diff --git a/lib/attacks/nmap_scan/__init__.py b/lib/attacks/nmap_scan/__init__.py index bbe5a90..294f5d4 100644 --- a/lib/attacks/nmap_scan/__init__.py +++ b/lib/attacks/nmap_scan/__init__.py @@ -163,7 +163,7 @@ def perform_port_scan(url, scanner=NmapHook, **kwargs): "nmap was not found on your system", level=50 )) lib.core.common.run_fix( - "would you like to automatically install it", + "Would you like to automatically install it?", "sudo sh {}".format(lib.core.settings.NMAP_INSTALLER_TOOL), "nmap is not installed, please install it in order to continue" - ) \ No newline at end of file + ) diff --git a/lib/attacks/sqlmap_scan/__init__.py b/lib/attacks/sqlmap_scan/__init__.py index 535f417..6ebd92c 100644 --- a/lib/attacks/sqlmap_scan/__init__.py +++ b/lib/attacks/sqlmap_scan/__init__.py @@ -2,7 +2,7 @@ import json import re import subprocess import shlex -import urllib as urllib2 +import urllib.request as urllib2 import requests import lib.core.common @@ -34,14 +34,14 @@ class SqlmapHook(object): def init_new_scan(self): """ - create a new API scan + Create a new API scan """ new_scan_url = "{}{}".format(self.connection, self.commands["init"]) return requests.get(new_scan_url, params=self.headers) def get_scan_id(self, split_by=16): """ - get the ID of the current API scan + Get the ID of the current API scan """ current_scan_id = None id_re = re.compile(r"[a-fA-F0-9]{16}") @@ -67,7 +67,7 @@ class SqlmapHook(object): def start_scan(self, api_id, opts=None): """ - start the API scan + Start the API scan """ start_scan_url = "{}{}".format(self.connection, self.commands["start"].format(api_id)) data_dict = {"url": self.to_scan} @@ -91,12 +91,12 @@ class SqlmapHook(object): # } data_dict[opts[i][0]] = opts[i][1] post_data = json.dumps(data_dict) - req = urllib2.Request(start_scan_url, data=post_data, headers=self.headers) + req = urllib2.Request(start_scan_url, data=str.encode(post_data), headers=self.headers) return urllib2.urlopen(req) def show_sqlmap_log(self, api_id): """ - show the sqlmap log during the API scan + Show the sqlmap log during the API scan """ running_status_url = "{}{}".format(self.connection, self.commands["status"].format(api_id)) running_log_url = "{}{}".format(self.connection, self.commands["log"].format(api_id)) @@ -135,7 +135,7 @@ class SqlmapHook(object): def find_sqlmap(to_find="sqlmap"): """ - find sqlmap on the users system + Find sqlmap on the users system """ found_path = lib.core.settings.find_application(to_find) return found_path @@ -143,7 +143,7 @@ def find_sqlmap(to_find="sqlmap"): def sqlmap_scan_main(url, port=None, verbose=None, opts=None, auto_start=False): """ - the main function that will be called and initialize everything + The main function that will be called and initialize everything """ is_started = lib.core.settings.search_for_process("sqlmapapi.py") @@ -151,7 +151,7 @@ def sqlmap_scan_main(url, port=None, verbose=None, opts=None, auto_start=False): if auto_start: lib.core.settings.logger.info(lib.core.settings.set_color( - "attempting to launch sqlmap API" + "Attempting to launch sqlmap API" )) sqlmap_api_command = shlex.split("sudo sh {} p {}".format( lib.core.settings.LAUNCH_SQLMAP_API_TOOL, "".join(found_path) @@ -163,10 +163,10 @@ def sqlmap_scan_main(url, port=None, verbose=None, opts=None, auto_start=False): )) else: lib.core.settings.logger.error(lib.core.settings.set_color( - "there was a problem starting sqlmap API", level=40 + "There was a problem starting sqlmap API", level=40 )) lib.core.common.prompt( - "manually start the API and press enter when ready" + "Manually start the API and press enter when ready" ) else: if not is_started: @@ -176,39 +176,39 @@ def sqlmap_scan_main(url, port=None, verbose=None, opts=None, auto_start=False): try: sqlmap_scan = SqlmapHook(url, port=port) lib.core.settings.logger.info(lib.core.settings.set_color( - "initializing new sqlmap