def run(PluginInfo): Content = plugin_helper.Requestlink_list( 'Passive Analysis Results', get_resources('PassiveRobotsAnalysisHTTPRequests'), PluginInfo) Content += plugin_helper.resource_linklist( 'Online Resources', get_resources('PassiveRobotsAnalysisLinks')) # Try to retrieve the robots.txt file from all defined resources Count = 0 for Name, Resource in get_resources('PassiveRobots'): URL = Resource # Just for clarity # Preparing link chunks for disallowed entries LinkStart, LinkFinish = URL.split('/robots.txt') LinkStart = LinkStart.strip() LinkFinish = LinkFinish.strip() # Use the cache if possible for speed Transaction = requester.get_transaction(True, URL) if Transaction is not None and Transaction.found: Content += plugin_helper.ProcessRobots( PluginInfo, Transaction.get_raw_response_body(), LinkStart, LinkFinish, 'robots%s.txt' % str(Count)) Count += 1 else: # Not found or unknown request error Message = "Could not be retrieved using resource: %s" % Resource logging.info(Message) Content += plugin_helper.TransactionTableForURLList(True, [URL]) return Content
def run(PluginInfo): resource = get_resources('PassiveSearchEngineDiscoveryCmd') resource_online = get_resources('PassiveSearchEngineDiscoveryLnk') Content = plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, []) Content += plugin_helper.resource_linklist('Online Resources', resource_online) return Content
def run(PluginInfo): NiktoOutput = plugin_helper.CommandDump('Test Command', 'Output', get_resources('Nikto_Unauth'), PluginInfo, []) Content = plugin_helper.CommandDump('Test Command', 'Output', get_resources('Nikto_Verify_Unauth'), PluginInfo, NiktoOutput) return Content + NiktoOutput # Show Nikto Verify FIRST (more useful, with links to findings, etc)
def run(PluginInfo): URL = target_manager.get_val('top_url') # TODO: PUT not working right yet Content = plugin_helper.TransactionTableForURL(True, URL, Method='TRACE') Content += plugin_helper.CommandDump('Test Command', 'Output', get_resources('ActiveHTTPMethods'), PluginInfo, Content) return Content
def run(PluginInfo): resource = get_resources('SemiPassiveHTTPMethods') Content = plugin_helper.TransactionTableForURLList( True, get_targets_as_list(['target_url', 'top_url']), 'OPTIONS') # No previous output Content += plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, []) return Content
def run(PluginInfo): # Define DirBuster Commands to use depending on Interaction Setting: # DirBuster allows much more control when interactive # DirBuster can also be run non-interactively for scripting DirBusterInteraction = { 'True': 'DirBusterInteractive', 'False': 'DirBusterNotInteractive' } # Get settings from the config DB resource = get_resources(DirBusterInteraction['{}'.format(INTERACTIVE)]) Content = plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, []) extractURL_resource = get_resources('DirBuster_Extract_URLs') Content += plugin_helper.CommandDump('Test Command', 'Output', extractURL_resource, PluginInfo, []) return Content
def run(PluginInfo): # True = Use Transaction Cache if possible: Visit the start URLs if not already visited TransactionTable = plugin_helper.TransactionTableForURLList( True, get_targets_as_list(['target_url', 'top_url'])) resource = get_resources('SemiPassiveFingerPrint') Content = plugin_helper.ResearchFingerprintInlog() + TransactionTable Content += plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, Content) return Content
def run(PluginInfo): mapping = [['All', 'CMS_FingerPrint_All'], ['WordPress', 'CMS_FingerPrint_WordPress'], ['Joomla', 'CMS_FingerPrint_Joomla'], ['Drupal', 'CMS_FingerPrint_Drupal'], ['Mambo', 'CMS_FingerPrint_Mambo']] # Vuln search box to be built in core and reused in different plugins: Content = plugin_helper.VulnerabilitySearchBox('') resource = get_resources('PassiveFingerPrint') Content += plugin_helper.resource_linklist('Online Resources', resource) Content += plugin_helper.SuggestedCommandBox( PluginInfo, mapping, 'CMS Fingerprint - Potentially useful commands') return Content
def run(PluginInfo): resource = get_resources('ExternalErrorCodes') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('ExternalCrossSiteFlashing') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('ExternalFileExtHandling') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('Arachni_Unauth') return plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, [])
def run(PluginInfo): resource = get_resources('PassiveOldBackupUnreferencedFilesLnk') return plugin_helper.resource_linklist('Online Resources', resource)
def run(PluginInfo): # Vuln search box to be built in core and resued in different plugins: resource = get_resources('PassiveMethods') Content = plugin_helper.resource_linklist('Online Resources', resource) logging.info("Passive links generated for target") return Content
def run(PluginInfo): resource = get_resources('ActiveDiscovery') # No previous output return plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, [])
def run(PluginInfo): resource = get_resources('SemiPassiveSearchEngineDiscoveryCmd') Content = plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, []) # No previous output return Content
def run(PluginInfo): resource = get_resources('ExternalCookiesAttributes') Content = plugin_helper.resource_linklist('Online Hash Cracking Resources', resource) return Content
def run(PluginInfo): resource = get_resources('ActiveSSLCmds') Content = plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, []) # No previous output return Content
def run(PluginInfo): resource = get_resources('PassiveAdminInterfaceLnk') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): Content = plugin_helper.VulnerabilitySearchBox('') resource = get_resources('ExternalCAPTCHA') Content += plugin_helper.resource_linklist('Tools', resource) return Content
def run(PluginInfo): resource = get_resources('ExternalXMLInjection') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('PassiveCrossSiteScripting') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('MsRpcProbeMethods') # No previous output return plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, [])
def run(PluginInfo): resource = get_resources('ExternalDefaultGuessableUserAccount') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('PassiveErrorMessagesLnk') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('WSPassiveSearchEngineDiscoveryLnk') return plugin_helper.resource_linklist('Online Resources', resource)
def run(PluginInfo): resource = get_resources('BruteSnmpProbeMethods') return plugin_helper.CommandDump('Test Command', 'Output', resource, PluginInfo, [])
def run(PluginInfo): resource = get_resources('PassiveSQLInjectionLnk') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('ExternalSessionManagement') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content
def run(PluginInfo): resource = get_resources('ExternalBypassingAuthenticationSchema') Content = plugin_helper.resource_linklist('Online Resources', resource) return Content