wmap 2.4.4 → 2.4.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 5694ee5d1b8c7c612253fe814a4c829ea30f0107
4
- data.tar.gz: f20a472f8b02efb83c918d2a8359d09adeed6bd9
2
+ SHA256:
3
+ metadata.gz: 781e42205ee21710dc610778284fb6ab3fc4644598632d204db6bdc291af216f
4
+ data.tar.gz: c2c1c527be70b2452b1aa66ea2138af78a094ae82eb8ddfde15a2ec09df30700
5
5
  SHA512:
6
- metadata.gz: 1598c1da69120421bd68ba0dc92730e07e7a099206255ada23a55ac4db6e79410af0b9a4184fb56779cef9ab5f5cfe887ca22d7e0505117d08450c36293a59b7
7
- data.tar.gz: 23532584bc9deec9fb6fc76a1537c474b7ee05e0e74d27d9c79d2d4ef880d10a5a77eb13c8d6e7f04b58b32339e20bb3d989002a4319fee36ad29a4b938cf74b
6
+ metadata.gz: ab3231e48a2d65f777afa36a9efb28bc741dfe79f0a10aae64d18ad6861206ca209984635b57ffe863bfa4a602d07cc79ad472561c3eccf1fb527973ef15bd0b
7
+ data.tar.gz: 55ead86d6498b73e0b2511518dcd3cdc69468456fc3525ff523b03a38b31bbadd18185e94c8afea777c3dd3f0d943b7ee1868482bbd2badecb4b339ad14eb6f5
data/README.rdoc CHANGED
@@ -6,6 +6,10 @@ This program is designed for the web application asset discovery and tracking. I
6
6
  to cover the gaps of a similar commercial product. Over the time it grows to be a more capable and complete replacement (IMHO).
7
7
 
8
8
 
9
+ == Wmap in Motion
10
+ Use the demo web app build on top of wmap gem: http://wmap.io/
11
+
12
+
9
13
  == Program Version
10
14
  The latest release is Beta version 1.5.x as of fall 2014. Please refer to the CHANGELOG.md for the program's history information.
11
15
 
@@ -19,36 +23,36 @@ To take full power of this program, you would need an *nix flavor machine with d
19
23
 
20
24
  gem install wmap-x.x.x.gem --no-rdoc
21
25
 
26
+ == Specific Installation Problem with Nokogiri
27
+ Nokogiri is a native xml/html parser used by the project. It's fast and powerful. However, it comes with pitfall of installation problem around building native extension for your environment. Please refer to this page for trouble-shooting tip (http://www.nokogiri.org/tutorials/installing_nokogiri.html).
22
28
 
23
29
  == Dependency
24
30
  You need the Ruby 1.9.2 or above in order to use this program. In my test environment, I was able to set it up with RVM. Please refer to this page for more installation information: http://www.ruby-lang.org/en/downloads/
25
31
 
26
- In addition, the following Ruby GEM dependency are needed by different components of this software:
27
- require "digest/md5"
32
+ In addition, the following Ruby GEM dependency are needed by different components of this software. The should be installed automatically:
28
33
  require "dnsruby"
29
34
  require "geoip"
30
35
  require "minitest/autorun"
31
- require "net/http"
32
36
  require "net/ping"
33
37
  require "netaddr"
34
38
  require "nokogiri"
35
- require "open_uri_redirections"
39
+ require "css_parser"
36
40
  require "openssl"
37
- require "open-uri"
41
+ require "open_uri_redirections"
38
42
  require "parallel"
39
- require "resolv"
40
- require "singleton"
41
- require "uri"
42
43
  require "whois"
43
44
  require 'httpclient'
44
- require 'nokogiri'
45
- require 'open-uri'
46
- To install "uri" gem for example, use the command below:
47
- $ gem install uri
45
+
46
+
47
+ In case you want to install the above gems separately, use the command below:
48
+
49
+ gem install dnsruby geoip minitest net-ping netaddr nokogiri css_parser open_uri_redirections openssl parallel whois httpclient
48
50
 
