def test_cve_2019_11043_false(self):
network.init("", "", "")
output.setup(False, False, False)
url = "https://www.example.org/"
p = command_line.build_parser()
ns = p.parse_args(args=["scan"])
s = Session(ns, url)
try:
output.setup(False, True, True)
with utils.capture_sys_output() as (stdout, stderr):
with requests_mock.Mocker() as m:
m.get(requests_mock.ANY, status_code=200)
m.head(requests_mock.ANY, status_code=200)
results = php.check_cve_2019_11043(
s, ["https://www.example.org/test/"]
)
except Exception as error:
self.assertIsNone(error)
self.assertIsNotNone(results)
self.assertTrue(len(results) == 0)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stdout.getvalue())
network.reset()
def test_get_header_issues_dup_header(self):
network.init("", "", "")
output.setup(False, False, False)
# we are using www.google.com as they return multiple Set-Cookie headers
url = "https://www.google.com"
output.setup(False, True, True)
with utils.capture_sys_output() as (stdout, stderr):
resp = requests.get(url)
results = http_basic.get_header_issues(
resp, network.http_build_raw_response(resp), url
)
self.assertIsNotNone(results)
self.assertTrue(len(results) > 0)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stdout.getvalue())
self.assertTrue(
any(
"Header Set-Cookie set multiple times with different values"
in r.message
for r in results
)
)
def test_net_init_none(self):
try:
network.init(None, None, None)
except Exception as error:
self.assertIsNone(error)
self.assertIsNotNone(network._requester)
network.reset()
def main():
global _start_time, _monitor
signal.signal(signal.SIGINT, signal_handler)
warnings.simplefilter("ignore")
try:
if str(sys.stdout.encoding).lower() != "utf-8":
print(
f"Output encoding is {sys.stdout.encoding}: changing to UTF-8")
sys.stdout.reconfigure(encoding="utf-8")
except Exception as error:
print(f"Unable to set UTF-8 encoding: {str(error)}")
parser = command_line.build_parser()
args, urls = parser.parse_known_args()
# setup the output system
output.setup(args.debug, args.nocolors, args.nowrap)
output.debug("Starting application...")
proxy = args.proxy if "proxy" in args else None
cookie = args.cookie if "cookie" in args else None
header = args.header if "header" in args else None
network.init(proxy, cookie, header)
# if we made it this far, it means that the parsing worked.
# version doesn't require any URLs, so it gets special handing
if args.command != "version":
urls = command_line.process_urls(urls)
else:
urls = []
# we are good to keep going
print_header()
if args.output is not None:
reporter.init(args.output)
_set_basic_info()
print(f"Saving output to '{reporter.get_output_file()}'")
print()
try:
with _KeyMonitor():
with _ProcessMonitor() as pm:
_monitor = pm
args.func(args, urls)
except KeyboardInterrupt:
output.empty()
output.error("Scan cancelled by user.")
finally:
_shutdown()
def test_response_scanner(self):
network.init("", "", "")
url = "https://adamcaudill.com/"
resp = network.http_get(url)
http.reset()
res = response_scanner.check_response(url, resp)
self.assertTrue(any("External JavaScript File" in r.message for r in res))
self.assertTrue(any("Vulnerable JavaScript" in r.message for r in res))
def test_net_init_valid_proxy_alt(self):
try:
output.setup(False, True, True)
with utils.capture_sys_output() as (stdout, stderr):
network.init("127.0.0.1:1234", "", "")
except Exception as error:
self.assertIsNone(error)
self.assertIsNotNone(network._requester)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stdout.getvalue())
self.assertNotIn("Invalid proxy server specified", stdout.getvalue())
network.reset()
def test_wp_ident(self):
network.init("", "", "")
url = "https://adamcaudill.com/"
output.setup(False, False, False)
with utils.capture_sys_output() as (stdout, stderr):
try:
_, res = wordpress.identify(url)
except Exception as error:
self.assertIsNone(error)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stderr.getvalue())
self.assertTrue(any("Found WordPress" in r.message for r in res))
def test_net_init_invalid_header(self):
try:
output.setup(False, True, True)
with utils.capture_sys_output() as (stdout, stderr):
network.init("", "", "AUTH123")
_ = network.http_get("http://example.com")
except Exception as error:
self.assertIsNone(error)
self.assertIsNotNone(network._requester)
self.assertNotIn("Exception", stderr.getvalue())
self.assertIn("Error", stdout.getvalue())
self.assertIn("header must be in NAME=VALUE format", stdout.getvalue())
network.reset()
def test_find_backup_ext(self):
network.init("", "", "")
url = "https://adamcaudill.com/"
output.setup(False, False, False)
with utils.capture_sys_output() as (stdout, stderr):
try:
http.reset()
_, _ = file_search.find_backups(
[url, f"{url}readme.html", f"{url}#test"]
)
except Exception as error:
self.assertIsNone(error)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stderr.getvalue())
def test_wp_json_user_enum(self):
network.init("", "", "")
url = "https://adamcaudill.com/"
output.setup(False, False, False)
with utils.capture_sys_output() as (stdout, stderr):
try:
res = wordpress.check_json_user_enum(url)
except Exception as error:
self.assertIsNone(error)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stderr.getvalue())
self.assertTrue(
any("WordPress WP-JSON User Enumeration" in r.message for r in res)
)
def test_check_404(self):
network.init("", "", "X-Test=123")
url = "https://adamcaudill.com/"
output.setup(False, False, False)
with utils.capture_sys_output() as (stdout, stderr):
with requests_mock.Mocker() as m:
m.get(requests_mock.ANY, text="body", status_code=200)
try:
file, _, _, _ = network.check_404_response(url)
except Exception as error:
self.assertIsNone(error)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stderr.getvalue())
def test_check_put(self):
network.init("", "", "")
url = "https://adamcaudill.com/"
output.setup(False, False, False)
with utils.capture_sys_output() as (stdout, stderr):
with requests_mock.Mocker() as m:
m.put(requests_mock.ANY, text="body", status_code=200)
try:
res = network.http_put(url, "data")
except Exception as error:
self.assertIsNone(error)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stderr.getvalue())
self.assertIsNotNone(res)
def test_find_backup_ext_all(self):
network.init("", "", "")
url = "https://adamcaudill.com/"
output.setup(False, False, False)
with utils.capture_sys_output() as (stdout, stderr):
with requests_mock.Mocker() as m:
m.get(requests_mock.ANY, text="body", status_code=200)
m.head(requests_mock.ANY, status_code=200)
try:
http.reset()
_, res = file_search.find_backups([url, f"{url}test/readme.html"])
except Exception as error:
self.assertIsNone(error)
self.assertNotIn("Exception", stderr.getvalue())
self.assertNotIn("Error", stderr.getvalue())
self.assertTrue(any("Found backup file" in r.message for r in res))
def main():
global _start_time, _monitor
signal.signal(signal.SIGINT, signal_handler)
parser = command_line.build_parser()
args, urls = parser.parse_known_args()
# setup the output system
output.setup(args.debug, args.nocolors)
output.debug("Starting application...")
network.init(args.proxy, args.cookie)
# if we made it this far, it means that the parsing worked.
urls = command_line.process_urls(urls)
# we are good to keep going
print_header()
if args.output is not None:
reporter.init(args.output)
_set_basic_info()
print(f"Saving output to '{reporter.get_output_file()}'")
print()
try:
with _KeyMonitor():
with _ProcessMonitor() as pm:
_monitor = pm
args.func(args, urls)
except KeyboardInterrupt:
output.empty()
output.error("Scan cancelled by user.")
finally:
_shutdown()