def parseConfig(self):
config = DefaultConfigParser()
configPath = FileUtils.buildPath(self.script_path, "default.conf")
config.read(configPath)
# General
self.threadsCount = config.safe_getint("general", "threads", 10, list(range(1, 50)))
self.excludeStatusCodes = config.safe_get("general", "exclude-status", None)
self.redirect = config.safe_getboolean("general", "follow-redirects", False)
self.recursive = config.safe_getboolean("general", "recursive", False)
self.suppressEmpty = config.safe_getboolean("general", "suppress-empty", False)
self.testFailPath = config.safe_get("general", "scanner-fail-path", "").strip()
self.saveHome = config.safe_getboolean("general", "save-logs-home", False)
# Reports
self.autoSave = config.safe_getboolean("reports", "autosave-report", False)
self.autoSaveFormat = config.safe_get("reports", "autosave-report-format", "plain", ["plain", "json", "simple"])
# Dictionary
self.wordlist = config.safe_get("dictionary", "wordlist",
FileUtils.buildPath(self.script_path, "db", "dicc.bak"))
self.lowercase = config.safe_getboolean("dictionary", "lowercase", False)
self.forceExtensions = config.safe_get("dictionary", "force-extensions", False)
# Connection
self.useRandomAgents = config.safe_get("connection", "random-user-agents", False)
self.useragent = config.safe_get("connection", "user-agent", None)
self.delay = config.safe_get("connection", "delay", 0)
self.timeout = config.safe_getint("connection", "timeout", 30)
self.maxRetries = config.safe_getint("connection", "max-retries", 5)
self.proxy = config.safe_get("connection", "http-proxy", None)
self.requestByHostname = config.safe_get("connection", "request-by-hostname", False)
def parseConfig(self):
config = DefaultConfigParser()
configPath = FileUtils.buildPath(self.script_path, "default.conf")
config.read(configPath)
# General
self.threadsCount = config.safe_getint("general", "threads", 10, list(range(1, 50)))
self.excludeStatusCodes = config.safe_get("general", "exclude-status", None)
self.redirect = config.safe_getboolean("general", "follow-redirects", False)
self.recursive = config.safe_getboolean("general", "recursive", False)
self.suppressEmpty = config.safe_getboolean("general", "suppress-empty", False)
self.testFailPath = config.safe_get("general", "scanner-fail-path", "").strip()
self.saveHome = config.safe_getboolean("general", "save-logs-home", False)
# Reports
self.autoSave = config.safe_getboolean("reports", "autosave-report", False)
self.autoSaveFormat = config.safe_get("reports", "autosave-report-format", "plain", ["plain", "json", "simple"])
# Dictionary
self.wordlist = config.safe_get("dictionary", "wordlist",
FileUtils.buildPath(self.script_path, "db", "dicc.txt"))
self.lowercase = config.safe_getboolean("dictionary", "lowercase", False)
self.forceExtensions = config.safe_get("dictionary", "force-extensions", False)
# Connection
self.useRandomAgents = config.safe_get("connection", "random-user-agents", False)
self.useragent = config.safe_get("connection", "user-agent", None)
self.delay = config.safe_get("connection", "delay", 0)
self.timeout = config.safe_getint("connection", "timeout", 30)
self.maxRetries = config.safe_getint("connection", "max-retries", 5)
self.proxy = config.safe_get("connection", "http-proxy", None)
self.requestByHostname = config.safe_get("connection", "request-by-hostname", False)
def __parse_conf_file(self):
parser = DefaultConfigParser()
# Utf-8 to avoid encoding issues
parser.read(EXPLOITS_CONF, 'utf8')
for section in parser.sections():
# Vulnerable product name
product = parser.safe_get(section, 'product', '', None)
if not product:
raise SettingsException('No vulnerable product name specified for ' \
'[{}]'.format(section))
# Vulnerability description
description = parser.safe_get(section, 'description', '', None)
if not description:
raise SettingsException('Missing vulnerability description for ' \
'[{}]'.format(section))
# Vulnerability type
type_ = parser.safe_get(section, 'type', '', None)
if type_ not in SUPPORTED_TYPES:
raise SettingsException(
'Unsupported vulnerability type for [{}]'.format(section))
# Detection command
detection_rawcmd = parser.safe_get(section, 'detection_cmd', '',
None)
# Detection command output success
detection_success = parser.safe_get(section, 'detection_success',
'', None)
if detection_rawcmd and len(
detection_rawcmd) > 0 and not detection_success:
raise SettingsException('Missing "detection_success" for [{}] since ' \
'"detection_cmd" is defined'.format(section))
# Exploit command
exploit_rawcmd = parser.safe_get(section, 'exploit_cmd', '', None)
# Exploit RCE output
exploit_rce_output = parser.safe_get_boolean(
section, 'exploit_rce_output', True)
# Exploit command output success (for auto test when exploit_rce_output == True)
exploit_success = parser.safe_get(section, 'exploit_success', '',
None)
if exploit_rawcmd and \
len(exploit_rawcmd) > 0 and \
exploit_rce_output and \
not exploit_success:
raise SettingsException(
'Missing "exploit_success" for [{}] since '
'"exploit_cmd" is defined and "exploit_rce_output=true"'.
