def _rm_file(self): ''' Stop the server, remove the file from the webroot. ''' # Remove the file filename = self._rfi_url.getFileName() os.remove(os.path.join(get_home_dir(), 'webroot', filename))
def _local_test_inclusion(self, freq): ''' Check for RFI using a local web server @param freq: A fuzzableRequest object @return: None, everything is saved to the kb ''' # # The listen address is an empty string when I have no default route # # Only work if: # - The listen address is private and the target address is private # - The listen address is public and the target address is public # if self._listen_address == '': return is_listen_priv = is_private_site(self._listen_address) is_target_priv = is_private_site(freq.getURL().getDomain()) if (is_listen_priv and is_target_priv) or \ not (is_listen_priv or is_target_priv): om.out.debug('RFI test using local web server for URL: ' + freq.getURL()) om.out.debug('w3af is running a webserver') try: # Create file for remote inclusion self._create_file() # Start web server webroot = os.path.join(get_home_dir(), 'webroot') webserver.start_webserver(self._listen_address, self._listen_port, webroot) # Perform the real work self._test_inclusion(freq) except Exception, e: msg = 'An error occurred while running local webserver: "%s"' % str( e) om.out.error(msg) finally:
def _create_file(self): ''' Create random name file php with random php content. To be used in the remote file inclusion test. ''' # First, generate the php file to be included. rand1 = createRandAlNum(9) rand2 = createRandAlNum(9) filename = createRandAlNum() php_code = '<? \n echo "%s";\n echo "%s";\n ?>' % (rand1, rand2) # Write the php to the webroot file_handler = open(os.path.join(get_home_dir(), 'webroot', filename), 'w') file_handler.write(php_code) file_handler.close() # Define the required parameters netloc = self._listen_address +':' + str(self._listen_port) path = '/'+filename self._rfi_url = url_object.from_parts('http', netloc, path, None, None, None) self._rfi_result = rand1 + rand2
def _local_test_inclusion(self, freq): ''' Check for RFI using a local web server @param freq: A fuzzableRequest object @return: None, everything is saved to the kb ''' # # The listen address is an empty string when I have no default route # # Only work if: # - The listen address is private and the target address is private # - The listen address is public and the target address is public # if self._listen_address == '': return is_listen_priv = is_private_site(self._listen_address) is_target_priv = is_private_site(freq.getURL().getDomain()) if (is_listen_priv and is_target_priv) or \ not (is_listen_priv or is_target_priv): om.out.debug('RFI test using local web server for URL: ' + freq.getURL()) om.out.debug('w3af is running a webserver') try: # Create file for remote inclusion self._create_file() # Start web server webroot = os.path.join(get_home_dir(), 'webroot') webserver.start_webserver(self._listen_address, self._listen_port, webroot) # Perform the real work self._test_inclusion(freq) except Exception,e: msg = 'An error occurred while running local webserver: "%s"' % str(e) om.out.error( msg ) finally:
def _create_file(self): ''' Create random name file php with random php content. To be used in the remote file inclusion test. ''' # First, generate the php file to be included. rand1 = createRandAlNum(9) rand2 = createRandAlNum(9) filename = createRandAlNum() php_code = '<? \n echo "%s";\n echo "%s";\n ?>' % (rand1, rand2) # Write the php to the webroot file_handler = open(os.path.join(get_home_dir(), 'webroot', filename), 'w') file_handler.write(php_code) file_handler.close() # Define the required parameters netloc = self._listen_address + ':' + str(self._listen_port) path = '/' + filename self._rfi_url = url_object.from_parts('http', netloc, path, None, None, None) self._rfi_result = rand1 + rand2