watobo 0.9.8.677
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/bin/watobo_gui.rb +39 -0
- data/certificates/cert.pem +19 -0
- data/certificates/privkey.pem +15 -0
- data/certificates/watobo_dh.key +5 -0
- data/config/datastore.yml +5 -0
- data/config/forwarding_proxy.yml +12 -0
- data/config/general.yml +4 -0
- data/config/gui.yml +23 -0
- data/config/interceptor.yml +16 -0
- data/config/scan_policy.yml +13 -0
- data/config/scanner.yml +34 -0
- data/icons/Add.ico +0 -0
- data/icons/Add_24x24.ico +0 -0
- data/icons/Bandwidth.ico +0 -0
- data/icons/Bandwidth_24x24.ico +0 -0
- data/icons/Mr. Bomb.ico +0 -0
- data/icons/Mr. Bomb_16x16.ico +0 -0
- data/icons/Mr. Bomb_24x24.ico +0 -0
- data/icons/Orange Ball.ico +0 -0
- data/icons/Orange Ball_16x16.ico +0 -0
- data/icons/Orange Ball_24x24.ico +0 -0
- data/icons/Pause.ico +0 -0
- data/icons/Play.ico +0 -0
- data/icons/Play_24x24.ico +0 -0
- data/icons/Red Ball.ico +0 -0
- data/icons/Red Ball_16x16.ico +0 -0
- data/icons/Red Ball_24x24.ico +0 -0
- data/icons/Run.ico +0 -0
- data/icons/Stop.ico +0 -0
- data/icons/Stop_24x24.ico +0 -0
- data/icons/Terminal.ico +0 -0
- data/icons/Transfer.ico +0 -0
- data/icons/Transfer_16x16.ico +0 -0
- data/icons/User.ico +0 -0
- data/icons/User_16x16.ico +0 -0
- data/icons/User_24x24.ico +0 -0
- data/icons/Web Browser.ico +0 -0
- data/icons/Web Browser_16x16.ico +0 -0
- data/icons/Write Document.ico +0 -0
- data/icons/Yellow Ball.ico +0 -0
- data/icons/Yellow Ball_16x16.ico +0 -0
- data/icons/Yellow Ball_24x24.ico +0 -0
- data/icons/advanced.ico +0 -0
- data/icons/advanced_16x16.ico +0 -0
- data/icons/advanced_24x24.ico +0 -0
- data/icons/applications.ico +0 -0
- data/icons/applications_16x16.ico +0 -0
- data/icons/applications_24x24.ico +0 -0
- data/icons/browser_16x16.ico +0 -0
- data/icons/browser_24x24.ico +0 -0
- data/icons/burn.ico +0 -0
- data/icons/burn_16x16.ico +0 -0
- data/icons/burn_24x24.ico +0 -0
- data/icons/calculator.ico +0 -0
- data/icons/calculator_24x24.ico +0 -0
- data/icons/cb_checked.ico +0 -0
- data/icons/cb_checked_orange.ico +0 -0
- data/icons/cb_unchecked.ico +0 -0
- data/icons/coin_24x24.ico +0 -0
- data/icons/conversation.ico +0 -0
- data/icons/conversation_24x24.ico +0 -0
- data/icons/engine.ico +0 -0
- data/icons/filter.ico +0 -0
- data/icons/folder.ico +0 -0
- data/icons/folder_16x16.ico +0 -0
- data/icons/fuzzer_16x16.ico +0 -0
- data/icons/fuzzer_24x24.ico +0 -0
- data/icons/go-down_16x16.png +0 -0
- data/icons/go-up_16x16.png +0 -0
- data/icons/help.ico +0 -0
- data/icons/help_16x16.ico +0 -0
- data/icons/help_24x24.ico +0 -0
- data/icons/iChat.ico +0 -0
- data/icons/iChat_16x16.ico +0 -0
- data/icons/iChat_24x24.ico +0 -0
- data/icons/icons.txt +3 -0
- data/icons/info.ico +0 -0
- data/icons/info_16x16.ico +0 -0
- data/icons/info_24x24.ico +0 -0
- data/icons/interceptor_24x24.ico +0 -0
- data/icons/lock.ico +0 -0
- data/icons/lock_12x12.ico +0 -0
- data/icons/lock_16x16.ico +0 -0
- data/icons/monitor.ico +0 -0
- data/icons/plugin.ico +0 -0
- data/icons/plugin_24x24.ico +0 -0
- data/icons/scan_16x16.png +0 -0
- data/icons/send.ico +0 -0
- data/icons/server.ico +0 -0
- data/icons/server_16x16.ico +0 -0
- data/icons/siberas_logo_x24.gif +0 -0
- data/icons/tag_blue_32x32.ico +0 -0
- data/icons/watobo-48x48.png +0 -0
- data/icons/watobo-logo.png +0 -0
- data/icons/watobo.ico +0 -0
- data/lib/watobo/adapters/data_store.rb +38 -0
- data/lib/watobo/adapters/file/file_store.rb +211 -0
- data/lib/watobo/adapters/session_store.rb +27 -0
- data/lib/watobo/adapters.rb +26 -0
- data/lib/watobo/config.rb +143 -0
- data/lib/watobo/constants.rb +92 -0
- data/lib/watobo/core/active_check.rb +404 -0
- data/lib/watobo/core/cookie.rb +69 -0
- data/lib/watobo/core/fuzz_gen.rb +160 -0
- data/lib/watobo/core/http_socket.rb +142 -0
- data/lib/watobo/core/interceptor.rb +729 -0
- data/lib/watobo/core/passive_check.rb +141 -0
- data/lib/watobo/core/project.rb +1058 -0
- data/lib/watobo/core/scanner.rb +396 -0
- data/lib/watobo/core/session.rb +1320 -0
- data/lib/watobo/core/simple_ca.rb +393 -0
- data/lib/watobo/core.rb +34 -0