49
51
  == Ruby-whois Gem Patches
50
- This software depends on a patched version of Ruby gem ruby-whois-2.7.0 (http://www.ruby-whois.org/) for the domain whois lookup feature. For better result, you could manually add the patches into your local whois gem installation directory as shown below:
51
- $ cp whois_patches/* [Your_ruby_whois_gem_path]/whois/lib/whois/record/parser/
52
+ This software depends on a patched version of Ruby gem ruby-whois (http://www.ruby-whois.org/) for the domain whois lookup feature. For better result, you could manually add the patches into your local whois gem installation directory as shown below:
53
+
54
+ cp whois_patches/* [Your_ruby_whois_gem_path]/whois/lib/whois/record/parser/
55
+
52
56
  Or you can directly download the branched whois gem from this repository - https://github.com/yangsec888/whois
53
57
 
54
58
 
@@ -57,15 +61,17 @@ You need to define a scope for the program to run successful. The scope includes
57
61
  network block in the CIDR format.
58
62
 
59
63
  To add your Internet domain into the scope, use the build-in shell command below:
60
- $ trust XYZ.COM
61
64
 
62
- To add your public network block into the scope:
63
- $ trust x.x.x.x/x
65
+ trust XYZ.COM
66
+
67
+ To add your public network block into the scope (note current support of IPv4 only):
68
+
69
+ trust x.x.x.x/x
64
70
 
65
71
 
66
72
  == Automatic Discovery and Tracking
67
73
 
68
- $ wmap <seed file | target host | target url | target IP or network cidr>
74
+ wmap <seed file | target host | target url | target IP or network cidr>
69
75
 
70
76
  The above utility is intelligent enough to take argument as either a seed file, or a string such as a host, an IP, a network block, or a URL. The new discoveries will be automatically tracked in the data file 'lib/wmap/data/target_sites'.
71
77
  Note: seed file - mix of url, cidr and domain seed, one entry per line.
@@ -76,7 +82,8 @@ The above utility is intelligent enough to take argument as either a seed file,
76
82
 
77
83
  == Dump Out Discovery Database
78
84
  You can dump out the program output by using the build-in utility 'wdump' as shown below:
79
- $ wdump [output file name from you]
85
+
86
+ wdump [output file name from you]
80
87
 
81
88
  The above utility will dump out the discovery database into a single file as program output. Currently, the supported file format is Comma-separated Value (.csv) and Extensible Markup Language (.xml)
82
89
 
@@ -91,7 +98,7 @@ The software comes with the Ruby doc during your installation as shown above. Fo
91
98
  If you need additional documentation / information other than this README file and the Ruby document package, please be patient - as I'm still working on it :)
92
99
 
93
100
  == How do I report the bugs, or maybe require some new features?
94
- Contact the author Yang Li directly at email 'yang.li@owasp.org'.
101
+ Contact the author Sam Li directly at email 'yang.li@owasp.org'.
95
102
 
