def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Stream edition expressions' h1 = 'Stream edition expressions are strings that tell the sed plugin what to change.' h1 += ' Sed plugin uses regular expressions, some examples: \n - qh/User/NotLuser/ ;' h1 += ' This will make sed search in the the re[q]uest [h]eader for the string User' h1 += ' and replace it with NotLuser.\n - sb/[fF]orm/form ; This will make sed search' h1 += ' in the re[s]ponse [b]ody for the strings form or Form and replace it with form.' h1 += ' Multiple expressions can be specified separated by commas.' o1 = option('expressions', self._expressions, d1, 'list', help=h1) d2 = 'Fix the content length header after mangling' o2 = option('fixContentLen', self._user_option_fix_content_len, d2, 'boolean') d3 = 'Plugin execution priority' h3 = 'Mangle plugins are ordered using the priority parameter' o3 = option('priority', self._priority, d3, 'integer', help=h3) ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'IP address that the webserver will use to receive requests' h1 = 'w3af runs a webserver to serve the files to the target web app' h1 += ' when doing remote file inclusions. This setting configures on what IP address the' h1 += ' webserver is going to listen.' o1 = option('listenAddress', self._listen_address, d1, 'string', help=h1) d2 = 'Port that the webserver will use to receive requests' h2 = 'w3af runs a webserver to serve the files to the target web app' h2 += ' when doing remote file inclusions. This setting configures on what IP address' h2 += ' the webserver is going to listen.' o2 = option('listenPort', self._listen_port, d2, 'integer', help=h2) d3 = 'Instead of including a file in a local webserver; include the result of' d3 += ' exploiting a XSS bug.' o3 = option('useXssBug', self._use_XSS_vuln, d3, 'boolean') d4 = 'If true, this plugin will try to generate only one shell object.' o4 = option('generateOnlyOne', self._generateOnlyOne, d4, 'boolean') ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) ol.add(o4) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ d1 = "URL to exploit with fastExploit()" o1 = option("url", self._url, d1, "string") d2 = "Method to use with fastExploit()" o2 = option("method", self._method, d2, "string") d3 = "Data to send with fastExploit()" o3 = option("data", self._data, d3, "string") d4 = "The variable in data that holds the file content. Only used in fastExploit()" o4 = option("fileVars", self._fileVars, d4, "string") d5 = "The URI of the uploaded file. Only used with fastExploit()" o5 = option("fileDest", self._fileDest, d5, "string") ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) ol.add(o4) ol.add(o5) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'URL to exploit with fastExploit()' o1 = option('url', self._url, d1, 'string') d2 = 'Method to use with fastExploit()' o2 = option('method', self._method, d2, 'string') d3 = 'Data to send with fastExploit()' o3 = option('data', self._data, d3, 'string') d4 = 'The variable in data that holds the file content. Only used in fastExploit()' o4 = option('fileVars', self._fileVars, d4, 'string') d5 = 'The URI of the uploaded file. Only used with fastExploit()' o5 = option('fileDest', self._fileDest, d5, 'string') ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) ol.add(o4) ol.add(o5) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Wordlist to use in the manifest file name bruteforcing process.' o1 = option('wordlist', self._wordlist , d1, 'string') d2 = 'File extensions to use when brute forcing Gears Manifest files' o2 = option('manifestExtensions', self._extensions, d2, 'list') ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'IP address that the spiderMan proxy will use to receive requests' o1 = option('listenAddress', self._listenAddress, d1, 'string') d2 = 'Port that the spiderMan HTTP proxy server will use to receive requests' o2 = option('listenPort', self._listenPort, d2, 'integer') ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ d1 = "IP address that the spiderMan proxy will use to receive requests" o1 = option("listenAddress", self._listenAddress, d1, "string") d2 = "Port that the spiderMan HTTP proxy server will use to receive requests" o2 = option("listenPort", self._listenPort, d2, "integer") ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ d1 = "URL to exploit with fastExploit()" o1 = option("url", self._url, d1, "string") d2 = "Exploit only one vulnerability." o2 = option("generateOnlyOne", self._generateOnlyOne, d2, "boolean") ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ d1 = "Wordlist to use in the manifest file name bruteforcing process." o1 = option("wordlist", self._wordlist, d1, "string") d2 = "File extensions to use when brute forcing Gears Manifest files" o2 = option("manifestExtensions", self._extensions, d2, "list") ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'URL to exploit with fastExploit()' o1 = option('url', self._url, d1, 'string') d2 = 'Exploit only one vulnerability.' o2 = option('generateOnlyOne', self._generateOnlyOne, d2, 'boolean') ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions(self): ''' @return: A list of option objects for this plugin. ''' ol = optionList() d1 = 'Destination http port number to analize' o1 = option('httpPort', self._http_port, d1, option.INT, help=d1) ol.add(o1) d2 = 'Destination httpS port number to analize' o2 = option('httpsPort', self._https_port, d2, option.INT, help=d2) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Try to identify the remote operating system based on the remote users' o1 = option('identifyOS', self._identify_OS, d1, 'boolean') d2 = 'Try to identify applications installed remotely using the available users' o2 = option('identifyApplications', self._identify_applications, d2, 'boolean') ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'File name where this plugin will write to' o1 = option('fileName', self._file_name, d1, 'string') d3 = 'True if debug information will be appended to the report.' o3 = option('verbose', self._verbose, d3, 'boolean') ol = optionList() ol.add(o1) ol.add(o3) return ol
def getOptions(self): ol = optionList() d = 'SMTP server ADDRESS to send notifications through, e.g. smtp.yourdomain.com' o = option('smtpServer', self.smtpServer, d, 'string') ol.add(o) d = 'SMTP server PORT' o = option('smtpPort', self.smtpPort, d, 'integer') ol.add(o) d = 'Recipient email address' o = option('toAddrs', self.toAddrs, d, 'list') ol.add(o) d = '"From" email address' o = option('fromAddr', self.fromAddr, d, 'string') ol.add(o) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'CGI-BIN dirs where to search for vulnerable scripts.' h1 = 'Pykto will search for vulnerable scripts in many places, one of them is inside' h1 += ' cgi-bin directory. The cgi-bin directory can be anything and change from install' h1 += ' to install, so its a good idea to make this a user setting. The directories should' h1 += ' be supplied comma separated and with a / at the beggining and one at the end.' h1 += ' Example: "/cgi/,/cgibin/,/bin/"' o1 = option('cgiDirs', self._cgi_dirs , d1, 'list', help=h1) d2 = 'Admin directories where to search for vulnerable scripts.' h2 = 'Pykto will search for vulnerable scripts in many places, one of them is inside' h2 += ' administration directories. The admin directory can be anything and change' h2 += ' from install to install, so its a good idea to make this a user setting. The' h2 += ' directories should be supplied comma separated and with a / at the beggining and' h2 += ' one at the end. Example: "/admin/,/adm/"' o2 = option('adminDirs', self._admin_dirs, d2, 'list', help=h2) d3 = 'PostNuke directories where to search for vulnerable scripts.' h3 = 'The directories should be supplied comma separated and with a / at the' h3 += ' beggining and one at the end. Example: "/forum/,/nuke/"' o3 = option('nukeDirs', self._nuke, d3, 'list', help=h3) d4 = 'The path to the nikto scan_databse.db file.' h4 = 'The default scan database file is ok in most cases.' o4 = option('dbFile', self._db_file, d4, 'string', help=h4) d5 = 'Test all files with all root directories' h5 = 'Define if we will test all files with all root directories.' o5 = option('mutateTests', self._mutate_tests, d5, 'boolean', help=h5) d6 = 'Verify that pykto is using the latest scan_database from cirt.net.' o6 = option('updateScandb', self._update_scandb, d6, 'boolean') d7 = 'If generic scan is enabled all tests are sent to the remote server without' d7 += ' checking the server type.' h7 = 'Pykto will send all tests to the server if generic Scan is enabled. For example,' h7 += ' if a test in the database is marked as "apache" and the remote server reported' h7 += ' "iis" then the test is sent anyway.' o7 = option('genericScan', self._generic_scan, d7, 'boolean', help=h7) d8 = 'The path to the w3af_scan_databse.db file.' h8 = 'This is a file which has some extra checks for files that are not present in the' h8 += ' nikto database.' o8 = option('extra_db_file', self._extra_db_file, d8, 'string', help=h8) ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) ol.add(o4) ol.add(o8) # Intentionally out of order ol.add(o5) ol.add(o6) ol.add(o7) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'The path to the phishtank database file.' o1 = option('dbFile', self._phishtank_DB, d1, 'string') d2 = 'Update the local phishtank database.' h2 = 'If True, the plugin will download the phishtank database' h2 += ' from http://www.phishtank.com/ .' o2 = option('updateDB', self._update_DB, d2, 'boolean', help=h2) ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d2 = 'Fetch the first "resultLimit" results from the Google search' o2 = option('resultLimit', self._result_limit, d2, 'integer') d3 = 'Do a fast search, when this feature is enabled, not all mail addresses are found' h3 = 'This method is faster, because it only searches for emails in the small page ' h3 += 'snippet that google shows to the user after performing a common search.' o3 = option('fastSearch', self._fast_search, d3, 