watobo 0.9.9.pre3 → 0.9.9
Sign up to get free protection for your applications and to get access to all the features.
- data/.yardopts +24 -0
- data/CHANGELOG +17 -7
- data/README +4 -60
- data/bin/nfq_server.rb +191 -0
- data/config/interceptor.yml +2 -6
- data/lib/watobo/adapters/data_store.rb +1 -1
- data/lib/watobo/adapters/file/file_store.rb +50 -33
- data/lib/watobo/ca.rb +22 -0
- data/lib/watobo/config.rb +6 -0
- data/lib/watobo/core/ca.rb +411 -0
- data/lib/watobo/core/cert_store.rb +56 -0
- data/lib/watobo/core/forwarding_proxy.rb +38 -0
- data/lib/watobo/core/http_socket.rb +18 -0
- data/lib/watobo/core/intercept_carver.rb +179 -0
- data/lib/watobo/core/intercept_filter.rb +257 -0
- data/lib/watobo/core/interceptor.rb +342 -79
- data/lib/watobo/core/netfilter_queue.rb +191 -0
- data/lib/watobo/core/project.rb +84 -138
- data/lib/watobo/core/proxy.rb +61 -0
- data/lib/watobo/core/request.rb +40 -0
- data/lib/watobo/core/response.rb +30 -0
- data/lib/watobo/core/scanner.rb +64 -58
- data/lib/watobo/core/session.rb +70 -77
- data/lib/watobo/core.rb +1 -1
- data/lib/watobo/framework/create_project.rb +25 -10
- data/lib/watobo/framework/init.rb +13 -0
- data/lib/watobo/gui/browser_preview.rb +5 -4
- data/lib/watobo/gui/checks_policy_frame.rb +1 -0
- data/lib/watobo/gui/client_cert_dialog.rb +11 -6
- data/lib/watobo/gui/conversation_table.rb +7 -4
- data/lib/watobo/gui/fuzzer_gui.rb +9 -11
- data/lib/watobo/gui/intercept_filter_dialog.rb +210 -0
- data/lib/watobo/gui/interceptor_gui.rb +59 -21
- data/lib/watobo/gui/interceptor_settings_dialog.rb +39 -5
- data/lib/watobo/gui/list_box.rb +2 -1
- data/lib/watobo/gui/log_viewer.rb +79 -5
- data/lib/watobo/gui/main_window.rb +159 -113
- data/lib/watobo/gui/manual_request_editor.rb +11 -5
- data/lib/watobo/gui/mixins/subscriber.rb +47 -0
- data/lib/watobo/gui/project_wizzard.rb +3 -3
- data/lib/watobo/gui/proxy_dialog.rb +17 -18
- data/lib/watobo/gui/request_editor.rb +1 -1
- data/lib/watobo/gui/rewrite_filters_dialog.rb +416 -0
- data/lib/watobo/gui/rewrite_rules_dialog.rb +394 -0
- data/lib/watobo/gui/scanner_settings_dialog.rb +9 -6
- data/lib/watobo/gui/session_management_dialog.rb +33 -23
- data/lib/watobo/gui/sites_tree.rb +5 -6
- data/lib/watobo/gui/status_bar.rb +101 -49
- data/lib/watobo/gui/table_editor.rb +1 -1
- data/lib/watobo/gui/templates/plugin2.rb +23 -27
- data/lib/watobo/gui/utils/save_default_settings.rb +9 -9
- data/lib/watobo/gui/utils/save_proxy_settings.rb +25 -9
- data/lib/watobo/gui/utils/save_scanner_settings.rb +10 -7
- data/lib/watobo/gui/utils/session_history.rb +1 -1
- data/lib/watobo/gui/www_auth_dialog.rb +25 -21
- data/lib/watobo/gui.rb +3 -1
- data/lib/watobo/mixins/httpparser.rb +47 -40
- data/lib/watobo/mixins/request_parser.rb +126 -41
- data/lib/watobo/mixins/shapers.rb +124 -15
- data/lib/watobo/utils/hexprint.rb +31 -0
