def printResults(self):
"""
Print every result
"""
if len(self.results) == 0:
print "\n[+] " + colored.yellow("RESULT:") + " No XSS Found :("
else:
print "\n[+] " + colored.green(
"RESULT:") + " Found XSS Injection points in " + colored.green(
"%s" % len(self.results)) + " targets"
for r in self.results:
r.printResult()
# Print javascript analysis
if self.getOption("dom") and len(self.javascript) == 0:
print "\n[+] " + colored.yellow("RESULT:") + " No DOM XSS Found :("
if len(self.wl_javascript) != 0:
for wlj in self.wl_javascript:
print " |- Found a whitelisted javascript: %s" % wlj[
"description"]
elif self.getOption("dom"):
print "\n[+] " + colored.green(
"RESULT:") + " Found possible dom xss in " + colored.green(
"%s" % len(self.javascript)) + " javascripts"
if len(self.wl_javascript) != 0:
for wlj in self.wl_javascript:
print " |- Found a whitelisted javascript: %s" % wlj[
"description"]
for js in self.javascript:
js.printResult()
def printResults(self):
"""
Print every result
"""
if len(self.results) == 0:
print "\n[+] " + colored.yellow("RESULT:") + " No XSS Found :("
else:
print "\n[+] " + colored.green("RESULT:") + " Found XSS Injection points in " + colored.green("%s" % len(self.results)) + " targets"
for r in self.results:
r.printResult()
# Print javascript analysis
if self.getOption("dom") and len(self.javascript) == 0:
print "\n[+] " + colored.yellow("RESULT:") + " No DOM XSS Found :("
if len(self.wl_javascript) != 0:
for wlj in self.wl_javascript:
print " |- Found a whitelisted javascript: %s" % wlj["description"]
elif self.getOption("dom"):
print "\n[+] " + colored.green("RESULT:") + " Found possible dom xss in " + colored.green("%s" % len(self.javascript)) + " javascripts"
if len(self.wl_javascript) != 0:
for wlj in self.wl_javascript:
print " |- Found a whitelisted javascript: %s" % wlj["description"]
for js in self.javascript:
js.printResult()
def _crawlForms(self):
print "\n[+] Crawling for forms..."
queue = self._getTargetsQueue()
crawlers = []
for i in range(min(self.getOption('threads'), len(self.targets))):
c = Crawler(self, queue, crawl_forms=True)
c.setDaemon(True)
crawlers.append(c)
c.start()
# Little hack to kill threads on SIGINT
while True:
try:
if queue.empty() is True:
break
sys.stderr.write("\r |- Remaining targets: %s " %
queue.qsize())
sys.stderr.flush()
except KeyboardInterrupt:
print "\n |- " + colored.yellow(
"INTERRUPT!") + " Killing threads..."
queue = Queue.Queue()
break
queue.join()
# Harvest results
results = []
errors = {}
for c in crawlers:
# results
for r in c.results:
results.append(r)
# errors
for ek, ev in c.errors.iteritems():
if errors.has_key(ek):
errors[ek] += ev
else:
errors[ek] = ev
results = set(results)
if errors:
print " |--[+] " + colored.red("CRAWL ERRORS!")
for ek, ev in errors.iteritems():
print " | |- %sx: %s" % (len(ev), ek)
if len(results) > 0:
print " |- " + colored.green(
"SUCCESS: ") + "Found %s unique forms." % len(results)
else:
print " |- " + colored.yellow("WARNING: ") + "No forms found."
# Add targets
for t in results:
self.targets.append(t)
def _crawlTarget(self):
print "\n[+] Crawling links..."
