def __init__(self):
GrepPlugin.__init__(self)
self._total_count = 0
self._vuln_count = 0
self._vulns = DiskList()
self._ids = DiskList()
def __init__(self):
GrepPlugin.__init__(self)
# Compile the XPATH
self._tag_xpath = etree.XPath('//object | //applet')
self._tag_names = ('object', 'applet')
self._already_analyzed = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self._total_count = 0
self._vuln_count = 0
self._vulns = DiskList()
self._ids = DiskList()
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported = ScalableBloomFilter()
# regex to split between words
self._split_re = re.compile('[^\w]')
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported = ScalableBloomFilter()
# regex to split between words
self._split_re = re.compile('[^\w]')
def __init__(self):
GrepPlugin.__init__(self)
# Compile the XPATH
self._tag_xpath = etree.XPath('//object | //applet')
self._tag_names = ('object', 'applet')
self._already_analyzed = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._autocomplete_forms_xpath = etree.XPath(AUTOCOMPLETE_FORMS_XPATH)
self._pwd_input_xpath = etree.XPath(PWD_INPUT_XPATH)
self._text_input_xpath = etree.XPath(TEXT_INPUT_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._autocomplete_forms_xpath = etree.XPath(AUTOCOMPLETE_FORMS_XPATH)
self._pwd_input_xpath = etree.XPath(PWD_INPUT_XPATH)
self._text_input_xpath = etree.XPath(TEXT_INPUT_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
# The following regex matches a valid url as well as the text about:internet.
# Also it validates the number in the parenthesis. It should be a 4 digit number
# and must tell about the length of the url that follows
regex = r"""<!--\s*saved from url=\(([\d]{4})\)(https?://([-\w\.]+)"""
regex += r"""+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?|about:internet)\s{1}\-\->"""
self._motw_re = re.compile(regex)
def __init__(self):
'''
Class init
'''
GrepPlugin.__init__(self)
self._total_count = 0
self._vulns = DiskList()
self._urls = DiskList()
def __init__(self):
GrepPlugin.__init__(self)
# The following regex matches a valid url as well as the text about:internet.
# Also it validates the number in the parenthesis. It should be a 4 digit number
# and must tell about the length of the url that follows
regex = r"""<!--\s*saved from url=\(([\d]{4})\)(https?://([-\w\.]+)"""
regex += r"""+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?|about:internet)\s{1}\-\->"""
self._motw_re = re.compile(regex)
def __init__(self):
'''
Class init
'''
GrepPlugin.__init__(self)
self._total_count = 0
self._vulns = DiskList()
self._urls = DiskList()
def __init__(self):
GrepPlugin.__init__(self)
self._already_analyzed = ScalableBloomFilter()
self._properly_configured = None
self._config_check_lock = threading.RLock()
# User configured settings
# Default for ubuntu installation
self._clamd_socket = '/var/run/clamav/clamd.ctl'
def __init__(self):
GrepPlugin.__init__(self)
self._already_analyzed = ScalableBloomFilter()
self._properly_configured = None
self._config_check_lock = threading.RLock()
# User configured settings
# Default for ubuntu installation
self._clamd_socket = '/var/run/clamav/clamd.ctl'
def __init__(self):
GrepPlugin.__init__(self)
self._feed_types = {'rss': 'RSS', # <rss version="...">
'feed': 'OPML', # <feed version="..."
