Cybersec
/
wapiti
mirror of https://github.com/wapiti-scanner/wapiti.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* Updated documentation (removed remaining references to sourceforge, changed instructions about Windows, added missing information about options, regenerated manpages) 

* Removed make_exe.py
* Updated copyright dates
* Increased version number
This commit is contained in:
devloop 2022-02-06 17:57:55 +01:00
parent f3f121254e
commit f956154462
103 changed files with 374 additions and 434 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
INSTALL.md
View File

@ -39,12 +39,6 @@ Now let's activate it (make it our current working environment) :
. wapiti3/bin/activate
```
Or alternatively on Windows :
```sh
wapiti3\Scripts\activate.bat
```
Now you are in the virtual environment you can install Wapiti and its dependencies :
```sh
@ -87,6 +81,5 @@ Then use setup.py for installation. Remember that dev version may contain unknow
I made several YouTube videos to show Wapiti installation :
* on Windows : https://www.youtube.com/watch?v=j3LCVj15VBE
* on OpenSUSE : https://www.youtube.com/watch?v=RmF2Sr2B3ZA
* on Ubuntu : https://www.youtube.com/watch?v=TD5rehelHPY

2
VERSION
View File

@ -1 +1 @@
Wapiti 3.0.9
Wapiti 3.1.0

4
bin/wapiti
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2017-2021 Nicolas SURRIBAS
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2017-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
bin/wapiti-getcookie
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2017-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2017-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

2
doc/AUTHORS
View File

@ -1,6 +1,6 @@
Main Developer - Nicolas Surribas <nicolas.surribas (at) gmail.com>
http://devloop.users.sourceforge.net/
https://wapiti.sourceforge.io/
https://wapiti-scanner.github.io/
A Special thanks to the following people for the work on the version 2.3.0 :
* David del Pozo (spanish translations)

6
doc/ChangeLog_Wapiti
View File

@ -302,15 +302,15 @@
Some modifications have been made on getccokie.py so it can work
on Webmin (and probably more web applications)
Added -t (--timeout) option to set the timeout in seconds
Added -v (--verbose) option to set the verbosity. Three availables
Added -v (--verbose) option to set the verbosity. Three available
modes :
0: only print found vulnerabilities
1: print current attacked urls (existing urls)
2: print every attack payload and url (very much informations... good
2: print every attack payload and url (very much information... good
for debugging)
Wapiti is much more modular and comes with some functions to set scan
and attack options... look the code ;)
Some defaults options are availables as "modules" with option -m
Some defaults options are available as "modules" with option -m
(--module) :
GET_XSS: only scan for XSS with HTTP GET method (no post)
POST_XSS: XSS attacks using POST and not GET

4
doc/ChangeLog_lswww
View File

@ -18,7 +18,7 @@
Version 2.3.1
Fixed a bug in lswww if root url is not given complete.
Fixed a bug in lswww with a call to BeautifulSoup made on non text files.
Fixed a bug that occured when verbosity = 2. Unicode error on stderr.
Fixed a bug that occurred when verbosity = 2. Unicode error on stderr.
27/12/2009
Version 2.3.0
@ -29,7 +29,7 @@
argument.
Fixed bug ID 2779441 "Python Version 2.5 required?"
Use an home made cookie library instead or urllib2's one.
Keep aditionnal informations on the webpages (headers + encoding)
Keep additional information on the webpages (headers + encoding)
Use BeautifulSoup to detect webpage encoding and handle parsing errors.
Fixed a bug when "a href" or "form action" have an empty string as value.
Better support of Unicode.

16
doc/FAQ.md
View File

@ -14,9 +14,10 @@ Details of installation can be found in the INSTALL.md file.
Any operating system with a recent Python3 installation should be ok.
### Will you release a standalone Windows executable like the one made for Wapiti 2.3.0 ? ###
### Is Wapiti still supported for Windows ###
I'd like to but Microsoft make it so hard to actually doing it. py2exe and pyinstaller seems broken with latests Windows versions.
Wapiti won't work out of the box on Microsoft Windows system, but you should be able to run it from inside a WSL environment.
See this link for more information about WSL: https://docs.microsoft.com/en-us/windows/wsl/
### Can I modify and share the software code ? ###
@ -24,10 +25,9 @@ Sure as long as you respect the GPLv2 license.
### How do I execute Wapiti ? ###
Wapiti is a console tool so it must be launched from a terminal (cmd.exe on Windows, Konsole or GnomeTerminal on Linux, etc)
Wapiti is a console tool so it must be launched from a terminal (Konsole or GnomeTerminal on Linux, etc)
If you installed Wapiti then the binary should be in your path. Otherwise you will have to launch it from the bin folder once the archive is uncompressed.
On Linux and OSX, just typing `wapiti` should work.
On Windows you will have to specify the interpreter (`python wapiti`).
On Linux and OSX, just typing `wapiti` should work.
### Where can I get some help about options ? ###
@ -41,7 +41,7 @@ On Windows you can use the command `chcp 65001` to change the codepage before us
### I found a bug. Where to report ? ###
Please create an issue on https://sourceforge.net/p/wapiti/bugs/
Please create an issue on https://github.com/wapiti-scanner/wapiti/issues
### Can I help the project ? ###
@ -109,7 +109,7 @@ Don't hesitate to move to OWASP Zed Attack Proxy for in-depth pentesting.
An HTTP endpoint is used for some modules in order to see if the target is vulnerable.
Such modules are currently XXE and SSRF. The endpoint is necessary to see if the target generates an external HTTP request.
The default endpoint is hosted at wapiti3.ovh so your computer and the target must be able to contact it to check vulnerability results.
You can set up your own endpoint, all required files can be found here : https://sourceforge.net/p/wapiti/git/ci/master/tree/endpoint/
You can set up your own endpoint, all required files can be found here : https://github.com/wapiti-scanner/wapiti/tree/master/endpoint
You will need URL rewriting to set up the endpoint.
Wapiti have several options that can be used to specify the endpoint's URL.
@ -126,4 +126,4 @@ Crash reports are also sent to the wapiti3.ovh website so I can try to fix bugs.
Yes you can follow me on Twitter @devl00p.
My website is http://devloop.users.sourceforge.net/
I write some CTF walkthrough. Articles are in french though.
I write some CTF walkthrough. Articles are in French though.

8
doc/endpoints.md
View File

@ -29,4 +29,10 @@ you will have to make the endpoint listen on an IP of that network. You may end
- External endpoint: http://192.168.1.85/ - this is the URL that the target will request
- Internal endpoint: http://127.0.0.1/ - this is the URL that Wapiti will request at the end of the attack to get results
The XXE module also use the endpoints options. The whole process is described in the `doc/xxe_module.md` file.
The XXE module also use the endpoints options. The whole process is described in the `doc/xxe_module.md` file.
## What is the DNS endpoint?
The log4shell attack module uses a DNS endpoint to see if a scanned website is vulnerable to the popular log4j vulnerability.
The default endpoint used is dns.wapiti3.ovh which is a DNS server.

2
doc/example.txt
View File

@ -34,7 +34,7 @@ bash-4.2$ wapiti -u http://wackopicko/ -x http://wackopicko/users/logout.php -c
██║███╗██║██╔══██║██╔═══╝ ██║ ██║ ██║ ╚═══██╗
╚███╔███╔╝██║ ██║██║ ██║ ██║ ██║██████╔╝
╚══╝╚══╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═╝╚═════╝
Wapiti-3.0.9 (wapiti.sourceforge.io)
Wapiti-3.1.0 (wapiti-scanner.github.io)
[*] Saving scan state, please wait...
Note

6
doc/wapiti-getcookie.1
View File

@ -1,7 +1,7 @@
.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "WAPITI\-GETCOOKIE" "1" "May 2021" "" ""
.TH "WAPITI\-GETCOOKIE" "1" "February 2022" "" ""
.
.SH "NAME"
\fBwapiti\-getcookie\fR \- A Wapiti utility to fetch cookies from a webpage and store them in the Wapiti JSON format\.
@ -92,13 +92,13 @@ Example: \-d \'login=admin&password=letmein&submit=Login\'
Wapiti is covered by the GNU General Public License (GPL), version 2\. Please read the LICENSE file for more information\.
.
.SH "COPYRIGHT"
Copyright (c) 2006\-2021 Nicolas Surribas\.
Copyright (c) 2006\-2022 Nicolas Surribas\.
.
.SH "AUTHORS"
Nicolas Surribas is the main author, but the whole list of contributors is found in the separate AUTHORS file\.
.
.SH "WWW"
https://wapiti\.sourceforge\.io/
https://wapiti\-scanner\.github\.io/
.
.SH "BUG REPORTS"
If you find a bug in Wapiti please report it to https://github\.com/wapiti\-scanner/wapiti/issues

6
doc/wapiti-getcookie.1.html
View File

@ -122,7 +122,7 @@ Please read the LICENSE file for more information.</p>
<h2 id="COPYRIGHT">COPYRIGHT</h2>
<p>Copyright (c) 2006-2021 Nicolas Surribas.</p>
<p>Copyright (c) 2006-2022 Nicolas Surribas.</p>
<h2 id="AUTHORS">AUTHORS</h2>
@ -130,7 +130,7 @@ Please read the LICENSE file for more information.</p>
<h2 id="WWW">WWW</h2>
<p>https://wapiti.sourceforge.io/</p>
<p>https://wapiti-scanner.github.io/</p>
<h2 id="BUG-REPORTS">BUG REPORTS</h2>
@ -139,7 +139,7 @@ Please read the LICENSE file for more information.</p>
<ol class='man-decor man-foot man foot'>
<li class='tl'></li>
<li class='tc'>May 2021</li>
<li class='tc'>February 2022</li>
<li class='tr'>wapiti-getcookie(1)</li>
</ol>

4
doc/wapiti-getcookie.ronn
View File

@ -51,7 +51,7 @@ Please read the LICENSE file for more information.
## COPYRIGHT
Copyright (c) 2006-2021 Nicolas Surribas.
Copyright (c) 2006-2022 Nicolas Surribas.
## AUTHORS
@ -59,7 +59,7 @@ Nicolas Surribas is the main author, but the whole list of contributors is found
## WWW
https://wapiti.sourceforge.io/
https://wapiti-scanner.github.io/
## BUG REPORTS

