def __init__(self): baseGrepPlugin.__init__(self) # Compile the XPATH self._tag_xpath = etree.XPath('//object | //applet') self._tag_names = ('object', 'applet') self._already_analyzed = scalable_bloomfilter()
def __init__(self): baseGrepPlugin.__init__(self) # This is nicer, but htmlParser inherits from SGMLParser that IS NOT # thread safe, So i have to create an instance of htmlParser for every # call to testResponse #self._htmlParser = htmlParser.htmlParser() kb.kb.save( self, 'passwordProfiling', {} ) # names of plugins to run ### TODO: develop more plugins, there is a nice ( all python ) metadata reader named hachoir-metadata ### it will be usefull for doing A LOT of plugins self._plugin_name_list = ['html', 'pdf'] # plugin instances, they are created in the first call to self._run_plugins self._plugins = [] # This are common words I dont want to use as passwords self._commonWords = {} self._commonWords['en'] = [ 'type', 'that', 'from', 'this', 'been', 'there', 'which', 'line', 'error', 'warning', 'file', 'fatal', 'failed', 'open', 'such', 'required', 'directory', 'valid', 'result', 'argument', 'there', 'some'] self._commonWords['es'] = [ 'otro', 'otra', 'para', 'pero', 'hacia', 'algo', 'poder', 'error'] self._commonWords['unknown'] = self._commonWords['en'] # Some words that are banned self._banned_words = [ 'forbidden', 'browsing', 'index' ]
def __init__(self): baseGrepPlugin.__init__(self) self._rss_tag_attr = [('rss', 'version', 'RSS'),# <rss version="..."> ('feed', 'version', 'OPML'),# <feed version="..." ('opml', 'version', 'OPML') # <opml version="..."> ] self._already_inspected = scalable_bloomfilter()
def __init__(self): baseGrepPlugin.__init__(self) # Internal variables self._exec = True # Some constants self._prepositions = {} self._prepositions[ 'en' ] = ['aboard', 'about', 'above', 'absent', 'across', 'after', 'against', 'along', 'alongside', 'amid', 'amidst', 'among', 'amongst', 'around', 'as', 'astride', 'at', 'atop', 'before', 'behind', 'below', 'beneath', 'beside', 'besides', 'between', 'beyond', 'but', 'by', 'despite', 'down', 'during', 'except', 'following', 'for', 'from', 'in', 'inside', 'into', 'like', 'mid', 'minus', 'near', 'nearest', 'notwithstanding', 'of', 'off', 'on', 'onto', 'opposite', 'out', 'outside', 'over', 'past', 're', 'round', 'save', 'since', 'than', 'through', 'throughout', 'till', 'to', 'toward', 'towards', 'under', 'underneath', 'unlike', 'until', 'up', 'upon', 'via', 'with', 'within', 'without'] # The 'a' preposition was removed, cause its also used in english self._prepositions[ 'es' ] = ['ante', 'bajo', 'cabe', 'con' , 'contra' , 'de', 'desde', 'en', 'entre', 'hacia', 'hasta', 'para', 'por' , 'segun', 'si', 'so', 'sobre', 'tras'] # Turkish # Sertan Kolat <*****@*****.**> self._prepositions[ 'tr' ] = ['ancak', 'burada', 'duyuru', 'evet', 'fakat', 'gibi', 'haber', 'kadar', 'karar', 'kaynak', 'olarak', 'sayfa', 'siteye', 'sorumlu', 'tamam', 'yasak', 'zorunlu']
def __init__(self): baseGrepPlugin.__init__(self) self._already_reported = scalable_bloomfilter() # regex to split between words self._split_re = re.compile('[^\w]')
def __init__(self): baseGrepPlugin.__init__(self) self._tag_names = [] self._tag_names.append('object') self._tag_names.append('applet') self._already_analyzed = ScalableBloomFilter()
def __init__(self): baseGrepPlugin.__init__(self) # Only generate the lists once. # Adding 0,001% performance ;) self._already_inspected = scalable_bloomfilter() self._wsdl_strings = self._get_WSDL_strings() self._disco_strings = ['disco:discovery ']
def __init__(self): baseGrepPlugin.__init__(self) # Internal variables self._already_inspected = scalable_bloomfilter() self._autocomplete_forms_xpath = etree.XPath( AUTOCOMPLETE_FORMS_XPATH ) self._pwd_input_xpath = etree.XPath( PWD_INPUT_XPATH ) self._text_input_xpath = etree.XPath( TEXT_INPUT_XPATH )
def __init__(self): baseGrepPlugin.__init__(self) # User configured parameters self._useSmartGrep = True self._useSimpleGrep = False # Compile the regular expressions self._scriptRe = re.compile('< *script *>(.*?)</ *script *>', re.IGNORECASE | re.DOTALL) # Function regular expressions self._functionNamesRe = [ re.compile(i, re.IGNORECASE) for i in self._getFunctionNames(True) ]