- data/lib/watobo/utils/load_chat.rb +2 -0
- data/lib/watobo/utils/response_builder.rb +111 -0
- data/lib/watobo.rb +4 -1
- data/modules/active/discovery/http_methods.rb +6 -4
- data/modules/active/fileinclusion/lfi_simple.rb +3 -3
- data/modules/active/sqlinjection/sqli_timing.rb +6 -6
- data/modules/passive/redirectionz.rb +5 -6
- data/plugins/catalog/catalog.rb +240 -56
- data/plugins/catalog/db_tests +1 -6483
- data/plugins/catalog/db_variables +2 -29
- data/plugins/crawler/gui/auth_frame.rb +15 -3
- data/plugins/crawler/gui/crawler_gui.rb +24 -0
- data/plugins/crawler/gui/hooks_frame.rb +7 -2
- data/plugins/crawler/gui/settings_tabbook.rb +4 -0
- data/plugins/crawler/gui.rb +3 -3
- data/plugins/crawler/lib/engine.rb +1 -1
- data/plugins/filefinder/filefinder.rb +21 -17
- data/plugins/sqlmap/bin/test.rb +100 -0
- data/plugins/sqlmap/gui/main.rb +227 -0
- data/plugins/sqlmap/gui/options_frame.rb +119 -0
- data/plugins/sqlmap/gui.rb +27 -0
- data/plugins/sqlmap/icons/sqlmap.ico +0 -0
- data/plugins/sqlmap/lib/sqlmap_ctrl.rb +116 -0
- data/plugins/sqlmap/sqlmap.rb +26 -0
- data/plugins/sslchecker/gui/gui.rb +45 -30
- metadata +32 -9
- data/certificates/cert.pem +0 -19
- data/certificates/privkey.pem +0 -15
- data/certificates/watobo_dh.key +0 -5
- data/lib/watobo/core/simple_ca.rb +0 -393
@@ -30,6 +30,7 @@ module Watobo
|
|
30
30
|
# Possible prefs:
|
31
31
|
#
|
32
32
|
# :code_dlmtr [String] - set ruby code delimiter
|
33
|
+
|
33
34
|
def parse_code(prefs={})
|
34
35
|
cprefs = { :code_dlmtr => '%%' } # default delimiter for ruby code
|
35
36
|
cprefs.update(prefs)
|
@@ -41,25 +42,20 @@ module Watobo
|
|
41
42
|
# puts new_request
|
42
43
|
expr = ''
|
43
44
|
new_request = ''
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
match = $1
|
53
|
-
break if match.nil?
|
54
|
-
#new_line = parsed_line
|
55
|
-
expr = match.gsub(/%%/,"")
|
45
|
+
pos = 0
|
46
|
+
off = 0
|
47
|
+
while pos >= 0 and pos < request.length
|
48
|
+
code_offset = request.index(/#{pattern}/, pos)
|
49
|
+
unless code_offset.nil?
|
50
|
+
expression = request.match(/#{pattern}/, code_offset)[0]
|
51
|
+
new_request << request[pos..code_offset-1]
|
52
|
+
expr = expression.gsub(/%%/,"")
|
56
53
|
puts "DEBUG: executing: #{expr}" if $DEBUG
|
57
54
|
result = eval(expr)
|
58
55
|
puts "DEBUG: got #{result.class}" if $DEBUG
|
59
56
|
if result.is_a? File
|
60
57
|
data = result.read
|
61
58
|
result.close
|
62
|
-
|
63
59
|
elsif result.is_a? String
|
64
60
|
data = result
|
65
61
|
elsif result.is_a? Array
|
@@ -67,42 +63,22 @@ module Watobo
|
|
67
63
|
else
|
68
64
|
log("!!!WATOBO - expression must return String or File !!!",'')
|
69
65
|
end
|
70
|
-
|
71
|
-
|
72
|
-
parsed_line += line[off..start-1] if start > 0
|
73
|
-
parsed_line += data
|
74
|
-
pos = start + match.length
|
75
|
-
off = pos
|
76
|
-
end
|
77
|
-
|
78
|
-
unless parsed_line.empty?