'opml': 'OPML' # <opml version="...">
}
self._already_inspected = ScalableBloomFilter()
# Compile the XPATH
self._tag_xpath = etree.XPath('//rss | //feed | //opml')
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_added = DiskList()
# Compile all regular expressions and store information to avoid
# multiple queries to the same function
self._common_directories = get_common_directories()
self._compiled_regexes = {}
self._compile_regex()
def __init__(self):
GrepPlugin.__init__(self)
self._already_inspected = ScalableBloomFilter()
# Add the regex to match something like this:
#
# $Id: lzio.c,v 1.24 2003/03/20 16:00:56 roberto Exp $
# $Id: file name, version, timestamp, creator Exp $
#
regex = '\$.{1,12}: .*? .*? \d{4}[-/]\d{1,2}[-/]\d{1,2}'
regex += ' \d{1,2}:\d{1,2}:\d{1,2}.*? (.*?) (Exp )?\$'
self._regex_list = [re.compile(regex), ]
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_added = DiskList()
# Compile all regular expressions and store information to avoid
# multiple queries to the same function
self._common_directories = get_common_directories()
self._compiled_regexes = {}
self._compile_regex()
def __init__(self):
GrepPlugin.__init__(self)
self._init = True
self.captured_lang = None
#TODO: develop more plugins, there is a, pure-python metadata reader named
# hachoir-metadata it will be useful for writing A LOT of plugins
# Plugins to run
self._plugins_names_dict = ['html', 'pdf']
self._plugins = []
def __init__(self):
GrepPlugin.__init__(self)
self._init = True
self.captured_lang = None
#TODO: develop more plugins, there is a, pure-python metadata reader named
# hachoir-metadata it will be useful for writing A LOT of plugins
# Plugins to run
self._plugins_names_dict = ['html', 'pdf']
self._plugins = []
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
# Create the regular expression to search for AJAX
ajax_regex_string = '(XMLHttpRequest|eval\(|ActiveXObject|Msxml2\.XMLHTTP|'
ajax_regex_string += 'ActiveXObject|Microsoft\.XMLHTTP)'
self._ajax_regex_re = re.compile(ajax_regex_string, re.IGNORECASE)
# Compile the XPATH
self._script_xpath = etree.XPath('.//script')
def __init__(self):
GrepPlugin.__init__(self)
self._already_inspected = ScalableBloomFilter()
# Add the regex to match something like this:
#
# $Id: lzio.c,v 1.24 2003/03/20 16:00:56 roberto Exp $
# $Id: file name, version, timestamp, creator Exp $
#
regex = '\$.{1,12}: .*? .*? \d{4}[-/]\d{1,2}[-/]\d{1,2}'
regex += ' \d{1,2}:\d{1,2}:\d{1,2}.*? (.*?) (Exp )?\$'
self._regex_list = [
re.compile(regex),
]
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
# Create the regular expression to search for AJAX
ajax_regex_string = "(XMLHttpRequest|eval\(|ActiveXObject|Msxml2\.XMLHTTP|"
ajax_regex_string += "ActiveXObject|Microsoft\.XMLHTTP)"
self._ajax_regex_re = re.compile(ajax_regex_string, re.IGNORECASE)
# Compile the XPATH
self._script_xpath = etree.XPath(".//script")
def __init__(self):
GrepPlugin.__init__(self)
# User defined options
self._single_regex = ''
self._regex_file_path = os.path.join('plugins', 'grep',
'user_defined_regex', 'empty.txt')
# Internal variables
# Improved performance by compiling all the regular expressions
# before using them (see set_options method)
self._regexlist_compiled = []
self._all_in_one = None
def __init__(self):
GrepPlugin.__init__(self)
# User defined options
self._single_regex = ''
self._regex_file_path = os.path.join(
'plugins', 'grep', 'user_defined_regex',
'empty.txt')
# Internal variables
# Improved performance by compiling all the regular expressions
# before using them (see set_options method)
self._regexlist_compiled = []
self._all_in_one = None
def __init__(self):
GrepPlugin.__init__(self)
# For more info regarding this regular expression, please see:
# https://sourceforge.net/mailarchive/forum.php?thread_name=1955593874.20090122023644%40
#mlists.olympos.org&forum_name=w3af-develop
regex_str = '(?<!\.)(?<!\d)(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.'
regex_str += '254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-'
regex_str += '9]?)){2}(?!\d)(?!\.)'
self._private_ip_address = re.compile(regex_str)
self._regex_list = [self._private_ip_address, ]
self._already_inspected = ScalableBloomFilter()
self._ignore_if_match = None
def __init__(self):
GrepPlugin.__init__(self)
cc_regex = '((^|\s)\d{4}[- ]?(\d{4}[- ]?\d{4}|\d{6})[- ]?(\d{5}|\d{4})($|\s))'
# (^|[^\d]) Match the start of the string, or something that's NOT a digit
# \d{4}[- ]? Match four digits, and then (optionally) a "-" or a space
# (\d{4}[- ]?\d{4}|\d{6}) Match one of the following:
# - Four digits, and then (optionally) a "-" or a space and then four digits again (VISA cards)
# - Six digits (AMEX cards)
# [- ]? Match a "-" or a space (optionally)
# (\d{5}|\d{4}) Match the final digits, five or four digits
# ($|[^\d]) Match the end of the string, or something that's NOT a digit
self._cc_regex = re.compile(cc_regex, re.M)
def __init__(self):
GrepPlugin.__init__(self)
cc_regex = '((^|\s)\d{4}[- ]?(\d{4}[- ]?\d{4}|\d{6})[- ]?(\d{5}|\d{4})($|\s))'
# (^|[^\d]) Match the start of the string, or something that's NOT a digit
# \d{4}[- ]? Match four digits, and then (optionally) a "-" or a space
# (\d{4}[- ]?\d{4}|\d{6}) Match one of the following:
# - Four digits, and then (optionally) a "-" or a space and then four digits again (VISA cards)
# - Six digits (AMEX cards)
# [- ]? Match a "-" or a space (optionally)
# (\d{5}|\d{4}) Match the final digits, five or four digits
# ($|[^\d]) Match the end of the string, or something that's NOT a digit
self._cc_regex = re.compile(cc_regex, re.M)
def __init__(self):
GrepPlugin.__init__(self)
# For more info regarding this regular expression, please see:
# https://sourceforge.net/mailarchive/forum.php?thread_name=1955593874.20090122023644%40
#mlists.olympos.org&forum_name=w3af-develop
regex_str = '(?<!\.)(?<!\d)(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.'