- data/lib/watobo/defaults.rb +40 -0
- data/lib/watobo/external/diff/lcs/array.rb +42 -0
- data/lib/watobo/external/diff/lcs/block.rb +72 -0
- data/lib/watobo/external/diff/lcs/callbacks.rb +343 -0
- data/lib/watobo/external/diff/lcs/change.rb +190 -0
- data/lib/watobo/external/diff/lcs/hunk.rb +279 -0
- data/lib/watobo/external/diff/lcs/ldiff.rb +247 -0
- data/lib/watobo/external/diff/lcs/string.rb +40 -0
- data/lib/watobo/external/diff/lcs.rb +1124 -0
- data/lib/watobo/external/ntlm/ntlm.rb +797 -0
- data/lib/watobo/externals.rb +28 -0
- data/lib/watobo/framework/create_project.rb +55 -0
- data/lib/watobo/framework/init.rb +149 -0
- data/lib/watobo/framework/init_modules.rb +116 -0
- data/lib/watobo/framework/license_text.rb +50 -0
- data/lib/watobo/framework.rb +26 -0
- data/lib/watobo/gui/about_watobo.rb +68 -0
- data/lib/watobo/gui/browser_preview.rb +460 -0
- data/lib/watobo/gui/certificate_dialog.rb +132 -0
- data/lib/watobo/gui/chat_diff.rb +415 -0
- data/lib/watobo/gui/chatviewer_frame.rb +427 -0
- data/lib/watobo/gui/checkboxtree.rb +221 -0
- data/lib/watobo/gui/checks_policy_frame.rb +123 -0
- data/lib/watobo/gui/client_cert_dialog.rb +227 -0
- data/lib/watobo/gui/confirm_scan_dialog.rb +67 -0
- data/lib/watobo/gui/conversation_table.rb +386 -0
- data/lib/watobo/gui/conversation_table_ctrl.rb +175 -0
- data/lib/watobo/gui/csrf_token_dialog.rb +446 -0
- data/lib/watobo/gui/dashboard.rb +341 -0
- data/lib/watobo/gui/define_scope_frame.rb +380 -0
- data/lib/watobo/gui/edit_comment.rb +70 -0
- data/lib/watobo/gui/edit_scope_dialog.rb +69 -0
- data/lib/watobo/gui/finding_info.rb +212 -0
- data/lib/watobo/gui/findings_tree.rb +459 -0
- data/lib/watobo/gui/full_scan_dialog.rb +269 -0
- data/lib/watobo/gui/fuzzer_gui.rb +1522 -0
- data/lib/watobo/gui/hex_viewer.rb +106 -0
- data/lib/watobo/gui/interceptor_gui.rb +994 -0
- data/lib/watobo/gui/interceptor_settings_dialog.rb +201 -0
- data/lib/watobo/gui/log_viewer.rb +97 -0
- data/lib/watobo/gui/login_wizzard.rb +301 -0
- data/lib/watobo/gui/main_window.rb +1815 -0
- data/lib/watobo/gui/manual_request_editor.rb +1105 -0
- data/lib/watobo/gui/master_pw_dialog.rb +142 -0
- data/lib/watobo/gui/password_policy_dialog.rb +98 -0
- data/lib/watobo/gui/plugin/base.rb +82 -0
- data/lib/watobo/gui/plugin_board.rb +95 -0
- data/lib/watobo/gui/preferences_dialog.rb +116 -0
- data/lib/watobo/gui/progress_window.rb +102 -0
- data/lib/watobo/gui/project_wizzard.rb +369 -0
- data/lib/watobo/gui/proxy_dialog.rb +550 -0
- data/lib/watobo/gui/quick_scan_dialog.rb +242 -0
- data/lib/watobo/gui/request_editor.rb +480 -0
- data/lib/watobo/gui/save_chat_dialog.rb +158 -0
- data/lib/watobo/gui/scanner_settings_dialog.rb +360 -0
- data/lib/watobo/gui/select_chat_dialog.rb +169 -0
- data/lib/watobo/gui/session_management_dialog.rb +688 -0
- data/lib/watobo/gui/sites_tree.rb +347 -0
- data/lib/watobo/gui/status_bar.rb +88 -0
- data/lib/watobo/gui/table_editor.rb +445 -0
- data/lib/watobo/gui/tagless_viewer.rb +62 -0
- data/lib/watobo/gui/templates/plugin.rb +80 -0
- data/lib/watobo/gui/templates/plugin2.rb +103 -0
- data/lib/watobo/gui/text_viewer.rb +247 -0
- data/lib/watobo/gui/transcoder_window.rb +215 -0
- data/lib/watobo/gui/utils/gui_utils.rb +129 -0
- data/lib/watobo/gui/utils/init_icons.rb +106 -0
- data/lib/watobo/gui/utils/load_icons.rb +54 -0
- data/lib/watobo/gui/utils/load_plugins.rb +94 -0
- data/lib/watobo/gui/utils/master_password.rb +90 -0
- data/lib/watobo/gui/utils/save_default_settings.rb +99 -0
- data/lib/watobo/gui/utils/save_project_settings.rb +21 -0
- data/lib/watobo/gui/utils/save_proxy_settings.rb +45 -0
- data/lib/watobo/gui/utils/save_session_settings.rb +21 -0
- data/lib/watobo/gui/utils/session_history.rb +134 -0
- data/lib/watobo/gui/workspace_dialog.rb +89 -0
- data/lib/watobo/gui/www_auth_dialog.rb +348 -0
- data/lib/watobo/gui/xml_viewer_frame.rb +114 -0
- data/lib/watobo/gui.rb +139 -0
- data/lib/watobo/mixins/httpparser.rb +664 -0
- data/lib/watobo/mixins/request_parser.rb +210 -0
- data/lib/watobo/mixins/shapers.rb +345 -0
- data/lib/watobo/mixins/transcoders.rb +88 -0