|
79
|
-
parsed_line += line[off..-1]
|
80
|
-
new_request += "#{parsed_line}\n"
|
66
|
+
new_request << data
|
67
|
+
pos = code_offset + expression.length
|
81
68
|
else
|
82
|
-
new_request
|
69
|
+
new_request << request[pos..-1]
|
70
|
+
pos = request.length
|
83
71
|
end
|
84
|
-
#puts new_request
|
85
72
|
end
|
86
|
-
|
87
73
|
return new_request
|
88
74
|
|
89
75
|
rescue SyntaxError, LocalJumpError, NameError => e
|
90
76
|
raise SyntaxError, "SyntaxError in '#{expr}'"
|
91
|
-
#rescue LocalJumpError => e
|
92
|
-
# raise LocalJumpError, "(#{expr}) LocalJumpError!"
|
93
|
-
#rescue NameError => e
|
94
|
-
# raise NameError, "(#{expr}) NameError!"
|
95
|
-
#rescue => e
|
96
|
-
# puts e
|
97
|
-
# raise e, "(#{expr}) Not a valid expression!"
|
98
77
|
end
|
99
|
-
|
100
|
-
# puts new_request
|
101
78
|
return nil
|
102
|
-
|
103
79
|
end
|
104
80
|
|
105
|
-
def
|
81
|
+
def unchunked_UNUSED( opts = {} )
|
106
82
|
options = { :update_content_length => false }
|
107
83
|
options.update opts
|
108
84
|
begin
|
@@ -149,9 +125,88 @@ module Watobo
|
|
149
125
|
result.push "#{h}\r\n"
|
150
126
|
end
|
151
127
|
|
152
|
-
|
153
|
-
|
154
|
-
|
128
|
+
# result.extend Watobo::Mixin::Parser::Url
|
129
|
+
# result.extend Watobo::Mixin::Parser::Web10
|
130
|
+
# result.extend Watobo::Mixin::Shaper::Web10
|
131
|
+
Watobo::Request.create result
|
132
|
+
|
133
|
+
ct = result.content_type
|
134
|
+
# last line is without "\r\n" if text has a body
|
135
|
+
if ct =~ /multipart\/form/ and body then
|
136
|
+
#Content-Type: multipart/form-data; boundary=---------------------------3035221901842
|
137
|
+
if ct =~ /boundary=([\-\w]+)/
|
138
|
+
boundary = $1.strip
|
139
|
+
chunks = body.split(boundary)
|
140
|
+
e = chunks.pop # remove "--"
|
141
|
+
new_body = []
|
142
|
+
chunks.each do |c|
|
143
|
+
new_chunk = ''
|
144
|
+
c.gsub!(/[\-]+$/,'')
|
145
|
+
next if c.nil?
|
146
|
+
next if c.strip.empty?
|
147
|
+
c.strip!
|
148
|
+
if c =~ /\n\n/
|
149
|
+
ctmp = c.split(/\n\n/)
|
150
|
+
cheader = ctmp.shift.split(/\n/)
|
151
|
+
cbody = ctmp.join("\n\n")
|
152
|
+
else
|
153
|
+
cheader = c.split(/\n/)
|
154
|
+
cbody = nil
|
155
|
+
end
|
156
|
+
new_chunk = cheader.join("\r\n")
|
157
|
+
new_chunk += "\r\n\r\n"
|
158
|
+
new_chunk += cbody.strip + "\r\n" if cbody
|
159
|
+
|
160
|
+
# puts cbody
|
161
|
+
new_body.push new_chunk
|
162
|
+
|
163
|
+
end
|
164
|
+
body = "--#{boundary}\r\n"
|
165
|
+
body += new_body.join("--#{boundary}\r\n")
|
166
|
+
body += "--#{boundary}--"
|
167
|
+
end
|
168
|
+
# body.gsub!(/\n/, "\r\n") if body
|
169
|
+
|
170
|
+
end
|
171
|
+
|
172
|
+
if body then
|
173
|
+
result.push "\r\n"
|
174
|
+
result.push body.strip
|
175
|
+
end
|
176
|
+
|
177
|
+
result.fixupContentLength() if options[:update_content_length] == true
|
178
|
+
return result
|
179
|
+
rescue
|
180
|
+
raise
|
181
|
+
end
|
182
|
+
#return nil
|
183
|
+
end
