enchant 0.4.1 → 0.4.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/ChangeLog +4 -0
  2. data/README.textile +8 -0
  3. data/VERSION +1 -1
  4. data/bin/enchant +41 -6
  5. data/enchant.gemspec +3 -3
  6. data/lib/enchant.rb +19 -12
  7. metadata +4 -4
data/ChangeLog CHANGED
@@ -1,3 +1,7 @@
1
+ 2010-07-02 Paolo Perego <thesp0nge@gmail.com>
2
+
3
+ * lib/enchant.rb (modified_function): start coding subdomain fuzzing (--domain)
4
+
1
5
  -- 0.4.1 --
2
6
  2010-06-29 Paolo Perego <thesp0nge@gmail.com>
3
7
 
data/README.textile CHANGED
@@ -47,6 +47,14 @@ Or you can also use the wordlist you love most
47
47
  bin/enchant -w mylist.txt www.some.org
48
48
  </pre>
49
49
 
50
+ h3. Ping
51
+
52
+ Starting from version 0.4.0 you can also ping the remote web server to see if it's alive (return code 200) or not.
53
+
54
+ <pre>
55
+ bin/enchant -P http://www.some.org
56
+ </pre>
57
+
50
58
  h2. Install
51
59
 
52
60
  <pre>sudo gem install enchant</pre>
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.4.1
1
+ 0.4.2
data/bin/enchant CHANGED
@@ -12,7 +12,8 @@ opts = GetoptLong.new(
12
12
  [ '--ping', '-P', GetoptLong::NO_ARGUMENT],
13
13
  [ '--flood', '-f', GetoptLong::REQUIRED_ARGUMENT],
14
14
  [ '--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT ],
15
- [ '--host', '-H', GetoptLong::REQUIRED_ARGUMENT],
15
+ [ '--host', '-H', GetoptLong::REQUIRED_ARGUMENT],
16
+ [ '--domain', '-d', GetoptLong::REQUIRED_ARGUMENT],
16
17
  [ '--port', '-p', GetoptLong::REQUIRED_ARGUMENT]
17
18
  )
18
19
 
@@ -21,6 +22,7 @@ ping = -1
21
22
  wordlist = 'basic.txt'
22
23
  host = nil
23
24
  port = nil
25
+ domain = nil
24
26
 
25
27
  opts.each do |opt, arg|
26
28
  case opt
@@ -48,10 +50,12 @@ opts.each do |opt, arg|
48
50
  else
49
51
  wordlist = arg
50
52
  end
53
+ when '--domain'
54
+ domain = arg
51
55
  end
52
56
  end
53
57
 
54
- if host == nil && port == nil
58
+ if host == nil && port == nil && domain == nil
55
59
  if ARGV.length != 1
56
60
  puts "Missing url argument (try --help)"
57
61
  exit 0
@@ -61,9 +65,14 @@ if host == nil && port == nil
61
65
  e = Enchant.new(url)
62
66
 
63
67
  else
64
- e = Enchant.new
65
- e.host = host
66
- e.port = port
68
+ if domain == nil
69
+ e = Enchant.new
70
+ e.host = host
71
+ e.port = port
72
+ else
73
+ e = Enchant.new
74
+ e.domain = domain
75
+ end
67
76
  end
68
77
 
69
78
  puts e
@@ -94,7 +103,7 @@ if ping != -1
94
103
  puts "Pinging "+e.host+" onto port " + e.port.to_s
95
104
 
96
105
  start_time = Time.now
97
- e.ping
106
+ e.get("/")
98
107
  if e.is_alive?
99
108
  puts e.host + " seems to be alive"
100
109
  else
@@ -104,6 +113,32 @@ if ping != -1
104
113
  puts "pinged in " + (Time.now - start_time).to_s + "s"
105
114
  exit 0
106
115
  end
116
+
117
+ if domain != -1
118
+ if (! e.is_sane?)
119
+ puts 'Automatic url parsing failed, please consider providing such information by hand.'
120
+ exit 1
121
+ end
122
+ puts "scanning for " + e.domain + " for subdomains"
123
+ e.list(wordlist)
124
+ list = e.fuzz
125
+
126
+ if list == nil
127
+ puts "Enchant is giving up since no wordlist file is available"
128
+ exit -1
129
+ end
130
+ pbar = ProgressBar.new("subdomains", list.size)
131
+ found=Array.new
132
+ list.each {|x|
133
+ pbar.inc
134
+ if (e.ping?(x.chomp+"."+domain))
135
+ found.add(x+"."+domain)
136
+ end
137
+ }
138
+ puts found.length+" subdomains found."
139
+ exit 0
140
+ end
141
+
107
142
  puts "Sending probe to #{url}"
108
143
  e.list(wordlist)
109
144
  list = e.fuzz()
data/enchant.gemspec CHANGED
@@ -1,15 +1,15 @@
1
1
  # Generated by jeweler
2
2
  # DO NOT EDIT THIS FILE DIRECTLY
3
- # Instead, edit Jeweler::Tasks in rakefile, and run the gemspec command
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
4
4
  # -*- encoding: utf-8 -*-
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{enchant}
8
- s.version = "0.4.1"
8
+ s.version = "0.4.2"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Paolo Perego"]
12
- s.date = %q{2010-06-29}
12
+ s.date = %q{2011-02-03}
13
13
  s.default_executable = %q{enchant}
14
14
  s.description = %q{Enchant is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach}
15
15
  s.email = %q{paolo@armoredcode.com}
data/lib/enchant.rb CHANGED
@@ -1,11 +1,14 @@
1
1
  require 'rubygems'
2
2
  require 'net/http'
3
3
  require 'uri'
4
+ require 'ping'
5
+ require 'Net/ping'
6
+ include Net
4
7
 
5
8
 
6
9
  class Enchant
7
10
  attr_reader :server, :code
8
- attr_accessor :host, :port
11
+ attr_accessor :host, :port, :domain
9
12
 
10
13
  VERSION = '0.4.0'
11
14
 
@@ -60,23 +63,27 @@ class Enchant
60
63
  puts #{$!}
61
64
  @code=-1
62
65
  end
66
+ @code
63
67
  end
64
68
 
65
69
  def is_alive?
66
70
  code.to_i==200
67
71
  end
68
72
 
69
- def ping(*)
70
- Net::HTTP.start(host, port) { |http|
71
- response = http.head("/")
72
- response.each { |key,val|
73
- if "server" == key
74
- @server=val
75
- end
76
- }
77
- @code = response.code
78
-
79
- }
73
+ def ping?(host)
74
+ # TCP pinging
75
+ if Ping.pingecho(host)
76
+ return true
77
+ end
78
+ #else
79
+ # icmp = Net::Ping::ICMP.new(host)
80
+ # if icmp.ping?
81
+ # return true
82
+ # else
83
+ # return false
84
+ # end
85
+ #end
86
+ false
80
87
  end
81
88
 
82
89
  def to_s()
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: enchant
3
3
  version: !ruby/object:Gem::Version
4
- hash: 13
4
+ hash: 11
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 4
9
- - 1
10
- version: 0.4.1
9
+ - 2
10
+ version: 0.4.2
11
11
  platform: ruby
12
12
  authors:
13
13
  - Paolo Perego
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-06-29 00:00:00 +02:00
18
+ date: 2011-02-03 00:00:00 +01:00
19
19
  default_executable: enchant
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency