def getBlacklists(self):
blacklists = {}
for status in [400, 403, 500]:
blacklistFileName = FileUtils.buildPath(self.script_path, 'db')
blacklistFileName = FileUtils.buildPath(blacklistFileName, '{}_blacklist.txt'.format(status))
if not FileUtils.canRead(blacklistFileName):
# Skip if cannot read file
continue
blacklists[status] = []
for line in FileUtils.getLines(blacklistFileName):
# Skip comments
if line.lstrip().startswith('#'):
continue
blacklists[status].append(line)
return blacklists
def getBlacklists(self):
blacklists = {}
for status in [400, 403, 500]:
blacklistFileName = FileUtils.buildPath(self.script_path, 'db')
blacklistFileName = FileUtils.buildPath(blacklistFileName, '{}_blacklist.txt'.format(status))
if not FileUtils.canRead(blacklistFileName):
# Skip if cannot read file
continue
blacklists[status] = []
for line in FileUtils.getLines(blacklistFileName):
# Skip comments
if line.lstrip().startswith('#'):
continue
blacklists[status].append(line)
return blacklists
def getBlacklists(self):
reext = re.compile('\%ext\%', re.IGNORECASE)
reextdot = re.compile('\.\%ext\%', re.IGNORECASE)
blacklists = {}
for status in [400, 403, 500]:
blacklistFileName = FileUtils.buildPath(self.script_path, "db")
blacklistFileName = FileUtils.buildPath(
blacklistFileName, "{}_blacklist.txt".format(status))
if not FileUtils.canRead(blacklistFileName):
# Skip if cannot read file
continue
blacklists[status] = []
for line in FileUtils.getLines(blacklistFileName):
# Skip comments
if line.lstrip().startswith("#"):
continue
# The same with Dictionary.py
if line.startswith("/"):
line = line[1:]
# Classic dirsearch blacklist processing (with %EXT% keyword)
if "%ext%" in line.lower():
for extension in self.arguments.extensions:
if self.arguments.noDotExtensions:
entry = reextdot.sub(extension, line)
else:
entry = line
entry = reext.sub(extension, entry)
blacklists[status].append(entry)
# Forced extensions is not used here because -r is only used for wordlist (in documentation),
# applying in blacklist may create false negatives
else:
blacklists[status].append(line)
return blacklists
def __init__(self, script_path, arguments, output):
global VERSION
program_banner = (open(
FileUtils.buildPath(script_path, "lib", "controller",
"banner.txt")).read().format(**VERSION))
self.script_path = script_path
self.exit = False
self.arguments = arguments
self.output = output
self.savePath = self.script_path
self.doneDirs = []
self.recursive_level_max = self.arguments.recursive_level_max
if self.arguments.httpmethod.lower() not in [
"get", "head", "post", "put", "patch", "options", "delete",
"trace", "debug"
]:
self.output.error("Invalid HTTP method!")
exit(1)
self.httpmethod = self.arguments.httpmethod.lower()
if self.arguments.saveHome:
savePath = self.getSavePath()
if not FileUtils.exists(savePath):
FileUtils.createDirectory(savePath)
if FileUtils.exists(savePath) and not FileUtils.isDir(savePath):
self.output.error(
"Cannot use {} because is a file. Should be a directory".
