watobo 0.9.21 → 0.9.23

Sign up to get free protection for your applications and to get access to all the features.
Files changed (283) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +46 -1
  3. data/bin/nfq_server.rb +0 -9
  4. data/bin/watobo_gui.rb +3 -13
  5. data/custom-views/prettify-json.rb +9 -18
  6. data/icons/watobo.ico +0 -0
  7. data/icons/watobo.ico.old +0 -0
  8. data/lib/watobo.rb +10 -19
  9. data/lib/watobo/adapters.rb +5 -14
  10. data/lib/watobo/adapters/data_store.rb +50 -59
  11. data/lib/watobo/adapters/file/file_store.rb +287 -296
  12. data/lib/watobo/adapters/file/marshal_store.rb +293 -296
  13. data/lib/watobo/adapters/session_store.rb +5 -14
  14. data/lib/watobo/ca.rb +1 -10
  15. data/lib/watobo/config.rb +197 -206
  16. data/lib/watobo/constants.rb +0 -9
  17. data/lib/watobo/core.rb +3 -12
  18. data/lib/watobo/core/active_check.rb +72 -135
  19. data/lib/watobo/core/active_checks.rb +49 -58
  20. data/lib/watobo/core/ca.rb +369 -389
  21. data/lib/watobo/core/cert_store.rb +34 -43
  22. data/lib/watobo/core/chat.rb +92 -101
  23. data/lib/watobo/core/chats.rb +271 -280
  24. data/lib/watobo/core/client_cert_store.rb +106 -35
  25. data/lib/watobo/core/conversation.rb +48 -57
  26. data/lib/watobo/core/cookie.rb +23 -32
  27. data/lib/watobo/core/egress_handlers.rb +98 -0
  28. data/lib/watobo/core/finding.rb +66 -75
  29. data/lib/watobo/core/findings.rb +107 -114
  30. data/lib/watobo/core/forwarding_proxy.rb +13 -22
  31. data/lib/watobo/core/fuzz_gen.rb +0 -9
  32. data/lib/watobo/core/intercept_carver.rb +166 -177
  33. data/lib/watobo/core/intercept_filter.rb +235 -244
  34. data/lib/watobo/core/interceptor.rb +98 -107
  35. data/lib/watobo/core/min_class.rb +4 -13
  36. data/lib/watobo/core/netfilter_queue.rb +170 -179
  37. data/lib/watobo/core/ott_cache.rb +132 -141
  38. data/lib/watobo/core/parameter.rb +43 -52
  39. data/lib/watobo/core/passive_check.rb +103 -102
  40. data/lib/watobo/core/passive_checks.rb +48 -57
  41. data/lib/watobo/core/passive_scanner.rb +54 -55
  42. data/lib/watobo/core/plugin.rb +11 -20
  43. data/lib/watobo/core/project.rb +3 -9
  44. data/lib/watobo/core/proxy.rb +43 -52
  45. data/lib/watobo/core/request.rb +125 -123
  46. data/lib/watobo/core/response.rb +44 -53
  47. data/lib/watobo/core/scanner.rb +0 -9
  48. data/lib/watobo/core/scanner3.rb +405 -414
  49. data/lib/watobo/core/scope.rb +83 -92
  50. data/lib/watobo/core/session.rb +1043 -1026
  51. data/lib/watobo/core/sid_cache.rb +98 -107
  52. data/lib/watobo/core/subscriber.rb +25 -34
  53. data/lib/watobo/defaults.rb +21 -30
  54. data/lib/watobo/external/diff/lcs.rb +0 -9
  55. data/lib/watobo/external/diff/lcs/array.rb +0 -9
  56. data/lib/watobo/external/diff/lcs/block.rb +0 -9
  57. data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
  58. data/lib/watobo/external/diff/lcs/change.rb +0 -9
  59. data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
  60. data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
  61. data/lib/watobo/external/diff/lcs/string.rb +0 -9
  62. data/lib/watobo/externals.rb +6 -15
  63. data/lib/watobo/framework.rb +4 -13
  64. data/lib/watobo/framework/create_project.rb +60 -69
  65. data/lib/watobo/framework/init.rb +0 -9
  66. data/lib/watobo/framework/init_modules.rb +0 -9