|
184
|
+
|
185
|
+
|
186
|
+
def to_request_UNUSED(opts={})
|
187
|
+
options = { :update_content_length => false }
|
188
|
+
options.update opts
|
189
|
+
begin
|
190
|
+
text = parse_code
|
191
|
+
result = []
|
192
|
+
|
193
|
+
if text =~ /\n\n/
|
194
|
+
dummy = text.split(/\n\n/)
|
195
|
+
header = dummy.shift.split(/\n/)
|
196
|
+
body = dummy.join("\n\n")
|
197
|
+
else
|
198
|
+
header = text.split(/\n/)
|
199
|
+
body = nil
|
200
|
+
end
|
201
|
+
|
202
|
+
header.each do |h|
|
203
|
+
result.push "#{h}\r\n"
|
204
|
+
end
|
205
|
+
|
206
|
+
# result.extend Watobo::Mixin::Parser::Url
|
207
|
+
# result.extend Watobo::Mixin::Parser::Web10
|
208
|
+
# result.extend Watobo::Mixin::Shaper::Web10
|
209
|
+
Watobo::Request.create result
|
155
210
|
|
156
211
|
ct = result.content_type
|
157
212
|
# last line is without "\r\n" if text has a body
|
@@ -207,4 +262,34 @@ module Watobo
|
|
207
262
|
|
208
263
|
end
|
209
264
|
end
|
265
|
+
end
|
266
|
+
|
267
|
+
if $0 == __FILE__
|
268
|
+
inc_path = File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "..","lib"))
|
269
|
+
$: << inc_path
|
270
|
+
|
271
|
+
require 'watobo'
|
272
|
+
|
273
|
+
text =<<'EOF'
|
274
|
+
%%"GET"%% http://www.siberas.de/ HTTP/1.1
|
275
|
+
Content-Type: text/html
|
276
|
+
%%"x"*10%%Vary: Accept-Encoding
|
277
|
+
Expires: Thu, 19 Jul 2012 06:57:20 GMT
|
278
|
+
Cache-Control: max-age=0, no-cache, no-store
|
279
|
+
Pragma: no-cache
|
280
|
+
Date: Thu, 19 Jul 2012 06:57:20 GMT
|
281
|
+
Content-Length: 203
|
282
|
+
Connection: close%%"XXXX"%%
|
283
|
+
|
284
|
+
<html></html>
|
285
|
+
EOF
|
286
|
+
|
287
|
+
text.strip!
|
288
|
+
puts text
|
289
|
+
puts
|
290
|
+
puts "==="
|
291
|
+
puts
|
292
|
+
text.extend Watobo::Mixins::RequestParser
|
293
|
+
puts text.to_request
|
294
|
+
Watobo::Utils.hexprint text
|
210
295
|
end
|
@@ -137,6 +137,33 @@ module Watobo
|
|
137
137
|
self.pop if self[-2].strip.empty?
|
138
138
|
end
|
139
139
|
|
140
|
+
def set_header(header, value)
|
141
|
+
self.each do |h|
|
142
|
+
break if h.strip.empty?
|
143
|
+
if h =~ /^#{header}:/
|
144
|
+
h.replace "#{header}: #{value}\r\n"
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
148
|
+
|
149
|
+
def set_body(content)
|
150
|
+
if self[-2].strip.empty?
|
151
|
+
self.pop
|
152
|
+
else
|
153
|
+
self << "\r\n"
|
154
|
+
end
|
155
|
+
self << content
|
156
|
+
end
|
157
|
+
|
158
|
+
def rewrite_body(pattern, content)
|
159
|
+
if self[-2].strip.empty?
|
160
|
+
puts "rewrite_body ... #{pattern} - #{content}"
|
161
|
+
b = self.pop
|
162
|
+
b.gsub!(/#{pattern}/i, content)
|
163
|
+
self << b
|
164
|
+
end
|
165
|
+
end
|
166
|
+
|
140
167
|
def restoreURI(uri)
|
141
168
|
if self.first =~ /(^[^[:space:]]{1,}) \/(.*) (HTTP\/.*)/ then
|
142
169
|
method = $1
|
@@ -230,23 +257,24 @@ module Watobo
|
|
230
257
|
|
231
258
|
def fix_content_length
|
232
259
|
return false if self.body.nil?
