def __init__(self):
GrepPlugin.__init__(self)
self._total_count = 0
self._vuln_count = 0
self._vulns = DiskList()
self._ids = DiskList()
def __init__(self):
GrepPlugin.__init__(self)
self._total_count = 0
self._vuln_count = 0
self._vulns = DiskList(table_prefix='cache_control')
self._ids = DiskList(table_prefix='cache_control')
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._autocomplete_forms_xpath = etree.XPath(AUTOCOMPLETE_FORMS_XPATH)
self._pwd_input_xpath = etree.XPath(PWD_INPUT_XPATH)
self._text_input_xpath = etree.XPath(TEXT_INPUT_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
self._feed_types = {
'rss': 'RSS', # <rss version="...">
'feed': 'OPML', # <feed version="..."
'opml': 'OPML' # <opml version="...">
}
def __init__(self):
GrepPlugin.__init__(self)
self._total_count = 0
self._vuln_count = 0
self._vulns = DiskList(table_prefix='click_jacking')
self._ids = DiskList(table_prefix='click_jacking')
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported = ScalableBloomFilter()
# regex to split between words
self._split_re = re.compile('[^\w]')
def __init__(self):
GrepPlugin.__init__(self)
self._total_count = 0
self._vuln_count = 0
self._vulns = DiskList(table_prefix='click_jacking')
self._ids = DiskList(table_prefix='click_jacking')
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._autocomplete_forms_xpath = etree.XPath(AUTOCOMPLETE_FORMS_XPATH)
self._pwd_input_xpath = etree.XPath(PWD_INPUT_XPATH)
self._text_input_xpath = etree.XPath(TEXT_INPUT_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported = ScalableBloomFilter()
# regex to split between words
self._split_re = re.compile('[^\w]')
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._comments = DiskDict(table_prefix='html_comments')
self._already_reported = ScalableBloomFilter()
self._end_was_called = False
def __init__(self):
GrepPlugin.__init__(self)
self._properly_configured = None
self._config_check_lock = threading.RLock()
# User configured settings
# Default for ubuntu installation
self._clamd_socket = '/var/run/clamav/clamd.ctl'
def __init__(self):
"""
Class init
"""
GrepPlugin.__init__(self)
self._total_count = 0
self._vulns = DiskList(table_prefix='csp')
self._urls = DiskList(table_prefix='csp')
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._potential_vulns = DiskList(table_prefix='error_pages')
self._already_reported_max_msg_exceeded = []
self._already_reported_versions = []
self._compiled_regex = []
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._potential_vulns = DiskList(table_prefix='error_pages')
self._already_reported_max_msg_exceeded = []
self._already_reported_versions = []
self._compiled_regex = []
def __init__(self):
"""
Class init
"""
GrepPlugin.__init__(self)
self._total_count = 0
self._vulns = DiskList()
self._urls = DiskList()
def __init__(self):
"""
Class init
"""
GrepPlugin.__init__(self)
self._total_count = 0
self._vulns = DiskList()
self._urls = DiskList()
def __init__(self):
GrepPlugin.__init__(self)
self._feed_types = {'rss': 'RSS', # <rss version="...">
'feed': 'OPML', # <feed version="..."
'opml': 'OPML' # <opml version="...">
}
# Compile the XPATH
self._tag_xpath = etree.XPath('//rss | //feed | //opml')
def __init__(self):
"""
Class init
"""
GrepPlugin.__init__(self)
self._total_count = 0
self._vulns = DiskList(table_prefix='csp')
self._urls = DiskList(table_prefix='csp')
def __init__(self):
GrepPlugin.__init__(self)
# Create the regular expression to search for AJAX
ajax_regex_string = '(XMLHttpRequest|eval\(|ActiveXObject|Msxml2\.XMLHTTP|'
ajax_regex_string += 'ActiveXObject|Microsoft\.XMLHTTP)'
self._ajax_regex_re = re.compile(ajax_regex_string, re.IGNORECASE)
# Compile the XPATH
self._script_xpath = etree.XPath('.//script')
def __init__(self):
GrepPlugin.__init__(self)
self._feed_types = {
'rss': 'RSS', # <rss version="...">
'feed': 'OPML', # <feed version="..."