format(savePath))
exit(1)
if not FileUtils.canWrite(savePath):
self.output.error(
"Directory {} is not writable".format(savePath))
exit(1)
logs = FileUtils.buildPath(savePath, "logs")
if not FileUtils.exists(logs):
FileUtils.createDirectory(logs)
reports = FileUtils.buildPath(savePath, "reports")
if not FileUtils.exists(reports):
FileUtils.createDirectory(reports)
self.savePath = savePath
self.reportsPath = FileUtils.buildPath(self.savePath, "logs")
self.blacklists = self.getBlacklists()
self.includeStatusCodes = self.arguments.includeStatusCodes
self.excludeStatusCodes = self.arguments.excludeStatusCodes
self.excludeTexts = self.arguments.excludeTexts
self.excludeRegexps = self.arguments.excludeRegexps
self.recursive = self.arguments.recursive
self.suppressEmpty = self.arguments.suppressEmpty
self.minimumResponseSize = self.arguments.minimumResponseSize
self.maximumResponseSize = self.arguments.maximumResponseSize
self.directories = Queue()
self.excludeSubdirs = (arguments.excludeSubdirs
if arguments.excludeSubdirs else [])
self.dictionary = Dictionary(
self.arguments.wordlist, self.arguments.extensions,
self.arguments.suffixes, self.arguments.prefixes,
self.arguments.lowercase, self.arguments.uppercase,
self.arguments.capitalization, self.arguments.forceExtensions,
self.arguments.noDotExtensions, self.arguments.excludeExtensions,
self.arguments.noExtension)
self.errorLog = None
self.errorLogPath = None
self.threadsLock = Lock()
self.batch = False
self.batchSession = None
self.currentJob = 0
self.allJobs = 0
self.output.header(program_banner)
self.printConfig()
self.setupErrorLogs()
self.output.errorLogFile(self.errorLogPath)
if self.arguments.autoSave and len(self.arguments.urlList) > 1:
self.setupBatchReports()
self.output.newLine("\nAutoSave path: {0}".format(
self.batchDirectoryPath))
if self.arguments.useRandomAgents:
self.randomAgents = FileUtils.getLines(
FileUtils.buildPath(script_path, "db", "user-agents.txt"))
try:
for url in list(dict.fromkeys(self.arguments.urlList)):
try:
gc.collect()
self.reportManager = ReportManager()
self.currentUrl = url
self.output.setTarget(self.currentUrl)
try:
self.requester = Requester(
url,
cookie=self.arguments.cookie,
useragent=self.arguments.useragent,
maxPool=self.arguments.threadsCount,
maxRetries=self.arguments.maxRetries,
delay=self.arguments.delay,
timeout=self.arguments.timeout,
ip=self.arguments.ip,
proxy=self.arguments.proxy,
proxylist=self.arguments.proxylist,
redirect=self.arguments.redirect,
requestByHostname=self.arguments.requestByHostname,
httpmethod=self.httpmethod,
data=self.arguments.data,
)
self.requester.request("")
except RequestException as e:
self.output.error(e.args[0]["message"])
raise SkipTargetInterrupt
if self.arguments.useRandomAgents:
self.requester.setRandomAgents(self.randomAgents)
for key, value in arguments.headers.items():
self.requester.setHeader(key, value)
# Initialize directories Queue with start Path
self.basePath = self.requester.basePath
if self.arguments.scanSubdirs:
for subdir in self.arguments.scanSubdirs:
self.directories.put(subdir)
self.allJobs += 1
else:
self.directories.put("")
self.allJobs += 1
self.setupReports(self.requester)
matchCallbacks = [self.matchCallback]
notFoundCallbacks = [self.notFoundCallback]
errorCallbacks = [self.errorCallback, self.appendErrorLog]
self.fuzzer = Fuzzer(
self.requester,
self.dictionary,
testFailPath=self.arguments.testFailPath,
threads=self.arguments.threadsCount,
matchCallbacks=matchCallbacks,
notFoundCallbacks=notFoundCallbacks,
errorCallbacks=errorCallbacks,
)
try:
self.wait()
except RequestException as e:
self.output.error(
"Fatal error during site scanning: " +
e.args[0]["message"])
raise SkipTargetInterrupt
except SkipTargetInterrupt:
continue
except KeyboardInterrupt:
self.output.error("\nCanceled by the user")
exit(0)
finally:
if not self.errorLog.closed:
self.errorLog.close()
self.reportManager.close()
self.output.warning("\nTask Completed")
def __init__(self, script_path, arguments, output):
global VERSION
program_banner = open(
FileUtils.buildPath(script_path, "lib", "controller",
"banner.txt")).read().format(**VERSION)
self.script_path = script_path
self.exit = False
self.arguments = arguments
self.output = output
self.savePath = self.script_path
if self.arguments.saveHome:
savePath = self.getSavePath()
if not FileUtils.exists(savePath):
FileUtils.createDirectory(savePath)
if FileUtils.exists(savePath) and not FileUtils.isDir(savePath):
self.output.error(
'Cannot use {} because is a file. Should be a directory'.