|
233
|
-
|
234
|
-
self.
|
235
|
-
|
236
|
-
x
|
237
|
-
|
260
|
+
set_header("Content-Length" , body.length.to_s )
|
261
|
+
# eoh_index = self.length - 2
|
262
|
+
# self.map!{ |x|
|
263
|
+
# x.gsub!(/^(Content-Length: )(\d+)/, "\\1#{self.body.length.to_s}") if self.index(x) <= eoh_index
|
264
|
+
# x
|
265
|
+
# }
|
238
266
|
end
|
239
267
|
|
240
|
-
def
|
268
|
+
def fixupContentLength_UNUSED
|
241
269
|
te = self.transferEncoding
|
242
270
|
if te == TE_CHUNKED then
|
243
271
|
# puts "Transfer-Encoding = TE_CHUNKED"
|
244
272
|
# puts self.body
|
245
273
|
self.removeHeader("Transfer-Encoding")
|
246
274
|
self.addHeader("Content-Length", "0")
|
247
|
-
|
248
|
-
|
249
|
-
|
275
|
+
new_r = []
|
276
|
+
new_r.concat self.headers
|
277
|
+
new_r.push "\r\n"
|
250
278
|
|
251
279
|
bytes_to_read = 0
|
252
280
|
body = []
|
@@ -273,8 +301,8 @@ module Watobo
|
|
273
301
|
off = chunk_end + 2
|
274
302
|
end
|
275
303
|
|
276
|
-
|
277
|
-
self.replace(
|
304
|
+
new_r.push new_body
|
305
|
+
self.replace(new_r)
|
278
306
|
self.fix_content_length
|
279
307
|
# puts "= FIXED ="
|
280
308
|
# puts self.headers
|
@@ -284,16 +312,21 @@ module Watobo
|
|
284
312
|
|
285
313
|
end
|
286
314
|
|
315
|
+
def fixupContentLength
|
316
|
+
self.unchunk
|
317
|
+
self.fix_content_length
|
318
|
+
end
|
319
|
+
|
287
320
|
def setRawQueryParms(parm_string)
|
288
321
|
return nil if parm_string.nil?
|
289
322
|
return nil if parm_string == ''
|
290
|
-
|
323
|
+
new_r = ""
|
291
324
|
path = Regexp.quote(self.path)
|
292
325
|
#puts path
|
293
326
|
if self.first =~ /(.*#{path})/ then
|
294
|
-
|
327
|
+
new_r = $1 << "?" << parm_string
|
295
328
|
end
|
296
|
-
self.first.gsub!(/(.*) (HTTP\/.*)/, "#{
|
329
|
+
self.first.gsub!(/(.*) (HTTP\/.*)/, "#{new_r} \\2")
|
297
330
|
end
|
298
331
|
|
299
332
|
def appendQueryParms(parms)
|
@@ -340,7 +373,83 @@ module Watobo
|
|
340
373
|
self.first.gsub!(/HTTP\/(.*)$/, "HTTP\/#{version}")
|
341
374
|
# puts "HTTPVersion fixed: #{self.first}"
|
342
375
|
end
|
376
|
+
|
377
|
+
alias :method= :setMethod
|
378
|
+
end
|
379
|
+
|
380
|
+
module HttpResponse
|
381
|
+
include Watobo::Constants
|
382
|
+
def unchunk
|
383
|
+
if self.transfer_encoding == TE_CHUNKED then
|
384
|
+
self.removeHeader("Transfer-Encoding")
|
385
|
+
self.addHeader("Content-Length", "0")
|
386
|
+
new_r = []
|
387
|
+
new_r.concat self.headers
|
388
|
+
new_r.push "\r\n"
|
389
|
+
|
390
|
+
bytes_to_read = 20
|
391
|
+
body = []
|
392
|
+
is_new_chunk = false
|
393
|
+
|
394
|
+
off = 0
|
395
|
+
new_body = ''
|
396
|
+
|
397
|
+
body_orig = self.body
|
398
|
+
# puts body_orig.class
|
399
|
+
puts body_orig.length
|
400
|
+
pattern = '[0-9a-fA-F]{1,6}\r?\n'
|
401
|
+
while off >= 0 and off < body_orig.length
|
402
|
+
chunk_pos = body_orig.index(/(#{pattern})/, off)
|
403
|
+
len_raw = $1
|
404
|
+
unless chunk_pos.nil?
