def getPasslistFromFuzzDB(self):
'''
Reads:
fuzzdb/wordlists-user-passwd/passwds/john.txt
fuzzdb/wordlists-user-passwd/unix-os/unix-passwords.txt
fuzzdb/wordlists-user-passwd/weaksauce.txt
and returns a list of words (used as possible usernames)
'''
print "[+] Generating passwords list using the files in FuzzDB"
passwords = []
johnlistFile = config.resource_path(os.path.join('fuzzdb/wordlists-user-passwd/passwds/john.txt'))
johnlist = open(johnlistFile, 'r')
unixpasswordsFile = config.resource_path(os.path.join('fuzzdb/wordlists-user-passwd/unix-os/unix_passwords.txt'))
unixpasswords = open(unixpasswordsFile, 'r')
weaksauceFile = config.resource_path(os.path.join('fuzzdb/wordlists-user-passwd/passwds/weaksauce.txt'))
weaksauce = open(weaksauceFile, 'r')
for johnpass in johnlist.readlines():
passwords.append(johnpass.rstrip('\n'))
for unixpass in unixpasswords.readlines():
passwords.append(unixpass.rstrip('\n'))
for sauce in weaksauce.readlines():
passwords.append(sauce.rstrip('\n'))
return passwords
def getPasslistFromFuzzDB(self):
'''
Reads:
fuzzdb/wordlists-user-passwd/passwds/john.txt
fuzzdb/wordlists-user-passwd/unix-os/unix-passwords.txt
fuzzdb/wordlists-user-passwd/weaksauce.txt
and returns a list of words (used as possible usernames)
'''
print "[+] Generating passwords list using the files in FuzzDB"
passwords = []
johnlistFile = config.resource_path(
os.path.join('fuzzdb/wordlists-user-passwd/passwds/john.txt'))
johnlist = open(johnlistFile, 'r')
unixpasswordsFile = config.resource_path(
os.path.join(
'fuzzdb/wordlists-user-passwd/unix-os/unix_passwords.txt'))
unixpasswords = open(unixpasswordsFile, 'r')
weaksauceFile = config.resource_path(
os.path.join('fuzzdb/wordlists-user-passwd/passwds/weaksauce.txt'))
weaksauce = open(weaksauceFile, 'r')
for johnpass in johnlist.readlines():
passwords.append(johnpass.rstrip('\n'))
for unixpass in unixpasswords.readlines():
passwords.append(unixpass.rstrip('\n'))
for sauce in weaksauce.readlines():
passwords.append(sauce.rstrip('\n'))
return passwords
def generateShodanReport(self, shodanHosts, absolutePathFile):
'''
Generate Shodan Report.
'''
if self.cli:
self.cli.logger.info(
term.format(
"[+] Generating the Shodan Report in: " + absolutePathFile,
term.Color.GREEN))
#dir = os.path.dirname(os.path.abspath(__file__))
#env = Environment(loader=FileSystemLoader(dir+'/templates'))
templateDir = config.resource_path(os.path.join('templates'))
env = Environment(loader=FileSystemLoader(templateDir))
template = env.get_template('shodanTemplate.html')
hosts = []
for shodanHost in shodanHosts:
if shodanHost is not None:
hosts.append(shodanHost)
#for shodanHost in shodanHosts:
# for key in shodanHost.results.keys():
# print key
templateVars = {
"title": "Shodan Report generated with Tortazo",
"ShodanHosts": hosts,
"APIInfo": shodanHosts[0].keyInfo
}
fd = open(absolutePathFile, 'w')
fd.write(template.render(templateVars).encode('utf-8'))
fd.close()
def getUserlistFromFuzzDB(self):
'''
Reads:
fuzzdb/wordlists-user-passwd/names/namelist.txt
fuzzdb/wordlists-user-passwd/passwds/john.txt
fuzzdb/wordlists-user-passwd/unix-os/unix-users.txt
fuzzdb/wordlists-user-passwd/faithwriters.txt
and returns a list of words (used as possible usernames)
'''
print "[+] Generating users list using the files in FuzzDB"
