def retireJs(url, response):
vulnerable_component = list()
scripts = js_extractor(response)
for index, script in enumerate(scripts):
if script not in getVar('checkedScripts'):
updateVar('checkedScripts', script, 'add')
uri = handle_anchor(url, script)
response = requester(uri, '', getVar('headers'), True,
getVar('delay'), getVar('timeout')).text
result = main_scanner(uri, response)
if result:
component_report = dict()
logger.red_line()
logger.good('Vulnerable component: ' + result['component'] +
' v' + result['version'])
logger.info('Component location: %s' % uri)
details = result['vulnerabilities']
logger.info('Total vulnerabilities: %i' % len(details))
component_report['vulnerable_component'] = result[
'component'] + ' v' + result['version']
component_report['component_location'] = uri
component_report['total_vulnerabilities'] = len(details)
component_report['details'] = list()
for detail in details:
detail_report = dict()
identifiers = detail['identifiers']
summary = identifiers.get('summary', "None")
severity = identifiers.get('severity', "None")
_cve = identifiers.get('CVE', ["None"])
cve = _cve[0]
logger.info('%sSummary:%s %s' % (green, end, summary))
logger.info('Severity: %s' % severity)
logger.info('CVE: %s' % cve)
detail_report['summary'] = summary
detail_report['severity'] = severity
detail_report['cve'] = cve
component_report['details'].append(detail_report)
logger.red_line()
print("\n{}\n".format(component_report))
vulnerable_component.append(component_report)
return vulnerable_component
def retireJs(url, response):
scripts = js_extractor(response)
for script in scripts:
if script not in getVar('checkedScripts'):
updateVar('checkedScripts', script, 'add')
uri = handle_anchor(url, script)
response = requester(uri, '', getVar('headers'), True,
getVar('delay'), getVar('timeout')).text
result = main_scanner(uri, response)
if result:
logger.red_line()
logger.good('Vulnerable component: ' + result['component'] +
' v' + result['version'])
logger.info('Component location: %s' % uri)
details = result['vulnerabilities']
logger.info('Total vulnerabilities: %i' % len(details))
for detail in details:
logger.info('%sSummary:%s %s' %
(green, end, detail['identifiers']['summary']))
logger.info('Severity: %s' % detail['severity'])
logger.info('CVE: %s' % detail['identifiers']['CVE'][0])
logger.red_line()
import core.config
from core.requester import requester
from core.utils import loader, updateVar, var
from core.colors import red, white, end, green, info, good, bad, run, red_line
print('''%s
.
` . . . . `
` . . %sStriker%s . . `
` .` . . `. `
` . ` . ` . `
` . `
%s''' % (red, white, red, end))
print('%s Running component level check' % run)
print('%s Starting engine' % run)
updateVar('path', sys.path[0])
updateVar('checkedScripts', set())
loader()
from core.photon import photon
from modules.whatcms import whatcms
from modules.portscanner import portscanner
from modules.findsubdomains import findsubdomains
from modules.security_trails import security_trails
print('%s Turning on radar' % run)
dataset = {}
source_1 = findsubdomains(sys.argv[1])
try:
source_2 = security_trails(sys.argv[1])
except AttributeError: