def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._persistent_multi_in = None
self._expected_mutant_dict = DiskDict(table_prefix='ssi')
self._extract_expected_re = re.compile('[1-9]{5}')
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._persistent_multi_in = None
self._expected_mutant_dict = DiskDict(table_prefix='ssi')
self._extract_expected_re = re.compile('[1-9]{5}')
def __init__(self):
AuditPlugin.__init__(self)
self.mci = MemcacheInjection(u'key1 0 30 1\r\n1\r\n'
u'set injected 0 10 10\r\n1234567890\r\n',
u'key1 0 f 1\r\n1\r\n',
u'key1 0 30 0\r\n1\r\n')
self._eq_limit = 0.97
def __init__(self):
AuditPlugin.__init__(self)
self._xss_mutants = DiskList(table_prefix='xss')
# User configured parameters
self._check_persistent_xss = False
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._file_compiled_regex = []
self._error_compiled_regex = []
self._open_basedir = False
def __init__(self):
AuditPlugin.__init__(self)
# User configured variables
self._eq_limit = 0.9
self._timeout = 0
self._is_carefully = True
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._plugin_xml_result = {}
self._plugin_name = self.get_name()
self._response_id = None
def __init__(self):
"""
Some notes:
On Apache, when an overflow happends on a cgic script, this is written
to the log:
*** stack smashing detected ***: /var/www/.../buffer_overflow.cgi terminated,
referer: http://localhost/w3af/bufferOverflow/buffer_overflow.cgi
Premature end of script headers: buffer_overflow.cgi, referer: ...
On Apache, when an overflow happends on a cgic script, this is
returned to the user:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator,
webmaster@localhost and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
<p>More information about this error may be available
in the server error log.</p>
<hr>
<address>Apache/2.0.55 (Ubuntu) mod_python/3.2.8 Python/2.4.4c1
PHP/5.1.6 Server at localhost Port 80</address>
</body></html>
Note that this is an Apache error 500, not the more common PHP error 500.
"""
AuditPlugin.__init__(self)
def __init__(self):
AuditPlugin.__init__(self)
self._already_tested = set()
self._min_expire_days = 30
self._ca_file = os.path.join(ROOT_PATH, 'plugins', 'audit',
'ssl_certificate', 'ca.pem')
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._file_compiled_regex = []
self._error_compiled_regex = []
self._open_basedir = False
def __init__(self):
"""
Some notes:
On Apache, when an overflow happends on a cgic script, this is written
to the log:
*** stack smashing detected ***: /var/www/.../buffer_overflow.cgi terminated,
referer: http://localhost/w3af/bufferOverflow/buffer_overflow.cgi
Premature end of script headers: buffer_overflow.cgi, referer: ...
On Apache, when an overflow happends on a cgic script, this is
returned to the user:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator,
webmaster@localhost and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
<p>More information about this error may be available
in the server error log.</p>
<hr>
<address>Apache/2.0.55 (Ubuntu) mod_python/3.2.8 Python/2.4.4c1
PHP/5.1.6 Server at localhost Port 80</address>
</body></html>
Note that this is an Apache error 500, not the more common PHP error 500.
"""
AuditPlugin.__init__(self)
def __init__(self):
AuditPlugin.__init__(self)
self._xss_mutants = DiskList()
# User configured parameters
self._check_persistent_xss = True
def __init__(self):
AuditPlugin.__init__(self)
self.mci = MemcacheInjection(
u'key1 0 30 1\r\n1\r\n'
u'set injected 0 10 10\r\n1234567890\r\n', u'key1 0 f 1\r\n1\r\n',
u'key1 0 30 0\r\n1\r\n')
self._eq_limit = 0.97
def __init__(self):
AuditPlugin.__init__(self)
self._already_tested = set()
self._min_expire_days = 30
self._ca_file = os.path.join(ROOT_PATH, 'plugins', 'audit',
'ssl_certificate', 'ca.pem')
def __init__(self):
AuditPlugin.__init__(self)
self._xss_mutants = DiskList(table_prefix='xss')
# User configured parameters
self._check_persistent_xss = True
def __init__(self):
AuditPlugin.__init__(self)
MemcacheInjection = namedtuple('MemcacheInjection', ['ok', 'error_1', 'error_2'])
self.mci = MemcacheInjection(u"key1 0 30 1\r\n1\r\nset injected 0 10 10\r\n1234567890\r\n",
u"key1 0 f 1\r\n1\r\n",
u"key1 0 30 0\r\n1\r\n")
self._eq_limit = 0.97
def __init__(self):
"""
Plugin added just for completeness... I dont really expect to find one
of this bugs in my life... but well.... if someone , somewhere in the
planet ever finds a bug of using this plugin... THEN my job has been
done :P
"""
AuditPlugin.__init__(self)
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._potential_vulns = DiskList(table_prefix='generic')
# User configured variables
self._diff_ratio = 0.30
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._script_re = re.compile('< *?script.*?>(.*?)< *?/ *?script *?>',
re.IGNORECASE | re.DOTALL)
self._meta_url_re = re.compile('.*?;URL=(.*)',
re.IGNORECASE | re.DOTALL)
def __init__(self):
AuditPlugin.__init__(self)
#
# Some internal variables
#
self._special_chars = ['', '&&', '|', ';']
self._file_compiled_regex = []
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._script_re = re.compile('< *?script.*?>(.*?)< *?/ *?script *?>',
re.IGNORECASE | re.DOTALL)
self._meta_url_re = re.compile('.*?;URL=(.*)',
re.IGNORECASE | re.DOTALL)
def __init__(self):
AuditPlugin.__init__(self)
# Internal attributes
self._urls_recently_tested = deque(maxlen=30)
# User configured
self._extensions = ['gif', 'html', 'bmp', 'jpg', 'png', 'txt']
def __init__(self):
AuditPlugin.__init__(self)
# Define plugin options configuration variables
self.origin_header_value = "http://w3af.org/"
# Internal variables
self._reported_global = set()
def __init__(self):
AuditPlugin.__init__(self)
# Define plugin options configuration variables
self.origin_header_value = "http://w3af.org/"
# Internal variables
self._reported_global = set()
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._potential_vulns = DiskList()
# User configured variables
self._diff_ratio = 0.30
def __init__(self):
AuditPlugin.__init__(self)
#
# Some internal variables
#
self._special_chars = ['', '&&', '|', ';']
self._file_compiled_regex = []
def __init__(self):
"""
Plugin added just for completeness... I dont really expect to find one
of this bugs in my life... but well.... if someone , somewhere in the
planet ever finds a bug of using this plugin... THEN my job has been
done :P
"""
AuditPlugin.__init__(self)
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._expected_res_mutant = DiskDict()
self._freq_list = DiskList()
re_str = '<!--#exec cmd="echo -n (.*?);echo -n (.*?)" -->'
self._extract_results_re = re.compile(re_str)
def __init__(self):
AuditPlugin.__init__(self)
# User configured parameters
self._base_path = path.join(ROOT_PATH, 'plugins', self.get_type(), self.__class__.__name__)
self._wordlist_file = path.join(self._base_path, 'common_filenames.db')
# This is a list of common file extensions for google gears manifest:
self._extensions = ['', '.php', '.json', '.txt', '.gears']
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._expected_res_mutant = DiskDict()
self._freq_list = DiskList()
re_str = '<!--#exec cmd="echo -n (.*?);echo -n (.*?)" -->'
self._extract_results_re = re.compile(re_str)
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._potential_vulns = DiskList(table_prefix='generic')
# User configured variables
self._diff_ratio = 0.30
self._extensive = False
def __init__(self):
AuditPlugin.__init__(self)
# I test this with different URL handlers because the developer may have
# blacklisted http:// and https:// but missed ftp://.
#
# I also use hTtp instead of http because I want to evade some (stupid)
# case sensitive filters
self._test_urls = ('hTtp://w3af.org/', 'htTps://w3af.org/',
'fTp://w3af.org/', '//w3af.org')
def __init__(self):
AuditPlugin.__init__(self)
# Methods
self._supported_methods = self.DAV_METHODS | self.COMMON_METHODS | self.UNCOMMON_METHODS \
| self.PROPOSED_METHODS | self.EXTRA_METHODS | self.VERSION_CONTROL
# User configured variables
self._exec_one_time = True
self._report_dav_only = True
self._plugin_name = self.get_name()
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._error_reported = False
self._vulns = []
# User configured parameters
self._listen_port = ports.REMOTEFILEINCLUDE
self._listen_address = get_local_ip() or ''
self._use_w3af_site = True
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._error_reported = False
self._vulns = []
# User configured parameters
self._listen_port = ports.REMOTEFILEINCLUDE
self._listen_address = get_local_ip() or ''
self._use_w3af_site = True
def __init__(self):
AuditPlugin.__init__(self)
# Define plugin options configuration variables
self.origin_header_value = "http://w3af.org/"
# Internal variables
self._reported_global = set()
self._universal_allow_counter = 0
self._origin_echo_counter = 0
self._universal_origin_allow_creds_counter = 0
self._allow_methods_counter = 0
def __init__(self):
AuditPlugin.__init__(self)
