def test_set_domain(self):
u = URL('http://w3af.com/def/jkl/')
self.assertEqual(u.get_domain(), 'w3af.com')
u.set_domain('host.tld')
self.assertEqual(u.get_domain(), 'host.tld')
u.set_domain('foobar')
self.assertEqual(u.get_domain(), 'foobar')
u.set_domain('foobar.')
self.assertEqual(u.get_domain(), 'foobar.')
def search(self, query, start, count=10):
'''
Search the web with Bing.
This method is based from the msn.py file from the massive enumeration toolset,
coded by pdp and released under GPL v2.
'''
url = 'http://www.bing.com/search?'
query = urllib.urlencode({'q': query,
'first': start + 1,
'FORM': 'PERE'})
url_instance = URL(url + query)
response = self._uri_opener.GET(url_instance, headers=self._headers,
cache=True, grep=False)
# This regex might become outdated, but the good thing is that we have
# test_bing.py which is going to fail and tell us that it's outdated
re_match = re.findall('<a href="((http|https)(.*?))" h="ID=SERP,',
response.get_body())
results = set()
for url, _, _ in re_match:
try:
url = URL(url)
except:
pass
else:
if url.get_domain() not in self.BLACKLISTED_DOMAINS:
bing_result = BingResult(url)
results.add(bing_result)
return results
def test_default_proto(self):
'''
http is the default protocol, we can provide URLs with no proto
'''
u = URL('w3af.com')
self.assertEqual(u.get_domain(), 'w3af.com')
self.assertEqual(u.get_protocol(), 'http')
def do_ALL(self):
global global_first_request
if global_first_request:
global_first_request = False
om.out.information(
'The user is navigating through the spider_man proxy.')
# Convert to url_object
path = URL(self.path)
if path == TERMINATE_URL:
om.out.information('The user terminated the spider_man session.')
self._send_end()
self._spider_man.stop_proxy()
return
om.out.debug("[spider_man] Handling request: %s %s" %
(self.command, path))
# Send this information to the plugin so it can send it to the core
freq = self._create_fuzzable_request()
self._spider_man.append_fuzzable_request(freq)
grep = True
if path.get_domain() != self.server.w3afLayer.target_domain:
grep = False
try:
response = self._send_to_server(grep=grep)
except Exception, e:
self._send_error(e)
def do_ALL(self):
global global_first_request
if global_first_request:
global_first_request = False
om.out.information("The user is navigating through the spider_man proxy.")
# Convert to url_object
path = URL(self.path)
if path == TERMINATE_URL:
om.out.information("The user terminated the spider_man session.")
self._send_end()
self._spider_man.stop_proxy()
return
om.out.debug("[spider_man] Handling request: %s %s" % (self.command, path))
# Send this information to the plugin so it can send it to the core
freq = self._create_fuzzable_request()
self._spider_man.append_fuzzable_request(freq)
grep = True
if path.get_domain() != self.server.w3afLayer.target_domain:
grep = False
try:
response = self._send_to_server(grep=grep)
except Exception, e:
self._send_error(e)
def endElement(self, name):
if name == 'phish_detail_url':
self.inside_detail = False
if name == 'url':
self.inside_URL = False
if name == 'entry':
self.inside_entry = False
#
# Now I try to match the entry with an element in the
# to_check_list
#
for target_host in self._to_check:
if target_host in self.url:
phish_url = URL(self.url)
target_host_url = URL(target_host)
if target_host_url.get_domain() == phish_url.get_domain() or \
phish_url.get_domain().endswith('.' + target_host_url.get_domain()):
phish_detail_url = URL(self.phish_detail_url)
ptm = PhishTankMatch(phish_url,
phish_detail_url)
self.matches.append(ptm)
def test_set_domain_with_port(self):
u = URL('http://w3af.com:443/def/jkl/')
self.assertEqual(u.get_domain(), 'w3af.com')
u.set_domain('host.tld')
self.assertEqual(u.get_net_location(), 'host.tld:443')