def parseConfig(self):
config = CustomConfigParser()
# Parse & Load The Local Preset Config 'default.conf'
configPath = FileUtils.createPath(self.script_path, "default.conf")
config.read(configPath)
# 'General' Section -> Use The Default Setting (if not overridden)
self.saveHome = config.try_getboolean( # saveHome
"general", "save-logs-home", False)
self.failedScanPath = config.try_get( # Failed Test Path
"general", "scanner-fail-path", "").strip()
# 'Connection' Section -> Use The Default Setting (if not overridden)
self.timeout = config.try_getint("connection", "timeout", 30) # 1
self.ip = config.try_get("connection", "ip", None) # 2
self.proxy = config.try_get("connection", "httpProxy", None) # 3
self.maxRetries = config.try_getint("connection", "maxRetries", 5) # 4
self.requestByHostname = config.try_getboolean( # 5
"connection", "requestByHostname", False)
# 'Optional' Section -> Use The Default Setting (if not overridden)
self.delay = config.try_getfloat("optional", "delay", 0) # 1
self.recursive = config.try_getboolean( # 2
"optional", "recursive", False)
self.numThreads = config.try_getint( # 3
"optional", "numThreads", 10, list(range(1, 50)))
self.suppressEmpty = config.try_getboolean( # 4
"optional", "suppressEmpty", False)
self.scanSubdirs = config.try_get("optional", "scanSubdirs", None) # 5
self.excludeSubdirs = config.try_get( # 6
"optional", "excludeSubdirs", None)
self.excludeStatusCodes = config.try_get( # 7
"optional", "excludeStatusCodes", None)
self.cookie = config.try_get("optional", "cookie", None) # 8
self.userAgent = config.try_get("connection", "user-agent", None) # 9
self.redirect = config.try_getboolean( # 10
"optional", "noFollowRedirects", False)
self.headers = config.try_get("optional", "headers", None) # 11
self.useRandomAgents = config.try_get( # 12
"connection", "random-user-agents", False)
# 'Reports' Section -> Use The Default Setting (if not overridden)
self.autoSave = config.try_getboolean("reports", "autosave-report",
False)
self.autoSaveFormat = config.try_get("reports",
"autosave-report-format", "plain",
["simple", "plain", "json"])
# 'Dictionary' Section -> Use The Default Setting (if not overridden)
self.wordlist = config.try_get( #1
"dictionary", "wordlist",
FileUtils.createPath(self.script_path, "db", "dicc.txt"))
self.lowercase = config.try_getboolean( #2
"dictionary", "lowercase", False)
self.forceExtensions = config.try_get( # 3
"dictionary", "forceExtensions", False)
def getSavePath(self):
basePath = None
basePath = os.path.expanduser('~')
dirPath = None
if os.name == 'nt':
dirPath = "DirScanner"
else:
dirPath = ".DirScanner"
return FileUtils.createPath(basePath, dirPath)
def setupBatchReports(self):
self.batch = True
self.batchSession = "Batch-{0}".format(
time.strftime('%y-%m-%d_%H-%M-%S'))
self.batchDirectoryPath = FileUtils.createPath(
self.savePath, "reports", self.batchSession)
if not FileUtils.exists(self.batchDirectoryPath):
FileUtils.createDirectory(self.batchDirectoryPath)
if not FileUtils.exists(self.batchDirectoryPath):
self.output.error("Cannot Create Batch Folder {}".format(
self.batchDirectoryPath))
sys.exit(1)
if FileUtils.canWrite(self.batchDirectoryPath):
FileUtils.createDirectory(self.batchDirectoryPath)
targetsFile = FileUtils.createPath(self.batchDirectoryPath,
"Target-URL-List.txt")
FileUtils.writeLines(targetsFile, self.arguments.urlList)
else:
self.output.error("Cannnot Write Batch Folder {}.".format(
self.batchDirectoryPath))
sys.exit(1)
def getReportsPath(self, requester):
if self.arguments.autoSave: # Default True
basePath = ('/'
if requester.basePath is '' else requester.basePath)
basePath = basePath.replace(os.path.sep, '.')[1:-1]
# Generate File Name & Directory Path
fileName = None
directoryPath = None
if self.batch:
fileName = requester.host
directoryPath = self.batchDirectoryPath
else:
fileName = ('{}_'.format(basePath)
if basePath is not '' else '')
