def lookAtSessionID(url, sidName, regSession):
global sessions
handle = getContentDirectURL_GET(url,"")
if handle != None:
output = handle.read()
header = str(handle.info()).split('\n')
for h in header:
# extract date header information
if regDate.match(h):
out = regDate.search(h)
date = out.group(1)
# convert this date into the good GMT number
# ie time in seconds since 01/01/1970 00:00:00
gi = time.strptime(normalize_whitespace(date.replace('GMT','')), "%a, %d %b %Y %H:%M:%S")
gi = time.mktime(gi) - time.mktime(time.gmtime(0))
output = output.replace('\n','')
output = output.replace('\t','')
# print output[790:821]
output = stripNoneASCII(output)
if output.find(sidName) > 0:
if regSession.match(output):
out = regSession.search(output)
ssn = out.group(2)
if ssn != None:
if gi != None:
sessions[ssn] = gi
else:
sessions[ssn] = ''
def lookAtSessionID(url, sidName, regSession):
global sessions
handle = getContentDirectURL_GET(url, "")
if handle != None:
output = handle.read()
header = str(handle.info()).split('\n')
for h in header:
# extract date header information
if regDate.match(h):
out = regDate.search(h)
date = out.group(1)
# convert this date into the good GMT number
# ie time in seconds since 01/01/1970 00:00:00
gi = time.strptime(
normalize_whitespace(date.replace('GMT', '')),
"%a, %d %b %Y %H:%M:%S")
gi = time.mktime(gi) - time.mktime(time.gmtime(0))
output = output.replace('\n', '')
output = output.replace('\t', '')
# print output[790:821]
output = stripNoneASCII(output)
if output.find(sidName) > 0:
if regSession.match(output):
out = regSession.search(output)
ssn = out.group(2)
if ssn != None:
if gi != None:
sessions[ssn] = gi
else:
sessions[ssn] = ''
def process(urlGlobal, database, attack_list):
plop = open('results/xss_GrabberAttacks.xml','w')
plop.write("<xssAttacks>\n")
for u in database.keys():
if len(database[u]['GET']):
for gParam in database[u]['GET']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
if instance != "See Below":
handle = getContent_GET(u,gParam,instance)
if handle != None:
output = handle.read()
header = handle.info()
if detect_xss(str(instance),output):
# generate the info...
plop.write(generateOutput(u,gParam,instance,"GET",typeOfInjection))
# see the permutations
if len(database[u]['GET'].keys()) > 1:
print "inside if for get"
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
url = ""
for gParam in database[u]['GET']:
url += ("%s=%s&" % (gParam, single_urlencode(str(instance))))
handle = getContentDirectURL_GET(u,url)
if handle != None:
output = handle.read()
if detect_xss(str(instance),output):
# generate the info...
plop.write(generateOutputLong(u,url,"GET",typeOfInjection))
if len(database[u]['POST']):
print "Method = POST ", u
for gParam in database[u]['POST']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
if instance != "See Below":
handle = getContent_POST(u,gParam,instance)
if handle != None:
output = handle.read()
header = handle.info()
if detect_xss(str(instance),output):
# generate the info...
plop.write(generateOutput(u,gParam,instance,"POST",typeOfInjection))
# see the permutations
if len(database[u]['POST'].keys()) > 1:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
allParams = {}
for gParam in database[u]['POST']:
allParams[gParam] = str(instance)
handle = getContentDirectURL_POST(u,allParams)
if handle != None:
output = handle.read()
if detect_xss(str(instance), output):
# generate the info...
plop.write(generateOutputLong(u,url,"POST",typeOfInjection, allParams))
plop.write("\n</xssAttacks>\n")
plop.close()
return ""
def process(urlGlobal, database, attack_list):
plop = open('results/xss_GrabberAttacks.xml','w')
plop.write("<xssAttacks>\n")
for u in database.keys():
if len(database[u]['GET']):
print "Method = GET ", u
for gParam in database[u]['GET']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
if instance != "See Below":
handle = getContent_GET(u,gParam,instance)
if handle != None:
output = handle.read()
header = handle.info()
if detect_xss(str(instance),output):
