def print_banner(): print ConsoleOutputBeautifier.getColor("green"), \ "=" * 20, "HTML source code Analyzer", "=" * 20, "\n", \ " https://github.com/bl4de | https://twitter.com/_bl4de \n" \ " https://hackerone.com/bl4de | [email protected] ", \ "\n\n", \ ConsoleOutputBeautifier.getSpecialChar("endline")
def show_stats(_file, i, _ident, _fw): """showing summary stats about HTML file""" print ConsoleOutputBeautifier.getColor( "green"), "\n------ SUMMARY -------\n" print "total lines of code: %d" % (i) print "identified CMS: %s" % (_ident) print "identified framework: %s" % ( _fw), ConsoleOutputBeautifier.getSpecialChar("endline") # end of summary print "\n"
def detect_javascript(_line, i): """detects inline JavaScript occurences, as a script or event handler inside HTML tag""" if "<script" in _line.lower() and "src" not in _line.lower(): print_output_line(i, ConsoleOutputBeautifier.getColor("green"), "inline <SCRIPT> tag found at line %d", i, "SCRIPT") if "javascript:" in _line.lower(): print_output_line(i, ConsoleOutputBeautifier.getColor("cyan"), "INLINE JavaScript event handler found at line %d", i, "JAVASCRIPT")
def detect_comments(_line, i): """detects comments""" if '<!--' in _line.lstrip(): if "\"/" in _line: print_output_line(i, ConsoleOutputBeautifier.getColor("red"), "COMMENTED PATH found at line %d: %s", (i, _line.lstrip().rstrip()), "COMMENT") else: print_output_line(i, ConsoleOutputBeautifier.getColor("yellow"), "COMMENT found at line %d: %s", (i, _line.lstrip().rstrip()), "COMMENT")
def detect_external_resources(_line, i): """detects external resources like imgs, iframes, scripts""" if "src" in _line: if "<img" in _line: print_output_line(i, ConsoleOutputBeautifier.getColor("cyan"), "PATH to external resource image " " file found in %d: %s %s", get_line(_line, i, 120), "RESOURCES") if "<iframe" in _line: print_output_line(i, ConsoleOutputBeautifier.getColor("cyan"), "IFRAME path found in %d: %s %s", get_line(_line, i, 120), "RESOURCES") if "<script" in _line: print_output_line(i, ConsoleOutputBeautifier.getColor("cyan"), "external SCRIPT path found in %d: %s %s", get_line(_line, i, 120), "RESOURCES")
def print_output_line(i, col, msg, msg_args, type="DEFAULT"): """printing line of output""" msg = "{} line {}: {} {}".format( ConsoleOutputBeautifier.getColor("white"), i, col, str(msg % msg_args) ) print msg
def detect_ajax_calls(_line, i): ajax_calls = ['$.ajax', '$.getJSON', '$http.'] for call in ajax_calls: if call in _line: print_output_line( i, ConsoleOutputBeautifier.getColor("red"), "AJAX CALL (possible REST endpoint revealed) at line %d: %s %s", get_line(_line, i, 120), "AJAX/REST CALL")
def detect_developer_comments(_line, i): """detection of comments left by developers""" developer_comments = [ 'bug', 'problem', 'issue', 'fix', 'ticket', 'bad', 'todo', 'inject', 'crash', 'trust', 'dev', 'temporary', 'remove' ] for developer_comment in developer_comments: if developer_comment in _line.lower(): print_output_line( i, ConsoleOutputBeautifier.getColor("yellow"), "probably developer(s) related comment string found at line %d: %s %s", get_line(_line, i, 120), "DOM BASED XSS")
def detect_dombased_xss(_line, i): """detection of DOM based XSS weaknesses""" dombased_calls = [ 'document.location', 'document.url', 'document.urlencoded', 'document.referrer', 'window.location', 'document.write(', 'document.writeln(' '.innerHTML', 'eval(', 'setInterval(', 'setTimeout(', 'Function(' ] for dombased_call in dombased_calls: if dombased_call in _line: print_output_line( i, ConsoleOutputBeautifier.getColor("red"), "POSSIBLE DOM BASED INJECTION POINT found at line %d: %s %s", get_line(_line, i, 120), "DOM BASED XSS")
def detect_debug(_line, i): """detects debug messages left by developers""" if "debug" in _line.lower(): print_output_line(i, ConsoleOutputBeautifier.getColor("red"), "DEBUG information found at line %d", i, "DEBUG")
def detect_admin_stuff(_line, i): """detects anything related to administration area""" if "admin" in _line.lower(): print_output_line(i, ConsoleOutputBeautifier.getColor("red"), "'admin' string found at line: %d", i, "ADMIN")
def get_line(_line, _line_number, _chars=80): """returns formatted line to print""" return (_line_number, ConsoleOutputBeautifier.getColor("grey"), '\n\t\t' + _line.lstrip().rstrip()[0:_chars])