def run_xsser(self, hostname, url, args):
"""
Run XSSer against the given target.
:param url: The URL to be tested.
:type url: str
:param command: Path to the XSSer script.
:type command: str
:param args: The arguments to pass to XSSer.
:type args: list
:return: True id successful, False otherwise.
:rtype: bool
"""
Logger.log("Launching XSSer against: %s" % url)
Logger.log_more_verbose("XSSer arguments: %s" % " ".join(args))
xsser_script = join(get_tools_folder(), "xsser", "xsser.py")
with ConnectionSlot(hostname):
t1 = time()
code = run_external_tool(xsser_script,
args,
callback=Logger.log_verbose)
t2 = time()
if code:
Logger.log_error("XSSer execution failed, status code: %d" % code)
return False
Logger.log("XSSer scan finished in %s seconds for target: %s" %
(t2 - t1, url))
return True
def run_xsser(self, hostname, url, args):
"""
Run XSSer against the given target.
:param url: The URL to be tested.
:type url: str
:param command: Path to the XSSer script.
:type command: str
:param args: The arguments to pass to XSSer.
:type args: list
:return: True id successful, False otherwise.
:rtype: bool
"""
Logger.log("Launching XSSer against: %s" % url)
Logger.log_more_verbose("XSSer arguments: %s" % " ".join(args))
xsser_script = join(get_tools_folder(), "xsser", "xsser.py")
with ConnectionSlot(hostname):
t1 = time()
code = run_external_tool(xsser_script, args, callback=Logger.log_verbose)
t2 = time()
if code:
Logger.log_error("XSSer execution failed, status code: %d" % code)
return False
Logger.log("XSSer scan finished in %s seconds for target: %s" % (t2 - t1, url))
return True
def make_injection(self, target, args):
"""
Run SQLMap against the given target.
:param target: URL to scan.
:type target: Url
:param args: Arguments to pass to SQLMap.
:type args: list(str)
:return: True on success, False on failure.
:rtype: bool
"""
Logger.log("Launching SQLMap against: %s" % target)
Logger.log_more_verbose("SQLMap arguments: %s" % " ".join(args))
sqlmap_script = join(get_tools_folder(), "sqlmap", "sqlmap.py")
with ConnectionSlot(target):
t1 = time()
code = run_external_tool(sqlmap_script, args,
callback=Logger.log_verbose)
t2 = time()
if code:
Logger.log_error("SQLMap execution failed, status code: %d" % code)
return False
Logger.log(
"SQLMap scan finished in %s seconds for target: %s"
% (t2 - t1, target))
return True
def make_injection(self, target, args):
"""
Run SQLMap against the given target.
:param target: URL to scan.
:type target: URL
:param args: Arguments to pass to SQLMap.
:type args: list(str)
:return: True on success, False on failure.
:rtype: bool
"""
Logger.log("Launching SQLMap against: %s" % target)
Logger.log_more_verbose("SQLMap arguments: %s" % " ".join(args))
sqlmap_script = join(get_tools_folder(), "sqlmap", "sqlmap.py")
with ConnectionSlot(target):
t1 = time()
code = run_external_tool(sqlmap_script, args,
callback=Logger.log_verbose)
t2 = time()
if code:
Logger.log_error("SQLMap execution failed, status code: %d" % code)
return False
Logger.log(
"SQLMap scan finished in %s seconds for target: %s"
% (t2 - t1, target))
return True
def get_nikto(self):
"""
Get the path to the Nikto scanner and the configuration file.
:returns: Nikto scanner and configuration file paths.
:rtype: tuple(str, str)
:raises RuntimeError: Nikto scanner of config file not found.