58
doc/wapiti.1
View File

@ -1,7 +1,7 @@
.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "WAPITI" "1" "May 2021" "" ""
.TH "WAPITI" "1" "February 2022" "" ""
.
.SH "NAME"
\fBwapiti\fR \- A web application vulnerability scanner in Python
@ -134,6 +134,23 @@ SCAN AND ATTACKS TUNING:
.IP "" 0
.
.P
ENDPOINT OPTIONS:
.
.IP "\(bu" 4
\fB\-\-external\-endpoint\fR \fIEXTERNAL_ENDPOINT_URL\fR
.
.IP "\(bu" 4
\fB\-\-internal\-endpoint\fR \fIINTERNAL_ENDPOINT_URL\fR
.
.IP "\(bu" 4
\fB\-\-endpoint\fR \fIENDPOINT_URL\fR
.
.IP "\(bu" 4
\fB\-\-dns\-endpoint\fR \fIDNS_ENDPOINT_DOMAIN\fR
.
.IP "" 0
.
.P
HTTP AND NETWORK OPTIONS:
.
.IP "\(bu" 4
@ -159,6 +176,9 @@ OUTPUT OPTIONS:
.IP "\(bu" 4
\fB\-v\fR \fILEVEL\fR
.
.IP "\(bu" 4
\fB\-\-log\fR \fIOUTPUT_PATH\fR
.
.IP "" 0
.
.P
@ -226,7 +246,7 @@ punk : will scan and attack every URL found whatever the domain\. Think twice be
.
.IP "" 0
.
.SH "ATTACK SPECIFICATION"
.SH "ATTACKS SPECIFICATION"
.
.IP "\(bu" 4
\fB\-m\fR, \fB\-\-module\fR \fIMODULE_LIST\fR
@ -278,7 +298,7 @@ Default value for this option is 1\.
.
.IP "" 0
.
.SH "PROXY AND AUTHENTICATION OPTIONS"
.SH "PROXY AND AUTHENTICATION"
.
.IP "\(bu" 4
\fB\-p\fR, \fB\-\-proxy\fR \fIPROXY_URL\fR
@ -327,7 +347,7 @@ Ignore cookies given in HTTP responses\. Cookies that have been loaded using \fB
.
.IP "" 0
.
.SH "SESSION OPTIONS"
.SH "SESSIONS"
Since Wapiti 3\.0\.0, scanned URLs, discovered vulnerabilities and attacks status are stored in sqlite3 databases used as Wapiti session files\.
.
.br
@ -511,21 +531,20 @@ Paranoid mode will attack 30 URLs with 1 parameter, 5 for 2, and just 1 for 3 an
.br
Wapiti leverages Python\'s asyncio framework for this\.
.
.IP "\(bu" 4
\fB\-\-endpoint\fR \fIURL\fR Some attack modules are using an HTTP endpoint to check for vulnerabilities\.
.IP "" 0
.
.SH "ENDPOINT OPTIONS"
Some attack modules are using an HTTP endpoint to check for vulnerabilities\.
.
.br
For example the SSRF module inject the endpoint URL into webpage arguments to check if the target script try to fetch that URL\.
.
.br
Default endpoint is http://wapiti3\.ovh/\. Keep in mind that the target and your computer must be able to join that endpoint for the module to work\.
Default HTTP endpoint is http://wapiti3\.ovh/\. Keep in mind that the target and your computer must be able to join that endpoint for the module to work\.
.
.br
On internal pentests this endpoint may not be accessible to the target hence you may prefer to set up your own endpoint\.
.
.br
This option will set both internal and external endpoint URL to the same value\.
.
.IP "\(bu" 4
\fB\-\-internal\-endpoint\fR \fIURL\fR You may want to specify an internal endpoint different from the external one\.
.
@ -541,6 +560,15 @@ If you are behind a NAT it may be an URL for a local server (for example http://
.br
Using your own endpoint may reduce risk of being caught by NIDS or WAF\.
.
.IP "\(bu" 4
\fB\-\-endpoint\fR \fIURL\fR This option will set both internal and external endpoint URL to the same value\.
.
.IP "\(bu" 4
\fB\-\-dns\-endpoint\fR \fIDNS\fR This options specify the DNS endpoint to use for the log4shell attack module\.
.
.br
The default value is dns\.wapiti3\.ovh
.
.IP "" 0
.
.SH "HTTP AND NETWORK OPTIONS"
@ -584,7 +612,7 @@ Wapiti prints its status to standard output\. The two following options allow to
\fB\-\-color\fR
.
.br
Outpout will be colorized based on the severity of the information (red is critical, orange for warnings, green for information)\.
Output will be colorized based on the severity of the information (red is critical, orange for warnings, green for information)\.
.
.IP "\(bu" 4
\fB\-v\fR, \fB\-\-verbose\fR \fILEVEL\fR
@ -592,6 +620,12 @@ Outpout will be colorized based on the severity of the information (red is criti
.br
Set the level of verbosity for the output\. Possible values are quiet (O), normal (1, default behavior) and verbose (2)\.
.
.IP "\(bu" 4
\fB\-\-log\fR \fIOUTPUT_PATH\fR In addition to getting information from the console you can also log the output to a local file\.
.
.br
Debug information will also be stored in that file so this option should be mainly used to debug Wapiti\.
.
.IP "" 0
.
.SH "REPORT OPTIONS"
@ -646,7 +680,7 @@ Show detailed options description\. More details are available in this manpage t
Wapiti is covered by the GNU General Public License (GPL), version 2\. Please read the LICENSE file for more information\.
.
.SH "COPYRIGHT"
Copyright (c) 2006\-2021 Nicolas Surribas\.
Copyright (c) 2006\-2022 Nicolas Surribas\.
.
.SH "AUTHORS"
Nicolas Surribas is the main author, but the whole list of contributors is found in the separate AUTHORS file\.

53
doc/wapiti.1.html
View File

@ -58,10 +58,11 @@
<a href="#DESCRIPTION">DESCRIPTION</a>
<a href="#OPTIONS-SUMMARY">OPTIONS SUMMARY</a>
<a href="#TARGET-SPECIFICATION">TARGET SPECIFICATION</a>
<a href="#ATTACK-SPECIFICATION">ATTACK SPECIFICATION</a>
<a href="#PROXY-AND-AUTHENTICATION-OPTIONS">PROXY AND AUTHENTICATION OPTIONS</a>
<a href="#SESSION-OPTIONS">SESSION OPTIONS</a>
<a href="#ATTACKS-SPECIFICATION">ATTACKS SPECIFICATION</a>
<a href="#PROXY-AND-AUTHENTICATION">PROXY AND AUTHENTICATION</a>
<a href="#SESSIONS">SESSIONS</a>
<a href="#SCAN-AND-ATTACKS-TUNING">SCAN AND ATTACKS TUNING</a>
<a href="#ENDPOINT-OPTIONS">ENDPOINT OPTIONS</a>
<a href="#HTTP-AND-NETWORK-OPTIONS">HTTP AND NETWORK OPTIONS</a>
<a href="#OUTPUT-OPTIONS">OUTPUT OPTIONS</a>
<a href="#REPORT-OPTIONS">REPORT OPTIONS</a>
@ -162,6 +163,16 @@ More detail on each option can be found in the following sections.</p>
</ul>
<p>ENDPOINT OPTIONS:</p>
<ul>
<li><code>--external-endpoint</code> <var>EXTERNAL_ENDPOINT_URL</var></li>
<li><code>--internal-endpoint</code> <var>INTERNAL_ENDPOINT_URL</var></li>
<li><code>--endpoint</code> <var>ENDPOINT_URL</var></li>
<li><code>--dns-endpoint</code> <var>DNS_ENDPOINT_DOMAIN</var></li>
</ul>
<p>HTTP AND NETWORK OPTIONS:</p>
<ul>
@ -177,6 +188,7 @@ More detail on each option can be found in the following sections.</p>
<ul>
<li><code>--color</code></li>
<li><code>-v</code> <var>LEVEL</var></li>
<li><code>--log</code> <var>OUTPUT_PATH</var></li>
</ul>
@ -218,7 +230,7 @@ Define the scope of the scan and attacks. Valid choices are :</p>
</ul>
<h2 id="ATTACK-SPECIFICATION">ATTACK SPECIFICATION</h2>
<h2 id="ATTACKS-SPECIFICATION">ATTACKS SPECIFICATION</h2>
<ul>
<li><p><code>-m</code>, <code>--module</code> <var>MODULE_LIST</var><br />
@ -240,7 +252,7 @@ Default value for this option is 1.</p></li>
</ul>
<h2 id="PROXY-AND-AUTHENTICATION-OPTIONS">PROXY AND AUTHENTICATION OPTIONS</h2>
<h2 id="PROXY-AND-AUTHENTICATION">PROXY AND AUTHENTICATION</h2>
<ul>
<li><p><code>-p</code>, <code>--proxy</code> <var>PROXY_URL</var><br />
@ -262,7 +274,7 @@ Ignore cookies given in HTTP responses. Cookies that have been loaded using <cod
</ul>
<h2 id="SESSION-OPTIONS">SESSION OPTIONS</h2>
<h2 id="SESSIONS">SESSIONS</h2>
<p>Since Wapiti 3.0.0, scanned URLs, discovered vulnerabilities and attacks status are stored in sqlite3 databases used as Wapiti session files.<br />
Default behavior when a previous scan session exists for the given base URL and scope is to resume the scan and attack status.<br />
@ -343,12 +355,17 @@ Paranoid mode will attack 30 URLs with 1 parameter, 5 for 2, and just 1 for 3 an
<li><p><code>--tasks</code> <var>TASKS</var>
Set how many concurrent tasks Wapiti should use.<br />
Wapiti leverages Python's asyncio framework for this.</p></li>
<li><p><code>--endpoint</code> <var>URL</var>
Some attack modules are using an HTTP endpoint to check for vulnerabilities.<br />
</ul>
<h2 id="ENDPOINT-OPTIONS">ENDPOINT OPTIONS</h2>
<p>Some attack modules are using an HTTP endpoint to check for vulnerabilities.<br />
For example the SSRF module inject the endpoint URL into webpage arguments to check if the target script try to fetch that URL.<br />
Default endpoint is http://wapiti3.ovh/. Keep in mind that the target and your computer must be able to join that endpoint for the module to work.<br />
On internal pentests this endpoint may not be accessible to the target hence you may prefer to set up your own endpoint.<br />
This option will set both internal and external endpoint URL to the same value.</p></li>
Default HTTP endpoint is http://wapiti3.ovh/. Keep in mind that the target and your computer must be able to join that endpoint for the module to work.<br />
On internal pentests this endpoint may not be accessible to the target hence you may prefer to set up your own endpoint.</p>
<ul>
<li><p><code>--internal-endpoint</code> <var>URL</var>
You may want to specify an internal endpoint different from the external one.<br />
The internal endpoint is used by Wapiti to fetch results of attacks.<br />
@ -356,6 +373,11 @@ If you are behind a NAT it may be an URL for a local server (for example http://
<li><p><code>--external-endpoint</code> <var>URL</var>
Set the endpoint URL (the one that the target will fetch in case of vulnerability).<br />
Using your own endpoint may reduce risk of being caught by NIDS or WAF.</p></li>
<li><p><code>--endpoint</code> <var>URL</var>
This option will set both internal and external endpoint URL to the same value.</p></li>
<li><p><code>--dns-endpoint</code> <var>DNS</var>
This options specify the DNS endpoint to use for the log4shell attack module.<br />
The default value is dns.wapiti3.ovh</p></li>
</ul>
@ -382,10 +404,13 @@ Wapiti doesn't care of certificates validation by default. That behavior can be
<ul>
<li><p><code>--color</code><br />
Outpout will be colorized based on the severity of the information (red is critical, orange for warnings, green for information).</p></li>
Output will be colorized based on the severity of the information (red is critical, orange for warnings, green for information).</p></li>
<li><p><code>-v</code>, <code>--verbose</code> <var>LEVEL</var><br />
Set the level of verbosity for the output.
Possible values are quiet (O), normal (1, default behavior) and verbose (2).</p></li>
<li><p><code>--log</code> <var>OUTPUT_PATH</var>
In addition to getting information from the console you can also log the output to a local file.<br />
Debug information will also be stored in that file so this option should be mainly used to debug Wapiti.</p></li>
</ul>
@ -425,7 +450,7 @@ Please read the LICENSE file for more information.</p>
<h2 id="COPYRIGHT">COPYRIGHT</h2>
<p>Copyright (c) 2006-2021 Nicolas Surribas.</p>
<p>Copyright (c) 2006-2022 Nicolas Surribas.</p>
<h2 id="AUTHORS">AUTHORS</h2>
@ -446,7 +471,7 @@ Please read the LICENSE file for more information.</p>
<ol class='man-decor man-foot man foot'>
<li class='tl'></li>
<li class='tc'>May 2021</li>
<li class='tc'>February 2022</li>
<li class='tr'>wapiti(1)</li>
</ol>

