def run(PluginInfo):
Content = plugin_helper.Requestlink_list(
'Passive Analysis Results',
get_resources('PassiveRobotsAnalysisHTTPRequests'), PluginInfo)
Content += plugin_helper.resource_linklist(
'Online Resources', get_resources('PassiveRobotsAnalysisLinks'))
# Try to retrieve the robots.txt file from all defined resources
Count = 0
for Name, Resource in get_resources('PassiveRobots'):
URL = Resource # Just for clarity
# Preparing link chunks for disallowed entries
LinkStart, LinkFinish = URL.split('/robots.txt')
LinkStart = LinkStart.strip()
LinkFinish = LinkFinish.strip()
# Use the cache if possible for speed
Transaction = requester.get_transaction(True, URL)
if Transaction is not None and Transaction.found:
Content += plugin_helper.ProcessRobots(
PluginInfo, Transaction.get_raw_response_body(), LinkStart,
LinkFinish, 'robots%s.txt' % str(Count))
Count += 1
else: # Not found or unknown request error
Message = "Could not be retrieved using resource: %s" % Resource
logging.info(Message)
Content += plugin_helper.TransactionTableForURLList(True, [URL])
return Content
def run(PluginInfo):
resource = get_resources('PassiveSearchEngineDiscoveryCmd')
resource_online = get_resources('PassiveSearchEngineDiscoveryLnk')
Content = plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, [])
Content += plugin_helper.resource_linklist('Online Resources',
resource_online)
return Content
def run(PluginInfo):
NiktoOutput = plugin_helper.CommandDump('Test Command', 'Output',
get_resources('Nikto_Unauth'),
PluginInfo, [])
Content = plugin_helper.CommandDump('Test Command', 'Output',
get_resources('Nikto_Verify_Unauth'),
PluginInfo, NiktoOutput)
return Content + NiktoOutput # Show Nikto Verify FIRST (more useful, with links to findings, etc)
def run(PluginInfo):
URL = target_manager.get_val('top_url')
# TODO: PUT not working right yet
Content = plugin_helper.TransactionTableForURL(True, URL, Method='TRACE')
Content += plugin_helper.CommandDump('Test Command', 'Output', get_resources('ActiveHTTPMethods'),
PluginInfo, Content)
return Content
def run(PluginInfo):
resource = get_resources('SemiPassiveHTTPMethods')
Content = plugin_helper.TransactionTableForURLList(
True, get_targets_as_list(['target_url', 'top_url']), 'OPTIONS')
# No previous output
Content += plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, [])
return Content
def run(PluginInfo):
# Define DirBuster Commands to use depending on Interaction Setting:
# DirBuster allows much more control when interactive
# DirBuster can also be run non-interactively for scripting
DirBusterInteraction = {
'True': 'DirBusterInteractive',
'False': 'DirBusterNotInteractive'
}
# Get settings from the config DB
resource = get_resources(DirBusterInteraction['{}'.format(INTERACTIVE)])
Content = plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, [])
extractURL_resource = get_resources('DirBuster_Extract_URLs')
Content += plugin_helper.CommandDump('Test Command', 'Output',
extractURL_resource, PluginInfo, [])
return Content
def run(PluginInfo):
# True = Use Transaction Cache if possible: Visit the start URLs if not already visited
TransactionTable = plugin_helper.TransactionTableForURLList(
True, get_targets_as_list(['target_url', 'top_url']))
resource = get_resources('SemiPassiveFingerPrint')
Content = plugin_helper.ResearchFingerprintInlog() + TransactionTable
Content += plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, Content)
return Content
def run(PluginInfo):
mapping = [['All', 'CMS_FingerPrint_All'],
['WordPress', 'CMS_FingerPrint_WordPress'],
['Joomla', 'CMS_FingerPrint_Joomla'],
['Drupal', 'CMS_FingerPrint_Drupal'],
['Mambo', 'CMS_FingerPrint_Mambo']]
# Vuln search box to be built in core and reused in different plugins:
Content = plugin_helper.VulnerabilitySearchBox('')
resource = get_resources('PassiveFingerPrint')
Content += plugin_helper.resource_linklist('Online Resources', resource)
Content += plugin_helper.SuggestedCommandBox(
PluginInfo, mapping, 'CMS Fingerprint - Potentially useful commands')
return Content
def run(PluginInfo):
resource = get_resources('ExternalErrorCodes')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('ExternalCrossSiteFlashing')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('ExternalFileExtHandling')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('Arachni_Unauth')
return plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, [])
def run(PluginInfo):
resource = get_resources('PassiveOldBackupUnreferencedFilesLnk')
return plugin_helper.resource_linklist('Online Resources', resource)
def run(PluginInfo):
# Vuln search box to be built in core and resued in different plugins:
resource = get_resources('PassiveMethods')
Content = plugin_helper.resource_linklist('Online Resources', resource)
logging.info("Passive links generated for target")
return Content
def run(PluginInfo):
resource = get_resources('ActiveDiscovery')
# No previous output
return plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, [])
def run(PluginInfo):
resource = get_resources('SemiPassiveSearchEngineDiscoveryCmd')
Content = plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, []) # No previous output
return Content
def run(PluginInfo):
resource = get_resources('ExternalCookiesAttributes')
Content = plugin_helper.resource_linklist('Online Hash Cracking Resources',
resource)
return Content
def run(PluginInfo):
resource = get_resources('ActiveSSLCmds')
Content = plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, []) # No previous output
return Content
def run(PluginInfo):
resource = get_resources('PassiveAdminInterfaceLnk')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
Content = plugin_helper.VulnerabilitySearchBox('')
resource = get_resources('ExternalCAPTCHA')
Content += plugin_helper.resource_linklist('Tools', resource)
return Content
def run(PluginInfo):
resource = get_resources('ExternalXMLInjection')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('PassiveCrossSiteScripting')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('MsRpcProbeMethods')
# No previous output
return plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, [])
def run(PluginInfo):
resource = get_resources('ExternalDefaultGuessableUserAccount')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('PassiveErrorMessagesLnk')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('WSPassiveSearchEngineDiscoveryLnk')
return plugin_helper.resource_linklist('Online Resources', resource)
def run(PluginInfo):
resource = get_resources('BruteSnmpProbeMethods')
return plugin_helper.CommandDump('Test Command', 'Output', resource,
PluginInfo, [])
def run(PluginInfo):
resource = get_resources('PassiveSQLInjectionLnk')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('ExternalSessionManagement')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
def run(PluginInfo):
resource = get_resources('ExternalBypassingAuthenticationSchema')
Content = plugin_helper.resource_linklist('Online Resources', resource)
return Content