|
405
|
+
#len_raw = body_orig.match(/#{pattern}/, chunk_pos)[0]
|
406
|
+
# puts "ChunkLen: #{len_raw} (#{len_raw.strip.hex})"
|
407
|
+
len = len_raw.strip.hex
|
408
|
+
|
409
|
+
chunk_start = chunk_pos + len_raw.length
|
410
|
+
chunk_end = chunk_start + len
|
411
|
+
|
412
|
+
break if len == 0
|
413
|
+
|
414
|
+
#new_body.chomp!
|
415
|
+
chunk = "#{body_orig[chunk_start..chunk_end]}"
|
416
|
+
new_body += chunk.chomp!
|
417
|
+
|
418
|
+
off = chunk_end
|
419
|
+
end
|
420
|
+
end
|
421
|
+
new_r.push new_body
|
422
|
+
self.replace(new_r)
|
423
|
+
self.fix_content_length
|
424
|
+
# puts "="
|
425
|
+
# self.headers.each {|h| puts h}
|
426
|
+
# puts "="
|
427
|
+
end
|
428
|
+
|
429
|
+
end
|
430
|
+
|
431
|
+
def unzip
|
432
|
+
|
433
|
+
if self.content_encoding == TE_GZIP or self.transfer_encoding == TE_GZIP
|
434
|
+
begin
|
435
|
+
if self.has_body?
|
436
|
+
gziped = self.pop
|
437
|
+
gz = Zlib::GzipReader.new( StringIO.new( gziped ) )
|
438
|
+
data = gz.read
|
439
|
+
#puts data
|
440
|
+
self << data
|
441
|
+
self.removeHeader("Transfer-Encoding") if self.transfer_encoding == TE_GZIP
|
442
|
+
self.removeHeader("Content-Encoding") if self.content_encoding == TE_GZIP
|
443
|
+
self.fix_content_length
|
444
|
+
end
|
445
|
+
|
446
|
+
rescue => bang
|
447
|
+
puts bang
|
448
|
+
end
|
449
|
+
end
|
450
|
+
end
|
451
|
+
|
343
452
|
end
|
344
453
|
end
|
345
454
|
end
|
346
|
-
end
|
455
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# .
|
2
|
+
# hexprint.rb
|
3
|
+
#
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
5
|
+
#
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
7
|
+
# http://watobo.sourceforge.com
|
8
|
+
#
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
12
|
+
#
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
16
|
+
# GNU General Public License for more details.
|
17
|
+
#
|
18
|
+
# You should have received a copy of the GNU General Public License
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
21
|
+
# .
|
22
|
+
module Watobo
|
23
|
+
module Utils
|
24
|
+
def self.hexprint(data)
|
25
|
+
data.length.times do |i|
|
26
|
+
print "%02X" % data[i].ord
|
27
|
+
puts if data[i] == "\n"
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,111 @@
|
|
1
|
+
# .
|
2
|
+
# response_builder.rb
|
3
|
+
#
|
4
|
+
# Copyright 2012 by siberas, http://www.siberas.de
|
5
|
+
#
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
7
|
+
# http://watobo.sourceforge.com
|
8
|
+
#
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
12
|
+
#
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
16
|
+
# GNU General Public License for more details.
|
17
|
+
#
|
18
|
+
# You should have received a copy of the GNU General Public License
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
21
|
+
# .
|
22
|
+
module Watobo
|
23
|
+
module Utils
|
24
|
+
def self.string2response( text, opts = {} )
|
25
|
+
options = { :update_content_length => false }
|
26
|
+
options.update opts
|
27
|
+
begin
|
28
|
+
hb_sep = "\r\n\r\n"
|
29
|
+
eoh = text.index(hb_sep)
|
30
|
+
if eoh.nil?
|
31
|
+
hb_sep = "\n\n"
|
32
|
+
eoh = text.index(hb_sep)
|
33
|
+
end
|
34
|
+
unless eoh.nil?