  67. data/lib/watobo/framework/license_text.rb +28 -37
  68. data/lib/watobo/framework/load_chat.rb +13 -22
  69. data/lib/watobo/gui.rb +132 -123
  70. data/lib/watobo/gui/about_watobo.rb +0 -9
  71. data/lib/watobo/gui/browser_preview.rb +0 -9
  72. data/lib/watobo/gui/certificate_dialog.rb +0 -9
  73. data/lib/watobo/gui/chat_diff.rb +0 -9
  74. data/lib/watobo/gui/chatviewer_frame.rb +73 -72
  75. data/lib/watobo/gui/checkboxtree.rb +0 -9
  76. data/lib/watobo/gui/checks_policy_frame.rb +0 -9
  77. data/lib/watobo/gui/client_cert_dialog.rb +96 -87
  78. data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
  79. data/lib/watobo/gui/conversation_table.rb +158 -164
  80. data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
  81. data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
  82. data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
  83. data/lib/watobo/gui/custom_viewer.rb +374 -383
  84. data/lib/watobo/gui/dashboard.rb +296 -303
  85. data/lib/watobo/gui/define_scope_frame.rb +0 -9
  86. data/lib/watobo/gui/differ_frame.rb +215 -224
  87. data/lib/watobo/gui/edit_comment.rb +0 -9
  88. data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
  89. data/lib/watobo/gui/export_dialog.rb +104 -113
  90. data/lib/watobo/gui/finding_info.rb +0 -9
  91. data/lib/watobo/gui/findings_tree.rb +210 -217
  92. data/lib/watobo/gui/full_scan_dialog.rb +0 -9
  93. data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
  94. data/lib/watobo/gui/fxsave_thread.rb +14 -0
  95. data/lib/watobo/gui/goto_url_dialog.rb +70 -79
  96. data/lib/watobo/gui/hex_viewer.rb +0 -9
  97. data/lib/watobo/gui/html_viewer.rb +287 -296
  98. data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
  99. data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
  100. data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
  101. data/lib/watobo/gui/json_viewer.rb +287 -0
  102. data/lib/watobo/gui/list_box.rb +101 -110
  103. data/lib/watobo/gui/log_file_viewer.rb +32 -41
  104. data/lib/watobo/gui/log_viewer.rb +83 -88
  105. data/lib/watobo/gui/login_wizzard.rb +0 -9
  106. data/lib/watobo/gui/main_window.rb +587 -618
  107. data/lib/watobo/gui/manual_request_editor.rb +620 -565
  108. data/lib/watobo/gui/master_pw_dialog.rb +0 -9
  109. data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
  110. data/lib/watobo/gui/page_tree.rb +217 -226
  111. data/lib/watobo/gui/password_policy_dialog.rb +0 -9
  112. data/lib/watobo/gui/plugin_board.rb +0 -9
  113. data/lib/watobo/gui/preferences_dialog.rb +0 -9
  114. data/lib/watobo/gui/progress_window.rb +17 -27
  115. data/lib/watobo/gui/project_wizzard.rb +0 -9
  116. data/lib/watobo/gui/proxy_dialog.rb +1 -10
  117. data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
  118. data/lib/watobo/gui/request_builder_frame.rb +102 -111
  119. data/lib/watobo/gui/request_editor.rb +181 -137
  120. data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
  121. data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
  122. data/lib/watobo/gui/save_chat_dialog.rb +140 -149
  123. data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
  124. data/lib/watobo/gui/select_chat_dialog.rb +0 -9
  125. data/lib/watobo/gui/session_management_dialog.rb +0 -9
  126. data/lib/watobo/gui/sites_tree.rb +0 -9