format(savePath))
exit(1)
if not FileUtils.canWrite(savePath):
self.output.error(
'Directory {} is not writable'.format(savePath))
exit(1)
logs = FileUtils.buildPath(savePath, "logs")
if not FileUtils.exists(logs):
FileUtils.createDirectory(logs)
reports = FileUtils.buildPath(savePath, "reports")
if not FileUtils.exists(reports):
FileUtils.createDirectory(reports)
self.savePath = savePath
self.reportsPath = FileUtils.buildPath(self.savePath, "logs")
self.blacklists = self.getBlacklists()
self.fuzzer = None
self.excludeStatusCodes = self.arguments.excludeStatusCodes
self.recursive = self.arguments.recursive
self.suppressEmpty = self.arguments.suppressEmpty
self.directories = Queue()
self.excludeSubdirs = (arguments.excludeSubdirs
if arguments.excludeSubdirs is not None else [])
self.output.header(program_banner)
self.dictionary = Dictionary(self.arguments.wordlist,
self.arguments.extensions,
self.arguments.lowercase,
self.arguments.forceExtensions)
self.printConfig()
self.errorLog = None
self.errorLogPath = None
self.errorLogLock = Lock()
self.batch = False
self.batchSession = None
self.setupErrorLogs()
self.output.newLine("\nError Log: {0}".format(self.errorLogPath))
if self.arguments.autoSave and len(self.arguments.urlList) > 1:
self.setupBatchReports()
self.output.newLine("\nAutoSave path: {0}".format(
self.batchDirectoryPath))
if self.arguments.useRandomAgents:
self.randomAgents = FileUtils.getLines(
FileUtils.buildPath(script_path, "db", "user-agents.txt"))
try:
for url in self.arguments.urlList:
try:
gc.collect()
self.reportManager = ReportManager()
self.currentUrl = url
self.output.target(self.currentUrl)
try:
self.requester = Requester(
url,
cookie=self.arguments.cookie,
useragent=self.arguments.useragent,
maxPool=self.arguments.threadsCount,
maxRetries=self.arguments.maxRetries,
delay=self.arguments.delay,
timeout=self.arguments.timeout,
ip=self.arguments.ip,
proxy=self.arguments.proxy,
redirect=self.arguments.redirect,
requestByHostname=self.arguments.requestByHostname)
self.requester.request("/")
except RequestException as e:
self.output.error(e.args[0]['message'])
raise SkipTargetInterrupt
if self.arguments.useRandomAgents:
self.requester.setRandomAgents(self.randomAgents)
for key, value in arguments.headers.items():
self.requester.setHeader(key, value)
# Initialize directories Queue with start Path
self.basePath = self.requester.basePath
if self.arguments.scanSubdirs is not None:
for subdir in self.arguments.scanSubdirs:
self.directories.put(subdir)
else:
self.directories.put('')
self.setupReports(self.requester)
matchCallbacks = [self.matchCallback]
notFoundCallbacks = [self.notFoundCallback]
errorCallbacks = [self.errorCallback, self.appendErrorLog]
self.fuzzer = Fuzzer(
self.requester,
self.dictionary,
testFailPath=self.arguments.testFailPath,
threads=self.arguments.threadsCount,
matchCallbacks=matchCallbacks,
notFoundCallbacks=notFoundCallbacks,
errorCallbacks=errorCallbacks)
try:
self.wait()
except RequestException as e:
self.output.error(
"Fatal error during site scanning: " +
e.args[0]['message'])
raise SkipTargetInterrupt
except SkipTargetInterrupt:
continue
finally:
self.reportManager.save()
except KeyboardInterrupt:
self.output.error('\nCanceled by the user')
exit(0)
finally:
if not self.errorLog.closed:
self.errorLog.close()
self.reportManager.close()
self.output.warning('\nTask Completed')
def __init__(self, script_path,config):
logger.add('runtime.log')
default_headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
"Accept-Language": "*",
"Accept-Encoding": "*",
"Keep-Alive": "300",
"Cache-Control": "max-age=0",
}
self.script_path = script_path
self.save_path = script_path
self.config = config
if self.config.httpmethod.lower() not in ["get", "head", "post", "put", "patch", "options", "delete", "trace", "debug"]:
logger.debug("Invalid http method!")