regex_str += '254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-'
regex_str += '9]?)){2}(?!\d)(?!\.)'
self._private_ip_address = re.compile(regex_str)
self._regex_list = [
self._private_ip_address,
]
self._already_inspected = ScalableBloomFilter()
self._ignore_if_match = None
def __init__(self):
GrepPlugin.__init__(self)
vs_regex = r'<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value=".*?" />'
self._viewstate = re.compile(vs_regex, re.IGNORECASE | re.DOTALL)
ev_regex = r'<input type="hidden" name="__EVENTVALIDATION" '
ev_regex += 'id="__EVENTVALIDATION" value=".*?" />'
self._eventvalidation = re.compile(ev_regex, re.IGNORECASE | re.DOTALL)
encryptedvs_regex = r'<input type="hidden" name="__VIEWSTATEENCRYPTED" '
encryptedvs_regex += 'id="__VIEWSTATEENCRYPTED" value=".*?" />'
self._encryptedVs = re.compile(
encryptedvs_regex, re.IGNORECASE | re.DOTALL)
self._already_analyzed = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
vs_regex = r'<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value=".*?" />'
self._viewstate = re.compile(vs_regex, re.IGNORECASE | re.DOTALL)
ev_regex = r'<input type="hidden" name="__EVENTVALIDATION" '
ev_regex += 'id="__EVENTVALIDATION" value=".*?" />'
self._eventvalidation = re.compile(ev_regex, re.IGNORECASE | re.DOTALL)
encryptedvs_regex = r'<input type="hidden" name="__VIEWSTATEENCRYPTED" '
encryptedvs_regex += 'id="__VIEWSTATEENCRYPTED" value=".*?" />'
self._encryptedVs = re.compile(encryptedvs_regex,
re.IGNORECASE | re.DOTALL)
self._already_analyzed = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self._already_inspected = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self._already_analyzed = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._override = False
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._comments = DiskDict()
self._already_reported_interesting = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported_server = []
def __init__(self):
GrepPlugin.__init__(self)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._file_input_xpath = etree.XPath(FILE_INPUT_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._override = False
def __init__(self):
GrepPlugin.__init__(self)
# Compile the regular expressions
self._scriptRe = re.compile('< *script *>(.*?)</ *script *>',
re.IGNORECASE | re.DOTALL)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._exec = True
self._tries_left = 25
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._script_src_xpath = etree.XPath(SCRIPT_SRC_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._file_input_xpath = etree.XPath(FILE_INPUT_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_added = ScalableBloomFilter()
self._first_404 = True
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported_versions = []
self._compiled_regex = []
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_reported = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_inspected = ScalableBloomFilter()
self._script_src_xpath = etree.XPath(SCRIPT_SRC_XPATH)
def __init__(self):
GrepPlugin.__init__(self)
self._error_500_responses = DiskSet()
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._comments = DiskDict()
self._already_reported_interesting = ScalableBloomFilter()
def __init__(self):
GrepPlugin.__init__(self)
self._already_inspected = ScalableBloomFilter()
# User configured variables
self._only_target_domain = True
def __init__(self):
GrepPlugin.__init__(self)
self._error_500_responses = DiskSet()
def __init__(self):
GrepPlugin.__init__(self)
# Compile the regular expressions
self._scriptRe = re.compile(
'< *script *>(.*?)</ *script *>', re.IGNORECASE | re.DOTALL)
def __init__(self):
GrepPlugin.__init__(self)
self._already_reported_versions = []
self._compiled_regex = []
def __init__(self):
GrepPlugin.__init__(self)
self._already_inspected = ScalableBloomFilter()
self._disco_strings = ['disco:discovery ']
def __init__(self):
GrepPlugin.__init__(self)
# Internal variables
self._already_added = ScalableBloomFilter()
self._first_404 = True
def __init__(self):
GrepPlugin.__init__(self)
def __init__(self):
GrepPlugin.__init__(self)
self._auth_uri_regex = re.compile('.*://[\w%]*?:[\w%]*?@[\w\.]{3,40}')