def _generate_ignores(self, response): ''' Generate the list of strings we want to ignore as private IP addresses ''' self._ignore_if_match = [] requested_domain = response.getURL().getDomain() self._ignore_if_match.append( requested_domain ) self._ignore_if_match.append( get_local_ip(requested_domain) ) self._ignore_if_match.append( get_local_ip() ) try: ip_address = socket.gethostbyname(requested_domain) except: pass else: self._ignore_if_match.append( ip_address )
def _generate_ignores(self, response): ''' Generate the list of strings we want to ignore as private IP addresses ''' if self._ignore_if_match is None: self._ignore_if_match = set() requested_domain = response.get_url().get_domain() self._ignore_if_match.add(requested_domain) self._ignore_if_match.add(get_local_ip(requested_domain)) self._ignore_if_match.add(get_local_ip()) try: ip_address = socket.gethostbyname(requested_domain) except: pass else: self._ignore_if_match.add(ip_address)
def __init__(self): AttackPlugin.__init__(self) # Internal variables self._xss_vuln = None self._exploit_dc = None # User configured variables self._listen_port = ports.RFI_SHELL self._listen_address = get_local_ip() self._use_XSS_vuln = True
def __init__(self): baseAuditPlugin.__init__(self) # Internal variables self._error_reported = False # User configured parameters self._rfi_url = '' self._rfi_result = '' self._listen_port = w3afPorts.REMOTEFILEINCLUDE self._listen_address = get_local_ip() or '' self._use_w3af_site = True
def __init__(self): AuditPlugin.__init__(self) # Internal variables self._error_reported = False # FIXME: self._vulns and self._report_vulns are not thread-safe self._vulns = [] # User configured parameters self._listen_port = ports.REMOTEFILEINCLUDE self._listen_address = get_local_ip() or '' self._use_w3af_site = True
def __init__(self): baseAttackPlugin.__init__(self) # Internal variables self._shell = None self._xss_vuln = None self._exploit_dc = None # User configured variables self._listen_port = w3afPorts.REMOTEFILEINCLUDE_SHELL self._listen_address = get_local_ip() self._use_XSS_vuln = True self._generateOnlyOne = True
def get_net_iface(): ''' This function is very OS dependant. :return: The interface name that is being used to connect to the net. ''' # Get the IP address thats used to go to the Internet internet_ip = get_local_ip() # # I need to have a default in case everything else fails! # ifname = 'eth0' if os.name == "nt": # # TODO: Find out how to do this in Windows! # pass else: # # Linux # import fcntl import struct interfaces = [ "eth0", "eth1", "eth2", "wlan0", "wlan1", "wifi0", "ath0", "ath1", "ppp0" ] for ifname in interfaces: try: s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) interface_ip = socket.inet_ntoa( fcntl.ioctl( s.fileno(), 0x8915, # SIOCGIFADDR struct.pack('256s', ifname[:15]))[20:24]) except IOError: pass else: if internet_ip == interface_ip: break return ifname
def get_net_iface(): ''' This function is very OS dependant. @return: The interface name that is being used to connect to the net. ''' # Get the IP address thats used to go to the Internet internet_ip = get_local_ip() # # I need to have a default in case everything else fails! # ifname = 'eth0' if os.name == "nt": # # TODO: Find out how to do this in Windows! # pass else: # # Linux # import fcntl import struct interfaces = ["eth0","eth1","eth2","wlan0","wlan1","wifi0","ath0","ath1","ppp0"] for ifname in interfaces: try: s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) interface_ip = socket.inet_ntoa(fcntl.ioctl( s.fileno(), 0x8915, # SIOCGIFADDR struct.pack('256s', ifname[:15]) )[20:24]) except IOError: pass else: if internet_ip == interface_ip: break return ifname
