def root_domain(url): if not is_ip_address(url.get_domain()): return [ url.get_root_domain(), ] return []
def _get_common_virtual_hosts(self, base_url): """ Get a list of common virtual hosts based on the target domain :param base_url: The target URL object. :return: A list of possible domain names that could be hosted in the same web server that "domain". """ domain = base_url.get_domain() root_domain = base_url.get_root_domain() for subdomain in self.COMMON_VHOSTS: # intranet yield subdomain # It doesn't make any sense to create subdomains based no an # IP address, they will look like intranet.192.168.1.2 , and # are invalid domains if is_ip_address(domain): continue # intranet.www.targetsite.com yield subdomain + '.' + domain # intranet.targetsite.com yield subdomain + '.' + root_domain # intranet.targetsite yield subdomain + '.' + root_domain.split('.')[0]
def _get_common_virtual_hosts(self, fuzzable_request): """ Get a list of common virtual hosts based on the target domain :param fuzzable_request: The fuzzable request as received by the plugin :return: A list of possible domain names that could be hosted in the same web server that "domain". """ base_url = fuzzable_request.get_url().base_url() domain = base_url.get_domain() root_domain = base_url.get_root_domain() for subdomain in self.COMMON_VHOSTS: # intranet yield subdomain # It doesn't make any sense to create subdomains based no an # IP address, they will look like intranet.192.168.1.2 , and # are invalid domains if is_ip_address(domain): continue # intranet.www.target.com yield subdomain + '.' + domain # intranet.target.com yield subdomain + '.' + root_domain # intranet.target yield subdomain + '.' + root_domain.split('.')[0]
def validate(self, value): if value is None: return None if not is_ip_address(value): msg = 'Invalid IP address specified ("%s")' % value raise BaseFrameworkException(msg) return value
def get_root_domain(self): """ Get the root domain name. Examples: input: www.ciudad.com.ar output: ciudad.com.ar input: i.love.myself.ru output: myself.ru Code taken from: http://getoutfoxed.com/node/41 TODO: If you ever want to improve this code section, you might be interested in https://pypi.python.org/pypi/tldextract , which seems to be really updated and supported. The (minor) down side is that they HTTP GET the GTOP_LEVEL_DOMAINS each time you start the library for the first time. """ # break authority into two parts: subdomain(s), and base authority # e.g. images.google.com --> [images, google.com] # www.popo.com.au --> [www, popo.com.au] def split_authority(aAuthority): # walk down from right, stop at (but include) first non-toplevel # domain chunks = re.split("\.", aAuthority) chunks.reverse() base_authority = "" subdomain = "" found_break = 0 for chunk in chunks: if not found_break: base_authority = chunk + ( ".", "")[base_authority == ""] + base_authority else: subdomain = chunk + (".", "")[subdomain == ""] + subdomain if chunk not in GTOP_LEVEL_DOMAINS: found_break = 1 return [subdomain, base_authority] # def to split URI into its parts, returned as URI object def decompose_uri(): return split_authority(self.get_domain())[1] if is_ip_address(self.netloc): # An IP address has no "root domain" return self.netloc else: return decompose_uri()
def api_execute(self, ip_address): """ Start a w3afAgent, to do this, I must transfer the agent client to the remote end and start the w3afServer in this local machine all this work is done by the w3afAgentManager, I just need to called start and thats it. """ if not is_ip_address(ip_address): ValueError('Invalid IP address: "%s"' % ip_address) try: agentManager = w3afAgentManager(self.shell.execute, ip_address) except BaseFrameworkException, w3: return 'Error' + str(w3)
def get_root_domain(self): """ Get the root domain name. Examples: input: www.ciudad.com.ar output: ciudad.com.ar input: i.love.myself.ru output: myself.ru """ # An IP address has no 'root domain' if is_ip_address(self.netloc): return self.netloc extract = TLDExtract(suffix_list_url=False, fallback_to_snapshot=True) extract_result = extract(self.get_domain()) return '%s.%s' % (extract_result.domain, extract_result.suffix)
def get_root_domain(self): """ Get the root domain name. Examples: input: www.ciudad.com.ar output: ciudad.com.ar input: i.love.myself.ru output: myself.ru Code taken from: http://getoutfoxed.com/node/41 """ # break authority into two parts: subdomain(s), and base authority # e.g. images.google.com --> [images, google.com] # www.popo.com.au --> [www, popo.com.au] def split_authority(aAuthority): # walk down from right, stop at (but include) first non-toplevel domain chunks = re.split("\.", aAuthority) chunks.reverse() baseAuthority = "" subdomain = "" foundBreak = 0 for chunk in chunks: if (not foundBreak): baseAuthority = chunk + ( ".", "")[baseAuthority == ""] + baseAuthority else: subdomain = chunk + (".", "")[subdomain == ""] + subdomain if chunk not in GTOP_LEVEL_DOMAINS: foundBreak = 1 return ([subdomain, baseAuthority]) # def to split URI into its parts, returned as URI object def decompose_uri(): return split_authority(self.get_domain())[1] if is_ip_address(self.netloc): # An IP address has no "root domain" return self.netloc else: return decompose_uri()
def validate(self, value): try: ip, port = value.split(':') except Exception: msg = 'Invalid IP and port specification, the correct format is'\ ' <ip-address>:<port> , for example: 127.0.0.1:8080.' raise BaseFrameworkException(msg) else: if not is_ip_address(ip): msg = 'Invalid IP address specified ("%s")' % ip raise BaseFrameworkException(msg) try: port = int(port) assert port > 0 assert port < 65536 except: msg = 'Invalid port specified, it needs to be a number between'\ ' 1 and 65535.' raise BaseFrameworkException(msg) return value
def test_is_ip_address_false_case01(self): self.assertFalse(is_ip_address('127.0.0.1.2'))
def test_is_ip_address_false_case02(self): self.assertFalse(is_ip_address('127.0.0.256'))
def root_domain(url): if not is_ip_address(url.get_domain()): return [url.get_root_domain(), ] return []
def test_is_ip_address_true(self): self.assertTrue(is_ip_address('127.0.0.1'))