class FuzzerUrlsThread(threading.Thread): """ Thread class for FuzzerUrls module """ queue = None method = None url = None counter = None last_action = 0 def __init__(self, queue, domain, protocol, method, delay, counter, result): threading.Thread.__init__(self) self.queue = queue self.method = method.lower() self.domain = domain self.result = result self.counter = counter self.protocol = protocol self.done = False self.bad_words = file_to_list(Registry().get('wr_path') + "/bases/bad-words.txt") self.http = Registry().get('http') self.delay = int(delay) def run(self): """ Run thread """ req_func = getattr(self.http, self.method) need_retest = False while True: self.last_action = int(time.time()) if self.delay: time.sleep(self.delay) try: if not need_retest: url = self.queue.get() try: resp = req_func( "{0}://{1}{2}".format(self.protocol, self.domain, url) ) except ConnectionError: need_retest = True self.http.change_proxy() continue if resp is None: continue if resp.status_code > 499 and resp.status_code < 600: self.result.append({"url": url, "words": ["{0} Status code".format(resp.status_code)]}) continue found_words = [] for bad_word in self.bad_words: if resp.content.count(bad_word): found_words.append(bad_word) if len(found_words): self.result.append({"url": url, "words": found_words}) self.counter.up() need_retest = False except Queue.Empty: self.done = True break except BaseException as e: print url + " " + str(e)
class BackupsFinderThread(HttpThread): """ Thread class for BF module """ queue = None method = None url = None counter = None last_action = 0 def __init__(self, queue, domain, protocol, method, not_found_re, not_found_codes, not_found_size, delay, counter, result): super(BackupsFinderThread, self).__init__() self.queue = queue self.domain = domain self.result = result self.counter = counter self.protocol = protocol self.not_found_re = False if not len(not_found_re) else re.compile(not_found_re) self.not_found_size = int(not_found_size) self.method = method.lower() self.method = method if \ not ((len(not_found_re) or self.not_found_size != -1) and method.lower() == 'head') else \ 'get' not_found_codes = not_found_codes.split(',') not_found_codes.append('404') self.not_found_codes = list(set(not_found_codes)) self.delay = int(delay) self.done = False self.http = Registry().get('http') self.logger = Registry().get('logger') def run(self): """ Run thread """ req_func = getattr(self.http, self.method) need_retest = False while not self.done: self.last_action = int(time.time()) if self.delay: time.sleep(self.delay) try: if not need_retest: word = self.queue.get() self.counter.up() url = "{0}://{1}{2}".format(self.protocol, self.domain, word) try: resp = req_func(url) except ConnectionError: need_retest = True self.http.change_proxy() continue positive_item = False if self.is_response_right(resp): self.result.append(word) positive_item = True self.log_item(word, resp, positive_item) self.check_positive_limit_stop(self.result) need_retest = False except Queue.Empty: self.done = True break except ChunkedEncodingError as e: self.logger.ex(e) except BaseException as e: self.logger.ex(e)
class CmsThread(threading.Thread): """ Thread class for CMS module """ queue = None method = None url = None counter = None last_action = 0 def __init__(self, queue, domain, url, protocol, method, not_found_re, not_found_codes, delay, counter, result): threading.Thread.__init__(self) self.queue = queue self.method = method if not (len(not_found_re) and method.lower() == 'head') else 'get' self.domain = domain self.url = url self.result = result self.counter = counter self.protocol = protocol self.not_found_re = False if not len(not_found_re) else re.compile(not_found_re) not_found_codes = not_found_codes.split(',') not_found_codes.append('404') self.not_found_codes = list(set(not_found_codes)) self.delay = int(delay) self.done = False self.http = Registry().get('http') self.logger = Registry().get('logger') def run(self): """ Run thread """ req_func = getattr(self.http, self.method) need_retest = False while not self.done: self.last_action = int(time.time()) if self.delay: time.sleep(self.delay) try: if not need_retest: path = self.queue.get() try: url = "{0}://{1}{2}".format(self.protocol, self.domain, clear_double_slashes(self.url + path)) except UnicodeDecodeError: self.logger.log( "URL build error (UnicodeDecodeError) with path '{0}', skip it".format(pprint.pformat(path)), _print=False ) continue except UnicodeEncodeError: self.logger.log( "URL build error (UnicodeEncodeError) with path '{0}', skip it".format(pprint.pformat(path)), _print=False ) continue try: resp = req_func(url) except ConnectionError: need_retest = True self.http.change_proxy() continue binary_content = resp is not None and is_binary_content_type(resp.headers['content-type']) if resp is not None \ and str(resp.status_code) not in(self.not_found_codes) \ and not (not binary_content and self.not_found_re and self.not_found_re.findall(resp.content)): self.result.append({ 'path': path, 'code': resp.status_code, }) self.logger.item( path, resp.content if not resp is None else "", binary_content ) self.counter.up() self.queue.task_done() need_retest = False except Queue.Empty: self.done = True break except ChunkedEncodingError as e: self.logger.ex(e) except UnicodeDecodeError as e: self.logger.ex(e) self.queue.task_done() except BaseException as e: try: self.queue.put(path) if not str(e).count('Timed out waiting for page load'): self.logger.ex(e) except UnicodeDecodeError: pass self.queue.task_done()
