def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._vuln_simple = []
self._vuln_complex = []
self._already_reported = False
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._file_compiled_regex = []
self._error_compiled_regex = []
self._open_basedir = False
def __init__(self):
"""
Some notes:
On apache, when an overflow happends on a cgic script, this is written to the log:
*** stack smashing detected ***: /var/www/w3af/bufferOverflow/buffOverflow.cgi terminated, referer: http://localhost/w3af/bufferOverflow/buffOverflow.cgi
Premature end of script headers: buffOverflow.cgi, referer: http://localhost/w3af/bufferOverflow/buffOverflow.cgi
On apache, when an overflow happends on a cgic script, this is returned to the user:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator,
webmaster@localhost and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
<p>More information about this error may be available
in the server error log.</p>
<hr>
<address>Apache/2.0.55 (Ubuntu) mod_python/3.2.8 Python/2.4.4c1 PHP/5.1.6 Server at localhost Port 80</address>
</body></html>
Note that this is an apache error 500, not the more common PHP error 500.
"""
baseAuditPlugin.__init__(self)
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._authURIs = []
self._bad_methods = [ http_constants.UNAUTHORIZED,
http_constants.NOT_IMPLEMENTED, http_constants.METHOD_NOT_ALLOWED]
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._already_reported = []
# User configured variables
self._diff_ratio = 0.30
def __init__(self):
baseAuditPlugin.__init__(self)
self._bsqli_response_diff = blind_sqli_response_diff()
self._blind_sqli_time_delay = blind_sqli_time_delay()
# User configured variables
self._equalLimit = 0.9
self._equAlgorithm = 'setIntersection'
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._test_site = 'http://www.w3af.org/'
self._script_re = re.compile('< *?script.*?>(.*?)< *?/ *?script *?>',
re.IGNORECASE | re.DOTALL )
self._meta_url_re = re.compile('.*?;URL=(.*)', re.IGNORECASE | re.DOTALL)
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._listeType = []
self._compteur = 0
# The level used in the process of clustering
self._level = 10
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal vars
self._template_dir = 'plugins' + os.path.sep + 'audit'+ os.path.sep + 'fileUpload'
self._file_list = []
# User configured
self._extensions = ['gif', 'html', 'bmp', 'jpg', 'png', 'txt']
def __init__(self):
baseAuditPlugin.__init__(self)
# Some internal variables
# The wait time of the unfuzzed request
self._original_wait_time = 0
# The wait time of the first test I'm going to perform
self._wait_time = 1
def __init__(self):
baseAuditPlugin.__init__(self)
# Create some random strings, which the plugin will use.
# for the fuzz_with_echo
self._rnd = createRandAlpha(5)
# User configured parameters
self._use_time_delay = True
self._use_echo = True
def __init__(self):
'''
Plugin added just for completeness... I dont really expect to find one of this bugs
in my life... but well.... if someone , somewhere in the planet ever finds a bug of using
this plugin... THEN my job has been done :P
'''
baseAuditPlugin.__init__(self)
# Internal variables.
self._errors = []
def __init__(self):
baseAuditPlugin.__init__(self)
#
# Some internal variables
#
self._special_chars = ['', '&&', '|', ';']
# The wait time of the unfuzzed request
self._original_wait_time = 0
self._file_compiled_regex = []
def __init__(self):
baseAuditPlugin.__init__(self)
# Some internal vars
# I test this with different URL handlers because the developer may have
# blacklisted http:// and https:// but missed ftp://.
# I also use hTtp instead of http because I want to evade some (stupid) case sensitive
# filters
self._test_urls = ('hTtp://w3af.sf.net/', 'htTps://w3af.sf.net/',
'fTp://w3af.sf.net/')
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._error_reported = False
# User configured parameters
self._rfi_url = ''
self._rfi_result = ''
self._listen_port = w3afPorts.REMOTEFILEINCLUDE
self._listen_address = get_local_ip() or ''
self._use_w3af_site = True
def __init__(self):
baseAuditPlugin.__init__(self)
# Some internal vars
self._tag_xpath = etree.XPath("//iframe | //frame")
# I test this with different URL handlers because the developer may have
# blacklisted http:// and https:// but missed ftp://.
#
# I also use hTtp instead of http because I want to evade some (stupid)
# case sensitive filters
self._test_urls = ("hTtp://w3af.sf.net/", "htTps://w3af.sf.net/", "fTp://w3af.sf.net/")
def __init__(self):
baseAuditPlugin.__init__(self)
# Some internal variables to keep track of remote web application sanitization
self._fuzzableRequests = []
self._xssMutants = []
self._special_characters = ['<', '>', '"', "'", '(', ')']
# User configured parameters
self._check_stored_xss = True
self._number_of_stored_xss_checks = 3
# Used in the message
self._xss_tests_length = len( self._get_xss_tests() )
def __init__(self):
baseAuditPlugin.__init__(self)
#
# Some internal variables
#
self._special_chars = ["", "&&", "|", ";"]
# The wait time of the unfuzzed request
self._original_wait_time = 0
self._file_compiled_regex = []
# The wait time of the first test I'm going to perform
self._wait_time = 4
# The wait time of the second test I'm going to perform (this one is just to be sure!)
self._second_wait_time = 9
def __init__(self):
baseAuditPlugin.__init__(self)
#Create some random strings, which the plugin will use.
# for the fuzz_with_echo
self._rnd1 = createRandAlpha(5)
self._rnd2 = createRandAlpha(5)
self._rndn = self._rnd1 + self._rnd2
# And now for the fuzz_with_time_delay
# The wait time of the unfuzzed request
self._original_wait_time = 0
# The wait time of the first test I'm going to perform
self._wait_time = 4
# The wait time of the second test I'm going to perform (this one is just to be sure!)
self._second_wait_time = 9
# User configured parameters
self._use_time_delay = True
self._use_echo = True
def __init__(self):
baseAuditPlugin.__init__(self)
self._alreadyTested = []
# Config params
self._usersFile = 'core'+os.path.sep+'controllers'+os.path.sep+'bruteforce'+os.path.sep+'users.txt'
self._passwdFile = 'core'+os.path.sep+'controllers'+os.path.sep+'bruteforce'+os.path.sep+'passwords.txt'
self._useMailUsers = True
self._useSvnUsers = True
self._stopOnFirst = True
self._passEqUser = True
self._l337_p4sswd = True
self._useMails = True
self._useProfiling = True
self._profilingNumber = 50
# Internal vars
self._found = False
self._alreadyReported = []
self._bruteforcer = bruteforcer()
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._exec = True
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._already_tested_dirs = scalable_bloomfilter()
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal vars
self._file_list = []
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._already_tested = ScalableBloomFilter()
self._stop_on_first = True
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._test_site = 'http://w3af.sourceforge.net/'
self._scriptre = re.compile('< *script.*?>(.*)< */ *script *>', re.IGNORECASE | re.DOTALL )
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._errors = []
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._first_run = True
self._ignore_next_calls = False
def __init__(self):
baseAuditPlugin.__init__(self)
# Internal variables
self._fuzzable_requests = []
self._file_compiled_regex = []
def __init__(self):
baseAuditPlugin.__init__(self)
def __init__(self):
baseAuditPlugin.__init__(self)
self._already_tested = scalable_bloomfilter()
self._min_expire_days = 30
self._ca_file = os.path.join("plugins", "audit", "sslCertificate", "ca.pem")