# generate the info...
plop.write(generateOutput(u,gParam,instance,"GET",typeOfInjection))
# see the permutations
if len(database[u]['GET'].keys()) > 1:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
url = ""
for gParam in database[u]['GET']:
url += ("%s=%s&" % (gParam, single_urlencode(str(instance))))
handle = getContentDirectURL_GET(u,url)
if handle != None:
output = handle.read()
if detect_xss(str(instance),output):
# generate the info...
plop.write(generateOutputLong(u,url,"GET",typeOfInjection))
if len(database[u]['POST']):
print "Method = POST ", u
for gParam in database[u]['POST']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
if instance != "See Below":
handle = getContent_POST(u,gParam,instance)
if handle != None:
output = handle.read()
header = handle.info()
if detect_xss(str(instance),output):
# generate the info...
plop.write(generateOutput(u,gParam,instance,"POST",typeOfInjection))
# see the permutations
if len(database[u]['POST'].keys()) > 1:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
allParams = {}
for gParam in database[u]['POST']:
allParams[gParam] = str(instance)
handle = getContentDirectURL_POST(u,allParams)
if handle != None:
output = handle.read()
if detect_xss(str(instance), output):
# generate the info...
plop.write(generateOutputLong(u,url,"POST",typeOfInjection, allParams))
plop.write("\n</xssAttacks>\n")
plop.close()
return ""
def process(url, database, attack_list):
plop = open('results/backup_GrabberAttacks.xml', 'w')
plop.write("<backupFiles>\n")
for u in database.keys():
if allowed_inUrl(u):
for e in ext:
url1 = u + e
url2 = u + e.upper()
try:
if len(getContentDirectURL_GET(url1, '').read()) > 0:
plop.write(generateOutput(url1))
if len(getContentDirectURL_GET(url2, '').read()) > 0:
plop.write(generateOutput(url2))
except AttributeError:
continue
plop.write("\n</backupFiles>")
plop.close()
return ""
def process(url, database, attack_list):
plop = open('results/backup_GrabberAttacks.xml','w')
plop.write("<backupFiles>\n")
for u in database.keys():
if allowed_inUrl(u):
for e in ext:
url1 = u + e
url2 = u + e.upper()
try:
if len(getContentDirectURL_GET(url1,'').read()) > 0:
plop.write(generateOutput(url1))
if len(getContentDirectURL_GET(url2,'').read()) > 0:
plop.write(generateOutput(url2))
except AttributeError:
continue
plop.write("\n</backupFiles>")
plop.close()
return ""
def process(url, database, attack_list, txheaders):
appendToReport(url, "<div class='panel panel-info'><div class='panel-heading'><h3 class='panel-title'> <a data-toggle='collapse' data-target='#collapseSql' href='#collapseSql'>SQL Injection Attacks </a></h3></div>")
plop = open('results/sql_GrabberAttacks.xml','w')
plop.write("<sqlAttacks>\n")
appendToReport(url, '<div id="collapseSql" class="panel-collapse collapse in"><div class="panel-body">');
for u in database.keys():
appendToReport(u, "<h4><div class='label label-default'><a target='_balnk' href='"+ u +"'>"+ u +"</a></div></h4>")
if len(database[u]['GET']):
print "Method = GET ", u
for gParam in database[u]['GET']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
handle = getContent_GET(u,gParam,instance, txheaders)
if handle != None:
output = handle.read()
header = handle.info()
if detect_sql(output):
# generate the info...
plop.write(generateOutput(u,gParam,instance,"GET",typeOfInjection))
appendToReport(u, generateHTMLOutput(u, gParam, instance, "GET", typeOfInjection))
#see the permutations
if len(database[u]['GET'].keys()) > 1:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
url = ""
for gParam in database[u]['GET']:
url += ("%s=%s&" % (gParam, single_urlencode(str(instance))))
handle = getContentDirectURL_GET(u,url,txheaders)
if handle != None:
output = handle.read()
if detect_sql(output):
