Example #1
0
    def _recreate_all(self):
        plugins = pu.plugins_base_get()
        opts = self._options(self.app.pargs)
        executor = ThreadPoolExecutor(max_workers=opts['threads_identify'])
        instances = self._instances_get(opts, plugins, True, self.out)

        return plugins, opts, executor, instances
Example #2
0
    def _recreate_all(self):
        plugins = pu.plugins_base_get()
        opts = self._options(self.app.pargs)
        executor = ThreadPoolExecutor(max_workers=opts['threads_identify'])
        instances = self._instances_get(opts, plugins, True, self.out)

        return plugins, opts, executor, instances
Example #3
0
def identify_rfu(tempdir):
    """
    Given a temporary directory, attempts to distinguish CMS' from non-CMS
    websites and from each other.

    If a single CMS file is identified, then no hashing is performed and the
    file is assumed to be of that particular CMS. False positives will be weeded
    during the version detection phase.

    If all files requested were responded with 200 OK, the site is discarded.
    This is a design decision I might reconsider if it results in too many false
    negatives.

    @param tempfile: as returned by download_rfu.
    @return: DeferredList
    """
    rfu = pu.get_rfu()
    plugins = pu.plugins_base_get()
    files_found = async.rfu_path(tempdir, plugins)

    if len(rfu) == len(files_found):
        msg = "Url responded 200 OK to everything"
        return defer.fail(UnknownCMSException(msg))

    cms_name = identify_rfu_easy(tempdir, files_found)
    if cms_name:
        return defer.succeed(cms_name)

    return defer.fail(UnknownCMSException("This shouldn't happen too often."))
Example #4
0
def identify_rfu(tempdir):
    """
    Given a temporary directory, attempts to distinguish CMS' from non-CMS
    websites and from each other.

    If a single CMS file is identified, then no hashing is performed and the
    file is assumed to be of that particular CMS. False positives will be weeded
    during the version detection phase.

    If all files requested were responded with 200 OK, the site is discarded.
    This is a design decision I might reconsider if it results in too many false
    negatives.

    @param tempfile: as returned by download_rfu.
    @return: DeferredList
    """
    rfu = pu.get_rfu()
    plugins = pu.plugins_base_get()
    files_found = async .rfu_path(tempdir, plugins)

    if len(rfu) == len(files_found):
        msg = "Url responded 200 OK to everything"
        return defer.fail(UnknownCMSException(msg))

    cms_name = identify_rfu_easy(tempdir, files_found)
    if cms_name:
        return defer.succeed(cms_name)

    return defer.fail(UnknownCMSException("This shouldn't happen too often."))
Example #5
0
    def default(self):
        plugins = pu.plugins_base_get()

        skip_version = self.app.pargs.skip_version
        skip_modules = self.app.pargs.skip_modules
        update_only = self.app.pargs.update

        for Plugin in plugins:
            plugin = Plugin()
            plugin_name = plugin.Meta.label

            if update_only != None and update_only != plugin_name:
                continue

            if not skip_version:
                self.update_version(plugin, plugin_name)
            if not skip_modules:
                self.update_plugins(plugin, plugin_name)
    def default(self):
        plugins = pu.plugins_base_get()

        skip_version = self.app.pargs.skip_version
        skip_modules = self.app.pargs.skip_modules
        update_only = self.app.pargs.update

        for Plugin in plugins:
            plugin = Plugin()
            plugin_name = plugin.Meta.label

            if update_only != None and update_only != plugin_name:
                continue

            if not skip_version:
                self.update_version(plugin, plugin_name)
            if not skip_modules:
                self.update_plugins(plugin, plugin_name)
Example #7
0
    def default(self):
        opts = self._options(self.app.pargs)
        url_file_input = 'url_file' in opts
        self._general_init(opts)
        follow_redirects = opts['follow_redirects']
        opts['follow_redirects'] = False

        if url_file_input:
            self.out.debug('scan.default -> url_file')
            self._process_scan_url_file(opts, follow_redirects)
        else:
            plugins = pu.plugins_base_get()
            instances = self._instances_get(opts, plugins, url_file_input,
                    self.out)

            self.out.debug('scan.default -> url')
            url = opts['url']
            if not url:
                self.out.fatal("--url parameter is blank.")

            cms_name, scan_out = self._process_cms_identify(url, opts, instances,
                    follow_redirects)

            if not cms_name:
                no_cms = "'%s' not identified as a supported CMS. If you \
                    disagree, please specify a CMS manually." % url
                self.out.fatal(no_cms)
            else:
                self.out.echo("[+] Site identified as %s." % cms_name)

            url, host_header = scan_out

            inst_dict = instances[cms_name]
            inst = inst_dict['inst']

            opts['url'] = url
            opts['headers'] = self._generate_headers(host_header)

            inst.process_url(opts, **inst_dict['kwargs'])

        self.out.close()
Example #8
0
    def default(self):
        opts = self._options(self.app.pargs)
        url_file_input = 'url_file' in opts
        self._general_init(opts)
        follow_redirects = opts['follow_redirects']
        opts['follow_redirects'] = False

        if url_file_input:
            self.out.debug('scan.default -> url_file')
            self._process_scan_url_file(opts, follow_redirects)
        else:
            plugins = pu.plugins_base_get()
            instances = self._instances_get(opts, plugins, url_file_input,
                                            self.out)

            self.out.debug('scan.default -> url')
            url = opts['url']
            if not url:
                self.out.fatal("--url parameter is blank.")

            cms_name, scan_out = self._process_cms_identify(
                url, opts, instances, follow_redirects)

            if not cms_name:
                no_cms = "'%s' not identified as a supported CMS. If you \
                    disagree, please specify a CMS manually." % url
                self.out.fatal(no_cms)
            else:
                self.out.echo("[+] Site identified as %s." % cms_name)

            url, host_header = scan_out

            inst_dict = instances[cms_name]
            inst = inst_dict['inst']

            opts['url'] = url
            opts['headers'] = self._generate_headers(host_header)

            inst.process_url(opts, **inst_dict['kwargs'])

        self.out.close()
Example #9
0
    def default(self):
        plugins = pu.plugins_base_get()

        skip_version = self.app.pargs.skip_version
        skip_modules = self.app.pargs.skip_modules
        update_only = self.app.pargs.update

        for Plugin in plugins:
            try:
                plugin = Plugin()
                plugin_name = plugin.Meta.label

                if update_only != None and update_only != plugin_name:
                    continue

                if not skip_version:
                    self.update_version(plugin, plugin_name)
                if not skip_modules:
                    self.update_plugins(plugin, plugin_name)

            except AttributeError:
                self.msg('Skipping %s because update_version_check() or update_version() is not defined.' % plugin_name)
Example #10
0
    def default(self):
        plugins = pu.plugins_base_get()

        skip_version = self.app.pargs.skip_version
        skip_modules = self.app.pargs.skip_modules
        update_only = self.app.pargs.update

        for Plugin in plugins:
            try:
                plugin = Plugin()
                plugin_name = plugin.Meta.label

                if update_only != None and update_only != plugin_name:
                    continue

                if not skip_version:
                    self.update_version(plugin, plugin_name)
                if not skip_modules:
                    self.update_plugins(plugin, plugin_name)

            except AttributeError:
                self.msg(
                    'Skipping %s because update_version_check() or update_version() is not defined.'
                    % plugin_name)
Example #11
0
 def test_plugins_get(self):
     plugins = plugins_base_get()
     assert len(plugins) > 3
Example #12
0
 def test_plugins_get(self):
     plugins = plugins_base_get()
     assert len(plugins) > 3