"""
# Get the path to the Nikto scanner.
nikto_script = Config.plugin_args["exec"]
if nikto_script and exists(nikto_script):
nikto_dir = abspath(split(nikto_script)[0])
else:
nikto_dir = join(get_tools_folder(), "nikto")
nikto_script = join(nikto_dir, "nikto.pl")
if not nikto_script or not exists(nikto_script):
nikto_script = find_binary_in_path("nikto")
if not exists(nikto_script):
nikto_script = Config.plugin_args["exec"]
msg = "Nikto not found"
if nikto_script:
msg += ". File: %s" % nikto_script
Logger.log_error(msg)
raise RuntimeError(msg)
# Get the path to the configuration file.
config = Config.plugin_args.get("config", "nikto.conf")
if not config:
config = "nikto.conf"
config = join(nikto_dir, config)
config = abspath(config)
if not isfile(config):
config = Config.plugin_args.get("config", "nikto.conf")
if not config:
config = "nikto.conf"
config = abspath(config)
if not isfile(config):
config = "/etc/nikto.conf"
if not isfile(config):
msg = "Nikto config file not found"
if config:
msg += ". File: %s" % config
raise RuntimeError(msg)
# Return the paths.
return nikto_script, config
def get_nikto(self):
"""
Get the path to the Nikto scanner and the configuration file.
:returns: Nikto scanner and configuration file paths.
:rtype: tuple(str, str)
:raises RuntimeError: Nikto scanner of config file not found.
"""
# Get the path to the Nikto scanner.
nikto_script = Config.plugin_args["exec"]
if nikto_script and exists(nikto_script):
nikto_dir = abspath(split(nikto_script)[0])
else:
nikto_dir = join(get_tools_folder(), "nikto")
nikto_script = join(nikto_dir, "nikto.pl")
if not nikto_script or not exists(nikto_script):
nikto_script = find_binary_in_path("nikto")
if not exists(nikto_script):
nikto_script = Config.plugin_args["exec"]
msg = "Nikto not found"
if nikto_script:
msg += ". File: %s" % nikto_script
Logger.log_error(msg)
raise RuntimeError(msg)
# Get the path to the configuration file.
config = Config.plugin_args.get("config", "nikto.conf")
if not config:
config = "nikto.conf"
config = join(nikto_dir, config)
config = abspath(config)
if not isfile(config):
config = Config.plugin_args.get("config", "nikto.conf")
if not config:
config = "nikto.conf"
config = abspath(config)
if not isfile(config):
config = "/etc/nikto.conf"
if not isfile(config):
msg = "Nikto config file not found"
if config:
msg += ". File: %s" % config
raise RuntimeError(msg)
# Return the paths.
return nikto_script, config
from golismero.api.data.resource.domain import Domain
from golismero.api.data.resource.email import Email
from golismero.api.data.resource.ip import IP
from golismero.api.external import get_tools_folder
from golismero.api.logger import Logger
from golismero.api.plugin import TestingPlugin
import os, os.path
import socket
import StringIO
import sys
import traceback
import warnings
# Import theHarvester as a library.
cwd = os.path.abspath(get_tools_folder())
cwd = os.path.join(cwd, "theHarvester")
sys.path.insert(0, cwd)
try:
import discovery
from discovery import * #noqa
finally:
sys.path.remove(cwd)
del cwd
#------------------------------------------------------------------------------
class HarvesterPlugin(TestingPlugin):
"""
Integration with
from golismero.api.data.resource.domain import Domain
from golismero.api.data.resource.email import Email
from golismero.api.data.resource.ip import IP
from golismero.api.external import get_tools_folder
from golismero.api.logger import Logger
from golismero.api.plugin import TestingPlugin
import os, os.path
import socket
import StringIO
import sys
import traceback
import warnings
# Import theHarvester as a library.
cwd = os.path.abspath(get_tools_folder())
cwd = os.path.join(cwd, "theHarvester")
sys.path.insert(0, cwd)
try:
import discovery
from discovery import * #noqa
finally:
sys.path.remove(cwd)
del cwd
#------------------------------------------------------------------------------
class HarvesterPlugin(TestingPlugin):
"""
Integration with