# generate the info...
plop.write(generateOutputLong(u,url,"GET",typeOfInjection))
appendToReport(u, generateHTMLOutput(u, "ALL", url, "GET", typeOfInjection))
if len(database[u]['POST']):
print "Method = POST ", u
for gParam in database[u]['POST']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
allParams = {}
for param in database[u]['POST']:
if param != gParam:
allParams[param] = 'abc'
allParams[gParam] = str(instance)
handle = getContentDirectURL_POST(u,allParams, txheaders)
if handle != None:
output = handle.read()
header = handle.info()
if detect_sql(output):
# generate the info...
plop.write(generateOutput(u,gParam,instance,"POST",typeOfInjection))
appendToReport(u, generateHTMLOutput(u, gParam, instance, "POST", typeOfInjection))
# see the permutations
if len(database[u]['POST'].keys()) > 1:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
allParams = {}
for gParam in database[u]['POST']:
allParams[gParam] = str(instance)
handle = getContentDirectURL_POST(u,allParams, txheaders)
if handle != None:
output = handle.read()
if detect_sql(output):
# generate the info...
plop.write(generateOutputLong(u,url,"POST",typeOfInjection, allParams))
appendToReport(u, generateHTMLOutput(u, "All", instance, "POST", typeOfInjection))
plop.write("\n</sqlAttacks>\n")
appendToReport(url, "</div></div>")
plop.close()
return ""
def process(url, database, attack_list, txheaders):
appendToReport(
url,
"<div class='panel panel-info'><div class='panel-heading'><h3 class='panel-title'> <a data-toggle='collapse' data-target='#collapseSql' href='#collapseSql'>SQL Injection Attacks </a></h3></div>"
)
plop = open('results/sql_GrabberAttacks.xml', 'w')
plop.write("<sqlAttacks>\n")
appendToReport(
url,
'<div id="collapseSql" class="panel-collapse collapse in"><div class="panel-body">'
)
for u in database.keys():
appendToReport(
u,
"<h4><div class='label label-default'><a target='_balnk' href='" +
u + "'>" + u + "</a></div></h4>")
if len(database[u]['GET']):
print "Method = GET ", u
for gParam in database[u]['GET']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
handle = getContent_GET(u, gParam, instance, txheaders)
if handle != None:
output = handle.read()
header = handle.info()
if detect_sql(output):
# generate the info...
plop.write(
generateOutput(u, gParam, instance, "GET",
typeOfInjection))
appendToReport(
u,
generateHTMLOutput(u, gParam, instance,
"GET", typeOfInjection))
#see the permutations
if len(database[u]['GET'].keys()) > 1:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
url = ""
for gParam in database[u]['GET']:
url += ("%s=%s&" %
(gParam, single_urlencode(str(instance))))
handle = getContentDirectURL_GET(u, url, txheaders)
if handle != None:
output = handle.read()
if detect_sql(output):
# generate the info...
plop.write(
generateOutputLong(u, url, "GET",
typeOfInjection))
appendToReport(
u,
generateHTMLOutput(u, "ALL", url, "GET",
typeOfInjection))
if len(database[u]['POST']):
print "Method = POST ", u
for gParam in database[u]['POST']:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
allParams = {}
for param in database[u]['POST']:
if param != gParam:
allParams[param] = 'abc'
allParams[gParam] = str(instance)
handle = getContentDirectURL_POST(
u, allParams, txheaders)
if handle != None:
output = handle.read()
header = handle.info()
if detect_sql(output):
# generate the info...
plop.write(
generateOutput(u, gParam, instance, "POST",
typeOfInjection))
appendToReport(
u,
generateHTMLOutput(u, gParam, instance,
"POST",
typeOfInjection))
# see the permutations
if len(database[u]['POST'].keys()) > 1:
for typeOfInjection in attack_list:
for instance in attack_list[typeOfInjection]:
allParams = {}
for gParam in database[u]['POST']:
allParams[gParam] = str(instance)
handle = getContentDirectURL_POST(u, allParams, txheaders)
if handle != None:
output = handle.read()
if detect_sql(output):
# generate the info...
plop.write(
generateOutputLong(u, url, "POST",
typeOfInjection, allParams))
appendToReport(
u,
generateHTMLOutput(u, "All", instance, "POST",
typeOfInjection))
plop.write("\n</sqlAttacks>\n")
appendToReport(url, "</div></div>")
plop.close()
return ""