users = []
try:
namelistFile = config.resource_path(
os.path.join(
'fuzzdb/wordlists-user-passwd/names/namelist.txt'))
namelist = open(namelistFile, 'r')
johnlistFile = config.resource_path(
os.path.join('fuzzdb/wordlists-user-passwd/passwds/john.txt'))
johnlist = open(johnlistFile, 'r')
unixusersFile = config.resource_path(
os.path.join(
'fuzzdb/wordlists-user-passwd/unix-os/unix_users.txt'))
unixusers = open(unixusersFile, 'r')
faithwritersFile = config.resource_path(
os.path.join('fuzzdb/wordlists-user-passwd/faithwriters.txt'))
faithwriters = open(faithwritersFile, 'r')
for userNameList in namelist.readlines():
users.append(userNameList.rstrip('\n'))
for userJohnList in johnlist.readlines():
users.append(userJohnList.rstrip('\n'))
for userunix in unixusers.readlines():
users.append(userunix.rstrip('\n'))
for userfaithwriter in faithwriters.readlines():
users.append(userfaithwriter.rstrip('\n'))
return users
except:
print sys.exc_info()
def getSNMPCommunitiesFromFuzzDB(self):
'''
Reads:
fuzzdb/wordlists-misc/wordlist-common-snmp-community-strings.txt
'''
print "[+] Reading the wordlist with common SNMP communities from FuzzDB"
communities = []
commonCommunitiesFile = config.resource_path(os.path.join('fuzzdb/wordlists-misc/wordlist-common-snmp-community-strings.txt'))
commonCommunities = open(commonCommunitiesFile, 'r')
for community in commonCommunities.readlines():
communities.append(community.replace(' ', '').replace('\n', ''))
return communities
def getUserlistFromFuzzDB(self):
'''
Reads:
fuzzdb/wordlists-user-passwd/names/namelist.txt
fuzzdb/wordlists-user-passwd/passwds/john.txt
fuzzdb/wordlists-user-passwd/unix-os/unix-users.txt
fuzzdb/wordlists-user-passwd/faithwriters.txt
and returns a list of words (used as possible usernames)
'''
print "[+] Generating users list using the files in FuzzDB"
users = []
try:
namelistFile = config.resource_path(os.path.join('fuzzdb/wordlists-user-passwd/names/namelist.txt'))
namelist = open(namelistFile, 'r')
johnlistFile = config.resource_path(os.path.join('fuzzdb/wordlists-user-passwd/passwds/john.txt'))
johnlist = open(johnlistFile, 'r')
unixusersFile = config.resource_path(os.path.join('fuzzdb/wordlists-user-passwd/unix-os/unix_users.txt'))
unixusers = open(unixusersFile, 'r')
faithwritersFile = config.resource_path(os.path.join('fuzzdb/wordlists-user-passwd/faithwriters.txt'))
faithwriters = open(faithwritersFile, 'r')
for userNameList in namelist.readlines():
users.append(userNameList.rstrip('\n'))
for userJohnList in johnlist.readlines():
users.append(userJohnList.rstrip('\n'))
for userunix in unixusers.readlines():
users.append(userunix.rstrip('\n'))
for userfaithwriter in faithwriters.readlines():
users.append(userfaithwriter.rstrip('\n'))
return users
except:
print sys.exc_info()
def getUserAgentsFromFuzzDB(self):
'''
Reads:
fuzzdb/attack-payloads/http-protocol/user-agents.txt
and returns a list of User-agents
'''
print "[+] Reading the User-Agent list from FuzzDB"
userAgents = []
fuzzFile = config.resource_path(os.path.join("fuzzdb/attack-payloads/http-protocol/user-agents.txt"))
johnlist = open(fuzzFile, 'r')
for johnpass in johnlist.readlines():
userAgents.append(johnpass.rstrip('\n'))
return userAgents
def generateNmapReport(self, nodes, absolutePathFile):
'''
Generate NMap report.