scan with given URL '{}'".format(url) + "Initializing new sqlmap scan with given URL '{}'".format(url) )) sqlmap_scan.init_new_scan() if verbose: lib.core.settings.logger.debug(lib.core.settings.set_color( - "scan initialized", level=10 + "Scan initialized", level=10 )) lib.core.settings.logger.info(lib.core.settings.set_color( - "gathering sqlmap API scan ID" + "Fathering sqlmap API scan ID" )) api_id = sqlmap_scan.get_scan_id() if verbose: lib.core.settings.logger.debug(lib.core.settings.set_color( - "current sqlmap scan ID: '{}'".format(api_id), level=10 + "Current sqlmap scan ID: '{}'".format(api_id), level=10 )) lib.core.settings.logger.info(lib.core.settings.set_color( - "starting sqlmap scan on url: '{}'".format(url), level=25 + "Starting sqlmap scan on url: '{}'".format(url), level=25 )) if opts: if verbose: lib.core.settings.logger.debug(lib.core.settings.set_color( - "using arguments: '{}'".format(opts), level=10 + "Using arguments: '{}'".format(opts), level=10 )) lib.core.settings.logger.info(lib.core.settings.set_color( - "adding arguments to sqlmap API" + "Adding arguments to sqlmap API" )) else: if verbose: lib.core.settings.logger.debug(lib.core.settings.set_color( - "no arguments passed, skipping", level=10 + "No arguments passed, skipping", level=10 )) lib.core.settings.logger.warning(lib.core.settings.set_color( - "please keep in mind that this is the API, output will " + "Please keep in mind that this is the API, output will " "not be saved to log file, it may take a little longer " "to finish processing, launching sqlmap", level=30 )) @@ -218,7 +218,7 @@ def sqlmap_scan_main(url, port=None, verbose=None, opts=None, auto_start=False): print("-" * 30) except requests.exceptions.HTTPError as e: lib.core.settings.logger.exception(lib.core.settings.set_color( - "ran into error '{}', seems you didn't start the server, check " + "Ran into error '{}', seems you didn't start the server, check " "the server port and try again".format(e), level=50 )) pass @@ -236,7 +236,7 @@ def sqlmap_scan_main(url, port=None, verbose=None, opts=None, auto_start=False): pass else: lib.core.settings.logger.exception(lib.core.settings.set_color( - "ran into error '{}', seems something went wrong, error has " + "Ran into error '{}', seems something went wrong, error has " "been saved to current log file.".format(e), level=50 )) request_issue_creation() diff --git a/lib/attacks/xss_scan/__init__.py b/lib/attacks/xss_scan/__init__.py index 4391512..f142451 100644 --- a/lib/attacks/xss_scan/__init__.py +++ b/lib/attacks/xss_scan/__init__.py @@ -243,7 +243,7 @@ def main_xss(start_url, proxy=None, agent=None, **kwargs): lib.core.settings.logger.error(lib.core.settings.set_color( "host '{}' does not appear to be vulnerable to XSS attacks".format(start_url), level=40 )) - question_msg = "would you like to keep the created URLs saved for further testing" + question_msg = "Would you like to keep the created URLs saved for further testing" if not batch: save = lib.core.common.prompt( question_msg, opts="yN" diff --git a/lib/core/settings.py b/lib/core/settings.py index 2270049..7516cb6 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -516,10 +516,12 @@ def find_application(application, opt="path"): with open(TOOL_PATHS) as config: read_conf = config.read() conf_parser = ConfigParser.RawConfigParser(allow_no_value=True) - conf_parser.readfp(io.BytesIO(read_conf)) + conf_parser.read(read_conf) + for section in conf_parser.sections(): if str(section).lower() == str(application).lower(): retval.append(conf_parser.get(section, opt)) + return retval @@ -533,7 +535,7 @@ def get_random_dork(filename="{}/etc/text_files/dorks.txt"): def update_zeus(): """ - Update zeus to the newest version + Update Zeus to the newest version """ can_update = True if ".git" in os.listdir(os.getcwd()) else False if can_update: @@ -946,7 +948,7 @@ def