- data/lib/watobo/mixins.rb +32 -0
- data/lib/watobo/utils/check_regex.rb +36 -0
- data/lib/watobo/utils/copy_object.rb +29 -0
- data/lib/watobo/utils/crypto.rb +74 -0
- data/lib/watobo/utils/expand_range.rb +45 -0
- data/lib/watobo/utils/file_management.rb +73 -0
- data/lib/watobo/utils/load_chat.rb +219 -0
- data/lib/watobo/utils/load_icon.rb +47 -0
- data/lib/watobo/utils/print_debug.rb +34 -0
- data/lib/watobo/utils/response_hash.rb +143 -0
- data/lib/watobo/utils/secure_eval.rb +57 -0
- data/lib/watobo/utils/text2request.rb +96 -0
- data/lib/watobo/utils.rb +32 -0
- data/lib/watobo.rb +76 -0
- data/modules/active/Apache/mod_status.rb +123 -0
- data/modules/active/Flash/crossdomain.rb +102 -0
- data/modules/active/directories/dirwalker.rb +89 -0
- data/modules/active/discovery/fileextensions.rb +151 -0
- data/modules/active/discovery/http_methods.rb +135 -0
- data/modules/active/domino/domino_db.lst +164 -0
- data/modules/active/domino/domino_db.rb +128 -0
- data/modules/active/fileinclusion/lfi_simple.rb +134 -0
- data/modules/active/jboss/jboss_basic.rb +119 -0
- data/modules/active/sap/business_objects.rb +73 -0
- data/modules/active/sap/its_commands.rb +101 -0
- data/modules/active/sap/its_service_parameter.rb +105 -0
- data/modules/active/sap/its_services.rb +103 -0
- data/modules/active/sap/its_xss.rb +98 -0
- data/modules/active/sqlinjection/sql_boolean.rb +262 -0
- data/modules/active/sqlinjection/sqli_simple.rb +205 -0
- data/modules/active/xss/xss_simple.rb +179 -0
- data/modules/passive/cookie_options.rb +97 -0
- data/modules/passive/cookie_xss.rb +85 -0
- data/modules/passive/detect_code.rb +89 -0
- data/modules/passive/detect_fileupload.rb +80 -0
- data/modules/passive/detect_infrastructure.rb +98 -0
- data/modules/passive/detect_one_time_tokens.rb +86 -0
- data/modules/passive/dirindexing.rb +81 -0
- data/modules/passive/disclosure_emails.rb +82 -0
- data/modules/passive/disclosure_ipaddr.rb +87 -0
- data/modules/passive/filename_as_parameter.rb +85 -0
- data/modules/passive/form_spotter.rb +75 -0
- data/modules/passive/hotspots.rb +86 -0
- data/modules/passive/in_script_parameter.rb +92 -0
- data/modules/passive/multiple_server_headers.rb +98 -0
- data/modules/passive/possible_login.rb +134 -0
- data/modules/passive/redirect_url.rb +88 -0
- data/modules/passive/redirectionz.rb +96 -0
- data/modules/passive/xss_dom.rb +91 -0
- data/plugins/catalog/catalog.ico +0 -0
- data/plugins/catalog/catalog.rb +726 -0
- data/plugins/catalog/db_tests +6483 -0
- data/plugins/catalog/db_variables +29 -0
- data/plugins/filefinder/dbs/hbci.db +12 -0
- data/plugins/filefinder/filefinder.rb +602 -0
- data/plugins/sslchecker/cli/sslchecker_cli.rb +21 -0
- data/plugins/sslchecker/gui/cipher_table.rb +260 -0
- data/plugins/sslchecker/gui/gui.rb +245 -0
- data/plugins/sslchecker/gui/sslchecker.rb +26 -0
- data/plugins/sslchecker/icons/green_16x16.ico +0 -0
- data/plugins/sslchecker/icons/grey_16x16.ico +0 -0
- data/plugins/sslchecker/icons/red_16x16.ico +0 -0
- data/plugins/sslchecker/icons/sslchecker.ico +0 -0
- data/plugins/sslchecker/lib/check.rb +117 -0
- metadata +317 -0
|
@@ -0,0 +1,179 @@
|
|
|
1
|
+
# .
|
|
2
|
+
# xss_simple.rb
|
|
3
|
+
#
|
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
|
5
|
+
#
|
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
|
7
|
+
# http://watobo.sourceforge.com
|
|
8
|
+
#
|
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
|
12
|
+
#
|
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
16
|
+
# GNU General Public License for more details.
|
|
17
|
+
#
|
|
18
|
+
# You should have received a copy of the GNU General Public License
|
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
21
|
+
# .
|
|
22
|
+
module Watobo
|
|
23
|
+
module Modules
|
|
24
|
+
module Active
|
|
25
|
+
module Xss
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
class Xss_simple < Watobo::ActiveCheck
|
|
29
|
+
|
|
30
|
+
def initialize(project, prefs={})
|
|
31
|
+
super(project, prefs)
|
|
32
|
+
|
|
33
|
+
threat =<<'EOF'
|
|
34
|
+
Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance.