format(section))
exploit = Exploit(section, product, description, type_,
detection_rawcmd, detection_success,
exploit_rawcmd, exploit_rce_output,
exploit_success)
self.exploits.append(exploit)
def __parse_conf_file(self):
parser = DefaultConfigParser()
# Utf-8 to avoid encoding issues
parser.read(EXPLOITS_CONF, 'utf8')
for section in parser.sections():
type_ = parser.safe_get(section, 'type', '', None)
if type_ not in SUPPORTED_TYPES:
raise SettingsException('Unsupported exploit type for [{}]'.format(type_))
rawcmd = parser.safe_get(section, 'command', '', None)
if not rawcmd:
raise SettingsException('No command specified for [{}]'.format(rawcmd))
description = parser.safe_get(section, 'description', '', None)
success = parser.safe_get(section, 'success', '', None)
exploit = Exploit(section, description, type_, rawcmd, success)
self.exploits.append(exploit)
def parseConfig(self):
config = DefaultConfigParser()
configPath = FileUtils.buildPath(self.script_path, "default.conf")
config.read(configPath)
# General
self.threadsCount = config.safe_getint("general", "threads", 10,
list(range(1, 50)))
self.excludeStatusCodes = config.safe_get("general", "exclude-status",
None)
self.redirect = config.safe_getboolean("general", "follow-redirects",
False)
self.recursive = config.safe_getboolean("general", "recursive", False)
self.testFailPath = config.safe_get("general", "test-fail-path",
"youCannotBeHere7331").strip()
# Reports
self.autoSave = config.safe_getboolean("reports", "autosave-report",
False)
self.autoSaveFormat = config.safe_get("reports",
"autosave-report-format",
"plain",
["plain", "json", "simple"])
# Dictionary
self.wordlist = config.safe_get(
"dictionary", "wordlist",
FileUtils.buildPath(self.script_path, "db", "dicc.txt"))
self.lowercase = config.safe_getboolean("dictionary", "lowercase",
False)
# Connection
self.useragent = config.safe_get("connection", "user-agent", None)
self.timeout = config.safe_getint("connection", "timeout", 30)
self.maxRetries = config.safe_getint("connection", "max-retries", 5)
self.proxy = config.safe_get("connection", "http-proxy", None)
def parse_config(self):
config = DefaultConfigParser()
config_path = FileUtils.build_path(self.script_path, "default.conf")
config.read(config_path)
# General
self.threads_count = config.safe_getint("general", "threads", 10,
list(range(1, 50)))
self.redirect = config.safe_getboolean("general", "follow-redirects",
False)
# Credentials
self.wordlist = config.safe_get(
"credentials", "userpass-wordlist",
FileUtils.build_path(self.script_path, "db", "default.txt"))
# Connection
self.use_random_agents = config.safe_get("connection",
"random-user-agents", False)
self.useragent = config.safe_get("connection", "user-agent", None)
self.delay = config.safe_get("connection", "delay", 0)
self.timeout = config.safe_getint("connection", "timeout", 30)
self.max_retries = config.safe_getint("connection", "max-retries", 5)
self.proxy = config.safe_get("connection", "http-proxy", None)
self.dns_cache = config.safe_get("connection", "dns-cache", False)
def parseConfig(self):
config = DefaultConfigParser()
configPath = FileUtils.buildPath(self.script_path, "default.conf")
config.read(configPath)
# General
self.threadsCount = config.safe_getint("general", "threads", 10, range(1, 50))
self.excludeStatusCodes = config.safe_get("general", "exclude-status", None)
self.redirect = config.safe_getboolean("general", "follow-redirects", False)
self.recursive = config.safe_getboolean("general", "recursive", False)
self.testFailPath = config.safe_get("general", "test-fail-path", "youCannotBeHere7331").strip()
# Reports
self.autoSave = config.safe_getboolean("reports", "autosave-report", False)
self.autoSaveFormat = config.safe_get("reports", "autosave-report-format", "plain", ["plain", "json", "simple"])
# Dictionary
self.wordlist = config.safe_get("dictionary", "wordlist", FileUtils.buildPath(self.script_path, "db", "dicc.txt"))
self.lowercase = config.safe_getboolean("dictionary", "lowercase", False)
# Connection
self.useragent = config.safe_get("connection", "user-agent", None)
self.timeout = config.safe_getint("connection", "timeout", 30)
self.maxRetries = config.safe_getint("connection", "max-retries", 5)
self.proxy = config.safe_get("connection", "http-proxy", None)
def parseConfig(self):
config = DefaultConfigParser()
configPath = FileUtils.buildPath(self.script_path, "default.conf")