|
35
|
+
raw_header = text[0..eoh-1]
|
36
|
+
raw_body = text[eoh+hb_sep.length..-1]
|
37
|
+
puts ">> RawBody: #{raw_body}"
|
38
|
+
else
|
39
|
+
raw_header = text
|
40
|
+
raw_body = nil
|
41
|
+
end
|
42
|
+
|
43
|
+
response = raw_header.split("\n")
|
44
|
+
response.map!{|r| "#{r.strip}\r\n" }
|
45
|
+
Watobo::Response.create response
|
46
|
+
unless raw_body.nil?
|
47
|
+
response << "\r\n"
|
48
|
+
response << raw_body unless raw_body.strip.empty?
|
49
|
+
end
|
50
|
+
return response
|
51
|
+
|
52
|
+
rescue => bang
|
53
|
+
puts bang
|
54
|
+
puts bang.backtrace
|
55
|
+
end
|
56
|
+
return nil
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
if $0 == __FILE__
|
62
|
+
inc_path = File.expand_path(File.join(File.dirname(__FILE__), "..", ".."))
|
63
|
+
$: << inc_path
|
64
|
+
|
65
|
+
require 'watobo'
|
66
|
+
|
67
|
+
text =<<'EOF'
|
68
|
+
HTTP/1.1 200 OK
|
69
|
+
Content-Type: text/html
|
70
|
+
Vary: Accept-Encoding
|
71
|
+
Expires: Thu, 19 Jul 2012 06:57:20 GMT
|
72
|
+
Cache-Control: max-age=0, no-cache, no-store
|
73
|
+
Pragma: no-cache
|
74
|
+
Date: Thu, 19 Jul 2012 06:57:20 GMT
|
75
|
+
Content-Length: 203
|
76
|
+
Connection: close
|
77
|
+
|
78
|
+
<html></html>
|
79
|
+
EOF
|
80
|
+
|
81
|
+
text2 ="HTTP/1.1 200 OK\r\n" +
|
82
|
+
"Content-Type: text/html\r\n" +
|
83
|
+
"Vary: Accept-Encoding\r\n" +
|
84
|
+
"Expires: Thu, 19 Jul 2012 06:57:20 GMT\r\n" +
|
85
|
+
"Cache-Control: max-age=0, no-cache, no-store\r\n" +
|
86
|
+
"Pragma: no-cache\r\n" +
|
87
|
+
"Date: Thu, 19 Jul 2012 06:57:20 GMT\r\n" +
|
88
|
+
"Content-Length: 203\r\n" +
|
89
|
+
"Connection: close\r\n\r\n" +
|
90
|
+
"<html></html>\r\n"
|
91
|
+
|
92
|
+
unless ARGV[0].nil?
|
93
|
+
if File.exist? ARGV[0]
|
94
|
+
text = File.open(ARGV[0],"rb").read
|
95
|
+
end
|
96
|
+
end
|
97
|
+
r = Watobo::Utils.string2response text
|
98
|
+
puts r.class
|
99
|
+
puts r.status
|
100
|
+
puts r.content_type
|
101
|
+
puts r
|
102
|
+
puts
|
103
|
+
puts "="
|
104
|
+
puts
|
105
|
+
r = Watobo::Utils.string2response text2
|
106
|
+
puts r.class
|
107
|
+
puts r.status
|
108
|
+
puts r.content_type
|
109
|
+
puts r
|
110
|
+
|
111
|
+
end
|
data/lib/watobo.rb
CHANGED
@@ -32,8 +32,10 @@ require 'digest/md5'
|
|
32
32
|
require 'zlib'
|
33
33
|
require 'base64'
|
34
34
|
require 'cgi'
|
35
|
+
require 'uri'
|
35
36
|
require 'pathname'
|
36
37
|
require 'net/ntlm'
|
38
|
+
require 'drb'
|
37
39
|
|
38
40
|
require 'watobo/constants'
|
39
41
|
require 'watobo/utils'
|
@@ -47,7 +49,7 @@ require 'watobo/framework'
|
|
47
49
|
|
48
50
|
module Watobo
|
49
51
|
|
50
|
-
VERSION = "0.9.9
|
52
|
+
VERSION = "0.9.9"
|
51
53
|
|
52
54
|
def self.base_directory
|
53
55
|
@base_directory ||= ""
|
@@ -86,3 +88,4 @@ end
|
|
86
88
|
|
87
89
|