exit(1)
self.includeStatusCodes = self.config.includeStatusCodes
self.excludeStatusCodes = self.config.excludeStatusCodes
self.excludeTexts = self.config.excludeTexts
self.excludeRegexps = self.config.excludeRegexps
self.httpmethod = self.config.httpmethod.lower()
#self.dicpath = (FileUtils.buildPath(self.script_path,self.config.dicpath))
self.Readdictionary = Dictionary(self.config.dicpath, self.config.extensions, self.config.suffixes,
self.config.prefixes, self.config.lowercase, self.config.uppercase,
self.config.forceExtensions, self.config.noDotExtensions,
self.config.excludeExtensions)
self.dictionary =self.Readdictionary.generate()
#print(self.dictionary)
self.urlList = FileUtils.getLines(
FileUtils.buildPath(self.script_path, "target.txt")
)
self.scanresult = []
self.reqList = {}#存储self.requester
self.scannerList = {}#存储self.scanners
self.fuzzList = {}
scanFlag = True
badUrl = []
if self.config.useRandomAgents:
self.randomAgents = FileUtils.getLines(
FileUtils.buildPath(self.script_path, "db", "user-agents.txt")
)
logger.debug("[+]check urlList.超时的会移出扫描列表")
for currentdic in self.dictionary:
# print(currentdic)
for url in self.urlList:
try:
if scanFlag:
self.requester = Requester(
url,
cookie=self.config.cookie,
useragent=self.config.useragent,
maxPool=self.config.threadsCount,
maxRetries=self.config.maxRetries,
delay=self.config.delay,
timeout=self.config.timeout,
ip=self.config.ip,
proxy=self.config.proxy,
proxylist=self.config.proxylist,
redirect=self.config.redirect,
requestByHostname=self.config.requestByHostname,
httpmethod=self.config.httpmethod,
data=self.config.data,
)
self.requester.request("/")
self.reqList[url] = self.requester
matchCallbacks = [self.matchCallback]
notFoundCallbacks = [self.notFoundCallback]
errorCallbacks = [self.errorCallback, self.appendErrorLog]
self.fuzzer = Fuzzer(
self.requester,
self.dictionary,
self.config,
testFailPath=self.config.testFailPath,
threads=self.config.threadsCount,
matchCallbacks=matchCallbacks,
notFoundCallbacks=notFoundCallbacks,
errorCallbacks=errorCallbacks,
)
self.fuzzer.setupScanners()
self.fuzzList[url] = self.fuzzer
#self.scannerList[url]=self.fuzzer.setupScanners()
else:
# print(self.reqList)
self.requester =self.reqList[url]
self.fuzzer = self.fuzzList[url]
#self.scannerList[url]=self.fuzzer.setupScanners()
#logger.debug("[+]scan:%s %s"%(url,currentdic))
self.fuzzer.start(currentdic)
except:
logger.debug("[-]Error:%s timeout"%(url))
badUrl.append(url)
for bad in badUrl:
self.urlList.remove(bad)
badUrl=[]
scanFlag = False
if self.config.useRandomAgents:
self.requester.setRandomAgents(self.randomAgents)
def __init__(self, script_path, arguments, output):
global VERSION
program_banner = open(
FileUtils.buildPath(script_path, "lib", "controller",
"banner.txt")).read().format(**VERSION)
self.script_path = script_path
self.exit = False
self.arguments = arguments
self.output = output
self.savePath = self.script_path
self.doneDirs = []
self.recursive_level_max = self.arguments.recursive_level_max
if self.arguments.httpmethod.lower() not in ["get", "head", "post"]:
self.output.error("Inavlid http method!")
exit(1)
self.httpmethod = self.arguments.httpmethod.lower()
if self.arguments.saveHome:
savePath = self.getSavePath()
if not FileUtils.exists(savePath):
FileUtils.createDirectory(savePath)
if FileUtils.exists(savePath) and not FileUtils.isDir(savePath):
self.output.error(
'Cannot use {} because is a file. Should be a directory'.
