watobo 0.9.21 → 0.9.23

data/modules/active/directories/dirwalker.rb

@@ -1,12 +1,3 @@
-#.
-# dirwalker.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-
 # @private 
 module Watobo#:nodoc: all
   module Modules

data/modules/active/discovery/fileextensions.rb

@@ -1,12 +1,3 @@
-#.
-# fileextensions.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-
 # @private 
 module Watobo#:nodoc: all
   module Modules

data/modules/active/discovery/http_methods.rb

@@ -1,12 +1,3 @@
-#.
-# http_methods.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-
 # @private 
 module Watobo#:nodoc: all
   module Modules

data/modules/active/discovery/jsmapfiles.rb

@@ -0,0 +1,79 @@
+# @private
+module Watobo #:nodoc: all
+  module Modules
+    module Active
+      module Discovery
+
+
+        class Jsmapfiles < Watobo::ActiveCheck
+
+          @info.update(
+              :check_name => 'JavaScript Map Files', # name of check which briefly describes functionality, will be used for tree and progress views
+              :description => "Checks for javascript map files", # description of checkfunction
+              :author => "Andreas Schmidt", # author of check
+              :version => "0.9" # check version
+          )
+
+          @finding.update(
+              :threat => 'Temporary- or backup files may contain sensitive information, e.g. source-code or username/password.', # thread of vulnerability, e.g. loss of information
+              :class => "JS Map File", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
+              :type => FINDING_TYPE_INFO # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
+          )
+
+
+          def initialize(session_name=nil, prefs={})
+            #  @project = project
+            super(session_name, prefs)
+
+          end
+
+          def reset()
+
+          end
+
+          def generateChecks(chat)
+
+            begin
+              file = chat.request.file
+
+              return nil unless file =~ /\.js$/ and chat.response.content_type =~ /javascript/i
+
+              checker = proc {
+                test_request = nil
+                test_response = nil
+
+                new_file = file + '.map'
+                test_request = chat.copyRequest
+
+                test_request.replaceFileExt(new_file)
+
+                status, test_request, test_response = fileExists?(test_request, :default => true)
+
+                if status == true then
+                  addFinding(test_request, test_response,
+                             :check_pattern => "#{new_file}",
+                             :test_item => file,
+                             :proof_pattern => "#{test_response.status}",
+                             :chat => chat,
+                             :title => "[ #{test_response.status_code} ] - #{new_file}"
+                  #:debug => true
+                  )
+                end
+                [test_request, test_response]
+              }
+              yield checker
+
+            rescue => bang
+
+              puts "ERROR!! #{Module.nesting[0].name} "
+              puts "chatid: #{chat.id}"
+              puts bang
+              puts
+
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/modules/active/domino/domino_db.rb

@@ -1,52 +1,43 @@
-#.
-# domino_db.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-
 require 'digest/md5'
 require 'digest/sha1'
 