  127. data/lib/watobo/gui/status_bar.rb +0 -9
  128. data/lib/watobo/gui/table_editor.rb +0 -9
  129. data/lib/watobo/gui/tagless_viewer.rb +0 -9
  130. data/lib/watobo/gui/templates/plugin.rb +0 -9
  131. data/lib/watobo/gui/templates/plugin2.rb +92 -100
  132. data/lib/watobo/gui/templates/plugin_base.rb +144 -153
  133. data/lib/watobo/gui/text_viewer.rb +0 -9
  134. data/lib/watobo/gui/transcoder_window.rb +0 -9
  135. data/lib/watobo/gui/utils/gui_utils.rb +0 -9
  136. data/lib/watobo/gui/utils/init_icons.rb +86 -95
  137. data/lib/watobo/gui/utils/load_icons.rb +33 -42
  138. data/lib/watobo/gui/utils/load_plugins.rb +116 -119
  139. data/lib/watobo/gui/utils/master_password.rb +68 -77
  140. data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
  141. data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
  142. data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
  143. data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
  144. data/lib/watobo/gui/utils/session_history.rb +112 -121
  145. data/lib/watobo/gui/workspace_dialog.rb +0 -9
  146. data/lib/watobo/gui/www_auth_dialog.rb +0 -9
  147. data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
  148. data/lib/watobo/http.rb +4 -13
  149. data/lib/watobo/http/cookies/cookies.rb +26 -35
  150. data/lib/watobo/http/data/data.rb +45 -54
  151. data/lib/watobo/http/data/json.rb +47 -55
  152. data/lib/watobo/http/url/url.rb +38 -47
  153. data/lib/watobo/http/xml/xml.rb +124 -130
  154. data/lib/watobo/interceptor.rb +3 -12
  155. data/lib/watobo/interceptor/proxy.rb +742 -739
  156. data/lib/watobo/interceptor/transparent.rb +22 -24
  157. data/lib/watobo/mixins.rb +10 -19
  158. data/lib/watobo/mixins/check_info.rb +27 -36
  159. data/lib/watobo/mixins/httpparser.rb +613 -637
  160. data/lib/watobo/mixins/request_parser.rb +88 -97
  161. data/lib/watobo/mixins/shapers.rb +515 -529
  162. data/lib/watobo/mixins/transcoders.rb +3 -11
  163. data/lib/watobo/parser.rb +1 -10
  164. data/lib/watobo/parser/html.rb +83 -92
  165. data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
  166. data/lib/watobo/sockets.rb +3 -12
  167. data/lib/watobo/sockets/agent.rb +828 -837
  168. data/lib/watobo/sockets/client_socket.rb +308 -312
  169. data/lib/watobo/sockets/connection.rb +401 -410
  170. data/lib/watobo/sockets/http_socket.rb +11 -13
  171. data/lib/watobo/sockets/ntlm_auth.rb +129 -138
  172. data/lib/watobo/utils.rb +10 -19
  173. data/lib/watobo/utils/check_regex.rb +0 -9
  174. data/lib/watobo/utils/copy_object.rb +0 -9
  175. data/lib/watobo/utils/crypto.rb +0 -9
  176. data/lib/watobo/utils/expand_range.rb +23 -32
  177. data/lib/watobo/utils/export_xml.rb +97 -106
  178. data/lib/watobo/utils/file_management.rb +9 -11
  179. data/lib/watobo/utils/hexprint.rb +9 -18
  180. data/lib/watobo/utils/load_chat.rb +0 -9
  181. data/lib/watobo/utils/load_icon.rb +0 -9
  182. data/lib/watobo/utils/ntlm.rb +866 -875
  183. data/lib/watobo/utils/print_debug.rb +12 -21
  184. data/lib/watobo/utils/response_builder.rb +90 -99
  185. data/lib/watobo/utils/response_hash.rb +0 -9
  186. data/lib/watobo/utils/secure_eval.rb +0 -9
  187. data/lib/watobo/utils/strings.rb +10 -19
  188. data/lib/watobo/utils/text2request.rb +0 -9
  189. data/lib/watobo/utils/url.rb +23 -32
