enchant 0.1.0

data/.gitignore

@@ -0,0 +1 @@
+doc/*

data/COPYING

@@ -0,0 +1,28 @@
+// [The "BSD licence"]
+// Copyright (c) 2010 Paolo Perego, paolo@armoredcode.com
+// http://www.armoredcode.com
+// http://www.linkedin.com/in/thesp0nge
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+// 1. Redistributions of source code must retain the above copyright
+//    notice, this list of conditions and the following disclaimer.
+// 2. Redistributions in binary form must reproduce the above copyright
+//    notice, this list of conditions and the following disclaimer in the
+//    documentation and/or other materials provided with the distribution.
+// 3. The name of the author may not be used to endorse or promote products
+//    derived from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+// NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+// THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/ChangeLog

@@ -0,0 +1,3 @@
+2010-05-18 Paolo Perego <thesp0nge@gmail.com>
+
+* lib/enchant.rb (none): first typos

data/README.txt

@@ -0,0 +1,57 @@
+= enchant
+
+Enchant is is tool aimed to discover web application directory and pages by
+fuzzing the requests using a dictionary approach.
+
+The purpose is for security guys to discover a web application exposed paths
+without knowing anything about the app they have to test.
+
+Enchant doesn't perform any DoS attack, it plays just with HTTP GET observing
+the return code. Please be ethical and use this tool only against website
+you're allowed to stress test.
+
+== SYNOPSIS:
+
+
+== REQUIREMENTS:
+
+
+== INSTALL:
+
+'sudo gem install enchant'
+
+== DEVELOPERS:
+
+After checking out the source, run:
+
+  $ rake newb
+
+This task will install any missing dependencies, run the tests/specs,
+and generate the RDoc.
+
+== LICENSE:
+[The "BSD licence"]
+Copyright (c) 2010 Paolo Perego, paolo@armoredcode.com
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. The name of the author may not be used to endorse or promote products
+   derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/Rakefile

@@ -0,0 +1,15 @@
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gemspec|
+    gemspec.name = "enchant"
+    gemspec.summary = "Your magical web application fuzzer"
+    gemspec.description = "Enchant is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach"
+    gemspec.email = "paolo@armoredcode.com"
+    gemspec.homepage = "http://github.com/thesp0nge/enchant"
+    gemspec.authors = ["Paolo Perego"]
+    gemspec.add_dependency('ruby-progressbar')
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler not available. Install it with: gem install jeweler"
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/bin/enchant

@@ -0,0 +1,70 @@
+#!/usr/bin/env ruby
+require 'rubygems'
+require 'lib/Enchant'
+require 'rainbow'
+require 'progressbar'
+require 'getoptlong'
+require 'rdoc/usage'
+
+opts = GetoptLong.new(
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--version', '-v', GetoptLong::NO_ARGUMENT ],
+  [ '--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT ]
+)
+
+wordlist = 'basic.txt'
+opts.each do |opt, arg|
+  case opt
+        when '--help'
+          RDoc::usage
+          exit 0
+        when '--version'
+          puts Enchant.version
+          exit 0
+        when '--wordlist'
+          if arg == ''
+            wordlist = 'basic.txt'
+          else
+            wordlist = arg
+          end
+      end
+    end
+
+if ARGV.length != 1
+  puts "Missing url argument (try --help)"
+  exit 0
+end
+
+url = ARGV.shift
+
+
+e = Enchant.new(url)
+puts e
+puts "Sending probe to #{url}"
+e.list(wordlist)
+list = e.fuzz()
+if list == nil
+  puts "Enchant is giving up since no wordlist file is available"
+  exit -1
+end
+
+pbar = ProgressBar.new("urls", list.size)
+
+list.each {|x|
+  pbar.inc
+ code = e.get("/".concat(x).chomp)
+ unless code != 404
+   case code
+     # just hide 404s... when "404" then puts "Status is #{code} for /#{x.chomp}".foreground(:yellow)
+    when "200" then puts "Status is #{code} for /#{x.chomp}".foreground(:green)
+    when "500" then puts "Status is #{code} for /#{x.chomp}".foreground(:red)
+    else 
+      puts "Status is #{code} for /#{x.chomp}"
+    end
+  end
+}
+pbar.finish
+# puts e.server
+# 
+
+