|
|
35
|
+
A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser
|
|
36
|
+
within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to
|
|
37
|
+
VBScript, ActiveX, Java, Flash, or any other browser-supported technology.
|
|
38
|
+
|
|
39
|
+
When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the
|
|
40
|
+
hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible
|
|
41
|
+
by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another
|
|
42
|
+
location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially
|
|
43
|
+
compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content
|
|
44
|
+
from the file system may execute code under the local machine zone allowing for system compromise.
|
|
45
|
+
|
|
46
|
+
Source: http://projects.webappsec.org/Cross-Site+Scripting
|
|
47
|
+
EOF
|
|
48
|
+
|
|
49
|
+
measure = "All user input should be filtered and/or escaped using a method appropriate for the output context"
|
|
50
|
+
|
|
51
|
+
@info.update(
|
|
52
|
+
:check_name => 'Simple Cross Site Scripting Checks', # name of check which briefly describes functionality, will be used for tree and progress views
|
|
53
|
+
:check_group => AC_GROUP_XSS,
|
|
54
|
+
:description => "Check for every parameter if response contains XSS'able content.", # description of checkfunction
|
|
55
|
+
:author => "Andreas Schmidt", # author of check
|
|
56
|
+
:version => "0.9" # check version
|
|
57
|
+
)
|
|
58
|
+
|
|
59
|
+
@finding.update(
|
|
60
|
+
:threat => threat, # thread of vulnerability, e.g. loss of information
|
|
61
|
+
:class => "Reflected XSS", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
|
|
62
|
+
:type => FINDING_TYPE_VULN, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
|
|
63
|
+
:rating => VULN_RATING_HIGH,
|
|
64
|
+
:measure => measure
|
|
65
|
+
)
|
|
66
|
+
|
|
67
|
+
@xss_checks=[
|
|
68
|
+
["<script>watobo</script>", "<script>watobo</script>"],
|
|
69
|
+
["%3Cscript%3Ewatobo%3C/script%3E", "<script>watobo</script>"],
|
|
70
|
+
["%0a<script>watobo</script>", "<script>watobo</script>"], # prepend %0A can circumvent checks ... seen in the wild
|
|
71
|
+
["%0a%3Cscript%3Ewatobo%3C/script%3E", "<script>watobo</script>"], # prepend %0A can circumvent checks ... seen in the wild
|
|
72
|
+
["<watobo", "<watobo"],
|
|
73
|
+
["%00<watobo", "<watobo"],
|
|
74
|
+
["%3Cwatobo%3E", "<watobo>"],
|
|
75
|
+
]
|
|
76
|
+
|
|
77
|
+
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
|
|
81
|
+
def generateChecks(chat)
|
|
82
|
+
#
|
|
83
|
+
# Check GET-Parameters
|
|
84
|
+
#
|
|
85
|
+
begin
|
|
86
|
+
|
|
87
|
+
|
|
88
|
+
chat.request.get_parm_names.each do |parm|
|
|
89
|
+
# puts parm
|
|
90
|
+
# puts "#{Module.nesting[0].name}: run check on chat-id (#{chat.id}) with parm (#{parm})"
|
|
91
|
+
@xss_checks.each do |check, pattern|
|
|
92
|
+
checker = proc {
|
|
93
|
+
test_request = nil
|
|
94
|
+
test_response = nil
|
|
95
|
+
test = chat.copyRequest
|
|
96
|
+
test.replace_get_parm(parm, check)
|
|
97
|
+
test_request,test_response = doRequest(test)
|
|
98
|
+
|
|
99
|
+
if not test_response then
|
|
100
|
+
puts "got no respons :("
|
|
101
|
+
elsif test_response.join =~ /(#{pattern})/i
|
|
102
|
+
match = $1
|
|
103
|
+
# puts "found xss (get)"
|
|
104
|
+
# test_chat = Chat.new(test,test_response,chat.id)
|
|
105
|
+
|
|
106
|
+
# resource = "/" + test_request.resource
|
|
107
|
+
|
|
108
|
+
addFinding(test_request, test_response,
|
|
109
|
+
:check_pattern => "#{check}",
|
|
110
|
+
:proof_pattern => "#{match}",
|
|
111
|
+
:test_item => parm,
|
|
112
|
+
:class => "Reflected XSS [GET]",
|
|
113
|
+
:chat => chat,
|
|
114
|
+
:title => "[#{parm}] - #{test_request.path}"
|
|
115
|
+
)
|
|
116
|
+
end
|
|
117
|
+
#@project.new_finding(:short_name=>"#{parm}", :check=>"#{check}", :proof=>"#{pattern}", :kategory=>"XSS-Post", :type=>"Vuln", :chat=>test_chat, :rating=>"High")
|
|
118
|
+
[ test_request, test_response ]
|
|
119
|
+
}
|
|
120
|
+
yield checker
|
|
121
|
+
end
|
|
122
|
+
end
|
|
123
|
+
|
|
124
|
+
|
|
125
|
+
|
|
126
|
+
#
|
|
127
|
+
# Check POST-Parameters
|
|
128
|
+
#
|
|
129
|
+
|
|
130
|
+
chat.request.post_parm_names.each do |parm|
|
