forked from Lainports/freebsd-ports
111153dec9
Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing. WWW: http://www.scrt.ch/en/attack/downloads/webshag PR: ports/187676 Submitted by: clutton@zoho.com
99 lines
4.2 KiB
Text
99 lines
4.2 KiB
Text
--- /tmp/setup.linux.py 2014-08-29 20:27:32.000000000 +0300
|
|
+++ setup.linux.py 2014-08-29 20:57:35.000000000 +0300
|
|
@@ -24,21 +24,21 @@
|
|
## INIT ##
|
|
## ################################################################# ##
|
|
|
|
-path_prefix = os.path.abspath(os.path.curdir) + '/'
|
|
+path_prefix = '/usr/local/'
|
|
|
|
## ################################################################# ##
|
|
## CONSTANTS ##
|
|
## ################################################################# ##
|
|
|
|
-NMAP = u'/usr/bin/nmap'
|
|
+NMAP = u'/usr/local/bin/nmap'
|
|
CORE_FILE = u'webshag/core/core_file.py'
|
|
-CFG_FILE = u'config/webshag.conf'
|
|
-FUZZ_DIRS = path_prefix + u'/database/fuzzer/directory-list-2.3-small.txt'
|
|
-FUZZ_FILES = path_prefix + u'/database/fuzzer/directory-list-1.0.txt'
|
|
-FUZZ_EXT = path_prefix + u'/database/fuzzer/extensions.txt'
|
|
-CUSTOM_DB = path_prefix + u'/database/custom'
|
|
-NIKTO_DB = path_prefix + u'/database/nikto'
|
|
-IDS_PROXIES = path_prefix + u'/database/proxies/proxies.txt'
|
|
+CFG_FILE = u'etc/webshag.conf'
|
|
+FUZZ_DIRS = path_prefix + u'share/webshag/fuzzer/directory-list-2.3-small.txt'
|
|
+FUZZ_FILES = path_prefix + u'share/webshag/fuzzer/directory-list-1.0.txt'
|
|
+FUZZ_EXT = path_prefix + u'share/webshag/fuzzer/extensions.txt'
|
|
+CUSTOM_DB = path_prefix + u'share/webshag/custom'
|
|
+NIKTO_DB = path_prefix + u'share/webshag/nikto'
|
|
+IDS_PROXIES = path_prefix + u'share/webshag/proxies/proxies.txt'
|
|
|
|
CORE_CFG_RE = re.compile(ur'CFG_FILE\s=\s(?P<path>.*)')
|
|
|
|
@@ -55,7 +55,7 @@
|
|
|
|
else:
|
|
print u'Not Found!'
|
|
- user_nmap = raw_input(u'[#] Please specify Nmap (nmap.exe) location (blank to skip): ')
|
|
+ user_nmap = ''
|
|
if user_nmap != '':
|
|
if os.path.isfile(user_nmap):
|
|
nmap = 'True'
|
|
@@ -73,13 +73,8 @@
|
|
## LIVE SEARCH APPID ##
|
|
## ################################################################# ##
|
|
|
|
-user_live = raw_input(u'[#] Enter your Live Search AppID (blank to skip): ')
|
|
-if user_live != '':
|
|
- live_id = user_live
|
|
- print u'[*] Live Search AppID: ' + user_live + u'\t Done!'
|
|
-else:
|
|
- live_id = ''
|
|
- print u'[!] AppID missing. Domain information module will not be functional.'
|
|
+live_id = 'False'
|
|
+print u'[!] AppID missing. Insert your LiveID into etc/webshag.conf.'
|
|
|
|
## ################################################################# ##
|
|
## ALTERING FILES ##
|
|
@@ -92,14 +87,14 @@
|
|
# core_file.py
|
|
print u'[*] Patching source code (configuration file location)...\t',
|
|
# reading file
|
|
-core_file_handler = codecs.open(core_file, u'r', u'utf-8')
|
|
+core_file_handler = codecs.open(u'webshag/core/core_file.py', u'r', u'utf-8')
|
|
core_file_contents = core_file_handler.read()
|
|
core_file_handler.close()
|
|
# replacing path value
|
|
old_path = CORE_CFG_RE.findall(core_file_contents)[-1]
|
|
core_file_contents = core_file_contents.replace(old_path, '\'' + cfg_file + '\'')
|
|
# writing file back
|
|
-core_file_handler = codecs.open(core_file, u'w', u'utf-8')
|
|
+core_file_handler = codecs.open(u'webshag/core/core_file.py', u'w', u'utf-8')
|
|
core_file_handler.write(core_file_contents)
|
|
core_file_handler.close()
|
|
print u'Done!'
|
|
@@ -107,7 +102,7 @@
|
|
# webshag.conf
|
|
print u'[*] Fixing configuration file settings...\t',
|
|
configParser = SafeConfigParser()
|
|
-configParser.readfp(codecs.open(cfg_file, u'r', u'utf-8'))
|
|
+configParser.readfp(codecs.open(u'etc/webshag.conf', u'r', u'utf-8'))
|
|
configParser.set(u'core_file', u'fuzzer_file_list', FUZZ_FILES)
|
|
configParser.set(u'core_file', u'fuzzer_dir_list', FUZZ_DIRS)
|
|
configParser.set(u'core_file', u'fuzzer_ext_list', FUZZ_EXT)
|
|
@@ -117,7 +112,7 @@
|
|
configParser.set(u'module_info', u'live_id', live_id)
|
|
configParser.set(u'module_portscan', u'nmap', nmap)
|
|
configParser.set(u'module_portscan', u'nmap_location', nmap_location)
|
|
-cfg_file_handler = codecs.open(cfg_file, u'w', u'utf-8')
|
|
+cfg_file_handler = codecs.open(u'etc/webshag.conf', u'w', u'utf-8')
|
|
configParser.write(cfg_file_handler)
|
|
cfg_file_handler.close()
|
|
print u'Done!'
|
|
@@ -129,5 +124,3 @@
|
|
print ''
|
|
print 'Thanks for your interest in webshag! It is now ready to be used!'
|
|
print 'Enjoy! For more information please visit www.scrt.ch'
|
|
-print ''
|
|
-raw_input('Press any key to exit.\n')
|