96
103
 
97
104
  == Legal Disclaimer:
data/bin/RHPG ADDED
@@ -0,0 +1,85 @@
1
+ #!/usr/bin/env ruby
2
+ # Executable to lookup then merge site tech details into the RHPG asset spreadsheet in CSV format only
3
+ #
4
+ ## Usage: RHPG [RHPG.csv]
5
+ require "wmap"
6
+ require "csv"
7
+ include Wmap::Utils
8
+
9
+ def print_usage
10
+ puts "Program to lookup then merge the site details into RHPG asset spreadsheet. \nUsage: RHPG [RHPG.csv]"
11
+ end
12
+
13
+ def site_lookup(domain)
14
+ tracker=Wmap::SiteTracker.new(:verbose=>false)
15
+ #first order search
16
+ tracker.known_sites.each do |key,val|
17
+ if key.include?(domain.strip.downcase) && key.include?("https")
18
+ tracker=nil
19
+ return [key] + val.values
20
+ end
21
+ end
22
+ #second order search
23
+ tracker.known_sites.each do |key,val|
24
+ if key.include?(domain.strip.downcase)
25
+ tracker=nil
26
+ return [key] + val.values
27
+ end
28
+ end
29
+ tracker=nil
30
+ return [nil]*9
31
+ end
32
+
33
+ def wp_site_lookup(domain)
34
+ tracker=Wmap::WpTracker.new(:verbose=>false)
35
+ # first order
36
+ tracker.known_wp_sites.each do |key,val|
37
+ if key.include?(domain.strip.downcase) && val
38
+ ver=tracker.wp_ver(key)
39
+ tracker=nil
40
+ return [val,ver]
41
+ end
42
+ end
43
+ # second order
44
+ tracker.known_wp_sites.each do |key,val|
45
+ if key.include?(domain.strip.downcase) && key.include?("https")
46
+ tracker=nil
47
+ return [val,nil]
48
+ end
49
+ end
50
+ # third order
51
+ tracker.known_wp_sites.each do |key,val|
52
+ if key.include?(domain.strip.downcase)
53
+ tracker=nil
54
+ return [val,nil]
55
+ end
56
+ end
57
+ tracker=nil
58
+ return [nil,nil]
59
+ end
60
+
61
+ puts Wmap.banner
62
+ print_usage
63
+
64
+ # open output file to write
65
+ CSV.open("output.csv", "wb") do |csv|
66
+ cnt=1
67
+ # open RHPG input file to read
68
+ CSV.foreach(ARGV[0]) do |row|
69
+ puts "Processing row #{cnt}"
70
+ #puts row.inspect
71
+ my_row=Array.new
72
+ if cnt > 1
73
+ if is_domain?(row[0])
74
+ my_row = row + site_lookup(row[0]) + wp_site_lookup(row[0])
75
+ else
76
+ my_row = row + [nil]*10
77
+ end
78
+ else
79
+ my_row = row + ["Website","Primary IP","Port","Hosting Status","Server","Response Code","MD5 Finger-print","Redirection","Timestamp", "WordPress", "WordPress Version"]
80
+ end
81
+ cnt+=1
82
+ csv << my_row
83
+ end
84
+ puts "All done. "
85
+ end
data/bin/trust CHANGED
@@ -1,6 +1,6 @@
1
1
  #!/usr/bin/env ruby
2
2
  require "wmap"
3
- # Executable to add seed entry into ring of the trust. I.E. the trusted domain or CIDR
3
+ # Executable to add seed entry into ring of the trust. I.E. the trusted domain or CIDR
4
4
 
5
5
  def print_usage
6
6
  puts "Program to add trust authority entry. Usage: trust [domain|CIDR]"
@@ -11,15 +11,15 @@ print_usage
11
11
  Log_dir=File.dirname(__FILE__)+'/../logs/'
12
12
  Wmap.wlog("Execute the command: trust #{ARGV[0]}","trust",Log_dir+"wmap.log")
13
13
 
14
- dt=Wmap::DomainTracker.instance
15
- ct=Wmap::CidrTracker.new
14
+ dt=Wmap::DomainTracker.new
15
+ ct=Wmap::CidrTracker.new(:verbose=>true)
16
16
  abort "Incorrect program argument! Proper usage: trust [domain | netblock]" unless ARGV.length==1 && (dt.is_fqdn?(ARGV[0]) || ct.is_cidr?(ARGV[0]))
17
17
 