class BackupsFinderThread(threading.Thread): """ Thread class for BF module """ queue = None method = None url = None counter = None last_action = 0 def __init__(self, queue, domain, protocol, method, not_found_re, not_found_codes, delay, counter, result): threading.Thread.__init__(self) self.queue = queue self.method = method if not (len(not_found_re) and method.lower() == 'head') else 'get' self.domain = domain self.result = result self.counter = counter self.protocol = protocol self.not_found_re = False if not len(not_found_re) else re.compile( not_found_re) not_found_codes = not_found_codes.split(',') not_found_codes.append('404') self.not_found_codes = list(set(not_found_codes)) self.delay = int(delay) self.done = False self.http = Registry().get('http') self.logger = Registry().get('logger') def run(self): """ Run thread """ req_func = getattr(self.http, self.method) need_retest = False while not self.done: self.last_action = int(time.time()) if self.delay: time.sleep(self.delay) try: if not need_retest: word = self.queue.get() self.counter.up() url = "{0}://{1}{2}".format(self.protocol, self.domain, word) try: resp = req_func(url) except ConnectionError: need_retest = True self.http.change_proxy() continue binary_content = resp is not None and is_binary_content_type( resp.headers['content-type']) if resp is not None and str(resp.status_code) not in self.not_found_codes \ and not (not binary_content and self.not_found_re and self.not_found_re.findall(resp.content)): self.result.append(word) self.logger.item(word, resp.content if not resp is None else "", binary_content) if len(self.result) >= int(Registry().get('config')['main'] ['positive_limit_stop']): Registry().set('positive_limit_stop', True) #self.queue.task_done(word) need_retest = False except Queue.Empty: self.done = True break except ChunkedEncodingError as e: self.logger.ex(e) except BaseException as e: self.logger.ex(e)
class FuzzerHeadersThread(threading.Thread): """ Thread class for FuzzerHeaders module """ queue = None method = None url = None counter = None def __init__(self, queue, domain, protocol, method, delay, counter, result): threading.Thread.__init__(self) self.queue = queue self.method = method.lower() self.domain = domain self.result = result self.counter = counter self.protocol = protocol self.done = False self.bad_words = file_to_list(Registry().get('wr_path') + "/bases/bad-words.txt") self.headers = self._get_headers() self.http = Registry().get('http') self.delay = int(delay) def _get_headers(self): return file_to_list(Registry().get('wr_path') + "/bases/fuzzer-headers.txt") def run(self): """ Run thread """ req_func = getattr(self.http, self.method) need_retest = False while True: if self.delay: time.sleep(self.delay) try: if not need_retest: url = self.queue.get() for header in self.headers: try: resp = req_func( "{0}://{1}{2}".format(self.protocol, self.domain, url), headers={ header.lower(): Registry().get('fuzzer_evil_value') }, #headers={header.lower(): Registry().get('config')['fuzzer']['headers_evil_value']}, ) except ConnectionError: need_retest = True self.http.change_proxy() continue if resp is None: continue if resp.status_code > 499 and resp.status_code < 600: self.result.append({ "url": url, "words": ["{0} Status code".format(resp.status_code)], "header": header }) continue found_words = [] for bad_word in self.bad_words: if resp.content.lower().count(bad_word): found_words.append(bad_word) if len(found_words): self.result.append({ "url": url, "words": found_words, "header": header }) self.counter.up() self.queue.task_done(url) need_retest = False except Queue.Empty: self.done = True break except BaseException as e: print url + " " + str(e) self.queue.task_done(url)
class FuzzerHeadersThread(threading.Thread): """ Thread class for FuzzerHeaders module """ queue = None method = None url = None counter = None def __init__(self, queue, domain, protocol, method, delay, counter, result): threading.Thread.__init__(self) self.queue = queue self.method = method.lower() self.domain = domain self.result = result self.counter = counter self.protocol = protocol self.done = False self.bad_words = file_to_list(Registry().get('wr_path') + "/bases/bad-words.txt") self.headers = self._get_headers() self.http = Registry().get('http') self.delay = int(delay) def _get_headers(self): return file_to_list(Registry().get('wr_path') + "/bases/fuzzer-headers.txt") def run(self): """ Run thread """ req_func = getattr(self.http, self.method) need_retest = False while True: if self.delay: time.sleep(self.delay) try: if not need_retest: url = self.queue.get() for header in self.headers: try: resp = req_func( "{0}://{1}{2}".format(self.protocol, self.domain, url), headers={header.lower(): Registry().get('fuzzer_evil_value')}, #headers={header.lower(): Registry().get('config')['fuzzer']['headers_evil_value']}, ) except ConnectionError: need_retest = True self.http.change_proxy() continue if resp is None: continue if resp.status_code > 499 and resp.status_code < 600: self.result.append( {"url": url, "words": ["{0} Status code".format(resp.status_code)], "header": header} ) continue found_words = [] for bad_word in self.bad_words: if resp.content.lower().count(bad_word): found_words.append(bad_word) if len(found_words): self.result.append({"url": url, "words": found_words, "header": header}) self.counter.up() self.queue.task_done(url) need_retest = False except Queue.Empty: self.done = True break except BaseException as e: print url + " " + str(e) self.queue.task_done(url)