|
131
|
+
#puts "#{chat.id}: run check on post parm #{parm}"
|
|
132
|
+
@xss_checks.each do |check, pattern|
|
|
133
|
+
|
|
134
|
+
|
|
135
|
+
checker = proc {
|
|
136
|
+
|
|
137
|
+
test = chat.copyRequest
|
|
138
|
+
# modify the test request
|
|
139
|
+
test.replace_post_parm(parm, check)
|
|
140
|
+
test_request,test_response = doRequest(test)
|
|
141
|
+
|
|
142
|
+
match = nil
|
|
143
|
+
if test_response.join =~ /(#{pattern})/i
|
|
144
|
+
match = $1
|
|
145
|
+
# puts "Reflected XSS [POST] - #{parm}"
|
|
146
|
+
# test_chat = Chat.new(test, test_response, chat.id)
|
|
147
|
+
# resource = "/" + test_request.resource
|
|
148
|
+
addFinding(test_request, test_response,
|
|
149
|
+
:test_item => parm,
|
|
150
|
+
:check_pattern => "#{check}",
|
|
151
|
+
:proof_pattern => "#{match}",
|
|
152
|
+
:class => "Reflected XSS [POST]",
|
|
153
|
+
:chat => chat,
|
|
154
|
+
:title => "[#{parm}] - #{test_request.path}"
|
|
155
|
+
)
|
|
156
|
+
end
|
|
157
|
+
# don't use 'return' here
|
|
158
|
+
[ test_request, test_response ]
|
|
159
|
+
}
|
|
160
|
+
yield checker
|
|
161
|
+
end
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
rescue => bang
|
|
165
|
+
puts bang
|
|
166
|
+
puts bang.backtrace if $DEBUG
|
|
167
|
+
puts "ERROR!! #{Module.nesting[0].name}"
|
|
168
|
+
raise
|
|
169
|
+
|
|
170
|
+
|
|
171
|
+
end
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
end
|
|
175
|
+
|
|
176
|
+
end
|
|
177
|
+
end
|
|
178
|
+
end
|
|
179
|
+
end
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
# .
|
|
2
|
+
# cookie_options.rb
|
|
3
|
+
#
|
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
|
5
|
+
#
|
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
|
7
|
+
# http://watobo.sourceforge.com
|
|
8
|
+
#
|
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
|
12
|
+
#
|
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
16
|
+
# GNU General Public License for more details.
|
|
17
|
+
#
|
|
18
|
+
# You should have received a copy of the GNU General Public License
|
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
21
|
+
# .
|
|
22
|
+
# .
|
|
23
|
+
# cookie_options.rb
|
|
24
|
+
#
|
|
25
|
+
# Copyright 2010 by siberas, http://www.siberas.de
|
|
26
|
+
#
|
|
27
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
|
28
|
+
# http://watobo.sourceforge.com
|
|
29
|
+
#
|
|
30
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
|
31
|
+
# it under the terms of the GNU General Public License as published by
|
|
32
|
+
# the Free Software Foundation version 2 of the License.
|
|
33
|
+
#
|
|
34
|
+
# WATOBO is distributed in the hope that it will be useful,
|
|
35
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
36
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
37
|
+
# GNU General Public License for more details.
|
|
38
|
+
#
|
|
39
|
+
# You should have received a copy of the GNU General Public License
|
|
40
|
+
# along with WATOBO; if not, write to the Free Software
|
|
41
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
42
|
+
# .
|
|
43
|
+
module Watobo
|
|
44
|
+
module Modules
|
|
45
|
+
module Passive
|
|
46
|
+
|
|
47
|
+
|
|
48
|
+
class Cookie_options < Watobo::PassiveCheck
|
|
49
|
+
|
|
50
|
+
def initialize(project)
|
|
51
|
+
|
|
52
|
+
@project = project
|
|
53
|
+
super(project)
|
|
54
|
+
@info.update(
|
|
55
|
+
:check_name => 'Cookie Security', # name of check which briefly describes functionality, will be used for tree and progress views
|
|
56
|
+
:description => 'Cookies especially Session Cookies should be set only over a secure channel. Additionally there should be set some security options.', # description of checkfunction
|
|
57
|
+
:author => "Andreas Schmidt", # author of check
|
|
58
|
+
:version => "0.9" # check version
|
|
59
|
+
)
|
|
60
|
+
|
|
61
|
+
@finding.update(
|
|
62
|
+
:threat => 'Cookies used in this application are not secured by special Cookie Options like Secure or HTTPOnly. If Cookie Security is not in place, sensitive cookie information may be revealed.', # thread of vulnerability, e.g. loss of information
|
|
63
|
+
:class => "Cookie Security",# vulnerability class, e.g. Stored XSS, SQL-Injection, ...