def __init__( self ): ''' Set the defaults and save them to the config dict. ''' # # User configured variables # if cf.cf.getData('autoDependencies') is None: # It's the first time I'm run cf.cf.save('fuzzableCookie', False ) cf.cf.save('fuzzFileContent', True ) cf.cf.save('fuzzFileName', False ) cf.cf.save('fuzzURLParts', False ) cf.cf.save('fuzzFCExt', 'txt' ) cf.cf.save('fuzzFormComboValues', 'tmb') cf.cf.save('fuzzRepeatedParameters', 'tmb') cf.cf.save('autoDependencies', True ) cf.cf.save('maxDiscoveryTime', 120 ) cf.cf.save('maxThreads', 15 ) cf.cf.save('fuzzableHeaders', [] ) cf.cf.save('msf_location', '/opt/metasploit3/bin/' ) # # # ifname = get_net_iface() cf.cf.save('interface', ifname ) # # This doesn't send any packets, and gives you a nice default setting. # In most cases, it is the "public" IP address, which will work perfectly # in all plugins that need a reverse connection (rfiProxy) # local_address = get_local_ip() if not local_address: local_address = '127.0.0.1' #do'h! cf.cf.save('localAddress', local_address) cf.cf.save('demo', False ) cf.cf.save('nonTargets', [] ) cf.cf.save('stop_on_first_exception', False )
def __init__(self): ''' Set the defaults and save them to the config dict. ''' # # User configured variables # if cf.cf.get('fuzz_cookies') is None: # It's the first time I'm run cf.cf.save('fuzz_cookies', False) cf.cf.save('fuzz_form_files', True) cf.cf.save('fuzzed_files_extension', 'gif') cf.cf.save('fuzz_url_filenames', False) cf.cf.save('fuzz_url_parts', False) cf.cf.save('fuzzable_headers', []) cf.cf.save('form_fuzzing_mode', 'tmb') cf.cf.save('max_discovery_time', 120) cf.cf.save('msf_location', '/opt/metasploit3/bin/') # # # ifname = get_net_iface() cf.cf.save('interface', ifname) # # This doesn't send any packets, and gives you a nice default setting. # In most cases, it is the "public" IP address, which will work perfectly # in all plugins that need a reverse connection (rfi_proxy) # local_address = get_local_ip() if not local_address: local_address = '127.0.0.1' # do'h! cf.cf.save('local_ip_address', local_address) cf.cf.save('non_targets', []) cf.cf.save('stop_on_first_exception', False)
def use_profile(self, profile_name, workdir=None): ''' Gets all the information from the profile and stores it in the w3af core plugins / target attributes for later use. @raise w3afException: if the profile to load has some type of problem. ''' # Clear all enabled plugins if profile_name is None if profile_name is None: self._w3af_core.plugins.zero_enabled_plugins() return # This might raise an exception (which we don't want to handle) when # the profile does not exist profile_inst = profile(profile_name, workdir) # It exists, work with it! # Set the target settings of the profile to the core self._w3af_core.target.set_options(profile_inst.get_target()) # Set the misc and http settings # # IGNORE the following parameters from the profile: # - misc_settings.local_ip_address # profile_misc_settings = profile_inst.get_misc_settings() if 'local_ip_address' in profile_inst.get_misc_settings(): profile_misc_settings['local_ip_address'].set_value(get_local_ip()) misc_settings = MiscSettings() misc_settings.set_options(profile_misc_settings) self._w3af_core.uri_opener.settings.set_options( profile_inst.get_http_settings()) # # Handle plugin options # error_fmt = ('The profile you are trying to load (%s) seems to be' ' outdated, this is a common issue which happens when the' ' framework is updated and one of its plugins adds/removes' ' one of the configuration parameters referenced by a profile' ', or the plugin is removed all together.