run_attacks(url, **kwargs): threads = kwargs.get("threads", None) force_ssl = kwargs.get("ssl", False) - if threads > MAX_THREADS: + if threads and threads > MAX_THREADS: threads = check_thread_num(threads, batch=batch) __enabled_attacks = { @@ -972,7 +974,7 @@ def run_attacks(url, **kwargs): )) lib.core.common.shutdown() - question_msg = "would you like to process found URL: '{}'".format(url) + question_msg = "Would you like to process found URL: '{}'".format(url) if not batch: question = lib.core.common.prompt( question_msg, opts="yN" diff --git a/lib/header_check/__init__.py b/lib/header_check/__init__.py index 27e2c91..a71c0b5 100644 --- a/lib/header_check/__init__.py +++ b/lib/header_check/__init__.py @@ -40,10 +40,10 @@ from lib.core.settings import ( def get_charset(html, headers, **kwargs): """ - detect the target URL charset + Detect the target URL charset """ charset_regex = re.compile(r'charset=[\"]?([a-zA-Z0-9_-]+)', re.I) - charset = charset_regex.search(html) + charset = charset_regex.search(str(html)) if charset is not None: return charset.group(1) else: @@ -62,7 +62,7 @@ def detect_protection(url, status, html, headers, **kwargs): for regex in DBMS_ERRORS[dbms]: if re.compile(regex).search(html) is not None: logger.warning(set_color( - "it appears that the WAF/IDS/IPS check threw a DBMS error and may be vulnerable " + "It appears that the WAF/IDS/IPS check threw a DBMS error and may be vulnerable " "to SQL injection attacks. it appears the backend DBMS is '{}', site will be " "saved for further processing".format(dbms), level=30 )) @@ -75,7 +75,7 @@ def detect_protection(url, status, html, headers, **kwargs): item = item[:-3] if verbose: logger.debug(set_color( - "loading script '{}'".format(item), level=10 + "Loading script '{}'".format(item), level=10 )) detection_name = "lib.firewall.{}" detection_name = detection_name.format(item) @@ -88,7 +88,7 @@ def detect_protection(url, status, html, headers, **kwargs): del retval[retval.index("Generic (Unknown)")] except (Exception, IndexError): logger.warning(set_color( - "multiple firewalls identified ({}), displaying most likely".format( + "Multiple firewalls identified ({}), displaying most likely".format( ", ".join([item.split("(")[0] for item in retval]) ), level=30 )) @@ -97,7 +97,7 @@ def detect_protection(url, status, html, headers, **kwargs): del retval[retval.index(retval[1])] if retval[0] == "Generic (Unknown)": logger.warning(set_color( - "discovered firewall is unknown to Zeus, saving fingerprint to file. " + "Discovered firewall is unknown to Zeus, saving fingerprint to file. " "if you know the details or the context of the firewall please create " "an issue ({}) with the fingerprint, or a pull request with the script".format( ISSUE_LINK @@ -114,7 +114,7 @@ def detect_protection(url, status, html, headers, **kwargs): except Exception as e: if any(err in str(e) for err in ["Read timed out.", "Connection reset by peer"]): logger.warning(set_color( - "detection request failed, assuming no protection and continuing", level=30 + "Detection request failed, assuming no protection and continuing", level=30 )) return None else: @@ -136,7 +136,7 @@ def detect_plugins(html, headers, **kwargs): plugin = plugin[:-3] if verbose: logger.debug(set_color( - "loading script '{}'".format(plugin), level=10 + "Loading script '{}'".format(plugin), level=10 )) plugin_detection = "lib.plugins.{}" plugin_detection = plugin_detection.format(plugin) @@ -150,19 +150,19 @@ def detect_plugins(html, headers, **kwargs): logger.exception(str(e)) if "Read timed out." or "Connection reset by peer" in str(e): logger.warning(set_color( - "plugin request failed, assuming no plugins and continuing", level=30 + "Plugin request failed, assuming no plugins and continuing", level=30 )) return None else: logger.exception(set_color( - "plugin detection has failed with error {}".format(str(e)) + "Plugin detection has failed with error {}".format(str(e)) )) request_issue_creation() def load_xml_data(path, start_node="header", search_node="name"): """ - load the XML data + Load the XML data """ retval = [] fetched_xml = minidom.parse(path) @@ -174,13 +174,13 @@ def load_xml_data(path, start_node="header", search_node="name"): def load_headers(url, req, **kwargs): """ - load the HTTP headers + Load the HTTP headers """ literal_match = re.compile(r"\\(\X(\d+)?