fileName += time.strftime('%y-%m-%d_%H-%M-%S')
directoryPath = FileUtils.createPath(self.savePath, 'reports',
requester.host)
if not FileUtils.exists(directoryPath):
FileUtils.createDirectory(directoryPath)
if not FileUtils.exists(directoryPath):
self.output.error("Cannot Create Reports Folder {}".format(
directoryPath))
sys.exit(1)
# Generate Reports File Path
outputFile = FileUtils.createPath(directoryPath, fileName)
# Rename If Duplicate File is Found In Target Directory
if FileUtils.exists(outputFile):
i = 2
while FileUtils.exists(outputFile + "_" + str(i)):
i += 1
outputFile += "_" + str(i)
return outputFile, directoryPath
def getBlacklists(self):
"""
@brief Get The Local Preset Status Code Related Blacklist
@param self The Object
@return Target Blacklist Dictionary
"""
blacklists = {} # Target Dictionary (Consists of Status Code Lists)
# 400 -> Bad Request, 403 -> Forbidden, 500 ->Internal Server Error
db_Path = FileUtils.createPath(self.script_path, 'db') # Local DB Path
for status in [400, 403, 500]:
blacklistFileName = FileUtils.createPath( # Join Status Code as Filename (e.g. 403_blacklist.txt)
db_Path, '{}_blacklist.txt'.format(status))
blacklists[status] = [] # Status Code List Contained In Dictionary
if not FileUtils.canRead(blacklistFileName):
continue # Skip Unreadable File
for line in FileUtils.getLines(blacklistFileName):
if line.lstrip().startswith('#'):
continue # Skip Comments In The File
blacklists[status].append(line)
return blacklists
def __init__(self, *pathComponents):
self._path = FileUtils.createPath(*pathComponents)
self.content = None
def __init__(self, script_path, arguments, output):
# Load The Local Custom Banner, Version & Author Info
global Version_Pattern
path_banner = FileUtils.createPath(script_path, "sources",
"CLI_Banner.txt")
path_version_author = FileUtils.createPath(script_path, "sources",
"CLI_Version_Author.txt")
CLI_Banner = open(path_banner).read()
CLI_Version_Author = open(path_version_author).read().format(
**Version_Pattern)
self.output = output
self.output.header(CLI_Banner)
self.output.versionAuthor(CLI_Version_Author)
self.arguments = arguments
self.script_path = script_path
self.savePath = script_path
self.blacklists = self.getBlacklists()
self.recursive = self.arguments.recursive
self.suppressEmpty = self.arguments.suppressEmpty
self.excludeSubdirs = (arguments.excludeSubdirs
if arguments.excludeSubdirs is not None else [])
self.excludeStatusCodes = self.arguments.excludeStatusCodes
self.DirQue = Queue() # Standard FIFO Queue --> Storing Dirs
self.fuzzer = None
self.batch = False
self.batchSession = None
self.exit = False
# Custom Save Path, Reports Path
if self.arguments.saveHome:
self.savePath = self.saveHomeOption()
# Error Logs Path
self.errorLog = None
self.errorLogPath = None
self.errorLogLock = Lock()
self.errorLogPath = self.getErrorPath()
self.errorLog = open(self.errorLogPath, "w")
# Reports & Local Directory Paths
self.reportsPath = None
self.directoryPath = None
self.dictionary = Dictionary(
self.arguments.wordlist, self.arguments.extensions,
self.arguments.lowercase, self.arguments.forceExtensions)
# Auto Save Check
if self.arguments.autoSave and len(self.arguments.urlList) > 1:
self.setupBatchReports()
self.output.newLine("\nAutoSave Path: {0}".format(
self.batchDirectoryPath))
# Random Agents Check
if self.arguments.useRandomAgents:
self.randomAgents = FileUtils.getLines(
FileUtils.createPath(script_path, "db", "user-agents.txt"))
# Print Out The Custom Extension, Threads Number & Dictionary Size
self.printBasicConf()
self.dirScanning() # Main Directory Scanning Method
self.output.warning("\nScanning Completed !") # Scanning Completed
def getErrorPath(self):
fileName = "errors-{0}.log".format(time.strftime('%y-%m-%d_%H-%M-%S'))
errorLogPath = FileUtils.createPath(
FileUtils.createPath(self.savePath, "logs", fileName))
return errorLogPath