'opml': 'OPML' # <opml version="...">
}
# Compile the XPATH
self._tag_xpath = etree.XPath('//rss | //feed | //opml')
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._override = False
self._symfony_detected = False
# Compile only once
self._symfony_re = re.compile('symfony=', re.IGNORECASE)
self._csrf_token_re = re.compile('.*csrf_token', re.IGNORECASE)
def __init__(self):
GrepPlugin.__init__(self)
self._analyzed_hashes = ScalableBloomFilter()
self._retirejs_path = self._get_retirejs_path()
self._retirejs_exit_code_result = None
self._retirejs_exit_code_was_run = False
self._retire_db_filename = None
self._batch = []
self._js_temp_directory = None
def __init__(self):
GrepPlugin.__init__(self)
# The following regex matches a valid url as well as the text
# about:internet. Also it validates the number in the parenthesis.
# It should be a 4 digit number and must tell about the length of the
# URL that follows
regex = r"""<!--\s*saved from url=\(([\d]{4})\)(https?://([-\w\.]+)"""
regex += r"""+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?|about:internet)\s{1}\-\->"""
self._motw_re = re.compile(regex)
def __init__(self):
GrepPlugin.__init__(self)
# Create the regular expression to search for AJAX
ajax_regex_string = '(XMLHttpRequest|eval\(|ActiveXObject|Msxml2\.XMLHTTP|'
ajax_regex_string += 'ActiveXObject|Microsoft\.XMLHTTP)'
self._ajax_regex_re = re.compile(ajax_regex_string, re.IGNORECASE)
# Compile the XPATH
self._script_xpath = etree.XPath('.//script')
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._override = False
self._symfony_detected = False
# Compile only once
self._symfony_re = re.compile('symfony=', re.IGNORECASE)
self._csrf_token_re = re.compile('.*csrf_token', re.IGNORECASE)
def __init__(self):
GrepPlugin.__init__(self)
# The following regex matches a valid url as well as the text
# about:internet. Also it validates the number in the parenthesis.
# It should be a 4 digit number and must tell about the length of the
# URL that follows
regex = r"""<!--\s*saved from url=\(([\d]{4})\)(https?://([-\w\.]+)"""
regex += r"""+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?|about:internet)\s{1}\-\->"""
self._motw_re = re.compile(regex)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._reported = DiskList(table_prefix='path_disclosure')
# Compile all regular expressions and store information to avoid
# multiple queries to the same function
self._common_directories = get_common_directories()
self._compiled_regexes = {}
self._compile_regex()
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_added = DiskList()
# Compile all regular expressions and store information to avoid
# multiple queries to the same function
self._common_directories = get_common_directories()
self._compiled_regexes = {}
self._compile_regex()
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._reported = DiskList(table_prefix='path_disclosure')
# Compile all regular expressions and store information to avoid
# multiple queries to the same function
self._common_directories = get_common_directories()
self._compiled_regexes = {}
self._compile_regex()
def __init__(self):
GrepPlugin.__init__(self)
# Add the regex to match something like this:
#
# $Id: lzio.c,v 1.24 2003/03/20 16:00:56 roberto Exp $
# $Id: file name, version, timestamp, creator Exp $
#
regex = '\$.{1,12}: .*? .*? \d{4}[-/]\d{1,2}[-/]\d{1,2}'
regex += ' \d{1,2}:\d{1,2}:\d{1,2}.*? (.*?) (Exp )?\$'
self._regex_list = [re.compile(regex), ]
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_added = DiskList()
# Compile all regular expressions and store information to avoid
# multiple queries to the same function
self._common_directories = get_common_directories()
self._compiled_regexes = {}
self._compile_regex()
def __init__(self):
GrepPlugin.__init__(self)
self._need_init = True
self.captured_lang = None
# TODO: develop more plugins, there is a, pure-python metadata reader
# named hachoir-metadata it will be useful for writing A LOT of plugins
# Plugins to run
self._plugins_names_dict = ['html', 'pdf']
self._plugins = []
def __init__(self):
GrepPlugin.__init__(self)
self._need_init = True
self.captured_lang = None
# TODO: develop more plugins, there is a, pure-python metadata reader
# named hachoir-metadata it will be useful for writing A LOT of plugins
# Plugins to run
self._plugins_names_dict = ['html', 'pdf']
self._plugins = []
def __init__(self):
GrepPlugin.__init__(self)
# User defined options
self._single_regex = ''
self._regex_file_path = os.path.join(ROOT_PATH, 'plugins', 'grep',
'user_defined_regex', 'empty.txt')
# Internal variables
# Improved performance by compiling all the regular expressions
# before using them (see set_options method)
self._regexlist_compiled = []
