def _classic_worker(self, gh, search): # Init some variables google_se = google(self._urlOpener) google_list = google_se.getNResults( search, 9 ) for result in google_list: # I found a vuln in the site! response = self._urlOpener.GET(result.URL, useCache=True ) if not is_404( response ): v = vuln.vuln() v.setPluginName(self.getName()) v.setURL( response.getURL() ) v.setMethod( 'GET' ) v.setName( 'Google hack database vulnerability' ) v.setSeverity(severity.MEDIUM) msg = 'ghdb plugin found a vulnerability at URL: ' + result.URL msg += ' . Vulnerability description: ' + gh.desc v.setDesc( msg ) v.setId( response.id ) kb.kb.append( self, 'vuln', v ) om.out.vulnerability( v.getDesc(), severity=severity.MEDIUM ) # Create the fuzzable requests self._fuzzableRequests.extend( self._createFuzzableRequests( response ) )
def discover(self, fuzzableRequest ): ''' @parameter fuzzableRequest: A fuzzableRequest instance that contains (among other things) the URL to test. ''' if not self._run: # This will remove the plugin from the discovery plugins to be runned. raise w3afRunOnce() else: # I will only run this one time. All calls to googleSpider return the same url's self._run = False google_se = google(self._urlOpener) domain = fuzzableRequest.getURL().getDomain() if is_private_site( domain ): msg = 'There is no point in searching google for "site:'+ domain + '".' msg += ' Google doesnt index private pages.' raise w3afException( msg ) try: results = google_se.getNResults('site:'+ domain, self._result_limit) except w3afException, w3: om.out.error(str(w3)) # If I found an error, I don't want to be run again raise w3afRunOnce() else:
def discover(self, fuzzableRequest ): ''' @parameter fuzzableRequest: A fuzzableRequest instance that contains (among other things) the URL to test. ''' if not self._run: # This will remove the plugin from the discovery plugins to be run. raise w3afRunOnce() else: # This plugin will only run one time. self._run = False self._google = google(self._uri_opener) self._domain = domain = fuzzableRequest.getURL().getDomain() self._domain_root = fuzzableRequest.getURL().getRootDomain() if self._fast_search: self._do_fast_search(domain) else: self._do_complete_search(domain) self.printUniq(kb.kb.getData('fingerGoogle', 'mails'), None) return []