format(savePath))
exit(1)
if not FileUtils.canWrite(savePath):
self.output.error(
'Directory {} is not writable'.format(savePath))
exit(1)
logs = FileUtils.buildPath(savePath, "logs")
if not FileUtils.exists(logs):
FileUtils.createDirectory(logs)
reports = FileUtils.buildPath(savePath, "reports")
if not FileUtils.exists(reports):
FileUtils.createDirectory(reports)
self.savePath = savePath
self.reportsPath = FileUtils.buildPath(self.savePath, "logs")
self.blacklists = self.getBlacklists()
self.blacklists = {}
self.fuzzer = None
self.excludeStatusCodes = self.arguments.excludeStatusCodes
self.excludeTexts = self.arguments.excludeTexts
self.excludeRegexps = self.arguments.excludeRegexps
self.recursive = self.arguments.recursive
self.suppressEmpty = self.arguments.suppressEmpty
self.directories = Queue()
self.excludeSubdirs = (arguments.excludeSubdirs
if arguments.excludeSubdirs is not None else [])
self.output.header(program_banner)
# self.dictionary = Dictionary(self.arguments.wordlist, self.arguments.extensions,
# self.arguments.lowercase, self.arguments.forceExtensions)
# self.printConfig()
self.errorLog = None
self.errorLogPath = None
self.errorLogLock = Lock()
self.batch = False
self.batchSession = None
self.setupErrorLogs()
self.output.newLine("\nError Log: {0}".format(self.errorLogPath))
if self.arguments.autoSave and len(self.arguments.urlList) > 1:
self.setupBatchReports()
self.output.newLine("\nAutoSave path: {0}".format(
self.batchDirectoryPath))
if self.arguments.useRandomAgents:
self.randomAgents = FileUtils.getLines(
FileUtils.buildPath(script_path, "db", "user-agents.txt"))
try:
for url in self.arguments.urlList:
try:
gc.collect()
self.reportManager = ReportManager()
self.currentUrl = url
self.output.target(self.currentUrl)
try:
# DNS A Record query
self.requester = Requester(
url,
script_path=self.script_path,
cookie=self.arguments.cookie,
useragent=self.arguments.useragent,
maxPool=self.arguments.threadsCount,
maxRetries=self.arguments.maxRetries,
delay=self.arguments.delay,
timeout=self.arguments.timeout,
ip=self.arguments.ip,
proxy=self.arguments.proxy,
redirect=self.arguments.redirect,
requestByHostname=self.arguments.requestByHostname,
httpmethod=self.httpmethod)
# 网站连通性测试
site_connection_test_resp = self.requester.request(
self.requester.basePath,
use_base_path=False,
allow_redirect=True,
fingerprint=True)
self.dictionary = Dictionary(self.requester.scan_list,
self.requester.directory,
self.requester.filename,
self.requester.extension)
# 404 page
if self.requester.url_type == URLType.normal_restful_dir:
path_404 = '{}/{}/'.format(
self.requester.basePath,
RandomUtils.randString(8))
path_404 = path_404.replace("//", "/")
elif self.requester.url_type == URLType.restful_file:
path_404 = self.requester.basePath.replace(
self.requester.filename,
RandomUtils.randString(
len(self.requester.filename) or 8))
elif self.requester.url_type == URLType.normal_file:
path_404 = self.requester.basePath.replace(
self.requester.filename,
RandomUtils.randString(
len(self.requester.filename) or 8))
path_404_quote = self.dictionary.quote(path_404)
response_404 = self.requester.request(
path_404_quote,
use_base_path=False,
allow_redirect=False)
# Waf 探测
waf_exist, waf_response = self.requester.waf_detect(
site_connection_test_resp.body,
url_quote=self.dictionary.quote)
except RequestException as e:
self.output.error(e.args[0]['message'])
raise SkipTargetInterrupt
if self.arguments.useRandomAgents:
self.requester.setRandomAgents(self.randomAgents)
for key, value in arguments.headers.items():
self.requester.setHeader(key, value)
# Initialize directories Queue with start Path
self.basePath = self.requester.basePath
if self.arguments.scanSubdirs is not None:
for subdir in self.arguments.scanSubdirs:
self.directories.put(subdir)
else:
self.directories.put('')
self.setupReports(self.requester)
matchCallbacks = [self.matchCallback]
notFoundCallbacks = [self.notFoundCallback]
errorCallbacks = [self.errorCallback, self.appendErrorLog]