'''
if self.cli:
self.cli.logger.info(term.format("[+] Generating the NMAP Report in: "+absolutePathFile, term.Color.YELLOW))
templateDir = config.resource_path(os.path.join('templates'))
env = Environment(loader=FileSystemLoader(templateDir))
template = env.get_template('nmapTemplate.html')
templateVars = { "title" : "NMAP Report generated with Tortazo",
"nodes" : nodes}
fd = open(absolutePathFile, 'w')
fd.write(template.render(templateVars))
fd.close()
def getSNMPCommunitiesFromFuzzDB(self):
'''
Reads:
fuzzdb/wordlists-misc/wordlist-common-snmp-community-strings.txt
'''
print "[+] Reading the wordlist with common SNMP communities from FuzzDB"
communities = []
commonCommunitiesFile = config.resource_path(
os.path.join(
'fuzzdb/wordlists-misc/wordlist-common-snmp-community-strings.txt'
))
commonCommunities = open(commonCommunitiesFile, 'r')
for community in commonCommunities.readlines():
communities.append(community.replace(' ', '').replace('\n', ''))
return communities
def getUserAgentsFromFuzzDB(self):
'''
Reads:
fuzzdb/attack-payloads/http-protocol/user-agents.txt
and returns a list of User-agents
'''
print "[+] Reading the User-Agent list from FuzzDB"
userAgents = []
fuzzFile = config.resource_path(
os.path.join(
"fuzzdb/attack-payloads/http-protocol/user-agents.txt"))
johnlist = open(fuzzFile, 'r')
for johnpass in johnlist.readlines():
userAgents.append(johnpass.rstrip('\n'))
return userAgents
def generateNmapReport(self, nodes, absolutePathFile):
'''
Generate NMap report.
'''
if self.cli:
self.cli.logger.info(
term.format(
"[+] Generating the NMAP Report in: " + absolutePathFile,
term.Color.YELLOW))
templateDir = config.resource_path(os.path.join('templates'))
env = Environment(loader=FileSystemLoader(templateDir))
template = env.get_template('nmapTemplate.html')
templateVars = {
"title": "NMAP Report generated with Tortazo",
"nodes": nodes
}
fd = open(absolutePathFile, 'w')
fd.write(template.render(templateVars))
fd.close()
def generateShodanReport(self, shodanHosts, absolutePathFile):
'''
Generate Shodan Report.
'''
if self.cli:
self.cli.logger.info(term.format("[+] Generating the Shodan Report in: "+absolutePathFile, term.Color.GREEN))
#dir = os.path.dirname(os.path.abspath(__file__))
#env = Environment(loader=FileSystemLoader(dir+'/templates'))
templateDir = config.resource_path(os.path.join('templates'))
env = Environment(loader=FileSystemLoader(templateDir))
template = env.get_template('shodanTemplate.html')
hosts = []
for shodanHost in shodanHosts:
if shodanHost is not None:
hosts.append(shodanHost)
#for shodanHost in shodanHosts:
# for key in shodanHost.results.keys():
# print key
templateVars = { "title" : "Shodan Report generated with Tortazo", "ShodanHosts" : hosts, "APIInfo" : shodanHosts[0].keyInfo}
fd = open(absolutePathFile, 'w')
fd.write(template.render(templateVars).encode('utf-8'))
fd.close()
def getDirListFromFuzzDB(self):
'''
Reads:
fuzzdb/Discovery/PredictableRes/AdobeXML.fuzz.txt
fuzzdb/Discovery/PredictableRes/Apache.fuzz.txt
fuzzdb/Discovery/PredictableRes/ApacheTomcat.fuzz.txt
fuzzdb/Discovery/PredictableRes/CGI_Microsoft.fuzz.txt
fuzzdb/Discovery/PredictableRes/ColdFusion.fuzz.txt
fuzzdb/Discovery/PredictableRes/FatwireCMS.fuzz.txt
fuzzdb/Discovery/PredictableRes/Frontpage.fuzz.txt
fuzzdb/Discovery/PredictableRes/Hyperion.fuzz.txt
fuzzdb/Discovery/PredictableRes/IIS.fuzz.txt
fuzzdb/Discovery/PredictableRes/JBoss.fuzz.txt
fuzzdb/Discovery/PredictableRes/JRun.fuzz.txt
fuzzdb/Discovery/PredictableRes/KitchensinkDirectories.fuzz.txt
fuzzdb/Discovery/PredictableRes/Logins.fuzz.txt
fuzzdb/Discovery/PredictableRes/LotusNotes.fuzz.txt
fuzzdb/Discovery/PredictableRes/Netware.fuzz.txt
fuzzdb/Discovery/PredictableRes/Oracle9i.fuzz.txt
fuzzdb/Discovery/PredictableRes/OracleAppServer.fuzz.txt
fuzzdb/Discovery/PredictableRes/Passwords.fuzz.txt
fuzzdb/Discovery/PredictableRes/PHP.fuzz.txt
fuzzdb/Discovery/PredictableRes/PHP_CommonBackdoors.fuzz.txt