self._all_in_one = None
def __init__(self):
GrepPlugin.__init__(self)
# User defined options
self._single_regex = ''
self._regex_file_path = os.path.join(ROOT_PATH, 'plugins', 'grep',
'user_defined_regex', 'empty.txt')
# Internal variables
# Improved performance by compiling all the regular expressions
# before using them (see set_options method)
self._regexlist_compiled = []
self._all_in_one = None
def __init__(self):
GrepPlugin.__init__(self)
# User configured settings
# Not 100% secure, but can be considered as safe in 99,9% of the cases
# Taken from https://github.com/WPO-Foundation/webpagetest/blob/master/agent/wpthook/cdn.h#L46
self._secure_js_file = os.path.join(ROOT_PATH, 'plugins', 'grep',
'cross_domain_js',
'secure-js-sources.txt')
# Internal variables
self._secure_js_domains = []
self._load_secure_js_file(self._secure_js_file)
def __init__(self):
GrepPlugin.__init__(self)
vs_regex = (r'<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"'
r' value=".*?" />')
ev_regex = (r'<input type="hidden" name="__EVENTVALIDATION"'
r' id="__EVENTVALIDATION" value=".*?" />')
encryptedvs_regex = (r'<input type="hidden" name="__VIEWSTATEENCRYPTED"'
r' id="__VIEWSTATEENCRYPTED" value=".*?" />')
self._viewstate = re.compile(vs_regex, re.IGNORECASE)
self._eventvalidation = re.compile(ev_regex, re.IGNORECASE)
self._encryptedVs = re.compile(encryptedvs_regex, re.IGNORECASE)
def __init__(self):
GrepPlugin.__init__(self)
# User configured settings
# Not 100% secure, but can be considered as safe in 99,9% of the cases
# Taken from https://github.com/WPO-Foundation/webpagetest/blob/master/agent/wpthook/cdn.h#L46
self._secure_js_file = os.path.join(ROOT_PATH, 'plugins', 'grep',
'cross_domain_js',
'secure-js-sources.txt')
# Internal variables
self._secure_js_domains = []
self._load_secure_js_file(self._secure_js_file)
def __init__(self):
GrepPlugin.__init__(self)
vs_regex = r'<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value=".*?" />'
self._viewstate = re.compile(vs_regex, re.IGNORECASE | re.DOTALL)
ev_regex = r'<input type="hidden" name="__EVENTVALIDATION" '
ev_regex += 'id="__EVENTVALIDATION" value=".*?" />'
self._eventvalidation = re.compile(ev_regex, re.IGNORECASE | re.DOTALL)
encryptedvs_regex = r'<input type="hidden" name="__VIEWSTATEENCRYPTED" '
encryptedvs_regex += 'id="__VIEWSTATEENCRYPTED" value=".*?" />'
self._encryptedVs = re.compile(
encryptedvs_regex, re.IGNORECASE | re.DOTALL)
def __init__(self):
GrepPlugin.__init__(self)
# For more info regarding this regular expression, please see:
# https://sourceforge.net/mailarchive/forum.php?thread_name=1955593874.20090122023644%40
#mlists.olympos.org&forum_name=w3af-develop
regex_str = '(?<!\.)(?<!\d)(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.'
regex_str += '254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-'
regex_str += '9]?)){2}(?!\d)(?!\.)'
self._private_ip_address = re.compile(regex_str)
self._regex_list = [self._private_ip_address, ]
self._already_inspected = ScalableBloomFilter()
self._ignore_if_match = None
def __init__(self):
GrepPlugin.__init__(self)
cc_regex = "((^|\s)\d{4}[- ]?(\d{4}[- ]?\d{4}|\d{6})[- ]?(\d{5}|\d{4})($|\s))"
# (^|[^\d]) Match the start of the string, or something that's NOT a digit
# \d{4}[- ]? Match four digits, and then (optionally) a "-" or a space
# (\d{4}[- ]?\d{4}|\d{6}) Match one of the following:
# - Four digits, and then (optionally) a "-" or a space and then four digits again (VISA cards)
# - Six digits (AMEX cards)
# [- ]? Match a "-" or a space (optionally)
# (\d{5}|\d{4}) Match the final digits, five or four digits
# ($|[^\d]) Match the end of the string, or something that's NOT a digit
self._cc_regex = re.compile(cc_regex, re.M)
def __init__(self):
GrepPlugin.__init__(self)
cc_regex = '((^|\s)\d{4}[- ]?(\d{4}[- ]?\d{4}|\d{6})[- ]?(\d{5}|\d{4})($|\s))'
# (^|[^\d]) Match the start of the string, or something that's NOT a digit
# \d{4}[- ]? Match four digits, and then (optionally) a "-" or a space
# (\d{4}[- ]?\d{4}|\d{6}) Match one of the following:
# - Four digits, and then (optionally) a "-" or a space and then four digits again (VISA cards)
# - Six digits (AMEX cards)
# [- ]? Match a "-" or a space (optionally)
# (\d{5}|\d{4}) Match the final digits, five or four digits
# ($|[^\d]) Match the end of the string, or something that's NOT a digit
self._cc_regex = re.compile(cc_regex, re.M)
def __init__(self):
GrepPlugin.__init__(self)
# For more info regarding this regular expression, please see:
# https://sourceforge.net/mailarchive/forum.php?thread_name=1955593874.20090122023644%40
#mlists.olympos.org&forum_name=w3af-develop
regex_str = '(?<!\.)(?<!\d)(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.'
