Example #1
0
    def run_xsser(self, hostname, url, args):
        """
        Run XSSer against the given target.

        :param url: The URL to be tested.
        :type url: str

        :param command: Path to the XSSer script.
        :type command: str

        :param args: The arguments to pass to XSSer.
        :type args: list

        :return: True id successful, False otherwise.
        :rtype: bool
        """

        Logger.log("Launching XSSer against: %s" % url)
        Logger.log_more_verbose("XSSer arguments: %s" % " ".join(args))

        xsser_script = join(get_tools_folder(), "xsser", "xsser.py")

        with ConnectionSlot(hostname):
            t1 = time()
            code = run_external_tool(xsser_script,
                                     args,
                                     callback=Logger.log_verbose)
            t2 = time()

        if code:
            Logger.log_error("XSSer execution failed, status code: %d" % code)
            return False
        Logger.log("XSSer scan finished in %s seconds for target: %s" %
                   (t2 - t1, url))
        return True
Example #2
0
    def run_xsser(self, hostname, url, args):
        """
        Run XSSer against the given target.

        :param url: The URL to be tested.
        :type url: str

        :param command: Path to the XSSer script.
        :type command: str

        :param args: The arguments to pass to XSSer.
        :type args: list

        :return: True id successful, False otherwise.
        :rtype: bool
        """

        Logger.log("Launching XSSer against: %s" % url)
        Logger.log_more_verbose("XSSer arguments: %s" % " ".join(args))

        xsser_script = join(get_tools_folder(), "xsser", "xsser.py")

        with ConnectionSlot(hostname):
            t1 = time()
            code = run_external_tool(xsser_script, args, callback=Logger.log_verbose)
            t2 = time()

        if code:
            Logger.log_error("XSSer execution failed, status code: %d" % code)
            return False
        Logger.log("XSSer scan finished in %s seconds for target: %s" % (t2 - t1, url))
        return True
Example #3
0
    def make_injection(self, target, args):
        """
        Run SQLMap against the given target.

        :param target: URL to scan.
        :type target: Url

        :param args: Arguments to pass to SQLMap.
        :type args: list(str)

        :return: True on success, False on failure.
        :rtype: bool
        """

        Logger.log("Launching SQLMap against: %s" % target)
        Logger.log_more_verbose("SQLMap arguments: %s" % " ".join(args))

        sqlmap_script = join(get_tools_folder(), "sqlmap", "sqlmap.py")

        with ConnectionSlot(target):
            t1 = time()
            code = run_external_tool(sqlmap_script, args,
                                     callback=Logger.log_verbose)
            t2 = time()

        if code:
            Logger.log_error("SQLMap execution failed, status code: %d" % code)
            return False
        Logger.log(
            "SQLMap scan finished in %s seconds for target: %s"
            % (t2 - t1, target))
        return True
Example #4
0
    def make_injection(self, target, args):
        """
        Run SQLMap against the given target.

        :param target: URL to scan.
        :type target: URL

        :param args: Arguments to pass to SQLMap.
        :type args: list(str)

        :return: True on success, False on failure.
        :rtype: bool
        """

        Logger.log("Launching SQLMap against: %s" % target)
        Logger.log_more_verbose("SQLMap arguments: %s" % " ".join(args))

        sqlmap_script = join(get_tools_folder(), "sqlmap", "sqlmap.py")

        with ConnectionSlot(target):
            t1 = time()
            code = run_external_tool(sqlmap_script, args,
                                     callback=Logger.log_verbose)
            t2 = time()

        if code:
            Logger.log_error("SQLMap execution failed, status code: %d" % code)
            return False
        Logger.log(
            "SQLMap scan finished in %s seconds for target: %s"
            % (t2 - t1, target))
        return True
Example #5
0
    def get_nikto(self):
        """
        Get the path to the Nikto scanner and the configuration file.