  190. data/lib/watobo/utils/utf16.rb +11 -20
  191. data/modules/active/Apache/mod_status.rb +0 -9
  192. data/modules/active/Apache/multiview.rb +151 -160
  193. data/modules/active/Flash/crossdomain.rb +0 -9
  194. data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
  195. data/modules/active/cq5/cq5_default_selectors.rb +106 -115
  196. data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
  197. data/modules/active/directories/dirwalker.rb +0 -9
  198. data/modules/active/discovery/fileextensions.rb +0 -9
  199. data/modules/active/discovery/http_methods.rb +0 -9
  200. data/modules/active/discovery/jsmapfiles.rb +79 -0
  201. data/modules/active/domino/domino_db.rb +68 -76
  202. data/modules/active/dotNET/custom_errors.rb +102 -111
  203. data/modules/active/dotNET/dotnet_files.rb +90 -99
  204. data/modules/active/fileinclusion/lfi_simple.rb +0 -9
  205. data/modules/active/jboss/jboss_basic.rb +0 -9
  206. data/modules/active/sap/business_objects.rb +51 -60
  207. data/modules/active/sap/its_commands.rb +0 -9
  208. data/modules/active/sap/its_service_parameter.rb +0 -9
  209. data/modules/active/sap/its_services.rb +0 -9
  210. data/modules/active/sap/its_xss.rb +0 -9
  211. data/modules/active/shell_shock/shell_shock.rb +139 -148
  212. data/modules/active/siebel/siebel_apps.rb +160 -169
  213. data/modules/active/sqlinjection/sql_boolean.rb +0 -9
  214. data/modules/active/sqlinjection/sql_numerical.rb +198 -0
  215. data/modules/active/sqlinjection/sqli_error.rb +0 -9
  216. data/modules/active/sqlinjection/sqli_timing.rb +220 -229
  217. data/modules/active/struts2/default_handler_ognl.rb +106 -115
  218. data/modules/active/struts2/include_params_ognl.rb +105 -114
  219. data/modules/active/xml/xml_xxe.rb +112 -123
  220. data/modules/active/xss/xss_ng.rb +214 -223
  221. data/modules/active/xss/xss_simple.rb +0 -9
  222. data/modules/passive/ajax.rb +68 -77
  223. data/modules/passive/autocomplete.rb +56 -65
  224. data/modules/passive/cookie_options.rb +0 -9
  225. data/modules/passive/cookie_xss.rb +0 -9
  226. data/modules/passive/detect_code.rb +0 -9
  227. data/modules/passive/detect_fileupload.rb +0 -9
  228. data/modules/passive/detect_infrastructure.rb +0 -9
  229. data/modules/passive/detect_one_time_tokens.rb +0 -9
  230. data/modules/passive/dirindexing.rb +0 -9
  231. data/modules/passive/disclosure_domino.rb +55 -64
  232. data/modules/passive/disclosure_emails.rb +0 -9
  233. data/modules/passive/disclosure_ipaddr.rb +55 -53
  234. data/modules/passive/filename_as_parameter.rb +0 -9
  235. data/modules/passive/form_spotter.rb +0 -9
  236. data/modules/passive/hidden_fields.rb +50 -59
  237. data/modules/passive/hotspots.rb +0 -9
  238. data/modules/passive/in_script_parameter.rb +0 -9
  239. data/modules/passive/json_web_token.rb +93 -0
  240. data/modules/passive/multiple_server_headers.rb +0 -9
  241. data/modules/passive/possible_login.rb +0 -9
  242. data/modules/passive/redirect_url.rb +0 -9
  243. data/modules/passive/redirectionz.rb +0 -9
  244. data/modules/passive/sap-headers.rb +56 -65
  245. data/modules/passive/xss_dom.rb +0 -9
  246. data/plugins/aem/aem.rb +11 -20
  247. data/plugins/aem/gui/main.rb +118 -127
  248. data/plugins/aem/gui/tree_view.rb +171 -180
  249. data/plugins/aem/lib/agent.rb +130 -138
  250. data/plugins/aem/lib/dispatcher.rb +45 -51
  251. data/plugins/aem/lib/engine.rb +177 -186
  252. data/plugins/catalog/catalog.rb +345 -355
  253. data/plugins/crawler/crawler.rb +4 -13
  254. data/plugins/crawler/gui.rb +5 -14
  255. data/plugins/crawler/gui/auth_frame.rb +270 -279
  256. data/plugins/crawler/gui/crawler_gui.rb +271 -276
  257. data/plugins/crawler/gui/general_settings_frame.rb +96 -105
  258. data/plugins/crawler/gui/hooks_frame.rb +80 -89
  259. data/plugins/crawler/gui/scope_frame.rb +50 -59
  260. data/plugins/crawler/gui/settings_tabbook.rb +38 -47
  261. data/plugins/crawler/gui/status_frame.rb +59 -68
  262. data/plugins/crawler/lib/bags.rb +18 -27
  263. data/plugins/crawler/lib/constants.rb +11 -20
  264. data/plugins/crawler/lib/engine.rb +488 -497
  265. data/plugins/crawler/lib/grabber.rb +68 -77
  266. data/plugins/crawler/lib/status.rb +71 -80
  267. data/plugins/crawler/lib/uri_mp.rb +12 -21
  268. data/plugins/filefinder/filefinder.rb +326 -333
  269. data/plugins/sqlmap/bin/test.rb +78 -87
  270. data/plugins/sqlmap/gui.rb +4 -13
  271. data/plugins/sqlmap/gui/main.rb +218 -227
  272. data/plugins/sqlmap/gui/options_frame.rb +97 -106
  273. data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
  274. data/plugins/sqlmap/sqlmap.rb +2 -11
  275. data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
  276. data/plugins/sslchecker/gui/cipher_table.rb +246 -254
  277. data/plugins/sslchecker/gui/gui.rb +258 -264
  278. data/plugins/sslchecker/gui/sslchecker.rb +4 -13
  279. data/plugins/sslchecker/lib/check.rb +127 -133
  280. data/plugins/wshell/gui/main.rb +119 -117
  281. data/plugins/wshell/lib/core.rb +38 -88
  282. data/plugins/wshell/wshell.rb +11 -20
  283. metadata +170 -164
@@ -1,12 +1,3 @@
1
- #.
2
- # disclosure_emails.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
2
  module Watobo#:nodoc: all
12
3
  module Modules
@@ -1,80 +1,82 @@
1
- #.
2
- # disclosure_ipaddr.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
-
11
- # @private
12
- module Watobo#:nodoc: all
1
+ # @private
2
+ module Watobo #:nodoc: all
13
3
  module Modules
14
4
  module Passive
15
-
5
+
16
6
  class Disclosure_ipaddr < Watobo::PassiveCheck
17
-
7
+
18
8
  def initialize(project)
19
9
  @project = project
20
10
  super(project)
21
11
  @info.update(
22
- :check_name => 'IP Adress Disclosure', # name of check which briefly describes functionality, will be used for tree and progress views
23
- :description => 'Looks for (internal) IP adresses.', # description of checkfunction
24
- :author => "Andreas Schmidt", # author of check
25
- :version => "0.9" # check version
12
+ :check_name => 'IP Adress Disclosure', # name of check which briefly describes functionality, will be used for tree and progress views
13
+ :description => 'Looks for (internal) IP adresses.', # description of checkfunction
14
+ :author => "Andreas Schmidt", # author of check
15
+ :version => "0.9" # check version
26
16
  )
27
-
17
+
28
18
  @finding.update(
29
- :threat => 'Internal information may be revealed, which could help an attacker to prepare further attacks', # thread of vulnerability, e.g. loss of information
30
- :class => "IP Adress Disclosure",# vulnerability class, e.g. Stored XSS, SQL-Injection, ...