\w+)?", re.I) if len(req.cookies) > 0: logger.info(set_color( - "found a request cookie, saving to file", level=25 + "Found a request cookie, saving to file", level=25 )) try: cookie_start = req.cookies.keys() @@ -226,7 +226,7 @@ def load_headers(url, req, **kwargs): def compare_headers(found_headers, comparable_headers): """ - compare the headers against one another + Compare the headers against one another """ retval = set() for header in comparable_headers: @@ -237,7 +237,7 @@ def compare_headers(found_headers, comparable_headers): def main_header_check(url, **kwargs): """ - main function + Main function """ verbose = kwargs.get("verbose", False) agent = kwargs.get("agent", None) @@ -265,70 +265,70 @@ def main_header_check(url, **kwargs): req, status, html, headers = get_page(url, proxy=proxy, agent=agent, xforward=xforward) logger.info(set_color( - "detecting target charset" + "Detecting target charset" )) charset = get_charset(html, headers) if charset is not None: logger.info(set_color( - "target charset appears to be '{}'".format(charset), level=25 + "Target charset appears to be '{}'".format(charset), level=25 )) else: logger.warning(set_color( - "unable to detect target charset", level=30 + "Unable to detect target charset", level=30 )) if identify_waf: waf_url = "{} {}".format(url.strip(), PROTECTION_CHECK_PAYLOAD) _, waf_status, waf_html, waf_headers = get_page(waf_url, xforward=xforward, proxy=proxy, agent=agent) logger.info(set_color( - "checking if target URL is protected by some kind of WAF/IPS/IDS" + "Checking if target URL is protected by some kind of WAF/IPS/IDS" )) if verbose: logger.debug(set_color( - "attempting connection to '{}'".format(waf_url), level=10 + "Attempting connection to '{}'".format(waf_url), level=10 )) identified_waf = detect_protection(url, waf_status, waf_html, waf_headers, verbose=verbose) if identified_waf is None: logger.info(set_color( - "no WAF/IDS/IPS has been identified on target URL", level=25 + "No WAF/IDS/IPS has been identified on target URL", level=25 )) else: logger.warning(set_color( - "the target URL WAF/IDS/IPS has been identified as '{}'".format(identified_waf), level=35 + "The target URL WAF/IDS/IPS has been identified as '{}'".format(identified_waf), level=35 )) if identify_plugins: logger.info(set_color( - "attempting to identify plugins" + "Attempting to identify plugins" )) identified_plugin = detect_plugins(html, headers, verbose=verbose) if identified_plugin is not None: for plugin in identified_plugin: if show_description: logger.info(set_color( - "possible plugin identified as '{}' (description: '{}')".format( + "Possible plugin identified as '{}' (description: '{}')".format( plugin[0], plugin[1] ), level=25 )) else: logger.info(set_color( - "possible plugin identified as '{}'".format( + "Possible plugin identified as '{}'".format( plugin[0] ), level=25 )) else: logger.warning(set_color( - "no known plugins identified on target", level=30 + "No known plugins identified on target", level=30 )) if verbose: logger.debug(set_color( - "loading XML data", level=10 + "Loading XML data", level=10 )) comparable_headers = load_xml_data(HEADER_XML_DATA) logger.info(set_color( - "attempting to get request headers for '{}'".format(url.strip()) + "Attempting to get request headers for '{}'".format(url.strip()) )) try: found_headers = load_headers(url, req) @@ -344,30 +344,30 @@ def main_header_check(url, **kwargs): if found_headers