fuzzdb/Discovery/PredictableRes/proxy-conf.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-directories.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-directories-lowecase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-files.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-files-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-words.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-words-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-directories.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-directories-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-files.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-files-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-words.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-words-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-directories.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-directories-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-files.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-files-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-words.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-words-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/Randomfiles.fuzz.txt
fuzzdb/Discovery/PredictableRes/SAP.fuzz.txt
fuzzdb/Discovery/PredictableRes/Sharepoint.fuzz.txt
fuzzdb/Discovery/PredictableRes/SiteMinder.fuzz.txt
fuzzdb/Discovery/PredictableRes/SunAppServerGlassfish.fuzz.txt
fuzzdb/Discovery/PredictableRes/SuniPlanet.fuzz.txt
fuzzdb/Discovery/PredictableRes/tftp.fuzz.txt
fuzzdb/Discovery/PredictableRes/Unixdotfiles.fuzz.txt
fuzzdb/Discovery/PredictableRes/Vignette.fuzz.txt
fuzzdb/Discovery/PredictableRes/Weblogic.fuzz.txt
fuzzdb/Discovery/PredictableRes/Websphere.fuzz.txt
'''
print "[+] Generating Directory list using the files in FuzzDB"
dirs = []
adobeXMLFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/AdobeXML.fuzz.txt'))
adobeXML = open(adobeXMLFile, 'r')
apacheFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Apache.fuzz.txt'))
apache = open(apacheFile, 'r')
apacheTomcatFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/ApacheTomcat.fuzz.txt'))
apacheTomcat = open(apacheTomcatFile, 'r')
cgiMicrosoftFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/CGI_Microsoft.fuzz.txt'))
cgiMicrosoft = open(cgiMicrosoftFile, 'r')
coldFusionFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/ColdFusion.fuzz.txt'))
coldFusion = open(coldFusionFile, 'r')
fatWireFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/FatwireCMS.fuzz.txt'))
fatWire = open(fatWireFile, 'r')
fatWireFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Frontpage.fuzz.txt'))
fronPage = open(fatWireFile, 'r')
hyperionFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Hyperion.fuzz.txt'))
hyperion = open(hyperionFile, 'r')
iisFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/IIS.fuzz.txt'))
iis = open(iisFile, 'r')
jbossFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/JBoss.fuzz.txt'))
jboss = open(jbossFile, 'r')
jrunFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/JRun.fuzz.txt'))
jrun = open(jrunFile, 'r')
kitchenFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/KitchensinkDirectories.fuzz.txt'
))
kitchen = open(kitchenFile, 'r')
loginsFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Logins.fuzz.txt'))
logins = open(loginsFile, 'r')
lotusNotesFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/LotusNotes.fuzz.txt'))
lotusNotes = open(lotusNotesFile, 'r')
netwareFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Netware.fuzz.txt'))
netware = open(netwareFile, 'r')
oracle9iFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Oracle9i.fuzz.txt'))
oracle9i = open(oracle9iFile, 'r')
oracleAppServerFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/OracleAppServer.fuzz.txt'))
oracleAppServer = open(oracleAppServerFile, 'r')
passwordsFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Passwords.fuzz.txt'))
passwords = open(passwordsFile, 'r')
phpFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/PHP.fuzz.txt'))
php = open(phpFile, 'r')
phpBackDoorsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/PHP_CommonBackdoors.fuzz.txt')
)
phpBackDoors = open(phpBackDoorsFile, 'r')
proxyConfFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/proxy-conf.fuzz.txt'))
proxyConf = open(proxyConfFile, 'r')
largeDirsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-large-directories.txt'))
largeDirs = open(largeDirsFile, 'r')
largeDirsLowercaseFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-large-directories-lowercase.txt'
))
largeDirsLowercase = open(largeDirsLowercaseFile, 'r')
largeFilesFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-large-files.txt'))
largeFiles = open(largeFilesFile, 'r')
largeFilesLowercaseFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-large-directories-lowercase.txt'
))
largeFilesLowercase = open(largeFilesLowercaseFile, 'r')
largeWordsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-large-words.txt'))
largeWords = open(largeWordsFile, 'r')
largeWordsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-large-words-lowercase.txt'
))
largeWordsLowercase = open(largeWordsFile, 'r')
mediumDirsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-medium-directories.txt'))
mediumDirs = open(mediumDirsFile, 'r')
mediumDirsLowerFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-medium-directories-lowercase.txt'
))
mediumDirsLower = open(mediumDirsLowerFile, 'r')
mediumFilesFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-medium-files.txt'))
mediumFiles = open(mediumFilesFile, 'r')
mediumFilesLowerFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-medium-files-lowercase.txt'
))
mediumFilesLower = open(mediumFilesLowerFile, 'r')
mediumWordsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-medium-words.txt'))
mediumWords = open(mediumWordsFile, 'r')
mediumWordsLowerFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-medium-words-lowercase.txt'
))
mediumWordsLower = open(mediumWordsLowerFile, 'r')
smallDirsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-small-directories.txt'))
smallDirs = open(smallDirsFile, 'r')
smallDirsLowerFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-small-directories-lowercase.txt'
))
smallDirsLower = open(smallDirsLowerFile, 'r')
smallFilesFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-small-files.txt'))
smallFiles = open(smallFilesFile, 'r')
smallFilesLowerFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-small-files-lowercase.txt'
))
smallFilesLower = open(smallFilesLowerFile, 'r')
smallWordsFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-small-words.txt'))
smallWords = open(smallWordsFile, 'r')
smallWordsLowerFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/raft-small-words-lowercase.txt'
))
smallWordsLower = open(smallWordsLowerFile)
randomFilesFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/Randomfiles.fuzz.txt'))
randomFiles = open(randomFilesFile, 'r')
SAPFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/SAP.fuzz.txt'))
SAP = open(SAPFile, 'r')
siteMinderFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/SiteMinder.fuzz.txt'))
siteMinder = open(siteMinderFile, 'r')
glassfishFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/SunAppServerGlassfish.fuzz.txt'
))
glassfish = open(glassfishFile, 'r')
iplanetFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/SuniPlanet.fuzz.txt'))
iplanet = open(iplanetFile, 'r')
tftpFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/tftp.fuzz.txt'))
tftp = open(tftpFile, 'r')
unixdotfilesFile = config.resource_path(
os.path.join(
'fuzzdb/Discovery/PredictableRes/UnixDotfiles.fuzz.txt'))
unixdotfiles = open(unixdotfilesFile, 'r')
vignetteFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Vignette.fuzz.txt'))
vignette = open(vignetteFile, 'r')
weblogicFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Weblogic.fuzz.txt'))
weblogic = open(weblogicFile, 'r')
websphereFile = config.resource_path(
os.path.join('fuzzdb/Discovery/PredictableRes/Websphere.fuzz.txt'))
websphere = open(websphereFile, 'r')
dirs.extend(self.__readFile(adobeXML))
dirs.extend(self.__readFile(apache))
dirs.extend(self.__readFile(apacheTomcat))
dirs.extend(self.__readFile(cgiMicrosoft))
dirs.extend(self.__readFile(fatWire))
dirs.extend(self.__readFile(coldFusion))
dirs.extend(self.__readFile(fronPage))
dirs.extend(self.__readFile(hyperion))
dirs.extend(self.__readFile(iis))
dirs.extend(self.__readFile(jboss))
dirs.extend(self.__readFile(jrun))
dirs.extend(self.__readFile(kitchen))
dirs.extend(self.__readFile(logins))
dirs.extend(self.__readFile(lotusNotes))
dirs.extend(self.__readFile(netware))
dirs.extend(self.__readFile(oracle9i))
dirs.extend(self.__readFile(oracleAppServer))
