will now save potential SQLi vulnerable websites to a log file during the header check (if the check throws a dbms error)

This commit is contained in:
ekultek 2017-11-28 13:07:11 -06:00
parent 2b39613b05
commit 0253cb37e4
2 changed files with 9 additions and 2 deletions

View file

@ -123,7 +123,8 @@ def write_to_log_file(data_to_write, path, filename, blacklist=False):
)
skip_log_schema = (
"url-log", "blackwidow-log", "zeus-log",
"extracted", ".blacklist", "gist-match"
"extracted", ".blacklist", "gist-match",
"sqli-sites"
)
to_search = filename.split("-")[0]
amount = len([f for f in os.listdir(path) if to_search in f])

View file

@ -46,7 +46,7 @@ CLONE = "https://github.com/ekultek/zeus-scanner.git"
ISSUE_LINK = "https://github.com/ekultek/zeus-scanner/issues"
# current version <major.minor.commit.patch ID>
VERSION = "1.3.1.{}".format(PATCH_ID)
VERSION = "1.3.2".format(PATCH_ID)
# colors to output depending on the version
VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30}
@ -176,6 +176,9 @@ BLACKLIST_FILE_PATH = "{}/log/blacklist".format(os.getcwd())
# found PGP keys file path
PGP_KEYS_FILE_PATH = "{}/log/pgp_keys".format(os.getcwd())
# found sqli sites file path
SQLI_SITES_FILEPATH = "{}/log/sqli-sites".format(os.getcwd())
# the current log file being used
CURRENT_LOG_FILE_PATH = "{}/log".format(os.getcwd())
@ -188,6 +191,9 @@ ROBOTS_TXT_FILENAME = "{}-robots_text.log"
# filename for found admin pages log file
ADMIN_PAGE_FILENAME = "{}-admin-page.log"
# sites found to be possible SQL injection vulnerable
SQLI_FOUND_FILENAME = "sqli-sites.log"
# filename for clickjacking log file
CLICKJACKING_FILENAME = "{}-clickjacking.html"