31
- :type => FINDING_TYPE_INFO, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
32
- :measure => "Remove all information which reveal internal information."
33
- )
34
-
19
+ :threat => 'Internal information may be revealed, which could help an attacker to prepare further attacks', # thread of vulnerability, e.g. loss of information
20
+ :class => "IP Adress Disclosure", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
21
+ :type => FINDING_TYPE_INFO, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
22
+ :measure => "Remove all information which reveal internal information."
23
+ )
24
+
35
25
  @pattern = '[^\d\.](\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})[^(\d\.)]+?'
36
-
26
+
37
27
  @known_ips = []
38
28
  end
39
-
29
+
40
30
  def do_test(chat)
41
31
  begin
42
32
  # puts "running module: #{Module.nesting[0].name}"
43
33
  return false if chat.response.nil?
44
- return false unless chat.response.has_body?
45
- if chat.response.content_type =~ /(text|script)/ then
46
- body = chat.response.body_encoded
47
- body.scan(/#{@pattern}/) { |match|
48
- ip_addr = match.first
49
- octets = ip_addr.split('.')
50
- isIP = true
51
- octets.each do |o|
52
- isIP = false if o.to_i > 255
53
- end
54
- if isIP then
55
- if ip_addr =~ /^10\./ or (ip_addr =~ /^192.168/) or ( octets[0] == "172" && (16..32).include?(octects[1].to_i) )
56
- title = "Private IP: #{ip_addr}"
57
- else
58
- title = "Public IP: #{ip_addr}"
59
- end
60
- dummy = chat.request.site + ":" + ip_addr
61
- if not @known_ips.include?(dummy)
62
- addFinding( :proof_pattern => ip_addr,
63
- :chat => chat,
64
- :title => title)
65
- @known_ips.push dummy
66
- end
67
- end
68
- }
34
+ data = chat.response.headers
35
+ # remove Location header
36
+ while mi=data.index { |i| i=~ /^Location/i }
37
+ data.delete_at mi
38
+ end
39
+
40
+ data = data.join
41
+ unless chat.response.has_body?
42
+ if chat.response.content_type =~ /(text|script)/ then
43
+ body = chat.response.body_encoded
44
+ data << body
45
+ end
69
46
  end
47
+
48
+ data.scan(/#{@pattern}/) { |match|
49
+ ip_addr = match.first
50
+ octets = ip_addr.split('.')
51
+ isIP = true
52
+ octets.each do |o|
53
+ isIP = false if o.to_i > 255
54
+ end
55
+ if isIP then
56
+ if ip_addr =~ /^10\./ or (ip_addr =~ /^192.168/) or (octets[0] == "172" && (16..32).include?(octets[1].to_i))
57
+ title = "Private IP: #{ip_addr}"
58
+ else
59
+ title = "Public IP: #{ip_addr}"
60
+ end
61
+ dummy = chat.request.site + ":" + ip_addr
62
+ if not @known_ips.include?(dummy)
63
+ addFinding(:proof_pattern => ip_addr,
64
+ :chat => chat,
65
+ :title => title)
66
+ @known_ips.push dummy
67
+ end
68
+ end
69
+ }
70
+
70
71
  rescue => bang
71
72
  # raise
72
73
  puts "ERROR!! #{Module.nesting[0].name}"
73
74
  puts bang
75
+ puts bang.backtrace if $DEBUG
74
76
  end
75
77
  end
76
78
  end
77
-
79
+
78
80
  end
79
81
  end
80
82
  end
@@ -1,12 +1,3 @@
1
- #.
2
- # filename_as_parameter.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
2
  module Watobo#:nodoc: all
12
3
  module Modules
@@ -1,12 +1,3 @@
1
- #.