 # @private 
-module Watobo#:nodoc: all
+module Watobo #:nodoc: all
   module Modules
     module Active
       module Domino
-        
-        
+
+
         class Domino_db < Watobo::ActiveCheck
           @info.update(
-                         :check_name => 'Lotus Domino DB Enumeration',    # name of check which briefly describes functionality, will be used for tree and progress views
-            :description => "Enumeration of well known Domino DBs.",   # description of checkfunction
-            :author => "Andreas Schmidt", # author of check
-            :check_group => AC_GROUP_DOMINO,
-            :version => "1.0"   # check version
-            )
-            
-            @finding.update(
-                            :threat => 'Information Disclosure and/or modifying of databases.',        # thread of vulnerability, e.g. loss of information
-            :class => "Lotus Domino: Default Database",    # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
-            :type => FINDING_TYPE_HINT         # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN 
-            )
-            
+              :check_name => 'Lotus Domino DB Enumeration', # name of check which briefly describes functionality, will be used for tree and progress views
+              :description => "Enumeration of well known Domino DBs.", # description of checkfunction
+              :author => "Andreas Schmidt", # author of check
+              :check_group => AC_GROUP_DOMINO,
+              :version => "1.0" # check version
+          )
+
+          @finding.update(
+              :threat => 'Information Disclosure and/or modifying of databases.', # thread of vulnerability, e.g. loss of information
+              :class => "Lotus Domino: Default Database", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
+              :type => FINDING_TYPE_HINT # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
+          )
+
           def initialize(project, prefs={})
             super(project, prefs)
-            
+
             @domino_dbs = []
-            
-            filename = "domino_db.lst"            
-            path = File.dirname(__FILE__)            
+
+            filename = "domino_db.lst"
+            path = File.dirname(__FILE__)
             db_file = File.join(path, filename)
-            
+
             begin
-              fh = open(db_file,"r")  
+              fh = open(db_file, "r")
               fh.each_line do |dbname|
                 @domino_dbs.push dbname.strip
               end
-            #  puts "* #{@domino_dbs.length} Lotus Domino DB Names loaded"
+                #  puts "* #{@domino_dbs.length} Lotus Domino DB Names loaded"
             rescue => bang
               puts "!!! ERROR: Problems import Domino DB List"
               puts "File:"
@@ -54,57 +45,58 @@ module Watobo#:nodoc: all
               puts bang
             end
           end
-          
-          def generateChecks(chat)            
-            begin              
-             # if chat.request.url.to_s =~ /(.*)\/\w*\.nsf/ then
-                @domino_dbs.each do |db|
-                  checker = proc{
-                    test_request = nil
-                    test_response = nil
-                    test = chat.copyRequest
-                    
-                    test.replaceFileExt db
-                    
-                    test_request,test_response = doRequest(test,:default => true)
-                    
-                    
-                    if test_response.status =~ /ok/i then
-                     # test_chat = Chat.new(test, test_response, chat.id)
-                      if test_response.join =~ /(names\.nsf\?Login)/ # if default db found, check for content
-                        addFinding( test_request,test_response,
-                        :test_item => chat.request.url.to_s,
-                                   :check_pattern => "#{db}",
-                        :proof_pattern => "#{test_response.status}", 
-                        :chat=>chat,
-                        :title => db
-                        )
-                      else
-                        addFinding(test_request,test_response,
-                                   :check_pattern => "#{db}",
-                        :proof_pattern => "#{test_response.status}",
-                        :test_item => chat.request.url.to_s,
-                        :class => "Lotus Domino: Unprotected Default DB",
-                        :type => FINDING_TYPE_VULN,
-                        :chat => chat,
-                        :rating => VULN_RATING_HIGH,
-                        :title => db
-                        )
-                        [ test_request, test_response ]
-                      end
+
+          def generateChecks(chat)
+            begin
+              # if chat.request.url.to_s =~ /(.*)\/\w*\.nsf/ then
+              @domino_dbs.each do |db|
+                checker = proc {
+                  test_request = nil
+                  test_response = nil
+                  test = chat.copyRequest
+
+                  test.replaceFileExt db
+
+                  #test_request,test_response = doRequest(test,:default => true)
+                  #if test_response.status =~ /ok/i then
+                  fexist, test_request, test_response = fileExists?(test, :default => true)
+
+                  if fexist and test_response.status =~ /200/
+                    # test_chat = Chat.new(test, test_response, chat.id)
+                    if test_response.join =~ /(names\.nsf\?Login)/ # if default db found, check for content
+                      addFinding(test_request, test_response,
+                                 :test_item => chat.request.url.to_s,
+                                 :check_pattern => "#{db}",
+                                 :proof_pattern => "#{test_response.status}",
+                                 :chat => chat,
+                                 :title => db
+                      )
+                    else
+                      addFinding(test_request, test_response,
+                                 :check_pattern => "#{db}",
+                                 :proof_pattern => "#{test_response.status}",
+                                 :test_item => chat.request.url.to_s,
+                                 :class => "Lotus Domino: Unprotected Default DB",
+                                 :type => FINDING_TYPE_VULN,
+                                 :chat => chat,
+                                 :rating => VULN_RATING_HIGH,
+                                 :title => db
+                      )
+                      [test_request, test_response]
                     end
-                  }
-                  yield checker
-                end
-              #end            
+                  end
+                }
+                yield checker
+              end
+                #end
             rescue => bang
               puts bang
               puts "ERROR!! #{Module.nesting[0].name}"
               raise
-              
+
             end
           end
-          
+
         end
         # --> eo namespace    
       end