is not None: if verbose: logger.debug(set_color( - "fetched {}".format(found_headers), level=10 + "Fetched {}".format(found_headers), level=10 )) headers_established = [str(h) for h in compare_headers(found_headers, comparable_headers)] for key in definition.iterkeys(): if any(key in h.lower() for h in headers_established): logger.warning(set_color( - "provided target has {}".format(definition[key][0]), level=30 + "Provided target has {}".format(definition[key][0]), level=30 )) for key in found_headers.iterkeys(): protection[key] = found_headers[key] logger.info(set_color( - "writing found headers to log file", level=25 + "Writing found headers to log file", level=25 )) return write_to_log_file(protection, HEADER_RESULT_PATH, HEADERS_FILENAME.format(replace_http(url))) else: logger.error(set_color( - "unable to retrieve headers for site '{}'".format(url.strip()), level=40 + "Unable to retrieve headers for site '{}'".format(url.strip()), level=40 )) except ConnectionError: attempts = attempts - 1 if attempts == 0: return False logger.warning(set_color( - "target actively refused the connection, sleeping for {}s and retrying the request".format( + "Target actively refused the connection, sleeping for {}s and retrying the request".format( default_sleep_time ), level=30 )) @@ -379,14 +379,14 @@ def main_header_check(url, **kwargs): ) except ReadTimeout: logger.error(set_color( - "meta-data retrieval failed due to target URL timing out, skipping", level=40 + "Metadata retrieval failed due to target URL timing out, skipping", level=40 )) except KeyboardInterrupt: if not pause(): shutdown() except Exception as e: logger.exception(set_color( - "meta-data retrieval failed with unexpected error '{}'".format( + "Metadata retrieval failed with unexpected error: '{}'".format( str(e) ), level=50 - )) \ No newline at end of file + )) diff --git a/var/blackwidow/__init__.py b/var/blackwidow/__init__.py index 424b47a..db07ed6 100644 --- a/var/blackwidow/__init__.py +++ b/var/blackwidow/__init__.py @@ -9,9 +9,8 @@ import var.auto_issue.github class Blackwidow(object): - """ - spider to scrape a webpage for all available URL's + Spider to scrape a webpage for all available URL's """ def __init__(self, url, user_agent=None, proxy=None, forward=None): @@ -23,7 +22,7 @@ class Blackwidow(object): @staticmethod def get_url_ext(url): """ - get the extension of the URL + Get the extension of the URL """ try: data = url.split(".") @@ -33,7 +32,7 @@ class Blackwidow(object): def test_connection(self): """ - make sure the connection is good before you continue + Make sure the connection is good before you continue """ try: # we'll skip SSL verification to avoid any SSLErrors that might @@ -53,14 +52,14 @@ class Blackwidow(object): else: info_msg += "" lib.core.settings.logger.fatal(lib.core.settings.set_color( - "provided website '{}' is refusing connection{}".format( + "Provided website '{}' is refusing connection{}".format( self.url, info_msg ), level=50 )) lib.core.common.shutdown() else: lib.core.settings.logger.exception(lib.core.settings.set_color( - "failed to connect to '{}' received error '{}'".format( + "Failed to connect to '{}' received error '{}'".format( self.url, e ), level=50 )) @@ -69,7 +68,7 @@ class Blackwidow(object): def scrape_page_for_links(self, given_url, attribute="a", descriptor="href"): """ - scrape the webpage's HTML for usable GET links + Scrape the webpage's HTML for usable GET links """ unique_links = set() true_url = lib.core.settings.replace_http(given_url) @@ -88,7 +87,7 @@ class Blackwidow(object): def blackwidow_main(url, **kwargs): """ - scrape a given URL for all available links + Scrape a given URL for all available links """ verbose = kwargs.get("verbose", False) proxy = kwargs.get("proxy", None) @@ -104,26 +103,26 @@ def blackwidow_main(url, **kwargs): if verbose: lib.core.settings.logger.debug(lib.core.settings.set_color( - "settings