data/enchant.gemspec

@@ -0,0 +1,55 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{enchant}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Paolo Perego"]
+  s.date = %q{2010-05-19}
+  s.default_executable = %q{enchant}
+  s.description = %q{Enchant is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach}
+  s.email = %q{paolo@armoredcode.com}
+  s.executables = ["enchant"]
+  s.extra_rdoc_files = [
+    "ChangeLog",
+     "README.txt"
+  ]
+  s.files = [
+    ".gitignore",
+     "COPYING",
+     "ChangeLog",
+     "README.txt",
+     "Rakefile",
+     "VERSION",
+     "bin/enchant",
+     "enchant.gemspec",
+     "lib/enchant.rb",
+     "test/test_enchant.rb"
+  ]
+  s.homepage = %q{http://github.com/thesp0nge/enchant}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Your magical web application fuzzer}
+  s.test_files = [
+    "test/test_enchant.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<ruby-progressbar>, [">= 0"])
+    else
+      s.add_dependency(%q<ruby-progressbar>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<ruby-progressbar>, [">= 0"])
+  end
+end
+

data/lib/enchant.rb

@@ -0,0 +1,65 @@
+require 'rubygems'
+require 'net/http'
+require 'uri'
+
+
+class Enchant
+  attr_reader :host, :port, :server, :code
+  
+  VERSION = '0.1.0'
+  
+  def initialize(url)
+    tmp = URI.parse(url)
+    @host = tmp.host
+    @port = tmp.port
+  end
+  
+  def list(wordlist) 
+    begin
+      File.open(wordlist, 'r') { |f|
+        @list = f.readlines
+      }
+    rescue Errno::ENOENT
+      puts "It seems the wordlist file is not present (#{wordlist})"
+      @list = nil
+    end
+  end
+  
+  def fuzz(*) 
+    # in future some perturbation will be done here
+    @list
+  end
+  
+  def get(path)
+    http = Net::HTTP.new(host, port)
+    begin
+      response = http.get(path)
+      @code = response.code
+    rescue Net::HTTPBadResponse
+      puts #{$!}
+      @code=-1
+    rescue Errno::ETIMEDOUT
+      puts #{$!}
+      @code=-1
+    end
+  end
+  
+  def ping(*)
+    Net::HTTP.start(host, port) { |http| 
+      response = http.head("/")
+      response.each { |key,val| 
+        if "server" == key 
+          @server=val
+        end 
+      }
+    }
+  end
+  
+  def to_s() 
+    "Enchant v"+VERSION+" - (C) 2010, thesp0nge@gmail.com"
+  end
+  
+  def self.version()
+    "Enchant v"+VERSION
+  end
+end

data/test/test_enchant.rb

@@ -0,0 +1,8 @@
+require "test/unit"
+require "enchant"
+
+class TestEnchant < Test::Unit::TestCase
+  def test_sanity
+    flunk "write tests or I will kneecap you"
+  end
+end

metadata

@@ -0,0 +1,90 @@
+--- !ruby/object:Gem::Specification 
+name: enchant
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Paolo Perego
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-05-19 00:00:00 +02:00
+default_executable: enchant
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: ruby-progressbar
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+description: Enchant is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach
+email: paolo@armoredcode.com
+executables: 
+- enchant
+extensions: []
+
+extra_rdoc_files: 
+- ChangeLog
+- README.txt
+files: 
+- .gitignore
+- COPYING
+- ChangeLog
+- README.txt
+- Rakefile
+- VERSION
+- bin/enchant
+- enchant.gemspec
+- lib/enchant.rb
+- test/test_enchant.rb
+has_rdoc: true
+homepage: http://github.com/thesp0nge/enchant
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Your magical web application fuzzer
+test_files: 
+- test/test_enchant.rb