dirs.extend(self.__readFile(passwords))
dirs.extend(self.__readFile(php))
dirs.extend(self.__readFile(phpBackDoors))
dirs.extend(self.__readFile(proxyConf))
dirs.extend(self.__readFile(largeDirs))
dirs.extend(self.__readFile(largeDirsLowercase))
dirs.extend(self.__readFile(largeFiles))
dirs.extend(self.__readFile(largeFilesLowercase))
dirs.extend(self.__readFile(largeWords))
dirs.extend(self.__readFile(largeWordsLowercase))
dirs.extend(self.__readFile(mediumDirs))
dirs.extend(self.__readFile(mediumDirsLower))
dirs.extend(self.__readFile(mediumFiles))
dirs.extend(self.__readFile(mediumFilesLower))
dirs.extend(self.__readFile(mediumWords))
dirs.extend(self.__readFile(mediumWordsLower))
dirs.extend(self.__readFile(smallDirs))
dirs.extend(self.__readFile(smallDirsLower))
dirs.extend(self.__readFile(smallFiles))
dirs.extend(self.__readFile(smallFilesLower))
dirs.extend(self.__readFile(smallWords))
dirs.extend(self.__readFile(smallWordsLower))
dirs.extend(self.__readFile(randomFiles))
dirs.extend(self.__readFile(SAP))
dirs.extend(self.__readFile(siteMinder))
dirs.extend(self.__readFile(glassfish))
dirs.extend(self.__readFile(iplanet))
dirs.extend(self.__readFile(tftp))
dirs.extend(self.__readFile(unixdotfiles))
dirs.extend(self.__readFile(vignette))
dirs.extend(self.__readFile(weblogic))
dirs.extend(self.__readFile(websphere))
return dirs
def connect(self):
import os
dbFile = config.resource_path(os.path.join(database.databaseName))
self.connection = sqlite3.connect(dbFile)
self.cursor = self.connection.cursor()
def getDirListFromFuzzDB(self):
'''
Reads:
fuzzdb/Discovery/PredictableRes/AdobeXML.fuzz.txt
fuzzdb/Discovery/PredictableRes/Apache.fuzz.txt
fuzzdb/Discovery/PredictableRes/ApacheTomcat.fuzz.txt
fuzzdb/Discovery/PredictableRes/CGI_Microsoft.fuzz.txt
fuzzdb/Discovery/PredictableRes/ColdFusion.fuzz.txt
fuzzdb/Discovery/PredictableRes/FatwireCMS.fuzz.txt
fuzzdb/Discovery/PredictableRes/Frontpage.fuzz.txt
fuzzdb/Discovery/PredictableRes/Hyperion.fuzz.txt
fuzzdb/Discovery/PredictableRes/IIS.fuzz.txt
fuzzdb/Discovery/PredictableRes/JBoss.fuzz.txt
fuzzdb/Discovery/PredictableRes/JRun.fuzz.txt
fuzzdb/Discovery/PredictableRes/KitchensinkDirectories.fuzz.txt
fuzzdb/Discovery/PredictableRes/Logins.fuzz.txt
fuzzdb/Discovery/PredictableRes/LotusNotes.fuzz.txt
fuzzdb/Discovery/PredictableRes/Netware.fuzz.txt
fuzzdb/Discovery/PredictableRes/Oracle9i.fuzz.txt
fuzzdb/Discovery/PredictableRes/OracleAppServer.fuzz.txt
fuzzdb/Discovery/PredictableRes/Passwords.fuzz.txt
fuzzdb/Discovery/PredictableRes/PHP.fuzz.txt
fuzzdb/Discovery/PredictableRes/PHP_CommonBackdoors.fuzz.txt
fuzzdb/Discovery/PredictableRes/proxy-conf.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-directories.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-directories-lowecase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-files.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-files-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-words.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-large-words-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-directories.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-directories-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-files.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-files-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-words.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-medium-words-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-directories.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-directories-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-files.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-files-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-words.fuzz.txt
fuzzdb/Discovery/PredictableRes/raft-small-words-lowercase.fuzz.txt
fuzzdb/Discovery/PredictableRes/Randomfiles.fuzz.txt
fuzzdb/Discovery/PredictableRes/SAP.fuzz.txt
fuzzdb/Discovery/PredictableRes/Sharepoint.fuzz.txt
fuzzdb/Discovery/PredictableRes/SiteMinder.fuzz.txt
fuzzdb/Discovery/PredictableRes/SunAppServerGlassfish.fuzz.txt
fuzzdb/Discovery/PredictableRes/SuniPlanet.fuzz.txt
fuzzdb/Discovery/PredictableRes/tftp.fuzz.txt
fuzzdb/Discovery/PredictableRes/Unixdotfiles.fuzz.txt