regex_str += '254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-'
regex_str += '9]?)){2}(?!\d)(?!\.)'
self._private_ip_address = re.compile(regex_str)
self._regex_list = [
self._private_ip_address,
]
self._already_inspected = ScalableBloomFilter()
self._ignore_if_match = None
def __init__(self):
GrepPlugin.__init__(self)
self._analyzed_hashes = ScalableBloomFilter()
self._retirejs_path = self._get_retirejs_path()
self._is_valid_retire_version = None
self._is_valid_retirejs_exit_code = None
self._should_run_retirejs_install_check = True
self._retire_db_filename = None
self._batch = []
self._js_temp_directory = None
# User-configured parameters
self._retire_db_url = self.RETIRE_DB_URL
def __init__(self):
GrepPlugin.__init__(self)
# Vulners rules JSON url
self._vulners_rules_url = URL(
'https://raw.githubusercontent.com/vulnersCom/detect-rules/master/rules.json'
)
# Vulners shared objects
self._vulners_api = None
self._vulners_api_key = ''
self.rules_table = None
self.rules_updated = False
self._already_visited = ScalableBloomFilter()
self._vulnerability_cache = {}
self._multi_re = None
def __init__(self):
GrepPlugin.__init__(self)
self.PUBLIC = 'public'
self.PRIVATE = 'private'
PUBLIC = 'public'
PRIVATE = 'private'
KEY_FORMATS = (
# RSA (PKCS1)
('-----BEGIN RSA PRIVATE KEY-----', ('RSA-PRIVATE', PRIVATE)),
('-----BEGIN RSA PUBLIC KEY-----', ('RSA-PUBLIC', PUBLIC)),
('ssh-rsa', ('RSA-PUBLIC', PUBLIC)),
# DSA
('-----BEGIN DSA PRIVATE KEY-----', ('DSA-PRIVATE', PRIVATE)),
('-----BEGIN DSA PUBLIC KEY-----', ('DSA-PUBLIC', PUBLIC)),
('ssh-dss', ('DSA-PUBLIC', PUBLIC)),
# Elliptic Curve
('-----BEGIN EC PRIVATE KEY-----', ('EC-PRIVATE', PRIVATE)),
('-----BEGIN EC PUBLIC KEY-----', ('EC-PUBLIC', PUBLIC)),
('ecdsa-sha2-nistp256', ('EC-PUBLIC', PUBLIC)),
# SSH2
('---- BEGIN SSH2 PUBLIC KEY ----', ('SSH2-PRIVATE', PRIVATE)),
('---- BEGIN SSH2 PRIVATE KEY ----', ('SSH2-PUBLIC', PUBLIC)),
# ed25519 (OpenSSH)
('-----BEGIN OPENSSH PRIVATE KEY-----', ('ED25519-SSH-PRIVATE', PRIVATE)),
('-----BEGIN OPENSSH PUBLIC KEY-----', ('ED25519-SSH-PUBLIC', PUBLIC)),
('ssh-ed25519', ('ED25519-SSH-PUBLIC', PUBLIC)),
# PKCS8
('-----BEGIN PRIVATE KEY-----', ('PKCS8-PRIVATE', PRIVATE)),
('-----BEGIN PUBLIC KEY-----', ('PKCS8-PUBLIC', PUBLIC)),
('-----BEGIN ENCRYPTED PRIVATE KEY-----', ('PKCS8-ENCRYPTED-PRIVATE', PRIVATE)),
('-----BEGIN ENCRYPTED PUBLIC KEY-----', ('PKCS8-ENCRYPTED-PUBLIC', PUBLIC)),
# XML
('<RSAKeyPair>', ('XML-RSA', PRIVATE)),
('<RSAKeyValue>', ('.NET-XML-RSA', PUBLIC))
)
self._multi_in = MultiIn(KEY_FORMATS)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_reported = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
def __init__(self):
GrepPlugin.__init__(self)
self._disco_strings = ['disco:discovery ']
def __init__(self):
GrepPlugin.__init__(self)
# User configured variables
self._only_target_domain = True
self._already_reported = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self._cookie_key_failed_fingerprint = set()
self._already_reported_fingerprint = set()
self._already_reported_cookies = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._comments = DiskDict(table_prefix='html_comments')
self._already_reported = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self.already_reported = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported_versions = []
self._compiled_regex = []
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._override = False
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._script_src_xpath = etree.XPath(SCRIPT_SRC_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
self._disco_strings = ['disco:discovery ']