self.fuzzer = Fuzzer(
self.requester,
self.dictionary,
waf_exist,
waf_response,
response_404,
testFailPath=self.arguments.testFailPath,
threads=self.arguments.threadsCount,
matchCallbacks=matchCallbacks,
notFoundCallbacks=notFoundCallbacks,
errorCallbacks=errorCallbacks)
try:
self.wait()
except RequestException as e:
self.output.error(
"Fatal error during site scanning: " +
e.args[0]['message'])
raise SkipTargetInterrupt
except SkipTargetInterrupt:
continue
finally:
self.reportManager.save()
except KeyboardInterrupt:
self.output.error('\nCanceled by the user')
exit(0)
finally:
if not self.errorLog.closed:
self.errorLog.close()
self.reportManager.close()
self.output.warning('\nTask Completed')
def __init__(self, script_path, arguments, output):
global VERSION
PROGRAM_BANNER = open(FileUtils.buildPath(script_path, "lib", "controller", "banner.txt")).read().format(
**VERSION)
self.script_path = script_path
self.exit = False
self.arguments = arguments
self.output = output
self.blacklists = self.getBlacklists()
self.fuzzer = None
self.excludeStatusCodes = self.arguments.excludeStatusCodes
self.recursive = self.arguments.recursive
self.directories = Queue()
self.excludeSubdirs = (arguments.excludeSubdirs if arguments.excludeSubdirs is not None else [])
self.output.header(PROGRAM_BANNER)
self.dictionary = Dictionary(self.arguments.wordlist, self.arguments.extensions,
self.arguments.lowercase)
self.printConfig()
self.errorLog = None
self.errorLogPath = None
self.errorLogLock = Lock()
self.batch = False
self.batchSession = None
self.setupErrorLogs()
self.output.newLine("\nError Log: {0}".format(self.errorLogPath))
if self.arguments.autoSave and len(self.arguments.urlList) > 1:
self.setupBatchReports()
self.output.newLine("\nAutoSave path: {0}".format(self.batchDirectoryPath))
if self.arguments.useRandomAgents:
self.randomAgents = FileUtils.getLines(FileUtils.buildPath(script_path, "db", "user-agents.txt"))
try:
for url in self.arguments.urlList:
try:
gc.collect()
self.reportManager = ReportManager()
self.currentUrl = url
self.requester = Requester(url, cookie=self.arguments.cookie,
useragent=self.arguments.useragent, maxPool=self.arguments.threadsCount,
maxRetries=self.arguments.maxRetries, timeout=self.arguments.timeout,
ip=self.arguments.ip, proxy=self.arguments.proxy,
redirect=self.arguments.redirect)
if self.arguments.useRandomAgents:
self.requester.setRandomAgents(self.randomAgents)
for key, value in arguments.headers.items():
self.requester.setHeader(key, value)
# Initialize directories Queue with start Path
self.basePath = self.requester.basePath
if self.arguments.scanSubdirs is not None:
for subdir in self.arguments.scanSubdirs:
self.directories.put(subdir)
else:
self.directories.put('')
self.setupReports(self.requester)
self.output.target(self.currentUrl)
matchCallbacks = [self.matchCallback]
notFoundCallbacks = [self.notFoundCallback]
errorCallbacks = [self.errorCallback, self.appendErrorLog]
self.fuzzer = Fuzzer(self.requester, self.dictionary, testFailPath=self.arguments.testFailPath,
threads=self.arguments.threadsCount, matchCallbacks=matchCallbacks,
notFoundCallbacks=notFoundCallbacks, errorCallbacks=errorCallbacks)
self.wait()
except SkipTargetInterrupt:
continue
finally:
self.reportManager.save()
except KeyboardInterrupt:
self.output.error('\nCanceled by the user')
exit(0)
finally:
if not self.errorLog.closed:
self.errorLog.close()
self.reportManager.close()
self.output.warning('\nTask Completed')
def __init__(self, script_path, arguments, output):
global VERSION
program_banner = open(FileUtils.buildPath(script_path, "lib", "controller", "banner.txt")).read().format(
**VERSION)
self.script_path = script_path
self.exit = False
self.arguments = arguments
self.output = output
self.savePath = self.script_path
self.doneDirs = []
self.recursive_level_max = self.arguments.recursive_level_max
if self.arguments.httpmethod.lower() not in ["get", "head", "post"]:
self.output.error("Inavlid http method!")