fuzzdb/Discovery/PredictableRes/Vignette.fuzz.txt
fuzzdb/Discovery/PredictableRes/Weblogic.fuzz.txt
fuzzdb/Discovery/PredictableRes/Websphere.fuzz.txt
'''
print "[+] Generating Directory list using the files in FuzzDB"
dirs = []
adobeXMLFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/AdobeXML.fuzz.txt'))
adobeXML = open(adobeXMLFile, 'r')
apacheFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Apache.fuzz.txt'))
apache = open(apacheFile, 'r')
apacheTomcatFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/ApacheTomcat.fuzz.txt'))
apacheTomcat = open(apacheTomcatFile, 'r')
cgiMicrosoftFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/CGI_Microsoft.fuzz.txt'))
cgiMicrosoft = open(cgiMicrosoftFile, 'r')
coldFusionFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/ColdFusion.fuzz.txt'))
coldFusion = open(coldFusionFile, 'r')
fatWireFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/FatwireCMS.fuzz.txt'))
fatWire = open(fatWireFile, 'r')
fatWireFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Frontpage.fuzz.txt'))
fronPage = open(fatWireFile, 'r')
hyperionFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Hyperion.fuzz.txt'))
hyperion = open(hyperionFile, 'r')
iisFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/IIS.fuzz.txt'))
iis = open(iisFile, 'r')
jbossFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/JBoss.fuzz.txt'))
jboss = open(jbossFile, 'r')
jrunFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/JRun.fuzz.txt'))
jrun = open(jrunFile, 'r')
kitchenFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/KitchensinkDirectories.fuzz.txt'))
kitchen = open(kitchenFile, 'r')
loginsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Logins.fuzz.txt'))
logins = open(loginsFile, 'r')
lotusNotesFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/LotusNotes.fuzz.txt'))
lotusNotes = open(lotusNotesFile, 'r')
netwareFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Netware.fuzz.txt'))
netware = open(netwareFile, 'r')
oracle9iFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Oracle9i.fuzz.txt'))
oracle9i = open(oracle9iFile, 'r')
oracleAppServerFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/OracleAppServer.fuzz.txt'))
oracleAppServer = open(oracleAppServerFile, 'r')
passwordsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Passwords.fuzz.txt'))
passwords = open(passwordsFile, 'r')
phpFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/PHP.fuzz.txt'))
php = open(phpFile, 'r')
phpBackDoorsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/PHP_CommonBackdoors.fuzz.txt'))
phpBackDoors = open(phpBackDoorsFile, 'r')
proxyConfFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/proxy-conf.fuzz.txt'))
proxyConf = open(proxyConfFile, 'r')
largeDirsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-large-directories.txt'))
largeDirs = open(largeDirsFile, 'r')
largeDirsLowercaseFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-large-directories-lowercase.txt'))
largeDirsLowercase = open(largeDirsLowercaseFile, 'r')
largeFilesFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-large-files.txt'))
largeFiles = open(largeFilesFile, 'r')
largeFilesLowercaseFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-large-directories-lowercase.txt'))
largeFilesLowercase = open(largeFilesLowercaseFile, 'r')
largeWordsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-large-words.txt'))
largeWords = open(largeWordsFile, 'r')
largeWordsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-large-words-lowercase.txt'))
largeWordsLowercase = open(largeWordsFile, 'r')
mediumDirsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-medium-directories.txt'))
mediumDirs = open(mediumDirsFile, 'r')
mediumDirsLowerFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-medium-directories-lowercase.txt'))
mediumDirsLower = open(mediumDirsLowerFile, 'r')
mediumFilesFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-medium-files.txt'))
mediumFiles = open(mediumFilesFile, 'r')
mediumFilesLowerFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-medium-files-lowercase.txt'))
mediumFilesLower = open(mediumFilesLowerFile, 'r')
mediumWordsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-medium-words.txt'))