data/modules/active/dotNET/custom_errors.rb

@@ -1,112 +1,103 @@
-#.
-# custom_errors.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-
 # @private 
-module Watobo#:nodoc: all
-  module Modules
-    module Active
-      module Dotnet
-        #class Dir_indexing < Watobo::Mixin::Session
-        class Custom_errors < Watobo::ActiveCheck
-          @@tested_directories = Hash.new
-          
-           @info.update(
-            :check_name => '.NET Custom Error',    # name of check which briefly describes functionality, will be used for tree and progress views
-            :description => "This module checks if custom errors messages are used and Stack-Tracing is enabled.",   # description of checkfunction
-            :author => "Andreas Schmidt", # author of check
-            :version => "1.0",   # check version
-            :check_group => ".NET"
-            )
-
-            @finding.update(
-            :threat => 'Information Disclosure. Internal error messages are exposed to end users.',        # thread of vulnerability, e.g. loss of information
-            :class => ".NET: Custom Errors",    # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
-            :type => FINDING_TYPE_VULN,         # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
-            :rating => VULN_RATING_INFO
-            )
-            
-          def initialize(project, prefs={})
-            super(project, prefs)
-
-           
-
-          end
-
-          def generateChecks(chat)
-
-            begin
-
-              if chat.request.url.to_s =~ /\.aspx/ then
-
-                checker = proc {
-                  begin
-                    test_request = nil
-                    test_response = nil
-
-                    test = chat.copyRequest
-                    test.set_method("POST")
-                    
-                    test.set_content_type("application/x-www-form-urlencoded")
-                    test.set_content_length("0")
-                    test.setData "__VIEWSTATE=watobo"
-                    
-                    status, test_request, test_response = fileExists?(test)
-                    
-                    if test_response.has_body? and test_response.body =~ /Server Error in/
-
-                      puts ".NET Custom Error >> #{test.url.to_s}"
-
-                      addFinding(  test_request, test_response,
-                             :test_item => "__VIEWSTATE",
-                             :proof_pattern => Regexp.quote("Server Error in"),
-                  :check_pattern => Regexp.quote("__VIEWSTATE"),
-                  :chat => chat,
-                  :threat => "Information Disclosure: Error messages may disclose potentially sensitive information about the internal implementation of the website.",
-                  :title => "[Server Error]"
-                  )
-
-                      trace_pattern = "customErrors mode=.*RemoteOnly"
-                      if test_response.body =~ /#{trace_pattern}/i
-                        #puts "STACK-TRACE!!!"
-                        addFinding(  test_request, test_response,
-                             :test_item => "__VIEWSTATE",
-                             :proof_pattern => trace_pattern,
-                  :check_pattern => Regexp.quote("__VIEWSTATE"),
-                  :chat => chat,
-                  :threat => "Information Disclosure: A Stack-Trace may disclose potentially sensitive information about the internal implementation of the website.",
-                  :title => "[Stack-Trace]",
-                  :class => ".NET: Stack-Trace"
-                  )
-
-                      end
-
-                    end
-
-                    [ test_request, test_response ]
-
-                  rescue => bang
-                    puts bang
-                    puts bang.backtrace if $DEBUG
-                  end
-                  [ nil, nil ]
-
-                }
-              yield checker
-              end
-            rescue => bang
-              puts "!error in module #{Module.nesting[0].name}"
-              puts bang
-            end
-          end
-
-        end
-      end
-    end
-  end
-end
+module Watobo#:nodoc: all
+  module Modules
+    module Active
+      module Dotnet
+        #class Dir_indexing < Watobo::Mixin::Session
+        class Custom_errors < Watobo::ActiveCheck
+          @@tested_directories = Hash.new
+          
+           @info.update(
+            :check_name => '.NET Custom Error',    # name of check which briefly describes functionality, will be used for tree and progress views
+            :description => "This module checks if custom errors messages are used and Stack-Tracing is enabled.",   # description of checkfunction
+            :author => "Andreas Schmidt", # author of check
+            :version => "1.0",   # check version
+            :check_group => ".NET"
+            )
+
+            @finding.update(
+            :threat => 'Information Disclosure. Internal error messages are exposed to end users.',        # thread of vulnerability, e.g. loss of information
+            :class => ".NET: Custom Errors",    # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
+            :type => FINDING_TYPE_VULN,         # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
+            :rating => VULN_RATING_INFO
+            )
+            
+          def initialize(project, prefs={})
+            super(project, prefs)
+
+           
+
+          end
+
+          def generateChecks(chat)
+
+            begin
+
+              if chat.request.url.to_s =~ /\.aspx/ then
+
+                checker = proc {
+                  begin
+                    test_request = nil
+                    test_response = nil
+
+                    test = chat.copyRequest
+                    test.set_method("POST")
+                    
+                    test.set_content_type("application/x-www-form-urlencoded")
+                    test.set_content_length("0")
+                    test.setData "__VIEWSTATE=watobo"
+                    
+                    status, test_request, test_response = fileExists?(test)
+                    
+                    if test_response.has_body? and test_response.body =~ /Server Error in/
+
+                      puts ".NET Custom Error >> #{test.url.to_s}"
+
+                      addFinding(  test_request, test_response,
+                             :test_item => "__VIEWSTATE",
+                             :proof_pattern => Regexp.quote("Server Error in"),
+                  :check_pattern => Regexp.quote("__VIEWSTATE"),
+                  :chat => chat,
+                  :threat => "Information Disclosure: Error messages may disclose potentially sensitive information about the internal implementation of the website.",
+                  :title => "[Server Error]"
+                  )
+
+                      trace_pattern = "customErrors mode=.*RemoteOnly"
+                      if test_response.body =~ /#{trace_pattern}/i
+                        #puts "STACK-TRACE!!!"
+                        addFinding(  test_request, test_response,
+                             :test_item => "__VIEWSTATE",
+                             :proof_pattern => trace_pattern,
+                  :check_pattern => Regexp.quote("__VIEWSTATE"),
+                  :chat => chat,
+                  :threat => "Information Disclosure: A Stack-Trace may disclose potentially sensitive information about the internal implementation of the website.",
+                  :title => "[Stack-Trace]",
+                  :class => ".NET: Stack-Trace"
+                  )
+
+                      end
+
+                    end
+
+                    [ test_request, test_response ]
+
+                  rescue => bang
+                    puts bang
+                    puts bang.backtrace if $DEBUG
+                  end
+                  [ nil, nil ]
+
+                }
+              yield checker
+              end
+            rescue => bang
+              puts "!error in module #{Module.nesting[0].name}"
+              puts bang
+            end
+          end
+
+        end
+      end
+    end
+  end
+end