2
- # form_spotter.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
2
  module Watobo#:nodoc: all
12
3
  module Modules
@@ -1,45 +1,36 @@
1
- #.
2
- # hidden_fields.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
- module Watobo#:nodoc: all
12
- module Modules
13
- module Passive
14
-
15
-
16
- class Hidden_fields < Watobo::PassiveCheck
17
- def initialize(project)
18
- @project = project
19
- super(project)
20
-
21
- @info.update(
22
- :check_name => 'Hidden Fields', # name of check which briefly describes functionality, will be used for tree and progress views
23
- :description => "Detects all hidden fields", # description of checkfunction
24
- :author => "Andreas Schmidt", # author of check
25
- :version => "1.0" # check version
26
- )
27
-
28
- @finding.update(
29
- :threat => 'Hidden field parameters sometimes are accepted as input variables.', # thread of vulnerability, e.g. loss of information
30
- :class => "Hidden Fields", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
31
- :type => FINDING_TYPE_INFO, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
32
- :measure => "N/A"
33
- )
34
-
35
-
36
- end
37
-
38
- def do_test(chat)
39
- begin
40
-
41
- if chat.response.content_type =~ /(text|script)/ and chat.response.status !~ /404/ and chat.response.has_body? then
42
- doc = Nokogiri::HTML(chat.response.body)
2
+ module Watobo#:nodoc: all
3
+ module Modules
4
+ module Passive
5
+
6
+
7
+ class Hidden_fields < Watobo::PassiveCheck
8
+ def initialize(project)
9
+ @project = project
10
+ super(project)
11
+
12
+ @info.update(
13
+ :check_name => 'Hidden Fields', # name of check which briefly describes functionality, will be used for tree and progress views
14
+ :description => "Detects all hidden fields", # description of checkfunction
15
+ :author => "Andreas Schmidt", # author of check
16
+ :version => "1.0" # check version
17
+ )
18
+
19
+ @finding.update(
20
+ :threat => 'Hidden field parameters sometimes are accepted as input variables.', # thread of vulnerability, e.g. loss of information
21
+ :class => "Hidden Fields", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
22
+ :type => FINDING_TYPE_INFO, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
23
+ :measure => "N/A"
24
+ )
25
+
26
+
27
+ end
28
+
29
+ def do_test(chat)
30
+ begin
31
+
32
+ if chat.response.content_type =~ /(text|script)/ and chat.response.status !~ /404/ and chat.response.has_body? then
33
+ doc = Nokogiri::HTML(chat.response.body)
43
34
  doc.xpath('//input[@type="hidden"]').each do |i|
44
35
  pp = "<input[^<]+name=.#{i[:name]}[^<]+/?>"
45
36
  #pp = Regexp.quote(tag)
@@ -47,21 +38,21 @@ module Watobo#:nodoc: all
47
38
  #pp.gsub!(/['"]/,".")
48
39
  # also nokogiro removes trailing /
49
40
  #pp.gsub!(/>$/, "/?>")
50
- addFinding(
51
- :proof_pattern => pp,
52
- :title => "#{i[:name]}",
53
- :chat => chat
54
- )
55
- end
56
- end
57
- rescue => bang
58
- # raise
59
- puts "ERROR!! #{Module.nesting[0].name}"
60
- puts bang
61
- puts bang.backtrace if $DEBUG
62
- end
63
- end
64
- end
65
- end
66
- end
67
- end
41
+ addFinding(
42
+ :proof_pattern => pp,
43
+ :title => "#{i[:name]}",
44
+ :chat => chat
45
+ )
46
+ end
47
+ end
48
+ rescue => bang
49
+ # raise
50
+ puts "ERROR!! #{Module.nesting[0].name}"
51
+ puts bang
52
+ puts bang.backtrace if $DEBUG
53
+ end
54
+ end
55
+ end
56
+ end
57
+ end
58
+ end
@@ -1,12 +1,3 @@
1
- #.
2
- # hotspots.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
2
  module Watobo#:nodoc: all
12
3
  module Modules
@@ -1,12 +1,3 @@
1
- #.