43
doc/wapiti.ronn
View File

@ -63,6 +63,13 @@ SCAN AND ATTACKS TUNING:
* `-S`, `--scan-force` {paranoid,sneaky,polite,normal,aggressive,insane}
* `--tasks` <TASKS>
ENDPOINT OPTIONS:
* `--external-endpoint` <EXTERNAL_ENDPOINT_URL>
* `--internal-endpoint` <INTERNAL_ENDPOINT_URL>
* `--endpoint` <ENDPOINT_URL>
* `--dns-endpoint` <DNS_ENDPOINT_DOMAIN>
HTTP AND NETWORK OPTIONS:
* `-t` <SECONDS>
@ -74,6 +81,7 @@ OUTPUT OPTIONS:
* `--color`
* `-v` <LEVEL>
* `--log` <OUTPUT_PATH>
REPORT OPTIONS:
@ -101,7 +109,7 @@ OTHER OPTIONS:
- domain : will scan and attack every URL whose domain name match the one from the base URL.
- punk : will scan and attack every URL found whatever the domain. Think twice before using that scope.
## ATTACK SPECIFICATION
## ATTACKS SPECIFICATION
* `-m`, `--module` <MODULE_LIST>
Set the list of attack modules (modules names separated with commas) to launch against the target.
@ -122,7 +130,7 @@ OTHER OPTIONS:
It may be useful on CGIs when developers have to parse the query-string themselves.
Default value for this option is 1.
## PROXY AND AUTHENTICATION OPTIONS
## PROXY AND AUTHENTICATION
* `-p`, `--proxy` <PROXY_URL>
The given URL will be used as a proxy for HTTP and HTTPS requests. This URL can have one of the following scheme : http, https, socks.
@ -146,7 +154,7 @@ OTHER OPTIONS:
* `--drop-set-cookie`
Ignore cookies given in HTTP responses. Cookies that have been loaded using `-c` will be kept.
## SESSION OPTIONS
## SESSIONS
Since Wapiti 3.0.0, scanned URLs, discovered vulnerabilities and attacks status are stored in sqlite3 databases used as Wapiti session files.
Default behavior when a previous scan session exists for the given base URL and scope is to resume the scan and attack status.
@ -240,13 +248,13 @@ Following options allows you to bypass this behavior/
Set how many concurrent tasks Wapiti should use.
Wapiti leverages Python's asyncio framework for this.
* `--endpoint` <URL>
Some attack modules are using an HTTP endpoint to check for vulnerabilities.
For example the SSRF module inject the endpoint URL into webpage arguments to check if the target script try to fetch that URL.
Default endpoint is http://wapiti3.ovh/. Keep in mind that the target and your computer must be able to join that endpoint for the module to work.
On internal pentests this endpoint may not be accessible to the target hence you may prefer to set up your own endpoint.
This option will set both internal and external endpoint URL to the same value.
## ENDPOINT OPTIONS
Some attack modules are using an HTTP endpoint to check for vulnerabilities.
For example the SSRF module inject the endpoint URL into webpage arguments to check if the target script try to fetch that URL.
Default HTTP endpoint is http://wapiti3.ovh/. Keep in mind that the target and your computer must be able to join that endpoint for the module to work.
On internal pentests this endpoint may not be accessible to the target hence you may prefer to set up your own endpoint.
* `--internal-endpoint` <URL>
You may want to specify an internal endpoint different from the external one.
The internal endpoint is used by Wapiti to fetch results of attacks.
@ -255,6 +263,13 @@ Following options allows you to bypass this behavior/
* `--external-endpoint` <URL>
Set the endpoint URL (the one that the target will fetch in case of vulnerability).
Using your own endpoint may reduce risk of being caught by NIDS or WAF.
* `--endpoint` <URL>
This option will set both internal and external endpoint URL to the same value.
* `--dns-endpoint` <DNS>
This options specify the DNS endpoint to use for the log4shell attack module.
The default value is dns.wapiti3.ovh
## HTTP AND NETWORK OPTIONS
@ -279,12 +294,16 @@ Following options allows you to bypass this behavior/
Wapiti prints its status to standard output. The two following options allow to tune the output.
* `--color`
Outpout will be colorized based on the severity of the information (red is critical, orange for warnings, green for information).
Output will be colorized based on the severity of the information (red is critical, orange for warnings, green for information).
* `-v`, `--verbose` <LEVEL>
Set the level of verbosity for the output.
Possible values are quiet (O), normal (1, default behavior) and verbose (2).
* `--log` <OUTPUT_PATH>
In addition to getting information from the console you can also log the output to a local file.
Debug information will also be stored in that file so this option should be mainly used to debug Wapiti.
## REPORT OPTIONS
Wapiti will generate a report at the end of the attack process. Several formats of reports are available.
@ -319,7 +338,7 @@ Please read the LICENSE file for more information.
## COPYRIGHT
Copyright (c) 2006-2021 Nicolas Surribas.
Copyright (c) 2006-2022 Nicolas Surribas.
## AUTHORS