|
|
64
|
+
:type => FINDING_TYPE_VULN, # e.g. Hints, Info, Vuln
|
|
65
|
+
:rating=> VULN_RATING_MEDIUM # [Symbol] Critical, High, Medium, Low, Info
|
|
66
|
+
)
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def do_test(chat)
|
|
70
|
+
begin
|
|
71
|
+
# puts "running module: #{Module.nesting[0].name}"
|
|
72
|
+
if chat.response.headers.each do |h|
|
|
73
|
+
if h =~ /(^Set-Cookie.*)/ then
|
|
74
|
+
dummy = h.split(";")
|
|
75
|
+
cookie = dummy.shift
|
|
76
|
+
options = dummy.join(";")
|
|
77
|
+
|
|
78
|
+
if (chat.request.proto =~ /https/i and options !~ /secure/i) or options !~ /httponly/i then
|
|
79
|
+
cookie.gsub!(/=.*/,"")
|
|
80
|
+
addFinding( :proof_pattern => options,
|
|
81
|
+
:check_pattern => "Set-Cookie:.*",
|
|
82
|
+
:chat => chat,
|
|
83
|
+
:title => 'Security Options',
|
|
84
|
+
:unique => cookie)
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
rescue
|
|
90
|
+
puts "ERROR!! #{Module.nesting[0].name}"
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
end
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
# .
|
|
2
|
+
# cookie_xss.rb
|
|
3
|
+
#
|
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
|
5
|
+
#
|
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
|
7
|
+
# http://watobo.sourceforge.com
|
|
8
|
+
#
|
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
|
12
|
+
#
|
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
16
|
+
# GNU General Public License for more details.
|
|
17
|
+
#
|
|
18
|
+
# You should have received a copy of the GNU General Public License
|
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
21
|
+
# .
|
|
22
|
+
|
|
23
|
+
module Watobo
|
|
24
|
+
module Modules
|
|
25
|
+
module Passive
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
class Cookie_xss < Watobo::PassiveCheck
|
|
29
|
+
|
|
30
|
+
def initialize(project)
|
|
31
|
+
@project = project
|
|
32
|
+
super(project)
|
|
33
|
+
|
|
34
|
+
@info.update(
|
|
35
|
+
:check_name => 'Cookie XSS', # name of check which briefly describes functionality, will be used for tree and progress views
|
|
36
|
+
:description => "If cookies will be used in the content body, they can be misused for XSS-Attacks.", # description of checkfunction
|
|
37
|
+
:author => "Andreas Schmidt", # author of check
|
|
38
|
+
:version => "0.9" # check version
|
|
39
|
+
)
|
|
40
|
+
|
|
41
|
+
@finding.update(
|
|
42
|
+
:threat => 'A cookie value has been found in the body of the HTML page. This may be exploited for XSS attacks.', # thread of vulnerability, e.g. loss of information
|
|
43
|
+
:class => "Cookie Security", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
|
|
44
|
+
:type => FINDING_TYPE_HINT # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
|
|
45
|
+
)
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def do_test(chat)
|
|
49
|
+
begin
|
|
50
|
+
# puts "running module: #{Module.nesting[0].name}"
|
|
51
|
+
return if chat.response.nil? or chat.response.body.nil?
|
|
52
|
+
if chat.response.content_type =~ /text/
|
|
53
|
+
all_cookies = chat.request.cookies
|
|
54
|
+
if all_cookies
|
|
55
|
+
# puts all_parms
|
|
56
|
+
all_cookies.each do |cookie|
|
|
57
|
+
dummy = cookie.split("=")
|
|
58
|
+
cname = dummy.shift
|
|
59
|
+
cval = Regexp.quote(dummy.join)
|
|
60
|
+
|
|
61
|
+
if chat.response.body =~ /#{cval}/ and cval.length > 5 then
|
|
62
|
+
|
|
63
|
+
addFinding(:proof_pattern => "#{cval}",
|
|
64
|
+
:check_pattern => "#{cval}",
|
|
65
|
+
:chat => chat,
|
|
66
|
+
:title => "[#{cname}] - #{chat.request.path}")
|
|
67
|
+
break
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
end
|
|
71
|
+
return true
|
|
72
|
+
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
rescue => bang
|
|
77
|
+
puts "ERROR!! #{Module.nesting[0].name}"