def __init__(self): baseGrepPlugin.__init__(self) self._already_visited = ScalableBloomFilter() # Added performance by compiling all the regular expressions # before using them. The setup time of the whole plugin raises, # but the execution time is lowered *a lot*. self._compiled_regex_list = [ re.compile(regex, re.IGNORECASE | re.DOTALL) for regex in self._get_indexing_regex() ]
def __init__(self): baseGrepPlugin.__init__(self) # Internal variables self._already_added = [] # Compile all regular expressions now self._compiled_regexes = {} self._compile_regex()
def __init__(self): baseGrepPlugin.__init__(self) # Internal variables self._comments = {} self._already_reported_interesting = [] # User configurations self._search404 = False
def __init__(self): baseGrepPlugin.__init__(self) # Internal variables self._already_inspected = ScalableBloomFilter() # Create the regular expression to search for AJAX ajax_regex_string = '(XMLHttpRequest|eval\(|ActiveXObject|Msxml2\.XMLHTTP|' ajax_regex_string += 'ActiveXObject|Microsoft\.XMLHTTP)' self._ajax_regex_re = re.compile( ajax_regex_string, re.IGNORECASE )
def __init__(self): baseGrepPlugin.__init__(self) self._feed_types = {'rss': 'RSS', # <rss version="..."> 'feed': 'OPML',# <feed version="..." 'opml': 'OPML' # <opml version="..."> } self._already_inspected = scalable_bloomfilter() # Compile the XPATH self._tag_xpath = etree.XPath('//rss | //feed | //opml')
def __init__(self): baseGrepPlugin.__init__(self) # For more info regarding this regular expression, please see: # https://sourceforge.net/mailarchive/forum.php?thread_name=1955593874.20090122023644%40 #mlists.olympos.org&forum_name=w3af-develop regex_str = '(?<!\.)(?<!\d)(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.' regex_str += '254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-' regex_str += '9]?)){2}(?!\d)(?!\.)' self._private_ip_address = re.compile(regex_str) self._regex_list = [self._private_ip_address ]
def __init__(self): baseGrepPlugin.__init__(self) self._already_inspected = ScalableBloomFilter() # Add the regex to match something like this: # # $Id: lzio.c,v 1.24 2003/03/20 16:00:56 roberto Exp $ # $Id: file name, version, timestamp, creator Exp $ # regex = '\$.{1,12}: .*? .*? \d{4}[-/]\d{1,2}[-/]\d{1,2}' regex += ' \d{1,2}:\d{1,2}:\d{1,2}.*? (.*?) (Exp )?\$' self._regex_list = [ re.compile(regex) ]
def __init__(self): baseGrepPlugin.__init__(self) # User defined options self._single_regex = "" self._regex_file_path = "" # Internal variables # Improved performance by compiling all the regular expressions # before using them (see setOptions method) self._regexlist_compiled = [] self._all_in_one = None
def __init__(self): baseGrepPlugin.__init__(self) # The following regex matches a valid url as well as the text about:internet. # Also it validates the number in the parenthesis. It should be a 4 digit number # and must tell about the length of the url that follows regex = r"""<!--\s*saved from url=\(([\d]{4})\)(https?://([-\w\.]+)""" regex += r"""+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?|about:internet)\s{1}\-\->""" self._motw_re = re.compile(regex) # User configured parameter self._withoutMOTW = False
def __init__(self): baseGrepPlugin.__init__(self) self._comments = {} self._search404 = False self._interesting_words = {'user':None, 'pass':None, 'microsoft':None, 'visual':None, 'linux':None, 'source':None, 'author':None, 'release':None, 'version':None, 'verify-v1':'Google Sitemap' } self._already_inspected = ScalableBloomFilter() '''
def __init__(self): baseGrepPlugin.__init__(self) self._already_inspected = ScalableBloomFilter() # re that searches for #GET / HTTP/1.0 self._re_request = re.compile('[a-zA-Z]{3,6} .*? HTTP/1.[01]') # re that searches for #HTTP/1.1 200 OK self._re_response = re.compile('HTTP/1.[01] [0-9][0-9][0-9] [a-zA-Z]*')
def __init__(self): baseGrepPlugin.__init__(self) # Internal variables self._already_inspected = scalable_bloomfilter() # Create the regular expression to search for AJAX ajax_regex_string = '(XMLHttpRequest|eval\(|ActiveXObject|Msxml2\.XMLHTTP|' ajax_regex_string += 'ActiveXObject|Microsoft\.XMLHTTP)' self._ajax_regex_re = re.compile( ajax_regex_string, re.IGNORECASE ) # Compile the XPATH self._script_xpath = etree.XPath('.//script')