128
make_exe.py
View File

@ -1,128 +0,0 @@
#!/usr/bin/env python3
# Don't use this script unless you know exactly what you are doing !
from distutils.core import setup
import os
import sys
# dirty hack so we don't have to give any argument
if "py2exe" not in sys.argv:
sys.argv.append("py2exe")
VERSION = "3.0.9"
# Build file lists
def build_file_list(results, dest, files_root, src=""):
cwd = os.getcwd()
if src != "":
os.chdir(src)
for root, dirs, files in os.walk(files_root):
if ".svn" in dirs:
dirs.remove(".svn")
if files:
results.append((os.path.join(dest, root), [os.path.join(src, root, x) for x in files]))
os.chdir(cwd)
data_files = [
("data", ["INSTALL", "README", "TODO", "VERSION"])
]
build_file_list(data_files, "data", "doc", src="")
build_file_list(data_files, "data", "data", src="wapitiCore")
build_file_list(data_files, "data", "report_template", src="wapitiCore")
build_file_list(data_files, "data", "language_sources", src="wapitiCore")
# Main
setup(
name="wapiti3",
version=VERSION,
description="A web application vulnerability scanner",
long_description="""\
Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the
application but will scans the webpages of the deployed webapp, looking for
scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see
if a script is vulnerable.""",
url="https://wapiti.sourceforge.io/",
author="Nicolas SURRIBAS",
author_email="nicolas.surribas@gmail.com",
license="GPLv2",
platforms=["Any"],
packages=[
'wapitiCore',
'wapitiCore.attack',
'wapitiCore.language',
'wapitiCore.report',
'wapitiCore.net',
'wapitiCore.file',
'wapitiCore.net.jsparser'
],
data_files=data_files,
console=[
{
"script": "bin/wapiti",
"icon_resources": [(1, "doc/wapiti.ico")]
},
{
"script": "bin/wapiti-cookie",
"icon_resources": [(1, "doc/cookie.ico")]
},
{
"script": "bin/wapiti-getcookie",
"icon_resources": [(1, "doc/cookie.ico")]
}
],
classifiers=[
'Development Status :: 2 - Pre-Alpha',
'Environment :: Console',
'Intended Audience :: End Users/Desktop',
'Intended Audience :: Developers',
'Intended Audience :: System Administrators',
'License :: OSI Approved :: GNU General Public License (GPL)',
'Operating System :: MacOS :: MacOS X',
'Operating System :: Microsoft :: Windows',
'Operating System :: POSIX',
'Operating System :: Unix',
'Programming Language :: Python',
'Topic :: Security',
'Topic :: Internet :: WWW/HTTP :: Indexing/Search',
'Topic :: Software Development :: Testing'
],
options={
"py2exe": {
"includes": [
"wapitiCore.attack.mod_backup",
"wapitiCore.attack.mod_brute_login_form",
"wapitiCore.attack.mod_timesql",
"wapitiCore.attack.mod_buster",
"wapitiCore.attack.mod_cookieflags",
"wapitiCore.attack.mod_crlf",
"wapitiCore.attack.mod_csp",
"wapitiCore.attack.mod_drupal_enum",
"wapitiCore.attack.mod_exec",
"wapitiCore.attack.mod_file",
"wapitiCore.attack.mod_htaccess",
"wapitiCore.attack.mod_http_headers",
"wapitiCore.attack.mod_methods",
"wapitiCore.attack.mod_nikto",
"wapitiCore.attack.mod_permanentxss",
"wapitiCore.attack.mod_redirect",
"wapitiCore.attack.mod_shellshock",
"wapitiCore.attack.mod_sql",
"wapitiCore.attack.mod_ssrf",
"wapitiCore.attack.mod_xss",
"wapitiCore.attack.mod_xxe",
"wapitiCore.attack.mod_wp_enum",
"wapitiCore.report.reportgenerator",
"wapitiCore.report.htmlreportgenerator",
"wapitiCore.report.jsonreportgenerator",
"wapitiCore.report.txtreportgenerator",
"wapitiCore.report.xmlreportgenerator"
]
}
}
)

2
pylint-ignore.md
View File

@ -325,7 +325,7 @@ The recommended approach to using `pylint-ignore` is:
```
> 1: #!/usr/bin/env python3
2: # -*- coding: utf-8 -*-
3: # This file is part of the Wapiti project (https://wapiti.sourceforge.io)
3: # This file is part of the Wapiti project (https://wapiti-scanner.github.io)
```