|
|
78
|
+
puts bang
|
|
79
|
+
puts bang.backtrace if $DEBUG
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
# .
|
|
2
|
+
# detect_code.rb
|
|
3
|
+
#
|
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
|
5
|
+
#
|
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
|
7
|
+
# http://watobo.sourceforge.com
|
|
8
|
+
#
|
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
|
12
|
+
#
|
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
16
|
+
# GNU General Public License for more details.
|
|
17
|
+
#
|
|
18
|
+
# You should have received a copy of the GNU General Public License
|
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
21
|
+
# .
|
|
22
|
+
module Watobo
|
|
23
|
+
module Modules
|
|
24
|
+
module Passive
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
class Detect_code < Watobo::PassiveCheck
|
|
28
|
+
|
|
29
|
+
def initialize(project)
|
|
30
|
+
@project = project
|
|
31
|
+
super(project)
|
|
32
|
+
|
|
33
|
+
@info.update(
|
|
34
|
+
:check_name => 'Detect Code Snippets', # name of check which briefly describes functionality, will be used for tree and progress views
|
|
35
|
+
:description => "Detects code snippets which may reveal sensitive information.", # description of checkfunction
|
|
36
|
+
:author => "Andreas Schmidt", # author of check
|
|
37
|
+
:version => "0.9" # check version
|
|
38
|
+
)
|
|
39
|
+
|
|
40
|
+
@finding.update(
|
|
41
|
+
:threat => 'Code snippets may reveal internal information like database passwords.', # thread of vulnerability, e.g. loss of information
|
|
42
|
+
:class => "Code Snippets", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
|
|
43
|
+
:type => FINDING_TYPE_HINT # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
|
|
44
|
+
)
|
|
45
|
+
|
|
46
|
+
|
|
47
|
+
@pattern_list = []
|
|
48
|
+
@pattern_list << ['<\?php', "PHP" ]
|
|
49
|
+
@pattern_list << [ '<!--.*select ', "COMMENT" ]
|
|
50
|
+
@pattern_list << [ 'sample code', "COMMENT" ]
|
|
51
|
+
@pattern_list << [ '<%[^<%]*%>', "ASP" ]
|
|
52
|
+
|
|
53
|
+
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def do_test(chat)
|
|
57
|
+
begin
|
|
58
|
+
# puts "running module: #{Module.nesting[0].name}"
|
|
59
|
+
# puts "body" + chat.response.body.join
|
|
60
|
+
return if chat.response.nil? or chat.response.body.nil?
|
|
61
|
+
if chat.response.content_type =~ /text/ then
|
|
62
|
+
|
|
63
|
+
@pattern_list.each do |pat, type|
|
|
64
|
+
# puts "+check pattern #{pat}"
|
|
65
|
+
if chat.response.body =~ /(#{pat})/i then
|
|
66
|
+
# puts "!!! MATCH !!!"
|
|
67
|
+
|
|
68
|
+
match = $1
|
|
69
|
+
path = "/" + chat.request.path
|
|
70
|
+
addFinding(
|
|
71
|
+
:proof_pattern => "#{match}",
|
|
72
|
+
:chat => chat,
|
|
73
|
+
:title => "[#{type}] - #{path}"
|
|
74
|
+
)
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
rescue => bang
|
|
79
|
+
#raise
|
|
80
|
+
puts "ERROR!! #{Module.nesting[0].name}"
|
|
81
|
+
puts bang
|
|
82
|
+
puts bang.backtrace if $DEBUG
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
end
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
# .
|
|
2
|
+
# detect_fileupload.rb
|
|
3
|
+
#
|
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
|
5
|
+
#
|
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
|
7
|
+
# http://watobo.sourceforge.com
|
|
8
|
+
#
|
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
|
12
|
+
#
|
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
16
|
+
# GNU General Public License for more details.
|
|
17
|
+
#
|
|
18
|
+
# You should have received a copy of the GNU General Public License
|
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
21
|
+
# .
|
|
22
|
+
module Watobo
|
|
23
|
+
module Modules
|
|
24
|
+
module Passive
|
|
25
|
+
class Detect_fileupload < Watobo::PassiveCheck
|
|
26
|
+
def initialize(project)
|
|
27
|
+
@project = project
|
|
28
|
+
super(project)
|
|
29
|
+
|
|
30
|
+
@info.update(
|
|
31
|
+
:check_name => 'Detect File Upload Functionality', # name of check which briefly describes functionality, will be used for tree and progress views
|
|
32
|
+
:description => "Detects file upload functions which may be exploited to upload malicious file contents.", # description of checkfunction
|
|
33
|
+
:author => "Andreas Schmidt", # author of check
|
|
34
|
+
:version => "0.9" # check version
|
|
35
|
+
)
|
|
36
|
+
|
|
37
|
+
@finding.update(
|
|
38
|
+
:threat => 'File upload functions sometimes can be exploited to upload malicious code. This can lead to server- or client-side code excecution.', # thread of vulnerability, e.g. loss of information
|
|
39
|
+
:class => "File Uploads", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
|
|
40
|
+
:type => FINDING_TYPE_HINT # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
|
|
41
|
+
)
|
|
42
|
+
|
|
43
|
+
@pattern_list = []
|
|
44
|
+
@pattern_list << Regexp.new("<input [^>]*type=.file.")
|
|
45
|
+
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def do_test(chat)
|
|
49
|
+
begin
|
|
50
|
+
return if chat.response.nil? or chat.response.body.nil?
|
|
51
|
+
if chat.response.content_type =~ /text/
|
|
52
|
+
|
|
53
|
+
@pattern_list.each do |pat|
|
|
54
|
+
#puts "+check pattern #{pat}"
|
|
55
|
+
if pat.match(chat.response.body) # =~ /(#{pat})/i then
|
|
56
|
+
# puts "!!! MATCH (FILE UPLOAD)!!!"
|
|
57
|
+
match = $1
|
|
58
|
+
# puts match
|
|
59
|
+
addFinding(
|
|
60
|
+
:check_pattern => "#{pat}",
|
|
61
|
+
:proof_pattern => "#{match}",
|
|
62
|
+
:title => "#{chat.request.path_ext}",
|
|
63
|
+
:chat => chat
|
|
64
|
+
)
|
|
65
|
+
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
else
|
|
69
|
+
# puts chat.response.content_type
|
|
70
|
+
end
|
|
71
|
+
rescue => bang
|
|
72
|
+
puts "ERROR!! #{Module.nesting[0].name}"