mediumWords = open(mediumWordsFile, 'r')
mediumWordsLowerFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-medium-words-lowercase.txt'))
mediumWordsLower = open(mediumWordsLowerFile, 'r')
smallDirsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-small-directories.txt'))
smallDirs = open(smallDirsFile, 'r')
smallDirsLowerFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-small-directories-lowercase.txt'))
smallDirsLower = open(smallDirsLowerFile, 'r')
smallFilesFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-small-files.txt'))
smallFiles = open(smallFilesFile, 'r')
smallFilesLowerFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-small-files-lowercase.txt'))
smallFilesLower = open(smallFilesLowerFile, 'r')
smallWordsFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-small-words.txt'))
smallWords = open(smallWordsFile, 'r')
smallWordsLowerFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/raft-small-words-lowercase.txt'))
smallWordsLower = open(smallWordsLowerFile)
randomFilesFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Randomfiles.fuzz.txt'))
randomFiles = open(randomFilesFile, 'r')
SAPFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/SAP.fuzz.txt'))
SAP = open(SAPFile, 'r')
siteMinderFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/SiteMinder.fuzz.txt'))
siteMinder = open(siteMinderFile, 'r')
glassfishFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/SunAppServerGlassfish.fuzz.txt'))
glassfish = open(glassfishFile, 'r')
iplanetFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/SuniPlanet.fuzz.txt'))
iplanet = open(iplanetFile, 'r')
tftpFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/tftp.fuzz.txt'))
tftp = open(tftpFile, 'r')
unixdotfilesFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/UnixDotfiles.fuzz.txt'))
unixdotfiles = open(unixdotfilesFile, 'r')
vignetteFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Vignette.fuzz.txt'))
vignette = open(vignetteFile, 'r')
weblogicFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Weblogic.fuzz.txt'))
weblogic = open(weblogicFile, 'r')
websphereFile = config.resource_path(os.path.join('fuzzdb/Discovery/PredictableRes/Websphere.fuzz.txt'))
websphere = open(websphereFile, 'r')
dirs.extend(self.__readFile(adobeXML))
dirs.extend(self.__readFile(apache))
dirs.extend(self.__readFile(apacheTomcat))
dirs.extend(self.__readFile(cgiMicrosoft))
dirs.extend(self.__readFile(fatWire))
dirs.extend(self.__readFile(coldFusion))
dirs.extend(self.__readFile(fronPage))
dirs.extend(self.__readFile(hyperion))
dirs.extend(self.__readFile(iis))
dirs.extend(self.__readFile(jboss))
dirs.extend(self.__readFile(jrun))
dirs.extend(self.__readFile(kitchen))
dirs.extend(self.__readFile(logins))
dirs.extend(self.__readFile(lotusNotes))
dirs.extend(self.__readFile(netware))
dirs.extend(self.__readFile(oracle9i))
dirs.extend(self.__readFile(oracleAppServer))
dirs.extend(self.__readFile(passwords))
dirs.extend(self.__readFile(php))
dirs.extend(self.__readFile(phpBackDoors))
dirs.extend(self.__readFile(proxyConf))
dirs.extend(self.__readFile(largeDirs))
dirs.extend(self.__readFile(largeDirsLowercase))
dirs.extend(self.__readFile(largeFiles))
dirs.extend(self.__readFile(largeFilesLowercase))
dirs.extend(self.__readFile(largeWords))
dirs.extend(self.__readFile(largeWordsLowercase))
dirs.extend(self.__readFile(mediumDirs))
dirs.extend(self.__readFile(mediumDirsLower))
dirs.extend(self.__readFile(mediumFiles))
dirs.extend(self.__readFile(mediumFilesLower))
dirs.extend(self.__readFile(mediumWords))
dirs.extend(self.__readFile(mediumWordsLower))
dirs.extend(self.__readFile(smallDirs))
dirs.extend(self.__readFile(smallDirsLower))
dirs.extend(self.__readFile(smallFiles))
dirs.extend(self.__readFile(smallFilesLower))
dirs.extend(self.__readFile(smallWords))
dirs.extend(self.__readFile(smallWordsLower))
dirs.extend(self.__readFile(randomFiles))
dirs.extend(self.__readFile(SAP))
dirs.extend(self.__readFile(siteMinder))
dirs.extend(self.__readFile(glassfish))
dirs.extend(self.__readFile(iplanet))
dirs.extend(self.__readFile(tftp))
dirs.extend(self.__readFile(unixdotfiles))
dirs.extend(self.__readFile(vignette))
dirs.extend(self.__readFile(weblogic))
dirs.extend(self.__readFile(websphere))
return dirs