Watobo.init_framework
|
88
90
|
|
91
|
+
require 'watobo/ca'
|
@@ -27,6 +27,7 @@ module Watobo
|
|
27
27
|
|
28
28
|
class Http_methods < Watobo::ActiveCheck
|
29
29
|
@@tested_directories = []
|
30
|
+
|
30
31
|
def initialize(project, prefs={})
|
31
32
|
@project = project
|
32
33
|
super(project, prefs)
|
@@ -73,6 +74,7 @@ module Watobo
|
|
73
74
|
#sleep(1)
|
74
75
|
checker = proc{
|
75
76
|
begin
|
77
|
+
result = nil
|
76
78
|
test_request = nil
|
77
79
|
test_response = nil
|
78
80
|
test_method = "#{method}"
|
@@ -85,8 +87,7 @@ module Watobo
|
|
85
87
|
|
86
88
|
result_request, result_response = doRequest(test_request, :default => true)
|
87
89
|
is_vuln = true
|
88
|
-
if result_response.status then
|
89
|
-
|
90
|
+
if result_response.status then
|
90
91
|
@not_allowed_response.each do |nar|
|
91
92
|
if result_response.status =~ /#{nar}/i then
|
92
93
|
is_vuln = false
|
@@ -104,12 +105,13 @@ module Watobo
|
|
104
105
|
)
|
105
106
|
end
|
106
107
|
end
|
107
|
-
[ result_request, result_response ]
|
108
|
+
result = [ result_request, result_response ]
|
108
109
|
rescue => bang
|
109
110
|
puts bang
|
110
111
|
puts bang.backtrace if $DEBUG
|
111
|
-
[ nil, nil ]
|
112
|
+
result = [ nil, nil ]
|
112
113
|
end
|
114
|
+
result
|
113
115
|
}
|
114
116
|
yield checker
|
115
117
|
end
|
@@ -84,8 +84,8 @@ module Watobo
|
|
84
84
|
:rating => VULN_RATING_HIGH,
|
85
85
|
:title => "[#{parm}] - #{test_request.file}"
|
86
86
|
)
|
87
|
-
[ test_request, test_response ]
|
88
87
|
end
|
88
|
+
[ test_request, test_response ]
|
89
89
|
}
|
90
90
|
yield checker
|
91
91
|
end
|
@@ -109,9 +109,9 @@ module Watobo
|
|
109
109
|
:chat => chat,
|
110
110
|
:rating => VULN_RATING_HIGH,
|
111
111
|
:title => "[#{parm}] - #{file}"
|
112
|
-
)
|
113
|
-
[ test_request, test_response ]
|
112
|
+
)
|
114
113
|
end
|
114
|
+
[ test_request, test_response ]
|
115
115
|
}
|
116
116
|
yield checker
|
117
117
|
end
|
@@ -133,11 +133,11 @@ EOF
|
|
133
133
|
# now calculate the average time
|
134
134
|
average_t = rtimes.inject(:+) / rtimes.length
|
135
135
|
max_t = rtimes.max > 5 ? rtimes.max : 5
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
136
|
+
# puts "Analyzing timing behaviour ..."
|
137
|
+
# rtimes.each do |t|
|
138
|
+
# puts t.to_s
|
139
|
+
# end
|
140
|
+
# puts "Average Response Time: #{average_t}s (max #{max_t}s)"
|
141
141
|
|
142
142
|
# time_to_sleep = 4 * max_t
|
143
143
|
time_to_sleep = max_t
|
@@ -200,7 +200,7 @@ EOF
|
|
200
200
|
|
201
201
|
|
202
202
|
duration = sqli_stop - sqli_start
|
203
|
-
|
203
|
+
# puts duration
|
204
204
|
if ( duration >= time_to_sleep )
|
205
205
|
puts "Found time-based SQLi in parameter #{parm} !!!"
|
206
206
|
puts "after #{duration}s / time-to-sleep #{time_to_sleep}s)"
|