self, ip_address):
"""
Start a w3afAgent, to do this, I must transfer the agent client to the
remote end and start the w3afServer in this local machine
all this work is done by the w3afAgentManager, I just need to called
start and thats it.
"""
if not is_ip_address(ip_address):
ValueError('Invalid IP address: "%s"' % ip_address)
try:
agentManager = w3afAgentManager(self.shell.execute, ip_address)
except BaseFrameworkException, w3:
return 'Error' + str(w3)
def get_root_domain(self):
"""
Get the root domain name. Examples:
input: www.ciudad.com.ar
output: ciudad.com.ar
input: i.love.myself.ru
output: myself.ru
"""
# An IP address has no 'root domain'
if is_ip_address(self.netloc):
return self.netloc
extract = TLDExtract(suffix_list_url=False, fallback_to_snapshot=True)
extract_result = extract(self.get_domain())
return '%s.%s' % (extract_result.domain, extract_result.suffix)
def get_root_domain(self):
"""
Get the root domain name. Examples:
input: www.ciudad.com.ar
output: ciudad.com.ar
input: i.love.myself.ru
output: myself.ru
Code taken from: http://getoutfoxed.com/node/41
"""
# break authority into two parts: subdomain(s), and base authority
# e.g. images.google.com --> [images, google.com]
# www.popo.com.au --> [www, popo.com.au]
def split_authority(aAuthority):
# walk down from right, stop at (but include) first non-toplevel domain
chunks = re.split("\.", aAuthority)
chunks.reverse()
baseAuthority = ""
subdomain = ""
foundBreak = 0
for chunk in chunks:
if (not foundBreak):
baseAuthority = chunk + (
".", "")[baseAuthority == ""] + baseAuthority
else:
subdomain = chunk + (".", "")[subdomain == ""] + subdomain
if chunk not in GTOP_LEVEL_DOMAINS:
foundBreak = 1
return ([subdomain, baseAuthority])
# def to split URI into its parts, returned as URI object
def decompose_uri():
return split_authority(self.get_domain())[1]
if is_ip_address(self.netloc):
# An IP address has no "root domain"
return self.netloc
else:
return decompose_uri()
def get_root_domain(self):
"""
Get the root domain name. Examples:
input: www.ciudad.com.ar
output: ciudad.com.ar
input: i.love.myself.ru
output: myself.ru
Code taken from: http://getoutfoxed.com/node/41
"""
# break authority into two parts: subdomain(s), and base authority
# e.g. images.google.com --> [images, google.com]
# www.popo.com.au --> [www, popo.com.au]
def split_authority(aAuthority):
# walk down from right, stop at (but include) first non-toplevel domain
chunks = re.split("\.", aAuthority)
chunks.reverse()
baseAuthority = ""
subdomain = ""
foundBreak = 0
for chunk in chunks:
if (not foundBreak):
baseAuthority = chunk + (
".", "")[baseAuthority == ""] + baseAuthority
else:
subdomain = chunk + (".", "")[subdomain == ""] + subdomain
if chunk not in GTOP_LEVEL_DOMAINS:
foundBreak = 1
return ([subdomain, baseAuthority])
# def to split URI into its parts, returned as URI object
def decompose_uri():
return split_authority(self.get_domain())[1]
if is_ip_address(self.netloc):
# An IP address has no "root domain"
return self.netloc
else:
return decompose_uri()
def validate(self, value):
try:
ip, port = value.split(':')
except Exception:
msg = 'Invalid IP and port specification, the correct format is'\
' <ip-address>:<port> , for example: 127.0.0.1:8080.'
raise BaseFrameworkException(msg)
else:
if not is_ip_address(ip):
msg = 'Invalid IP address specified ("%s")' % ip
raise BaseFrameworkException(msg)
try:
port = int(port)
assert port > 0
assert port < 65536
except:
msg = 'Invalid port specified, it needs to be a number between'\
' 1 and 65535.'
raise BaseFrameworkException(msg)
return value
def validate(self, value):
try:
ip, port = value.split(':')
except Exception:
msg = 'Invalid IP and port specification, the correct format is'\
' <ip-address>:<port> , for example: 127.0.0.1:8080.'
raise BaseFrameworkException(msg)
else:
if not is_ip_address(ip):
msg = 'Invalid IP address specified ("%s")' % ip
raise BaseFrameworkException(msg)
try:
port = int(port)
assert port > 0
assert port < 65536
except:
msg = 'Invalid port specified, it needs to be a number between'\
' 1 and 65535.'
raise BaseFrameworkException(msg)
return value
def test_is_ip_address_false_case01(self):
self.assertFalse(is_ip_address('127.0.0.1.2'))
def test_is_ip_address_false_case01(self):
self.assertFalse(is_ip_address('127.0.0.1.2'))
def test_is_ip_address_false_case02(self):
self.assertFalse(is_ip_address('127.0.0.256'))
def root_domain(url):
if not is_ip_address(url.get_domain()):
return [url.get_root_domain(), ]
return []
def test_is_ip_address_true(self):
self.assertTrue(is_ip_address('127.0.0.1'))
def test_is_ip_address_true(self):
self.assertTrue(is_ip_address('127.0.0.1'))
def test_is_ip_address_false_case02(self):
self.assertFalse(is_ip_address('127.0.0.256'))