def __init__(self): baseGrepPlugin.__init__(self) self._w3c_reasons = { 100: ['continue',], 101: ['switching protocols',], 200: ['ok',], 201: ['created',], 202: ['accepted',], 203: ['non-authoritative information',], 204: ['no content',], 205: ['reset content',], 206: ['partial content',], 300: ['multiple choices',], 301: ['moved permanently',], 302: ['found',], 303: ['see other',], 304: ['not modified',], 305: ['use proxy',], 306: ['(unused)',], 307: ['temporary redirect',], 400: ['bad request',], 401: ['unauthorized', 'authorization required'], 402: ['payment required',], 403: ['forbidden',], 404: ['not found',], 405: ['method not allowed','not allowed'], 406: ['not acceptable',], 407: ['proxy authentication required',], 408: ['request timeout',], 409: ['conflict',], 410: ['gone',], 411: ['length required',], 412: ['precondition failed',], 413: ['request entity too large',], 414: ['request-uri too long',], 415: ['unsupported media type',], 416: ['requested range not satisfiable',], 417: ['expectation failed',], 500: ['internal server error',], 501: ['not implemented',], 502: ['bad gateway',], 503: ['service unavailable',], 504: ['gateway timeout',], 505: ['http version not supported',], }
def __init__(self): baseGrepPlugin.__init__(self) self._cardResponses = [] cc_regex = '((^|[^\d])\d{4}[- ]?(\d{4}[- ]?\d{4}|\d{6})[- ]?(\d{5}|\d{4})($|[^\d]))' # (^|[^\d]) Match the start of the string, or something that's NOT a digit # \d{4}[- ]? Match four digits, and then (optionally) a "-" or a space # (\d{4}[- ]?\d{4}|\d{6}) Match one of the following: # - Four digits, and then (optionally) a "-" or a space and then four digits again (VISA cards) # - Six digits (AMEX cards) # [- ]? Match a "-" or a space (optionally) # (\d{5}|\d{4}) Match the final digits, five or four digits # ($|[^\d]) Match the end of the string, or something that's NOT a digit self._cc_regex = re.compile(cc_regex, re.M)
def __init__(self): baseGrepPlugin.__init__(self) vsRegex = r'<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value=".*?" />' self._viewstate = re.compile( vsRegex, re.IGNORECASE|re.DOTALL) evRegex = r'<input type="hidden" name="__EVENTVALIDATION" ' evRegex += 'id="__EVENTVALIDATION" value=".*?" />' self._eventvalidation = re.compile( evRegex, re.IGNORECASE|re.DOTALL) encryptedVsRegex = r'<input type="hidden" name="__VIEWSTATEENCRYPTED" ' encryptedVsRegex += 'id="__VIEWSTATEENCRYPTED" value=".*?" />' self._encryptedVs = re.compile( encryptedVsRegex, re.IGNORECASE|re.DOTALL) self._already_reported = scalable_bloomfilter()
def __init__(self): baseGrepPlugin.__init__(self) # Internal variables self._comments = {} self._interestingWords = ['user', 'pass', 'xxx', 'fix', 'bug', 'broken', 'oops', 'hack', 'caution', 'todo', 'note', 'warning', '!!!', '???', 'shit','stupid', 'tonto', 'porqueria', 'ciudado', 'usuario', 'contrase', 'puta', 'secret','@', 'email','security','captcha', # some in Portuguese 'banco', 'bradesco', 'itau', 'visa', 'bancoreal', 'transfêrencia', 'depósito', 'cartão', 'crédito', 'dados pessoais' ] self._already_reported_interesting = [] # User configurations self._search404 = False
def __init__(self): baseGrepPlugin.__init__(self) self._comments = {} self._search404 = False self._interesting_words = { "user": None, "pass": None, "microsoft": None, "visual": None, "linux": None, "source": None, "author": None, "release": None, "version": None, "verify-v1": "Google Sitemap", } self._already_inspected = scalable_bloomfilter() """
def __init__(self): baseGrepPlugin.__init__(self) # User configured variables self._only_target_domain = True self._already_inspected = ScalableBloomFilter()
def __init__(self): baseGrepPlugin.__init__(self) self._auth_uri_regex = re.compile('.*://[\w%]*?:[\w%]*?@[\w\.]{3,40}')
def __init__(self): baseGrepPlugin.__init__(self) self._error_500_responses = set()
def __init__(self): baseGrepPlugin.__init__(self) self._already_reported = ScalableBloomFilter()