# Build a queue and start crawlers
queue = self._getTargetsQueue()
crawlers = []
for i in range(min(self.getOption('threads'), len(self.targets))):
c = Crawler(self, queue, crawl_links=True)
c.setDaemon(True)
crawlers.append(c)
c.start()
# Little hack to kill threads on SIGINT
while True:
try:
if queue.empty() is True:
break
#x sys.stdout.write("\r Remaining targets: %s" % queue.qsize())
#sys.stdout.flush()
except KeyboardInterrupt:
print"\n |- " + colored.yellow("INTERRUPT!") + " Killing threads..."
queue = Queue.Queue()
break
queue.join()
# Harvest results
results = []
errors = {}
for c in crawlers:
# results
for r in c.results:
results.append(r)
# errors
for ek, ev in c.errors.iteritems():
if errors.has_key(ek):
errors[ek] += ev
else:
errors[ek] = ev
results = set(results)
if errors:
print " |--[+] " + colored.red("CRAWL ERRORS!")
for ek, ev in errors.iteritems():
print " | |- %sx: %s" % (len(ev), ek)
if len(results) > 0:
print " |- " + colored.green("SUCCESS: ") + "Found %s unique targets." % len(results)
else:
print " |- " + colored.yellow("WARNING: ") + "No new targets found."
# Add targets
for t in results:
self.targets.append(t)
def _scanDOMTargets(self):
print "\n[+] Start DOM scanning (%s threads)" % self.getOption(
'threads')
threads = []
queue = self._getTargetsQueue()
for i in range(min(self.getOption('threads'), len(self.targets))):
t = DOMScanner(self, queue)
t.setDaemon(True)
threads.append(t)
t.start()
# Little hack to kill threads on SIGINT
while True:
try:
if queue.empty() is True:
break
sys.stderr.write("\r |- Remaining urls: %s " % queue.qsize())
sys.stderr.flush()
except KeyboardInterrupt:
print "\r |- " + colored.yellow(
"INTERRUPT!") + " Killing threads..."
queue = Queue.Queue()
break
queue.join()
# Harvest results
wl_javascript = []
javascript = []
errors = {}
for t in threads:
for r in t.javascript:
javascript.append(r)
for wlj in t.whitelisted_js:
wl_javascript.append(wlj)
# errors
for ek, ev in t.errors.iteritems():
if errors.has_key(ek):
errors[ek] += ev
else:
errors[ek] = ev
# Add results to engine
for r in javascript:
if len(r.sources) > 0 | len(r.sinks) > 0:
self.javascript.append(r)
for wlj in wl_javascript:
self.wl_javascript.append(wlj)
if errors:
print " |--[+] " + colored.red("SCAN ERRORS!")
for ek, ev in errors.iteritems():
print " | |- %sx: %s" % (len(ev), ek)
def _scanDOMTargets(self):
print "\n[+] Start DOM scanning (%s threads)" % self.getOption('threads')
threads = []
queue = self._getTargetsQueue()
for i in range(min(self.getOption('threads'), len(self.targets))):
t = DOMScanner(self, queue)
t.setDaemon(True)
threads.append(t)
t.start()
# Little hack to kill threads on SIGINT
while True:
try:
if queue.empty() is True:
break
sys.stderr.write("\r |- Remaining urls: %s " % queue.qsize())
sys.stderr.flush()
except KeyboardInterrupt:
print "\r |- " + colored.yellow("INTERRUPT!") + " Killing threads..."
queue = Queue.Queue()
break
queue.join()
# Harvest results
wl_javascript = []
javascript = []
errors = {}
for t in threads:
for r in t.javascript:
javascript.append(r)
for wlj in t.whitelisted_js:
wl_javascript.append(wlj)
# errors
for ek, ev in t.errors.iteritems():
if errors.has_key(ek):
errors[ek] += ev
else:
errors[ek] = ev
# Add results to engine
for r in javascript:
if len(r.sources) > 0 | len(r.sinks) > 0:
self.javascript.append(r)
for wlj in wl_javascript:
self.wl_javascript.append(wlj)
if errors:
print " |--[+] " + colored.red("SCAN ERRORS!")
for ek, ev in errors.iteritems():
print " | |- %sx: %s" % (len(ev), ek)