18
18
  puts "Start the baptizing process ..."
19
19
 
20
20
  # Add entry into the local repository
21
21
 
22
- if dt.is_domain?(ARGV[0])
22
+ if dt.is_domain?(ARGV[0])
23
23
  result=dt.add(ARGV[0])
24
24
  unless result.nil?
25
25
  dt.save!
@@ -27,7 +27,7 @@ if dt.is_domain?(ARGV[0])
27
27
  end
28
28
  end
29
29
  dt=nil
30
-
30
+
31
31
  if ct.is_cidr?(ARGV[0])
32
32
  result=ct.add(ARGV[0])
33
33
  unless result.nil?
data/bin/trusts ADDED
@@ -0,0 +1,38 @@
1
+ #!/usr/bin/env ruby
2
+ # Executable to add seed entries into ring of the trust. I.E. the trusted domain or CIDR
3
+ require "wmap"
4
+ include Wmap::Utils
5
+ def print_usage
6
+ puts "Program to add trust authority entries. Usage: trust [domain|CIDR list in a file]"
7
+ end
8
+
9
+ puts Wmap.banner
10
+ print_usage
11
+ Log_dir=File.dirname(__FILE__)+'/../logs/'
12
+ Wmap.wlog("Execute the command: trust #{ARGV[0]}","trust",Log_dir+"wmap.log")
13
+
14
+ dt=Wmap::DomainTracker.new
15
+ ct=Wmap::CidrTracker.new(:verbose=>true)
16
+ abort "Incorrect program argument! Proper usage: trust [domain | netblock]" unless ARGV.length==1 && (File.exist?(ARGV[0]))
17
+
18
+ puts "Start the baptizing process ..."
19
+
20
+ file_2_list(ARGV[0]).map do |target|
21
+ # Add entry into the local repository
22
+ if dt.is_domain?(target)
23
+ result=dt.add(target)
24
+ unless result.nil?
25
+ dt.save!
26
+ puts "Domain #{target} is successfully baptized!"
27
+ end
28
+ elsif ct.is_cidr?(target)
29
+ result=ct.add(target)
30
+ unless result.nil?
31
+ ct.save!
32
+ puts "Net block #{target} is successfully baptized!"
33
+ end
34
+ end
35
+ end
36
+
37
+ dt=nil
38
+ ct=nil
data/bin/updateAll CHANGED
@@ -19,7 +19,7 @@ else
19
19
  abort "You got it. Mission is successfully aborted. "
20
20
  end
21
21
  # Update sub-domain table
22
- sd=Wmap::DomainTracker::SubDomain.instance
22
+ sd=Wmap::DomainTracker::SubDomain.new
23
23
  sd.update_from_host_store!
24
24
  subs=sd.known_internet_sub_domains.keys
25
25
  sd=nil
@@ -29,29 +29,25 @@ bruter=Wmap::DnsBruter.new
29
29
  sub_hosts=bruter.brutes(subs).values.flatten
30
30
 
31
31
  # Update primary host store
32
- ph=Wmap::HostTracker::PrimaryHost.instance
32
+ ph=Wmap::HostTracker::PrimaryHost.new
33
33
  ph.update_from_site_store!
34
34
  ph.refresh_all
35
35
  ph.save!
36
36
  ph=nil
37
37
 
38
38
  # Update host store
39
- h=Wmap::HostTracker.instance
39
+ h=Wmap::HostTracker.new
40
40
  h.refresh_all
41
41
  h.adds(sub_hosts)
42
42
  h.save!
43
43
  h=nil
44
44
 
45
45
  # Update site store
46
- st=Wmap::SiteTracker.instance
46
+ st=Wmap::SiteTracker.new
47
47
  st.refresh_all
48
- dt=Wmap::SiteTracker::DeactivatedSite.instance
48
+ dt=Wmap::SiteTracker::DeactivatedSite.new
49
49
  ds=dt.known_sites.keys
50
50
  st.adds(ds) #double-check the de-activated sites in case the site is back on-line again
51
51
  st.save!
52
52
  st=nil
53
53
  dt=nil
54
-
55
-
56
-
57
-
data/bin/wadds CHANGED
@@ -11,7 +11,7 @@ print_usage
11
11
  Log_dir=File.dirname(__FILE__)+'/../logs/'
12
12
  Wmap.wlog("Execute the command: wadds #{ARGV[0]}","wadds",Log_dir+"wmap.log")
13
13
 
14
- st=Wmap::SiteTracker.instance
14
+ st=Wmap::SiteTracker.new
15
15
  abort "Incorrect program argument!" unless ARGV.length==1 && File.exist?(ARGV[0])
16
16
 
17
17
  # Evaluate the argument and update the data store accordingly
data/bin/wmaps ADDED
@@ -0,0 +1,24 @@
1
+ #!/usr/bin/env ruby
2
+ # script to automate the new site discovery through by crawling all unique sites in the site store
3
+ require "wmap"
4
+ require "parallel"
5
+
6
+ def wmap_worker(domain)
7
+ cmd = "wmap " + domain
8
+ puts "wmap discovery on domain: ", domain
9
+ system(cmd)
10
+ end
11
+
12
+
13
+ tracker=Wmap::DomainTracker.new
14
+ =begin
15
+ Parallel.map(tracker.known_internet_domains.keys, :in_processes => 10) { |target|
16
+ puts "Working on #{target} ..." if @verbose
17
+ wmap_worker(target)
18
+ }
19
+ =end
20
+ tracker.known_internet_domains.keys.map do |domain|
21
+ wmap_worker(domain)
22
+ end
23
+
24
+ tracker=nil