2
- # in_script_parameter.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  require 'cgi'
11
2
  # @private
12
3
  module Watobo#:nodoc: all
@@ -0,0 +1,93 @@
1
+ # @private
2
+ module Watobo #:nodoc: all
3
+ module Modules
4
+ module Passive
5
+
6
+
7
+ class Json_web_token < Watobo::PassiveCheck
8
+
9
+
10
+ def initialize(project)
11
+ @project = project
12
+ super(project)
13
+ begin
14
+ @info.update(
15
+ :check_name => 'Detect JSON Web Tokens', # name of check which briefly describes functionality, will be used for tree and progress views
16
+ :description => "This module detects JSON Web Tokens which are used for authentication purposes.", # description of checkfunction
17
+ :author => "Andreas Schmidt", # author of check
18
+ :version => "1.0" # check version
19
+ )
20
+
21
+ @finding.update(
22
+ :threat => 'Informational', # thread of vulnerability, e.g. loss of information
23
+ :class => "JSON Web Token", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
24
+ :type => FINDING_TYPE_HINT # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
25
+ )
26
+
27
+
28
+ @pattern_list = []
29
+ #@pattern_list << "access_token"
30
+ @pattern_list << '.*_token'
31
+ rescue => bang
32
+ puts bang
33
+ puts bang.backtrace if $DEBUG
34
+ end
35
+ end
36
+
37
+ def do_test(chat)
38
+ # check for Bearer Authentication Scheme
39
+ # Authorization: Bearer e...
40
+ begin
41
+ pattern = 'Authorization.*Bearer(.*)'
42
+ chat.request.headers do |header|
43
+ if header =~ /#{pattern}/i then
44
+ match = $1.strip
45
+ addFinding(
46
+ :check_pattern => "#{pattern}",
47
+ :proof_pattern => "#{match}",
48
+ :title => "[Bearer Authentication Scheme] - #{chat.request.path}",
49
+ :chat => chat
50
+ )
51
+ end
52
+
53
+ end
54
+ rescue => bang
55
+ puts "ERROR!! #{Module.nesting[0].name}"
56
+ puts bang
57
+ end
58
+
59
+ # check cookies
60
+ pattern = '.*_token'
61
+ chat.response.new_cookies do |c|
62
+ begin
63
+ if c.name =~ /#{pattern}/
64
+ e = c.value.split('.')
65
+ next if e.size != 3
66
+ # parse jwt header
67
+ th = JSON.parse( Base64.decode64(e[0]))
68
+ # parse jwt payload
69
+ tp = JSON.parse( Base64.decode64(e[1]))
70
+
71
+ # if we reach this point everything is fine
72
+ addFinding(
73
+ :check_pattern => "#{pattern}",
74
+ :proof_pattern => "#{c.value}",
75
+ :title => "[Cookie] - #{chat.request.path}",
76
+ :chat => chat
77
+ )
78
+ end
79
+ rescue => bang
80
+ # print error only in debug mode
81
+ if $DEBUG
82
+ puts "ERROR!! #{Module.nesting[0].name}"
83
+ puts bang
84
+ end
85
+ end
86
+ end
87
+
88
+ end
89
+ end
90
+
91
+ end
92
+ end
93
+ end
@@ -1,12 +1,3 @@
1
- #.
2
- # multiple_server_headers.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
2
  module Watobo#:nodoc: all
12
3
  module Modules
@@ -1,12 +1,3 @@
1
- #.
2
- # possible_login.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
2
  module Watobo#:nodoc: all
12
3
  module Modules
@@ -1,12 +1,3 @@
1
- #.
2
- # redirect_url.rb
3
- #.
4
- # Copyright 2014 by siberas, http://www.siberas.de
5
- # This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
6
- # WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
7
- # WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
8
- # You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
9
-
10
1
  # @private
11
2
  module Watobo#:nodoc: all
12
3
  module Modules