config.read(configPath)
# General
self.threadsCount = config.safe_getint(
"general", "threads", 20, list(range(1, 200))
)
self.includeStatusCodes = config.safe_get("general", "include-status", None)
self.excludeStatusCodes = config.safe_get("general", "exclude-status", None)
self.excludeTexts = config.safe_get("general", "exclude-texts", None)
self.redirect = config.safe_getboolean("general", "follow-redirects", False)
self.recursive = config.safe_getboolean("general", "recursive", False)
self.recursive_level_max = config.safe_getint(
"general", "recursive-level-max", 1
)
self.suppressEmpty = config.safe_getboolean("general", "suppress-empty", False)
self.testFailPath = config.safe_get("general", "scanner-fail-path", "").strip()
self.saveHome = config.safe_getboolean("general", "save-logs-home", False)
self.defaultExtensions = config.safe_get("general", "default-extensions", "php,asp,aspx,jsp,jspx,html,htm,js,txt")
# Reports
self.quietMode = config.safe_get("reports", "quiet-mode", False)
self.autoSave = config.safe_getboolean("reports", "autosave-report", False)
self.autoSaveFormat = config.safe_get(
"reports", "autosave-report-format", "plain", ["plain", "json", "simple"]
)
# Dictionary
self.wordlist = config.safe_get(
"dictionary",
"wordlist",
FileUtils.buildPath(self.script_path, "db", "dicc.txt"),
)
self.lowercase = config.safe_getboolean("dictionary", "lowercase", False)
self.uppercase = config.safe_getboolean("dictionary", "uppercase", False)
self.forceExtensions = config.safe_get("dictionary", "force-extensions", False)
self.noDotExtensions = config.safe_get("dictionary", "no-dot-extensions", False)
# Connection
self.useRandomAgents = config.safe_get(
"connection", "random-user-agents", False
)
self.useragent = config.safe_get("connection", "user-agent", None)
self.delay = config.safe_get("connection", "delay", 0)
self.timeout = config.safe_getint("connection", "timeout", 20)
self.maxRetries = config.safe_getint("connection", "max-retries", 5)
self.proxy = config.safe_get("connection", "http-proxy", None)
self.proxylist = config.safe_get("connection", "http-proxy-list", None)
self.httpmethod = config.safe_get(
"connection", "httpmethod", "get", ["get", "head", "post", "put", "delete", "trace", "options"]
)
self.requestByHostname = config.safe_get(
"connection", "request-by-hostname", False
)
def parseConfig(self):
config = DefaultConfigParser()
configPath = FileUtils.buildPath(os.path.expanduser('~'), ".dirsearch", "dirsearch.conf")
if not FileUtils.exists(configPath):
FileUtils.createDirectory(os.path.dirname(configPath))
shutil.copyfile(FileUtils.buildPath(self.script_path, 'default.conf'), configPath)
config.read(configPath)
# General
self.threadsCount = config.safe_getint("general", "threads", 10, list(range(1, 50)))
self.excludeStatusCodes = config.safe_get("general", "exclude-status", None)
self.redirect = config.safe_getboolean("general", "follow-redirects", False)
self.recursive = config.safe_getboolean("general", "recursive", False)
self.recursive_level_max = config.safe_getint("general", "recursive-level-max", 1)
self.suppressEmpty = config.safe_getboolean("general", "suppress-empty", False)
self.testFailPath = config.safe_get("general", "scanner-fail-path", "").strip()
self.saveHome = config.safe_getboolean("general", "save-logs-home", False)
# Reports
self.autoSave = config.safe_getboolean("reports", "autosave-report", False)
self.autoSaveFormat = config.safe_get("reports", "autosave-report-format", "plain", ["plain", "json", "simple"])
# Dictionary
self.wordlist = config.safe_get("dictionary", "wordlist",
FileUtils.buildPath(self.script_path, "db", "dicc.txt"))
self.lowercase = config.safe_getboolean("dictionary", "lowercase", False)
self.forceExtensions = config.safe_get("dictionary", "force-extensions", False)
# Connection
self.useRandomAgents = config.safe_get("connection", "random-user-agents", False)
self.useragent = config.safe_get("connection", "user-agent", None)
self.delay = config.safe_get("connection", "delay", 0)
self.timeout = config.safe_getint("connection", "timeout", 30)
self.maxRetries = config.safe_getint("connection", "max-retries", 5)
self.proxy = config.safe_get("connection", "http-proxy", None)
self.httpmethod = config.safe_get("connection", "httpmethod", "get", ["get", "head", "post"])
self.requestByHostname = config.safe_get("connection", "request-by-hostname", False)