'boolean', help=h3) ol = optionList() ol.add(o2) ol.add(o3) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ d1 = "A comma separated list of URLs" o1 = option("target", ",".join(cf.cf.getData("targets")), d1, "list") d2 = "Target operating system (" + "/".join(self._operatingSystems) + ")" h2 = "This setting is here to enhance w3af performance." # This list "hack" has to be done becase the default value is the one # in the first position on the list tmpList = self._operatingSystems[:] tmpList.remove(cf.cf.getData("targetOS")) tmpList.insert(0, cf.cf.getData("targetOS")) o2 = comboOption("targetOS", tmpList, d2, "combo", help=h2) d3 = "Target programming framework (" + "/".join(self._programmingFrameworks) + ")" h3 = "This setting is here to enhance w3af performance." # This list "hack" has to be done becase the default value is the one # in the first position on the list tmpList = self._programmingFrameworks[:] tmpList.remove(cf.cf.getData("targetFramework")) tmpList.insert(0, cf.cf.getData("targetFramework")) o3 = comboOption("targetFramework", tmpList, d3, "combo", help=h3) ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'A comma separated list of URLs' o1 = option('target', ','.join(str(tar) for tar in cf.cf.getData('targets')), d1, 'list') d2 = 'Target operating system ('+ '/'.join(self._operatingSystems) +')' h2 = 'This setting is here to enhance w3af performance.' # This list "hack" has to be done becase the default value is the one # in the first position on the list tmpList = self._operatingSystems[:] tmpList.remove( cf.cf.getData('targetOS') ) tmpList.insert(0, cf.cf.getData('targetOS') ) o2 = comboOption('targetOS', tmpList, d2, 'combo', help=h2) d3 = 'Target programming framework ('+ '/'.join(self._programmingFrameworks) +')' h3 = 'This setting is here to enhance w3af performance.' # This list "hack" has to be done becase the default value is the one # in the first position on the list tmpList = self._programmingFrameworks[:] tmpList.remove( cf.cf.getData('targetFramework') ) tmpList.insert(0, cf.cf.getData('targetFramework') ) o3 = comboOption('targetFramework', tmpList, d3, 'combo', help=h3) ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) return ol
def getOptions(self): ''' @return: A list of option objects for this plugin. ''' d1 = 'Use simple grep mechanism' h1 = 'Plugin will simply grep responses for risky JavaScript code' o1 = option('simpleGrep', self._useSimpleGrep, d1, 'boolean', help=h1) d2 = 'Use smart grep mechanism' h2 = 'Plugin will use grep templates depended on context to find risky JavaScript code in responses' o2 = option('smartGrep', self._useSmartGrep, d2, 'boolean', help=h2) ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Wordlist to use in directory bruteforcing process.' o1 = option('wordlist', self._dir_list , d1, 'string') d2 = 'If set to True, this plugin will bruteforce all directories, not only the root' d2 += ' directory.' o2 = option('be_recursive', self._be_recursive , d2, 'boolean') ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ d1 = "Apply URL fuzzing to all URLs, including images, videos, zip, etc." h1 = "It's safe to leave this option as the default." o1 = option("fuzzImages", self._fuzz_images, d1, "boolean", help=h1) d2 = "Set the top number of sections to fuzz" h2 = "It's safe to leave this option as the default. For example, with maxDigitSections" h2 += " = 1, this string wont be fuzzed: abc123def234 ; but this one will abc23ldd." o2 = option("maxDigitSections", self._max_digit_sections, d2, "integer", help=h2) ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Execute plugin only one time' h1 = 'Generally the methods allowed for a URL are \ configured system wide, so executing this plugin only one \ time is the faster choice. The safest choice is to run it against every URL.' o1 = option('execOneTime', self._exec_one_time, d1, 'boolean', help=h1) d2 = 'Only report findings if uncommon methods are found' o2 = option('reportDavOnly', self._report_dav_only, d2, 'boolean') ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ ol = optionList() d = "Set minimal amount of days before expiration of the certificate for alerting" h = "If the certificate will expire in period of minExpireDays w3af will show alert about it" o = option("minExpireDays", self._min_expire_days, d, "integer", help=h) ol.add(o) d = "Set minimal amount of days before expiration of the certificate for alerting" h = "CA PEM file path" o = option("caFileName", self._ca_file, d, "string", help=h) ol.add(o) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'This is the location that the zombies will connect to (do not include the' d1 += ' hook directory)' h1 = 'This is configuration is directly passed to beEF XSS exploitation framework.' o1 = option('beefURL', self._beefURL, d1, 'string', help=h1) d2 = 'The configuration password for beef.' h2 = 'This configuration parameter is needed to change the configuration of beEF.' o2 = option('beefPasswd', self._beefPasswd, d2, 'string', help=h2) ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Apply URL fuzzing to all URLs, including images, videos, zip, etc.' h1 = 'It\'s safe to leave this option as the default.' o1 = option('fuzzImages', self._fuzz_images, d1, 'boolean', help=h1) d2 = 'Set the top number of sections to fuzz' h2 = 'It\'s safe to leave this option as the default. For example, with maxDigitSections' h2 += ' = 1, this string wont be fuzzed: abc123def234 ; but this one will abc23ldd.' o2 = option('maxDigitSections', self._max_digit_sections, d2, 'integer', help=h2) ol = optionList() ol.add(o1) ol.add(o2) return ol
