def test_cve_2019_11043_false(self): network.init("", "", "") output.setup(False, False, False) url = "https://www.example.org/" p = command_line.build_parser() ns = p.parse_args(args=["scan"]) s = Session(ns, url) try: output.setup(False, True, True) with utils.capture_sys_output() as (stdout, stderr): with requests_mock.Mocker() as m: m.get(requests_mock.ANY, status_code=200) m.head(requests_mock.ANY, status_code=200) results = php.check_cve_2019_11043( s, ["https://www.example.org/test/"] ) except Exception as error: self.assertIsNone(error) self.assertIsNotNone(results) self.assertTrue(len(results) == 0) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stdout.getvalue()) network.reset()
def test_get_header_issues_dup_header(self): network.init("", "", "") output.setup(False, False, False) # we are using www.google.com as they return multiple Set-Cookie headers url = "https://www.google.com" output.setup(False, True, True) with utils.capture_sys_output() as (stdout, stderr): resp = requests.get(url) results = http_basic.get_header_issues( resp, network.http_build_raw_response(resp), url ) self.assertIsNotNone(results) self.assertTrue(len(results) > 0) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stdout.getvalue()) self.assertTrue( any( "Header Set-Cookie set multiple times with different values" in r.message for r in results ) )
def test_net_init_none(self): try: network.init(None, None, None) except Exception as error: self.assertIsNone(error) self.assertIsNotNone(network._requester) network.reset()
def main(): global _start_time, _monitor signal.signal(signal.SIGINT, signal_handler) warnings.simplefilter("ignore") try: if str(sys.stdout.encoding).lower() != "utf-8": print( f"Output encoding is {sys.stdout.encoding}: changing to UTF-8") sys.stdout.reconfigure(encoding="utf-8") except Exception as error: print(f"Unable to set UTF-8 encoding: {str(error)}") parser = command_line.build_parser() args, urls = parser.parse_known_args() # setup the output system output.setup(args.debug, args.nocolors, args.nowrap) output.debug("Starting application...") proxy = args.proxy if "proxy" in args else None cookie = args.cookie if "cookie" in args else None header = args.header if "header" in args else None network.init(proxy, cookie, header) # if we made it this far, it means that the parsing worked. # version doesn't require any URLs, so it gets special handing if args.command != "version": urls = command_line.process_urls(urls) else: urls = [] # we are good to keep going print_header() if args.output is not None: reporter.init(args.output) _set_basic_info() print(f"Saving output to '{reporter.get_output_file()}'") print() try: with _KeyMonitor(): with _ProcessMonitor() as pm: _monitor = pm args.func(args, urls) except KeyboardInterrupt: output.empty() output.error("Scan cancelled by user.") finally: _shutdown()
def test_response_scanner(self): network.init("", "", "") url = "https://adamcaudill.com/" resp = network.http_get(url) http.reset() res = response_scanner.check_response(url, resp) self.assertTrue(any("External JavaScript File" in r.message for r in res)) self.assertTrue(any("Vulnerable JavaScript" in r.message for r in res))
def test_net_init_valid_proxy_alt(self): try: output.setup(False, True, True) with utils.capture_sys_output() as (stdout, stderr): network.init("127.0.0.1:1234", "", "") except Exception as error: self.assertIsNone(error) self.assertIsNotNone(network._requester) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stdout.getvalue()) self.assertNotIn("Invalid proxy server specified", stdout.getvalue()) network.reset()
def test_wp_ident(self): network.init("", "", "") url = "https://adamcaudill.com/" output.setup(False, False, False) with utils.capture_sys_output() as (stdout, stderr): try: _, res = wordpress.identify(url) except Exception as error: self.assertIsNone(error) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stderr.getvalue()) self.assertTrue(any("Found WordPress" in r.message for r in res))
def test_net_init_invalid_header(self): try: output.setup(False, True, True) with utils.capture_sys_output() as (stdout, stderr): network.init("", "", "AUTH123") _ = network.http_get("http://example.com") except Exception as error: self.assertIsNone(error) self.assertIsNotNone(network._requester) self.assertNotIn("Exception", stderr.getvalue()) self.assertIn("Error", stdout.getvalue()) self.assertIn("header must be in NAME=VALUE format", stdout.getvalue()) network.reset()
def test_find_backup_ext(self): network.init("", "", "") url = "https://adamcaudill.com/" output.setup(False, False, False) with utils.capture_sys_output() as (stdout, stderr): try: http.reset() _, _ = file_search.find_backups( [url, f"{url}readme.html", f"{url}#test"] ) except Exception as error: self.assertIsNone(error) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stderr.getvalue())
def test_wp_json_user_enum(self): network.init("", "", "") url = "https://adamcaudill.com/" output.setup(False, False, False) with utils.capture_sys_output() as (stdout, stderr): try: res = wordpress.check_json_user_enum(url) except Exception as error: self.assertIsNone(error) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stderr.getvalue()) self.assertTrue( any("WordPress WP-JSON User Enumeration" in r.message for r in res) )
def test_check_404(self): network.init("", "", "X-Test=123") url = "https://adamcaudill.com/" output.setup(False, False, False) with utils.capture_sys_output() as (stdout, stderr): with requests_mock.Mocker() as m: m.get(requests_mock.ANY, text="body", status_code=200) try: file, _, _, _ = network.check_404_response(url) except Exception as error: self.assertIsNone(error) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stderr.getvalue())
def test_check_put(self): network.init("", "", "") url = "https://adamcaudill.com/" output.setup(False, False, False) with utils.capture_sys_output() as (stdout, stderr): with requests_mock.Mocker() as m: m.put(requests_mock.ANY, text="body", status_code=200) try: res = network.http_put(url, "data") except Exception as error: self.assertIsNone(error) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stderr.getvalue()) self.assertIsNotNone(res)
def test_find_backup_ext_all(self): network.init("", "", "") url = "https://adamcaudill.com/" output.setup(False, False, False) with utils.capture_sys_output() as (stdout, stderr): with requests_mock.Mocker() as m: m.get(requests_mock.ANY, text="body", status_code=200) m.head(requests_mock.ANY, status_code=200) try: http.reset() _, res = file_search.find_backups([url, f"{url}test/readme.html"]) except Exception as error: self.assertIsNone(error) self.assertNotIn("Exception", stderr.getvalue()) self.assertNotIn("Error", stderr.getvalue()) self.assertTrue(any("Found backup file" in r.message for r in res))
def main(): global _start_time, _monitor signal.signal(signal.SIGINT, signal_handler) parser = command_line.build_parser() args, urls = parser.parse_known_args() # setup the output system output.setup(args.debug, args.nocolors) output.debug("Starting application...") network.init(args.proxy, args.cookie) # if we made it this far, it means that the parsing worked. urls = command_line.process_urls(urls) # we are good to keep going print_header() if args.output is not None: reporter.init(args.output) _set_basic_info() print(f"Saving output to '{reporter.get_output_file()}'") print() try: with _KeyMonitor(): with _ProcessMonitor() as pm: _monitor = pm args.func(args, urls) except KeyboardInterrupt: output.empty() output.error("Scan cancelled by user.") finally: _shutdown()