5
setup.py
View File

@ -5,7 +5,7 @@ from multiprocessing import cpu_count
from setuptools import setup, find_packages
from setuptools.command.test import test as TestCommand
VERSION = "3.0.9"
VERSION = "3.1.0"
DOC_DIR = "share/doc/wapiti"
@ -73,7 +73,7 @@ application but will scans the webpages of the deployed webapp, looking for
scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see
if a script is vulnerable.""",
url="https://wapiti.sourceforge.io/",
url="https://wapiti-scanner.github.io/",
author="Nicolas Surribas",
author_email="nicolas.surribas@gmail.com",
license="GPLv2",
@ -94,7 +94,6 @@ if a script is vulnerable.""",
"License :: OSI Approved :: GNU General Public License v2 (GPLv2)",
"Natural Language :: English",
"Operating System :: MacOS :: MacOS X",
"Operating System :: Microsoft :: Windows",
"Operating System :: POSIX",
"Operating System :: Unix",
"Programming Language :: Python :: 3",

2
tests/attack/test_mod_crlf.py
View File

@ -17,7 +17,7 @@ async def test_whole_stuff():
# Test attacking all kind of parameter without crashing
respx.get(url__regex=r"http://perdu\.com/\?a=.*&foo=bar").mock(return_value=httpx.Response(200, text="Hello there"))
respx.get(url__regex=r"http://perdu.com/\?a=b*&foo=.*wapiti.*").mock(
return_value=httpx.Response(200, text="Hello there", headers={"wapiti": "3.0.9 version"})
return_value=httpx.Response(200, text="Hello there", headers={"wapiti": "3.1.0 version"})
)
persister = AsyncMock()

4
tests/attack/test_mod_xss_advanced.py
View File

@ -260,7 +260,7 @@ async def test_xss_uppercase_no_script():
@pytest.mark.asyncio
async def test_frame_src_escape():
persister = AsyncMock()
request = Request("http://127.0.0.1:65081/frame_src_escape.php?url=https://wapiti.sourceforge.io/")
request = Request("http://127.0.0.1:65081/frame_src_escape.php?url=https://wapiti-scanner.github.io/")
request.path_id = 42
crawler = AsyncCrawler("http://127.0.0.1:65081/")
options = {"timeout": 10, "level": 2}
@ -279,7 +279,7 @@ async def test_frame_src_escape():
@pytest.mark.asyncio
async def test_frame_src_no_escape():
persister = AsyncMock()
request = Request("http://127.0.0.1:65081/frame_src_no_escape.php?url=https://wapiti.sourceforge.io/")
request = Request("http://127.0.0.1:65081/frame_src_no_escape.php?url=https://wapiti-scanner.github.io/")
request.path_id = 42
crawler = AsyncCrawler("http://127.0.0.1:65081/")
options = {"timeout": 10, "level": 2}

2
tests/parsers/test_html_forms.py
View File

@ -61,7 +61,7 @@ def test_forms():
"text": "default",
"textarea": "Hi there!",
"time": "13:37",
"url": "https://wapiti.sourceforge.io/",
"url": "https://wapiti-scanner.github.io/",
"week": "2019-W24"
}
elif form.file_path == "/upload.php":

4
wapitiCore/__init__.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2017-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2017-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/attack.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_backup.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2009-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2009-2022 Nicolas Surribas
#
# Original authors :
# Anthony DUBOCAGE

4
wapitiCore/attack/mod_brute_login_form.py
View File

@ -1,5 +1,5 @@
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2020-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2020-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_buster.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2014-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2014-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_cookieflags.py
View File

@ -1,5 +1,5 @@
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2020-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2020-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

6
wapitiCore/attack/mod_crlf.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@ -36,7 +36,7 @@ class ModuleCrlf(Attack):
MSG_VULN = _("CRLF Injection")
do_get = True
do_post = True
payloads = (quote("http://www.google.fr\r\nwapiti: 3.0.9 version"), Flags())
payloads = (quote("http://www.google.fr\r\nwapiti: 3.1.0 version"), Flags())
def __init__(self, crawler, persister, attack_options, stop_event):
super().__init__(crawler, persister, attack_options, stop_event)

4
wapitiCore/attack/mod_csp.py
View File

@ -1,5 +1,5 @@
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2020-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2020-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_csrf.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2020-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2020-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_exec.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

6
wapitiCore/attack/mod_file.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@ -158,7 +158,7 @@ class ModuleFile(Attack):
return False
else:
if pattern in response.content:
# Store false positive informations in order to prevent doing unnecessary requests
# Store false positive information in order to prevent doing unnecessary requests
self.known_false_positives[request.path_id].add(pattern)
return True

4
wapitiCore/attack/mod_htaccess.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2009-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2009-2022 Nicolas Surribas
#
# Original authors :
# Anthony DUBOCAGE

12
wapitiCore/attack/mod_htp.py
View File

@ -20,6 +20,7 @@ MSG_TECHNO_VERSIONED = _("The range for {0} is from {1} to {2}")
Technology = str
Version = str
class ModuleHtp(Attack):
"""
Identify web technologies used by the web server using the HashThePlanet database.
@ -100,9 +101,8 @@ class ModuleHtp(Attack):
async def finish(self):
if self._db is None:
return
root_url = await self.persister.get_root_url()
truth_table: List[Version] = None
ranges_tables = None
for technology, versions_list in self.tech_versions.items():
# First we retrieve all the stored versions in the same order as they have been added to the database
@ -125,9 +125,10 @@ class ModuleHtp(Attack):
# We get the max range by sorting the ranges by descending order and retrieving the first value
max_index = sorted(max_range, reverse=True)[0]
tech_info = {}
tech_info["name"] = technology
tech_info["versions"] = truth_table[min_index:max_index + 1]
tech_info = {
"name": technology,
"versions": truth_table[min_index:max_index + 1]
}
await self.add_vuln_info(
category=WEB_SERVER_VERSIONED,
@ -177,6 +178,7 @@ class ModuleHtp(Attack):
logging.info(_("Downloading from the web..."))
await self.update()
def regexp(expr, item):
reg = re.compile(expr)

4
wapitiCore/attack/mod_http_headers.py
View File

@ -1,5 +1,5 @@
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2020-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2020-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

