From 150ebef7217605c3bf6d8d8495ee1d35dc66fc44 Mon Sep 17 00:00:00 2001 From: ekultek Date: Thu, 9 Nov 2017 14:40:23 -0600 Subject: [PATCH] will now save all headers to the log file --- etc/checksum/md5sum.md5 | 4 ++-- lib/core/settings.py | 2 +- lib/header_check/__init__.py | 13 +++++-------- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/etc/checksum/md5sum.md5 b/etc/checksum/md5sum.md5 index e83df77..7e9a64e 100644 --- a/etc/checksum/md5sum.md5 +++ b/etc/checksum/md5sum.md5 @@ -51,8 +51,8 @@ c26df169167f18dad922d14d64d15c7f ./lib/attacks/admin_panel_finder/__init__.py 686935ee6e0277f93aec904bb60d8004 ./lib/attacks/intel_me/__init__.py 1faa2b5dfad6eb538bbfe42942d2a9da ./lib/core/errors.py d41d8cd98f00b204e9800998ecf8427e ./lib/core/__init__.py -0f6e4e4cab1fc589e7285a2274a7c292 ./lib/core/settings.py -c265970650a068c0f0cdfcdb756c9914 ./lib/header_check/__init__.py +b346658d9578acbb1412e07a111802f2 ./lib/core/settings.py +72e6d63ab7e5462e513f92fd1b94d341 ./lib/header_check/__init__.py d41d8cd98f00b204e9800998ecf8427e ./var/google_search/__init__.py 80a3ec2db4c45cae6df673676149f9ad ./var/google_search/search.py d41d8cd98f00b204e9800998ecf8427e ./var/__init__.py diff --git a/lib/core/settings.py b/lib/core/settings.py index abff713..562e208 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -53,7 +53,7 @@ PATCH_ID = str(subprocess.check_output(["git", "rev-parse", "origin/master"]))[: CLONE = "https://github.com/ekultek/zeus-scanner.git" # current version -VERSION = "1.1.27.{}".format(PATCH_ID) +VERSION = "1.1.28".format(PATCH_ID) # colors to output depending on the version VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30} diff --git a/lib/header_check/__init__.py b/lib/header_check/__init__.py index 4400305..224bbc0 100644 --- a/lib/header_check/__init__.py +++ b/lib/header_check/__init__.py @@ -75,7 +75,7 @@ def main_header_check(url, **kwargs): proxy = kwargs.get("proxy", None) xforward = kwargs.get("xforward", False) - protection = {} + protection = {"hostname": url} definition = { "x-xss": ("protection against XSS attacks", "XSS"), "strict-transport": ("protection against unencrypted connections (force HTTPS connection)", "HTTPS"), @@ -89,7 +89,7 @@ def main_header_check(url, **kwargs): )) comparable_headers = load_xml_data(HEADER_XML_DATA) logger.info(set_color( - "attempting to get request headers..." + "attempting to get request headers for '{}'...".format(url) )) found_headers = load_headers(url, proxy=proxy, agent=agent, xforward=xforward) if verbose: @@ -97,18 +97,15 @@ def main_header_check(url, **kwargs): "fetched {}...".format(found_headers), level=10 )) headers_established = [str(h) for h in compare_headers(found_headers, comparable_headers)] - protection["target"] = url for key in definition.iterkeys(): if any(key in h.lower() for h in headers_established): logger.warning(set_color( "provided target has {}...".format(definition[key][0]), level=30 )) - protection[key] = True - PROTECTED.add(definition[key][1]) else: logger.info(set_color( "provided target does not have {}...".format(definition[key][0]) )) - protection[key] = False - data_to_write = json.dumps(protection, indent=4) - write_to_log_file(data_to_write, HEADER_RESULT_PATH, "{}-headers.json".format(replace_http(url))) + for key in found_headers.iterkeys(): + protection[key] = found_headers[key] + return write_to_log_file(protection, HEADER_RESULT_PATH, "{}-headers.json".format(replace_http(url)))