|
|
73
|
+
puts bang
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
end
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
# .
|
|
2
|
+
# detect_infrastructure.rb
|
|
3
|
+
#
|
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
|
5
|
+
#
|
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
|
7
|
+
# http://watobo.sourceforge.com
|
|
8
|
+
#
|
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
|
12
|
+
#
|
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
16
|
+
# GNU General Public License for more details.
|
|
17
|
+
#
|
|
18
|
+
# You should have received a copy of the GNU General Public License
|
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
21
|
+
# .
|
|
22
|
+
module Watobo
|
|
23
|
+
module Modules
|
|
24
|
+
module Passive
|
|
25
|
+
class Detect_infrastructure < Watobo::PassiveCheck
|
|
26
|
+
def initialize(project)
|
|
27
|
+
@project = project
|
|
28
|
+
super(project)
|
|
29
|
+
|
|
30
|
+
@info.update(
|
|
31
|
+
:check_name => 'Infrastructure Information', # name of check which briefly describes functionality, will be used for tree and progress views
|
|
32
|
+
:description => "Searching for information in response body which may reveal information about Plattform, CMS-Systems, Application Server, ...", # description of checkfunction
|
|
33
|
+
:author => "Andreas Schmidt", # author of check
|
|
34
|
+
:version => "0.9" # check version
|
|
35
|
+
)
|
|
36
|
+
|
|
37
|
+
@finding.update(
|
|
38
|
+
:threat => 'Information about the underlying infrastructure may help an attacker to perform specialized attacks.', # thread of vulnerability, e.g. loss of information
|
|
39
|
+
:class => "Infrastructure", # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
|
|
40
|
+
:type => FINDING_TYPE_INFO # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN
|
|
41
|
+
)
|
|
42
|
+
|
|
43
|
+
@pattern_list = []
|
|
44
|
+
@pattern_list << [ 'Server', Regexp.new('<address>(.*)Server at') ]
|
|
45
|
+
@pattern_list << [ 'eZPublish CMS', Regexp.new('title="(eZ Publish)')]
|
|
46
|
+
@pattern_list << [ 'Imperia CMS', Regexp.new('content=[^>]*(IMPERIA [\d\.]*)')]
|
|
47
|
+
@pattern_list << [ 'Typo3 CMS', Regexp.new('content=[^>]*(TYPO3 [\d\.]* CMS)')]
|
|
48
|
+
@pattern_list << [ 'Open Text CMS', Regexp.new('published by[^>]*(Open Text Web Solutions[\-\s\d\.]*)')]
|
|
49
|
+
#<meta name="generator" content="Sefrengo / www.sefrengo.org" >
|
|
50
|
+
#<meta name="author" content="CMS Sefrengo">
|
|
51
|
+
@pattern_list << [ 'Sefrengo CMS', Regexp.new('content=[^>]*(Sefrengo[\s\d\.]*)')]
|
|
52
|
+
@pattern_list << [ 'Tomcat', Regexp.new('(Apache Tomcat\/\d{1,4}\.\d{1,4}\.\d{1,4})') ]
|
|
53
|
+
@pattern_list << [ 'Microsoft-IIS', Regexp.new('<img src="welcome.png" alt="(IIS7)"')]
|
|
54
|
+
# When it’s a SharePoint 2010 site, you will get the result is like this: MicrosoftSharePointTeamServices: 14.0.0.6106
|
|
55
|
+
@pattern_list << [ 'SharePoint 2010', Regexp.new('MicrosoftSharePointTeamServices.*14.0.0.6106')]
|
|
56
|
+
# And in SharePoint 2007 site, the result is like this: MicrosoftSharePointTeamServices:12.0.0.4518
|
|
57
|
+
@pattern_list << [ 'SharePoint 2007', Regexp.new('MicrosoftSharePointTeamServices.*12.0.0.4518')]
|
|
58
|
+
|
|
59
|
+
|
|
60
|
+
#@pattern_list << 'sample code'
|
|
61
|
+
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def do_test(chat)
|
|
65
|
+
begin
|
|
66
|
+
# puts "running module: #{Module.nesting[0].name}"
|
|
67
|
+
# puts "body" + chat.response.body.join
|
|
68
|
+
return if chat.response.nil? or chat.response.body.nil?
|
|
69
|
+
if chat.response.content_type =~ /text/ then
|
|
70
|
+
|
|
71
|
+
@pattern_list.each do |pat|
|
|
72
|
+
|
|
73
|
+
if chat.response.join =~ /(#{pat[1]})/i then
|
|
74
|
+
# puts "!!! MATCH !!!"
|
|
75
|
+
match = $1
|
|
76
|
+
addFinding(
|
|
77
|
+
:proof_pattern => "#{match}",
|
|
78
|
+
:chat => chat,
|
|
79
|
+
:title => "[#{pat[0]}] - #{match.slice(0..15)}"
|
|
80
|
+
)
|
|
81
|
+
break
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
rescue => bang
|
|
86
|
+
puts "ERROR!! #{Module.nesting[0].name}"
|
|
87
|
+
puts bang
|
|
88
|
+
if $DEBUG
|
|
89
|
+
puts bang.backtrace
|
|
90
|
+
puts chat.response.join
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
end
|
|
97
|
+
end
|
|
98
|
+
end
|