# Create some random strings, which the plugin will use.
# for the fuzz_with_echo
self._rnd = rand_alpha(5)
self._rnd = self._rnd.lower()
self._expected_result = self._rnd * self.PRINT_REPEATS
# User configured parameters
self._use_time_delay = True
self._use_echo = True
def __init__(self):
AuditPlugin.__init__(self)
# I test this with different URL handlers because the developer may have
# blacklisted http:// and https:// but missed ftp://.
#
# I also use hTtp instead of http because I want to evade some (stupid)
# case sensitive filters
self._test_urls = ('hTtp://w3af.org/',
'htTps://w3af.org/',
'fTp://w3af.org/',
'//w3af.org')
def __init__(self):
AuditPlugin.__init__(self)
# Define plugin options configuration variables
self.origin_header_value = "http://w3af.org/"
# Internal variables
self._reported_global = set()
self._universal_allow_counter = 0
self._origin_echo_counter = 0
self._universal_origin_allow_creds_counter = 0
self._allow_methods_counter = 0
def __init__(self):
AuditPlugin.__init__(self)
self._base_path = path.join(ROOT_PATH, 'plugins', self.get_type(), self.__class__.__name__)
self._dirs_list_file = path.join(self._base_path, 'common_dirs_small.db')
self._files_list_file = path.join(self._base_path, 'common_files_small.db')
self._mix_list_file = path.join(self._base_path, 'bo0om.db')
# User configured parameters
self._bf_directories = False
self._bf_files = False
self._bf_mix = True
def __init__(self):
AuditPlugin.__init__(self)
# Create some random strings, which the plugin will use.
# for the fuzz_with_echo
self._rnd = rand_alpha(5)
self._rnd = self._rnd.lower()
self._expected_result = self._rnd * self.PRINT_REPEATS
# User configured parameters
self._use_time_delay = True
self._use_echo = True
def __init__(self):
AuditPlugin.__init__(self)
self._already_tested = set()
self._min_expire_days = 30
"""
It is possible to update this file by downloading the latest
cacert.pem from curl:
wget https://curl.haxx.se/ca/cacert.pem -O w3af/plugins/audit/ssl_certificate/ca.pem
git commit w3af/plugins/audit/ssl_certificate/ca.pem -m "Update ca.pem"
"""
self._ca_file = os.path.join(ROOT_PATH, 'plugins', 'audit',
'ssl_certificate', 'ca.pem')
def __init__(self):
AuditPlugin.__init__(self)
# Config params
self._users_file = os.path.join(self.BASE_CFG_PATH, 'users.txt')
self._passwd_file = os.path.join(self.BASE_CFG_PATH, 'passwords.txt')
self._combo_file = os.path.join(self.BASE_CFG_PATH, 'combo.txt')
self._combo_separator = ":"
self._use_emails = True
self._use_SVN_users = True
self._pass_eq_user = True
self._l337_p4sswd = True
self._useMails = True
self._use_profiling = True
self._profiling_number = 50
self._stop_on_first = True
# Internal vars
self._found = False
self._already_reported = []
self._already_tested = []
def __init__(self):
AuditPlugin.__init__(self)
# Config params
self._users_file = os.path.join(self.BASE_CFG_PATH, 'users.txt')
self._passwd_file = os.path.join(self.BASE_CFG_PATH, 'passwords.txt')
self._combo_file = os.path.join(self.BASE_CFG_PATH, 'combo.txt')
self._combo_separator = ":"
self._use_emails = True
self._use_SVN_users = True
self._pass_eq_user = True
self._l337_p4sswd = True
self._useMails = True
self._use_profiling = True
self._profiling_number = 50
self._stop_on_first = True
# Internal vars
self._found = False
self._already_reported = []
self._already_tested = []
def __init__(self):
AuditPlugin.__init__(self)
# User configured
self._extensions = ['gif', 'html', 'bmp', 'jpg', 'png', 'txt']
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._exec = True
def __init__(self):
AuditPlugin.__init__(self)
self._strict_mode = False
self._equal_limit = 0.90
def __init__(self):
AuditPlugin.__init__(self)
# User configured
self._extensions = ['gif', 'html', 'bmp', 'jpg', 'png', 'txt']
def __init__(self):
AuditPlugin.__init__(self)
self._eq_limit = 0.97
def __init__(self):
AuditPlugin.__init__(self)
# User configured variables
self._eq_limit = 0.9
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._already_tested_dirs = ScalableBloomFilter()
def __init__(self):
AuditPlugin.__init__(self)
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._should_run = True
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._already_tested_dirs = ScalableBloomFilter()
def __init__(self):
AuditPlugin.__init__(self)
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._should_run = True
def __init__(self):
AuditPlugin.__init__(self)
# Internal variables
self._already_tested = ScalableBloomFilter()
self._author_url = None
def __init__(self):
AuditPlugin.__init__(self)
self._already_tested = ScalableBloomFilter()