26
wapitiCore/attack/mod_log4shell.py
View File

@ -64,8 +64,6 @@ class ModuleLog4Shell(Attack):
return
await self._verify_header_vulnerability(malicious_request, header_target, payload, payload_unique_id)
async def attack_apache_solr_url(self, request_url: str):
payload_unique_id = uuid.uuid4()
payload = self._generate_payload(payload_unique_id).replace("{", "%7B").replace("}", "%7D")
@ -186,21 +184,21 @@ class ModuleLog4Shell(Attack):
log_red("---")
async def _verify_headers_vulnerability(
self,
modified_request: Request,
malicious_headers: dict,
headers_uuid_record: dict
self,
modified_request: Request,
malicious_headers: dict,
headers_uuid_record: dict
):
for header, payload in malicious_headers.items():
header_uuid = headers_uuid_record.get(header)
await self._verify_header_vulnerability(modified_request, header, payload, header_uuid)
async def _verify_header_vulnerability(
self,
modified_request: Request,
header: str,
payload: str,
unique_id: uuid.UUID
self,
modified_request: Request,
header: str,
payload: str,
unique_id: uuid.UUID
):
if await self._verify_dns(str(unique_id)) is True:
await self.add_vuln_critical(
@ -271,9 +269,9 @@ class ModuleLog4Shell(Attack):
return batch_malicious_headers, headers_uuid_record
def _inject_payload(
self,
original_request: Request,
params: List[Tuple[str, str]],
self,
original_request: Request,
params: List[Tuple[str, str]],
) -> Tuple[Request, str, uuid.UUID]:
for idx, _ in enumerate(params):
malicious_params = copy.deepcopy(params)

4
wapitiCore/attack/mod_methods.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2018-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2018-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_nikto.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2009-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2009-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_permanentxss.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_redirect.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2019-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2019-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_shellshock.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2014-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2014-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_sql.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_ssl.py
View File

@ -1,5 +1,5 @@
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_ssrf.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2018-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2018-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_takeover.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_timesql.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_wapp.py
View File

@ -1,6 +1,6 @@
#!/usr/bin/env python3
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2020-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2020-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_xss.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/attack/mod_xxe.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2019-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2019-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/backup.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/credentials.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/crlf.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/csp.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/csrf.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/dangerous_resource.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/exec.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/file.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/fingerprint.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/htaccess.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/http_headers.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/http_only.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/internal_error.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/redirect.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/resource_consumption.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/secure_cookie.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/sql.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/ssl.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/ssrf.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/stored_xss.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/subdomain_takeovers.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/timesql.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/definitions/xxe.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

18
wapitiCore/language/language.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# Original author :
# David del Pozo
@ -25,21 +25,13 @@
import os
import locale
import gettext
import sys
from pkg_resources import resource_filename
AVAILABLE_LANGS = ["en", "es", "fr", "pt", "zh"] # "de", "ms"]
if sys.platform == "win32":
import ctypes
windll = ctypes.windll.kernel32
def_locale = locale.windows_locale[windll.GetUserDefaultUILanguage()] # for example fr_FR
lang_country = def_locale[:2]
else:
# getdefaultlocale will return (None, None) if locale settings are incorrectly set (ex: LANG=C)
def_locale = locale.getdefaultlocale() # for example ('fr_FR', 'cp1252')
lang_country = def_locale[0]
# getdefaultlocale will return (None, None) if locale settings are incorrectly set (ex: LANG=C)
def_locale = locale.getdefaultlocale() # for example ('fr_FR', 'cp1252')
lang_country = def_locale[0]
lang = None
if isinstance(lang_country, str) and len(lang_country) >= 2:

4
wapitiCore/language/vulnerability.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2013-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2013-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

2
wapitiCore/language_sources/de.po
View File

@ -1,5 +1,5 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR 2009-2021 Nicolas SURRIBAS
# Copyright (C) YEAR 2009-2022 Nicolas SURRIBAS
# This file is distributed under the same license as the Wapiti package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#

2
wapitiCore/language_sources/en.po
View File

@ -1,5 +1,5 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR 2009-2021 Nicolas SURRIBAS
# Copyright (C) YEAR 2009-2022 Nicolas SURRIBAS
# This file is distributed under the same license as the Wapiti package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#

2
wapitiCore/language_sources/es.po
View File

@ -1,5 +1,5 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR 2009-2021 Nicolas SURRIBAS
# Copyright (C) YEAR 2009-2022 Nicolas SURRIBAS
# This file is distributed under the same license as the Wapiti package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#

2
wapitiCore/language_sources/fr.po
View File

@ -1,5 +1,5 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR 2009-2021 Nicolas SURRIBAS
# Copyright (C) YEAR 2009-2022 Nicolas SURRIBAS
# This file is distributed under the same license as the Wapiti package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#

2
wapitiCore/language_sources/generateSources.sh
View File

@ -4,7 +4,7 @@
# --no-location ne pas créer les commentaires de numérotation du type "#: fichier:ligne"
# --omit-header ne pas créer d'en-têtes de la forme 'msgid ""'
# First generate the template with all current strings, it will delete the previous file (so remove old strings)
xgettext --copyright-holder="2009-2021 Nicolas SURRIBAS" --package-name="Wapiti" --package-version="GIT" --from-code=UTF-8 -L Python --no-wrap -d wapiti -o template.po -f file_list.txt --no-location --omit-header
xgettext --copyright-holder="2009-2022 Nicolas SURRIBAS" --package-name="Wapiti" --package-version="GIT" --from-code=UTF-8 -L Python --no-wrap -d wapiti -o template.po -f file_list.txt --no-location --omit-header
# Next, update the translation files by adding entry for new strings
# while keeping already translated strings if they are still used.

2
wapitiCore/language_sources/ms.po
View File

@ -1,5 +1,5 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR 2009-2021 Nicolas SURRIBAS
# Copyright (C) YEAR 2009-2022 Nicolas SURRIBAS
# This file is distributed under the same license as the Wapiti package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#

2
wapitiCore/language_sources/pt.po
View File

@ -1,5 +1,5 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR 2009-2021 Nicolas SURRIBAS
# Copyright (C) YEAR 2009-2022 Nicolas SURRIBAS
# This file is distributed under the same license as the Wapiti package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#

2
wapitiCore/language_sources/zh.po
View File

@ -1,5 +1,5 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR 2009-2021 Nicolas SURRIBAS
# Copyright (C) YEAR 2009-2022 Nicolas SURRIBAS
# This file is distributed under the same license as the Wapiti package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#

4
wapitiCore/main/getcookie.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2006-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2006-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/main/log.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2006-2021 Nicolas SURRIBAS
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2006-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

