def generate_blacklists(extensions):
blacklists = {}
for status in [400, 403, 500]:
blacklist_file_name = FileUtils.build_path(SCRIPT_PATH, "db")
blacklist_file_name = FileUtils.build_path(
blacklist_file_name, "{}_blacklist.txt".format(status))
if not FileUtils.can_read(blacklist_file_name):
# Skip if cannot read file
continue
blacklists[status] = list(
Dictionary([blacklist_file_name], extensions))
return blacklists
def generate_blacklists(extensions, script_path):
reext = re.compile(r"\%ext\%", re.IGNORECASE).sub
blacklists = {}
for status in [400, 403, 500]:
blacklist_file_name = FileUtils.build_path(script_path, "db")
blacklist_file_name = FileUtils.build_path(
blacklist_file_name, "{}_blacklist.txt".format(status)
)
if not FileUtils.can_read(blacklist_file_name):
# Skip if cannot read file
continue
blacklists[status] = []
for line in FileUtils.get_lines(blacklist_file_name):
# Skip comments
if line.lstrip().startswith("#"):
continue
if line.startswith("/"):
line = line[1:]
# Classic dirsearch blacklist processing (with %EXT% keyword)
if "%ext%" in line.lower():
for extension in extensions:
entry = reext.sub(extension, line)
blacklists[status].append(entry)
# Forced extensions is not used here because -r is only used for wordlist,
# applying in blacklist may create false negatives
else:
blacklists[status].append(line)
return blacklists