exit(1)
self.httpmethod = self.arguments.httpmethod.lower()
if self.arguments.saveHome:
savePath = self.getSavePath()
if not FileUtils.exists(savePath):
FileUtils.createDirectory(savePath)
if FileUtils.exists(savePath) and not FileUtils.isDir(savePath):
self.output.error('Cannot use {} because is a file. Should be a directory'.format(savePath))
exit(1)
if not FileUtils.canWrite(savePath):
self.output.error('Directory {} is not writable'.format(savePath))
exit(1)
logs = FileUtils.buildPath(savePath, "logs")
if not FileUtils.exists(logs):
FileUtils.createDirectory(logs)
reports = FileUtils.buildPath(savePath, "reports")
if not FileUtils.exists(reports):
FileUtils.createDirectory(reports)
self.savePath = savePath
self.reportsPath = FileUtils.buildPath(self.savePath, "logs")
self.blacklists = self.getBlacklists()
self.fuzzer = None
self.excludeStatusCodes = self.arguments.excludeStatusCodes
self.recursive = self.arguments.recursive
self.suppressEmpty = self.arguments.suppressEmpty
self.directories = Queue()
self.excludeSubdirs = (arguments.excludeSubdirs if arguments.excludeSubdirs is not None else [])
self.output.header(program_banner)
self.dictionary = Dictionary(self.arguments.wordlist, self.arguments.extensions,
self.arguments.lowercase, self.arguments.forceExtensions)
self.printConfig()
self.errorLog = None
self.errorLogPath = None
self.errorLogLock = Lock()
self.batch = False
self.batchSession = None
self.setupErrorLogs()
self.output.newLine("\nError Log: {0}".format(self.errorLogPath))
if self.arguments.autoSave and len(self.arguments.urlList) > 1:
self.setupBatchReports()
self.output.newLine("\nAutoSave path: {0}".format(self.batchDirectoryPath))
if self.arguments.useRandomAgents:
self.randomAgents = FileUtils.getLines(FileUtils.buildPath(script_path, "db", "user-agents.txt"))
try:
for url in self.arguments.urlList:
try:
gc.collect()
self.reportManager = ReportManager()
self.currentUrl = url
self.output.target(self.currentUrl)
try:
self.requester = Requester(url, cookie=self.arguments.cookie,
useragent=self.arguments.useragent,
maxPool=self.arguments.threadsCount,
maxRetries=self.arguments.maxRetries, delay=self.arguments.delay,
timeout=self.arguments.timeout,
ip=self.arguments.ip, proxy=self.arguments.proxy,
redirect=self.arguments.redirect,
requestByHostname=self.arguments.requestByHostname,
httpmethod=self.httpmethod)
self.requester.request("/")
except RequestException as e:
self.output.error(e.args[0]['message'])
raise SkipTargetInterrupt
if self.arguments.useRandomAgents:
self.requester.setRandomAgents(self.randomAgents)
for key, value in arguments.headers.items():
self.requester.setHeader(key, value)
# Initialize directories Queue with start Path
self.basePath = self.requester.basePath
if self.arguments.scanSubdirs is not None:
for subdir in self.arguments.scanSubdirs:
self.directories.put(subdir)
else:
self.directories.put('')
self.setupReports(self.requester)
matchCallbacks = [self.matchCallback]
notFoundCallbacks = [self.notFoundCallback]
errorCallbacks = [self.errorCallback, self.appendErrorLog]
self.fuzzer = Fuzzer(self.requester, self.dictionary, testFailPath=self.arguments.testFailPath,
threads=self.arguments.threadsCount, matchCallbacks=matchCallbacks,
notFoundCallbacks=notFoundCallbacks, errorCallbacks=errorCallbacks)
try:
self.wait()
except RequestException as e:
self.output.error("Fatal error during site scanning: " + e.args[0]['message'])
raise SkipTargetInterrupt
except SkipTargetInterrupt:
continue
finally:
self.reportManager.save()
except KeyboardInterrupt:
self.output.error('\nCanceled by the user')
exit(0)
finally:
if not self.errorLog.closed:
self.errorLog.close()
self.reportManager.close()
self.output.warning('\nTask Completed')