def _getOptionObjects(self): ''' @return: A list of options for this question. ''' d1 = 'Target URL' o1 = option('target','', d1, 'list') o2 = option('targetOS','unknown', d1, 'string') o3 = option('targetFramework','unknown', d1, 'string') ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Users file to use in bruteforcing' o1 = option('usersFile', self._usersFile, d1, 'string') d2 = 'Passwords file to use in bruteforcing' o2 = option('passwdFile', self._passwdFile, d2, 'string') d3 = 'This indicates if we will use usernames from emails collected by w3af plugins in bruteforce.' o3 = option('useMailUsers', self._useMailUsers, d3, 'boolean') d4 = 'This indicates if we will use usernames from SVN headers collected by w3af plugins in bruteforce.' o4 = option('useSvnUsers', self._useSvnUsers, d4, 'boolean') d5 = 'This indicates if the bruteforce should stop after finding the first correct user and password.' o5 = option('stopOnFirst', self._stopOnFirst, d5, 'boolean') d6 = 'This indicates if the bruteforce should try password equal user in logins.' o6 = option('passEqUser', self._passEqUser, d6, 'boolean') d7 = 'This indicates if the bruteforce should try l337 passwords' o7 = option('useLeetPasswd', self._l337_p4sswd, d7, 'boolean') d8 = 'This indicates if the bruteforcer should use emails collected by w3af plugins as users.' o8 = option('useMails', self._useMails, d8, 'boolean') d9 = 'This indicates if the bruteforce should use password profiling to collect new passwords.' o9 = option('useProfiling', self._useProfiling, d9, 'boolean') d10 = 'This indicates how many passwords from profiling will be used.' o10 = option('profilingNumber', self._profilingNumber, d10, 'integer') ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) ol.add(o4) ol.add(o5) ol.add(o6) ol.add(o7) ol.add(o8) ol.add(o9) ol.add(o10) return ol
def getOptions(self): """ @return: A list of option objects for this plugin. """ d1 = "Users file to use in bruteforcing" o1 = option("usersFile", self._usersFile, d1, "string") d2 = "Passwords file to use in bruteforcing" o2 = option("passwdFile", self._passwdFile, d2, "string") d3 = "This indicates if we will use usernames from emails collected by w3af plugins in bruteforce." o3 = option("useMailUsers", self._useMailUsers, d3, "boolean") d4 = "This indicates if we will use usernames from SVN headers collected by w3af plugins in bruteforce." o4 = option("useSvnUsers", self._useSvnUsers, d4, "boolean") d5 = "This indicates if the bruteforce should stop after finding the first correct user and password." o5 = option("stopOnFirst", self._stopOnFirst, d5, "boolean") d6 = "This indicates if the bruteforce should try password equal user in logins." o6 = option("passEqUser", self._passEqUser, d6, "boolean") d7 = "This indicates if the bruteforce should try l337 passwords" o7 = option("useLeetPasswd", self._l337_p4sswd, d7, "boolean") d8 = "This indicates if the bruteforcer should use emails collected by w3af plugins as users." o8 = option("useMails", self._useMails, d8, "boolean") d9 = "This indicates if the bruteforce should use password profiling to collect new passwords." o9 = option("useProfiling", self._useProfiling, d9, "boolean") d10 = "This indicates how many passwords from profiling will be used." o10 = option("profilingNumber", self._profilingNumber, d10, "integer") ol = optionList() ol.add(o1) ol.add(o2) ol.add(o3) ol.add(o4) ol.add(o5) ol.add(o6) ol.add(o7) ol.add(o8) ol.add(o9) ol.add(o10) return ol
def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' d1 = 'Use time delay (sleep() implementations)' h1 = 'If set to True, w3af will checks insecure eval() usage by analyzing' h1 += ' of time delay result of script execution.' o1 = option('useTimeDelay', self._use_time_delay, d1, 'boolean', help=h1) d2 = 'Use echo implementations' h2 = 'If set to True, w3af will checks insecure eval() usage by grepping' h2 += ' result of script execution for test strings.' o2 = option('useEcho', self._use_echo, d2, 'boolean', help=h2) ol = optionList() ol.add(o1) ol.add(o2) return ol
def getOptions(self): ''' @return: A list of option objects for this plugin. ''' d1 = 'The algorithm to use in the comparison of true and false response for blind sql.' h1 = 'The options are: "stringEq" and "setIntersection". ' h1 += 'Read the long description for details.' o1 = option('Hierarchical clustering level', self._level, d1, 'integer', help=h1) ol = optionList() ol.add(o1) return ol