user-agent to '{}'".format(agent), level=10 + "Settings user-agent to '{}'".format(agent), level=10 )) if proxy is not None: if verbose: lib.core.settings.logger.debug(lib.core.settings.set_color( - "running behind proxy '{}'".format(proxy), level=10 + "Running behind proxy '{}'".format(proxy), level=10 )) lib.core.settings.create_dir("{}/{}".format(os.getcwd(), "log/blackwidow-log")) lib.core.settings.logger.info(lib.core.settings.set_color( - "starting blackwidow on '{}'".format(url) + "Starting blackwidow on '{}'".format(url) )) crawler = Blackwidow(url, user_agent=agent, proxy=proxy, forward=forward) if verbose: lib.core.settings.logger.debug(lib.core.settings.set_color( - "testing connection to the URL", level=10 + "Testing connection to the URL", level=10 )) test_code = crawler.test_connection() if not test_code[0] == "ok": error_msg = ( - "connection test failed with status code: {}, reason: '{}'. " + "Connection test failed with status code: {}, reason: '{}'. " "test connection needs to pass, try a different link" ) for error_code in lib.core.common.STATUS_CODES.keys(): @@ -142,15 +141,15 @@ def blackwidow_main(url, **kwargs): lib.core.common.shutdown() else: lib.core.settings.logger.info(lib.core.settings.set_color( - "connection test succeeded, continuing", level=25 + "Connection test succeeded, continuing", level=25 )) lib.core.settings.logger.info(lib.core.settings.set_color( - "crawling given URL '{}' for links".format(url) + "Crawling given URL '{}' for links".format(url) )) found = crawler.scrape_page_for_links(url) if len(found) > 0: lib.core.settings.logger.info(lib.core.settings.set_color( - "found a total of {} links from given URL '{}'".format( + "Found a total of {} links from given URL '{}'".format( len(found), url ), level=25 )) @@ -158,5 +157,5 @@ def blackwidow_main(url, **kwargs): filename=lib.core.settings.BLACKWIDOW_FILENAME) else: lib.core.settings.logger.fatal(lib.core.settings.set_color( - "did not find any usable links from '{}'".format(url), level=50 + "Did not find any usable links from '{}'".format(url), level=50 )) diff --git a/var/search/selenium_search.py b/var/search/selenium_search.py index 1abd492..33f243c 100644 --- a/var/search/selenium_search.py +++ b/var/search/selenium_search.py @@ -132,10 +132,10 @@ def get_urls(query, url, verbose=False, **kwargs): try: retval = URLParser(retval).extract_ip_ban_url() question_msg = ( - "zeus was able to successfully extract the URL from Google's ban URL " - "it is advised to shutdown zeus and attempt to extract the URL's manually. " - "failing to do so will most likely result in no results being found by zeus. " - "would you like to shutdown" + "Zeus was able to successfully extract the URL from Google's ban URL. " + "It is advised to shutdown zeus and attempt to extract the URL's manually. " + "Failing to do so will most likely result in no results being found by zeus. " + "Would you like to shutdown? >" ) if not batch: do_continue = prompt( @@ -280,7 +280,7 @@ def parse_search_results(query, url_to_search, verbose=False, **kwargs): elif "Program install error!" in str(e): logger.error(set_color( "Seems the program is having some trouble installing; would you like " - "to try and automatically fix this issue", level=40 + "to try and automatically fix this issue? >", level=40 )) run_fix( "Would you like to attempt to fix this issue automatically? >", diff --git a/zeus.py b/zeus.py index 830b7a6..6094bc8 100755 --- a/zeus.py +++ b/zeus.py @@ -313,8 +313,8 @@ if __name__ == "__main__": else: if URL_QUERY_REGEX.match(opt.spiderWebSite): question_msg = ( - "It is recommended to not use a URL that has a GET(query) parameter in it, " - "would you like to continue" + "It is recommended to not use a URL that has a GET (query) parameter in it, " + "would you like to continue? > " ) if not opt.runInBatch: is_sure = prompt(