76
wapitiCore/main/wapiti.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2006-2021 Nicolas SURRIBAS
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2006-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@ -51,7 +51,7 @@ from wapitiCore.net.sql_persister import SqlPersister
from wapitiCore.net.web import Request
from wapitiCore.report import GENERATORS, get_report_generator_instance
WAPITI_VERSION = "Wapiti 3.0.9"
WAPITI_VERSION = "Wapiti 3.1.0"
SCAN_FORCE_VALUES = {
"paranoid": 1,
@ -1053,6 +1053,34 @@ async def wapiti_main():
type=int, default=32
)
parser.add_argument(
"--external-endpoint",
metavar="EXTERNAL_ENDPOINT_URL",
default=argparse.SUPPRESS,
help=_("Url serving as endpoint for target")
)
parser.add_argument(
"--internal-endpoint",
metavar="INTERNAL_ENDPOINT_URL",
default=argparse.SUPPRESS,
help=_("Url serving as endpoint for attacker")
)
parser.add_argument(
"--endpoint",
metavar="ENDPOINT_URL",
default="https://wapiti3.ovh/",
help=_("Url serving as endpoint for both attacker and target")
)
parser.add_argument(
"--dns-endpoint",
metavar="DNS_ENDPOINT_DOMAIN",
default="dns.wapiti3.ovh",
help=_("Domain serving as DNS endpoint for Log4Shell attack")
)
parser.add_argument(
"-t", "--timeout",
type=float, default=6.0,
@ -1102,6 +1130,13 @@ async def wapiti_main():
choices=range(0, 3)
)
parser.add_argument(
"--log",
metavar="OUTPUT_PATH",
default=None,
help=_("Output log file")
)
parser.add_argument(
"-f", "--format",
metavar="FORMAT",
@ -1117,41 +1152,6 @@ async def wapiti_main():
help=_("Output file or folder")
)
parser.add_argument(
"--log",
metavar="OUTPUT_PATH",
default=None,
help=_("Output log file")
)
parser.add_argument(
"--external-endpoint",
metavar="EXTERNAL_ENDPOINT_URL",
default=argparse.SUPPRESS,
help=_("Url serving as endpoint for target")
)
parser.add_argument(
"--internal-endpoint",
metavar="INTERNAL_ENDPOINT_URL",
default=argparse.SUPPRESS,
help=_("Url serving as endpoint for attacker")
)
parser.add_argument(
"--dns-endpoint",
metavar="DNS_ENDPOINT_DOMAIN",
default="dns.wapiti3.ovh",
help=_("Domain serving as DNS endpoint for Log4Shell attack")
)
parser.add_argument(
"--endpoint",
metavar="ENDPOINT_URL",
default="https://wapiti3.ovh/",
help=_("Url serving as endpoint for both attacker and target")
)
parser.add_argument(
"--no-bugreport",
action="store_true",

4
wapitiCore/net/crawler.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2006-2021 Nicolas SURRIBAS
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2006-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/net/csp_utils.py
View File

@ -1,5 +1,5 @@
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/net/jsoncookie.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2012-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2012-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/net/lamejs.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# LameJs - A very basic javascript interpreter in Python
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2013-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2013-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

6
wapitiCore/net/page.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2006-2021 Nicolas SURRIBAS
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2006-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@ -761,7 +761,7 @@ class Page:
"tel": "0606060606",
"text": "default",
"time": "13:37",
"url": "https://wapiti.sourceforge.io/",
"url": "https://wapiti-scanner.github.io/",
"username": "alice",
"week": "2019-W24"
}

4
wapitiCore/net/sql_persister.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2017-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2017-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/net/swf.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2017-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2017-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/net/web.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/net/xss_utils.py
View File

@ -1,5 +1,5 @@
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2020-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2020-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/report/__init__.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2021-2022 Nicolas Surribas
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/report/csvreportgenerator.py
View File

@ -1,9 +1,9 @@
#!/usr/bin/env python3
# CSV Report Generator Module for Wapiti Project
# Wapiti Project (https://wapiti.sourceforge.io)
# Wapiti Project (https://wapiti-scanner.github.io)
#
# Copyright (C) 2021 Nicolas SURRIBAS
# Copyright (C) 2021-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

4
wapitiCore/report/htmlreportgenerator.py
View File

@ -1,9 +1,9 @@
#!/usr/bin/env python3
# HTML Report Generator Module for Wapiti Project
# Wapiti Project (https://wapiti.sourceforge.io)
# Wapiti Project (https://wapiti-scanner.github.io)
#
# Copyright (C) 2017-2021 Nicolas SURRIBAS
# Copyright (C) 2017-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

12
wapitiCore/report/jsonreportgenerator.py
View File

@ -1,9 +1,9 @@
#!/usr/bin/env python3
# JSON Report Generator Module for Wapiti Project
# Wapiti Project (https://wapiti.sourceforge.io)
# Wapiti Project (https://wapiti-scanner.github.io)
#
# Copyright (C) 2014-2021 Nicolas SURRIBAS
# Copyright (C) 2014-2022 Nicolas SURRIBAS
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@ -30,7 +30,7 @@ class JSONReportGenerator(ReportGenerator):
- vulnerabilities : each key is matching a vulnerability class. Value is a list of found vulnerabilities.
- anomalies : same as vulnerabilities but used only for error messages and timeouts (items of less importance).
- additionals : some additional information about the target.
- infos : several informations about the scan.
- infos : several information about the scan.
"""
def __init__(self):
@ -59,7 +59,7 @@ class JSONReportGenerator(ReportGenerator):
# Vulnerabilities
def add_vulnerability_type(self, name, description="", solution="", references=None, wstg=None):
"""Add informations on a type of vulnerability"""
"""Add information on a type of vulnerability"""
if name not in self._flaw_types:
self._flaw_types[name] = {
"desc": description,
@ -72,7 +72,7 @@ class JSONReportGenerator(ReportGenerator):
def add_vulnerability(self, module: str, category=None, level=0, request=None, parameter="", info="", wstg=None):
"""
Store the informations about a found vulnerability.
Store the information about a found vulnerability.
"""
vuln_dict = {
@ -105,7 +105,7 @@ class JSONReportGenerator(ReportGenerator):
self._anomalies[name] = []
def add_anomaly(self, module: str, category=None, level=0, request=None, parameter="", info="", wstg=None):
"""Store the informations about an anomaly met during the attack."""
"""Store the information about an anomaly met during the attack."""
anom_dict = {
"method": request.method,
"path": request.file_path,

6
wapitiCore/report/reportgenerator.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This file is part of the Wapiti project (https://wapiti.sourceforge.io)
# Copyright (C) 2008-2021 Nicolas Surribas
# This file is part of the Wapiti project (https://wapiti-scanner.github.io)
# Copyright (C) 2008-2022 Nicolas Surribas
#
# Original authors :
# Alberto Pastor
@ -31,7 +31,7 @@ class ReportGenerator:
self._date = None
def set_report_info(self, target, scope, date, version, auth, crawled_pages: int):
"""Set the informations about the scan"""
"""Set the information about the scan"""
self._infos["target"] = target
self._infos["date"] = time.strftime("%a, %d %b %Y %H:%M:%S +0000", date)
self._infos["version"] = version

Some files were not shown because too many files have changed in this diff Show More