def start(self, tag, attrib):
"""
<vulnerability id="[87]" method="GET"
name="Cross site scripting vulnerability"
plugin="xss" severity="Medium"
url="http://moth/w3af/audit/xss/simple_xss_no_script_2.php"
var="text">
"""
if tag == 'vulnerability':
name = attrib['name']
plugin = attrib['plugin']
v = MockVuln(name, None, 'High', 1, plugin)
v.set_url(URL(attrib['url']))
self.vulns.append(v)
# <body content-encoding="base64">
elif tag == 'body':
content_encoding = attrib['content-encoding']
assert content_encoding == 'base64'
self._inside_body = True
elif tag == 'http-response':
self._inside_response = True
def start(self, tag, attrib):
"""
<vulnerability id="[87]" method="GET"
name="Cross site scripting vulnerability"
plugin="xss" severity="Medium"
url="http://moth/w3af/audit/xss/simple_xss_no_script_2.php"
var="text">
"""
if tag == 'vulnerability':
name = attrib['name']
plugin = attrib['plugin']
v = MockVuln(name, None, 'High', 1, plugin)
v.set_url(URL(attrib['url']))
self.vulns.append(v)
# <body content-encoding="base64">
elif tag == 'body':
content_encoding = attrib['content-encoding']
assert content_encoding == 'base64'
self._inside_body = True
elif tag == 'http-response':
self._inside_response = True
def _from_json_get_vulns(self, filename):
json_data = json.load(open(filename, 'r'))
vulns = []
for finding in json_data['items']:
v = MockVuln(finding['Name'], None, 'High', 1, 'sqli')
v.set_url(URL(finding['URL']))
vulns.append(v)
return vulns
def _from_html_get_vulns(self):
vuln_url_re = re.compile('<li>Vulnerable URL: <a href="(.*?)">')
vulns = []
for line in file(self.OUTPUT_FILE):
mo = vuln_url_re.search(line)
if mo:
url = URL(mo.group(1))
v = MockVuln('TestCase', None, 'High', 1, 'plugin')
v.set_url(url)
vulns.append(v)
return vulns
def _from_html_get_vulns(self):
vuln_url_re = re.compile('<b>URL:</b> (.*?)<br />')
vulns = []
for line in file(self.OUTPUT_FILE):
mo = vuln_url_re.search(line)
if mo:
url = URL(mo.group(1))
v = MockVuln('TestCase', None, 'High', 1, 'plugin')
v.set_url(url)
vulns.append(v)
return vulns
def _from_txt_get_vulns(self):
file_vulns = []
vuln_regex = 'SQL injection in a .*? was found at: "(.*?)"' \
', using HTTP method (.*?). The sent .*?data was: "(.*?)"'
vuln_re = re.compile(vuln_regex)
for line in file(self.OUTPUT_FILE):
mo = vuln_re.search(line)
if mo:
v = MockVuln('TestCase', None, 'High', 1, 'plugin')
v.set_url(URL(mo.group(1)))
v.set_method(mo.group(2))
file_vulns.append(v)
return file_vulns
def start(self, tag, attrib):
"""
<vulnerability id="[87]" method="GET" name="Cross site scripting vulnerability"
plugin="xss" severity="Medium" url="http://moth/w3af/audit/xss/simple_xss_no_script_2.php"
var="text">
"""
if tag == "vulnerability":
name = attrib["name"]
plugin = attrib["plugin"]
v = MockVuln(name, None, "High", 1, plugin)
v.set_url(URL(attrib["url"]))
self.vulns.append(v)
# <body content-encoding="text">
elif tag == "body":
content_encoding = attrib["content-encoding"]
assert content_encoding == "text"
self._inside_body = True