        :returns: Nikto scanner and configuration file paths.
        :rtype: tuple(str, str)

        :raises RuntimeError: Nikto scanner of config file not found.
        """

        # Get the path to the Nikto scanner.
        nikto_script = Config.plugin_args["exec"]
        if nikto_script and exists(nikto_script):
            nikto_dir = abspath(split(nikto_script)[0])
        else:
            nikto_dir = join(get_tools_folder(), "nikto")
            nikto_script = join(nikto_dir, "nikto.pl")
            if not nikto_script or not exists(nikto_script):
                nikto_script = find_binary_in_path("nikto")
                if not exists(nikto_script):
                    nikto_script = Config.plugin_args["exec"]
                    msg = "Nikto not found"
                    if nikto_script:
                        msg += ". File: %s" % nikto_script
                    Logger.log_error(msg)
                    raise RuntimeError(msg)

        # Get the path to the configuration file.
        config = Config.plugin_args.get("config", "nikto.conf")
        if not config:
            config = "nikto.conf"
        config = join(nikto_dir, config)
        config = abspath(config)
        if not isfile(config):
            config = Config.plugin_args.get("config", "nikto.conf")
            if not config:
                config = "nikto.conf"
            config = abspath(config)
            if not isfile(config):
                config = "/etc/nikto.conf"
                if not isfile(config):
                    msg = "Nikto config file not found"
                    if config:
                        msg += ". File: %s" % config
                    raise RuntimeError(msg)

        # Return the paths.
        return nikto_script, config
Example #6
0
    def get_nikto(self):
        """
        Get the path to the Nikto scanner and the configuration file.

        :returns: Nikto scanner and configuration file paths.
        :rtype: tuple(str, str)

        :raises RuntimeError: Nikto scanner of config file not found.
        """

        # Get the path to the Nikto scanner.
        nikto_script = Config.plugin_args["exec"]
        if nikto_script and exists(nikto_script):
            nikto_dir = abspath(split(nikto_script)[0])
        else:
            nikto_dir = join(get_tools_folder(), "nikto")
            nikto_script = join(nikto_dir, "nikto.pl")
            if not nikto_script or not exists(nikto_script):
                nikto_script = find_binary_in_path("nikto")
                if not exists(nikto_script):
                    nikto_script = Config.plugin_args["exec"]
                    msg = "Nikto not found"
                    if nikto_script:
                        msg += ". File: %s" % nikto_script
                    Logger.log_error(msg)
                    raise RuntimeError(msg)

        # Get the path to the configuration file.
        config = Config.plugin_args.get("config", "nikto.conf")
        if not config:
            config = "nikto.conf"
        config = join(nikto_dir, config)
        config = abspath(config)
        if not isfile(config):
            config = Config.plugin_args.get("config", "nikto.conf")
            if not config:
                config = "nikto.conf"
            config = abspath(config)
            if not isfile(config):
                config = "/etc/nikto.conf"
                if not isfile(config):
                    msg = "Nikto config file not found"
                    if config:
                        msg += ". File: %s" % config
                    raise RuntimeError(msg)

        # Return the paths.
        return nikto_script, config
Example #7
0
from golismero.api.data.resource.domain import Domain
from golismero.api.data.resource.email import Email
from golismero.api.data.resource.ip import IP
from golismero.api.external import get_tools_folder
from golismero.api.logger import Logger
from golismero.api.plugin import TestingPlugin

import os, os.path
import socket
import StringIO
import sys
import traceback
import warnings

# Import theHarvester as a library.
cwd = os.path.abspath(get_tools_folder())
cwd = os.path.join(cwd, "theHarvester")
sys.path.insert(0, cwd)
try:

    import discovery
    from discovery import * #noqa
finally:
    sys.path.remove(cwd)
del cwd


#------------------------------------------------------------------------------
class HarvesterPlugin(TestingPlugin):
    """
    Integration with
Example #8
0
from golismero.api.data.resource.domain import Domain
from golismero.api.data.resource.email import Email
from golismero.api.data.resource.ip import IP
from golismero.api.external import get_tools_folder
from golismero.api.logger import Logger
from golismero.api.plugin import TestingPlugin

import os, os.path
import socket
import StringIO
import sys
import traceback
import warnings

# Import theHarvester as a library.
cwd = os.path.abspath(get_tools_folder())
cwd = os.path.join(cwd, "theHarvester")
sys.path.insert(0, cwd)
try:

    import discovery
    from discovery import *  #noqa
finally:
    sys.path.remove(cwd)
del cwd


#------------------------------------------------------------------------------
class HarvesterPlugin(TestingPlugin):
    """
    Integration with