\n\n' 'The profile was loaded but some of your settings might' ' have been lost. This is the list of issues that were found:\n\n' ' - %s\n' '\nWe recommend you review the specific plugin configurations,' ' apply the required changes and save the profile in order' ' to update it and avoid this message. If this warning does not' ' disappear you can manually edit the profile file to fix it.') error_messages = [] for plugin_type in self._w3af_core.plugins.get_plugin_types(): plugin_names = profile_inst.get_enabled_plugins(plugin_type) # Handle errors that might have been triggered from a possibly # invalid profile try: unknown_plugins = self._w3af_core.plugins.set_plugins(plugin_names, plugin_type, raise_on_error=False) except KeyError: msg = 'The profile references the "%s" plugin type which is'\ ' unknown to the w3af framework.' error_messages.append(msg % plugin_type) continue for unknown_plugin in unknown_plugins: msg = 'The profile references the "%s.%s" plugin which is unknown.' error_messages.append(msg % (plugin_type, unknown_plugin)) # Now we set the plugin options, which can also trigger errors with "outdated" # profiles that users could have in their ~/.w3af/ directory. for plugin_name in set(plugin_names) - set(unknown_plugins): try: plugin_options = profile_inst.get_plugin_options( plugin_type, plugin_name) self._w3af_core.plugins.set_plugin_options(plugin_type, plugin_name, plugin_options) except w3afException, w3e: msg = 'Setting the options for plugin "%s.%s" raised an' \ ' exception due to unknown or invalid configuration' \ ' parameters.' msg += ' ' + str(w3e) error_messages.append(msg % (plugin_type, plugin_name))
def test_w3af_agent(self): result = exec_payload(self.shell, 'w3af_agent', args=(get_local_ip(),), use_api=True) self.assertEquals('Successfully started the w3afAgent.', result)
def useProfile(self, profile_name, workdir=None): ''' Gets all the information from the profile and stores it in the w3af core plugins / target attributes for later use. @raise w3afException: if the profile to load has some type of problem. ''' # Clear all enabled plugins if profile_name is None if profile_name is None: self._w3af_core.plugins.zero_enabled_plugins() return try: profileInstance = profile(profile_name, workdir) except w3afException: # The profile doesn't exist! raise else: # It exists, work with it! for pluginType in self._w3af_core.plugins.getPluginTypes(): pluginNames = profileInstance.getEnabledPlugins( pluginType ) # Handle errors that might have been triggered from a possibly invalid profile unknown_plugins = self._w3af_core.plugins.setPlugins( pluginNames, pluginType ) if unknown_plugins: om.out.error('The profile references the following missing plugins:') for unknown_plugin_name in unknown_plugins: om.out.error('- ' + unknown_plugin_name) # Now we set the plugin options, which can also trigger errors with "outdated" # profiles that users could have in their ~/.w3af/ directory. for pluginName in profileInstance.getEnabledPlugins( pluginType ): pluginOptions = profileInstance.getPluginOptions( pluginType, pluginName ) try: # FIXME: Does this work with output plugin options? # What about target, http-settings, etc? self._w3af_core.plugins.setPluginOptions( pluginType, pluginName, pluginOptions ) except Exception, e: # This is because of an invalid plugin, or something like that... # Added as a part of the fix of bug #1937272 msg = ('The profile you are trying to load seems to be' ' outdated, one of the enabled plugins has a bug or an' ' plugin option that was valid when you created the ' 'profile was now removed from the framework. The plugin' ' that triggered this exception is "%s", and the ' 'original exception is: "%s"' % (pluginName, e)) om.out.error(msg) # Set the target settings of the profile to the core self._w3af_core.target.setOptions( profileInstance.getTarget() ) # Set the misc and http settings # # IGNORE the following parameters from the profile: # - miscSettings.localAddress # profile_misc_settings = profileInstance.getMiscSettings() if 'localAddress' in profileInstance.getMiscSettings(): profile_misc_settings['localAddress'].setValue(get_local_ip()) misc_settings = miscSettings.miscSettings() misc_settings.setOptions( profile_misc_settings ) self._w3af_core.uriOpener.settings.setOptions( profileInstance.getHttpSettings() )