diff --git a/etc/checksum/md5sum.md5 b/etc/checksum/md5sum.md5 index 648873b..e9f56db 100644 --- a/etc/checksum/md5sum.md5 +++ b/etc/checksum/md5sum.md5 @@ -61,23 +61,23 @@ bbd8b4c6100070d420d48dc7dfc297eb ./lib/firewall/webknight.py 81a29a14d72980a306fbaec0dc772048 ./lib/firewall/fortigate.py 6ea65a0160c21e144e92334acc2e3667 ./lib/firewall/anquanbao.py 22a0ad8f2fa1a16b651cb5ae37ca9b0d ./lib/firewall/generic.py -cf236a16c7869282f55dd4c5ad6347a5 ./lib/attacks/gist_lookup/__init__.py +963e24d4b8a0fb94464389ddb60cc65f ./lib/attacks/gist_lookup/__init__.py 7183dbd7106ecb436176cebcca4e499f ./lib/attacks/clickjacking_scan/__init__.py d41d8cd98f00b204e9800998ecf8427e ./lib/attacks/__init__.py 4c644b0e3a62b6c1528d34a04837aa35 ./lib/attacks/sqlmap_scan/__init__.py 5e5bb575014ebe613db6bf671d008cf8 ./lib/attacks/sqlmap_scan/sqlmap_opts.py 7bc7a6f3e85651aab3588f087563eded ./lib/attacks/whois_lookup/__init__.py -d2846e039fefee741db24dd64f7bd50e ./lib/attacks/whois_lookup/whois.py +8ec72bb33df998e32b925e3060d9d17a ./lib/attacks/whois_lookup/whois.py 2d7686f1b9b93c3989bc5f279a1a064a ./lib/attacks/admin_panel_finder/__init__.py -b5cd5e913cc62112776153bdf0f60fa4 ./lib/attacks/xss_scan/__init__.py +cc5e5838893eba60cf4bd33d38007e32 ./lib/attacks/xss_scan/__init__.py e9915cc0bc3de60aaf2accfaea77d059 ./lib/attacks/nmap_scan/__init__.py 216999fa0e84866d5c1d96d5676034e4 ./lib/attacks/nmap_scan/nmap_opts.py -3252422e2934d26987ab9b0eb00c5f9d ./lib/header_check/__init__.py +e2af52e2cb4d2f192c4678b7439366b2 ./lib/header_check/__init__.py 39221756c132732dbdc2b14772dcab11 ./lib/core/common.py 4433353fb5c55578391d8b4006191ee8 ./lib/core/errors.py d41d8cd98f00b204e9800998ecf8427e ./lib/core/__init__.py -3cef89f6f302418b323ba257b9ccc25c ./lib/core/settings.py -d3c1663ff908e10dfb2425bf84d80759 ./lib/core/decorators.py +c10aa86b519d43bd142de46453527f51 ./lib/core/settings.py +801a4f7ac892b74676c649bd4844ccdb ./lib/core/decorators.py 9a02e5b913d210350545ac26510a63c9 ./var/search/__init__.py 0545ee54ade186681b25d157fb32f350 ./var/search/selenium_search.py 8f8a7e791f91f0ef3544f2ed8364ab56 ./var/search/pgp_search.py diff --git a/lib/attacks/gist_lookup/__init__.py b/lib/attacks/gist_lookup/__init__.py index 98b7fb0..6f6506d 100644 --- a/lib/attacks/gist_lookup/__init__.py +++ b/lib/attacks/gist_lookup/__init__.py @@ -96,6 +96,9 @@ def check_files_for_information(found_url, data_to_search): time.sleep(3) data = requests.get(found_url) for data_regex in data_regex_schema: + lib.core.settings.logger.info(lib.core.settings.set_color( + "running with regex '{}'...".format(data_regex.pattern), level=25 + )) if data_regex.search(data.content) is not None: lib.core.settings.logger.info(lib.core.settings.set_color( "found a match with given specifics, saving full Gist to log file...", level=25 diff --git a/lib/attacks/whois_lookup/whois.py b/lib/attacks/whois_lookup/whois.py index 774e5c9..d3df347 100644 --- a/lib/attacks/whois_lookup/whois.py +++ b/lib/attacks/whois_lookup/whois.py @@ -80,8 +80,7 @@ def whois_lookup_main(domain, **kwargs): time.sleep(timeout) try: raw_information = gather_raw_whois_info(domain) - except Exception as e: - lib.core.settings.logger.exception(str(e)) + except Exception: lib.core.settings.logger.error(lib.core.settings.set_color( "unable to produce information from WhoIs lookup...", level=40 )) diff --git a/lib/attacks/xss_scan/__init__.py b/lib/attacks/xss_scan/__init__.py index 241664a..24ca387 100644 --- a/lib/attacks/xss_scan/__init__.py +++ b/lib/attacks/xss_scan/__init__.py @@ -168,8 +168,13 @@ def main_xss(start_url, proxy=None, agent=None, **kwargs): with open(filename) as urls: for i, url in enumerate(urls.readlines(), start=1): url = url.strip() - result = scan_xss(url, proxy=proxy, agent=agent) payload = find_xss_script(url) + try: + result = scan_xss(url, proxy=proxy, agent=agent) + except requests.exceptions.ConnectionError: + lib.core.settings.logger.error(lib.core.settings.set_color( + "payload '{}' caused a connection error, assuming no good and continuing...".format(payload), level=40 + )) if verbose: lib.core.settings.logger.info(lib.core.settings.set_color( "trying payload '{}'...".format(payload) diff --git a/lib/core/decorators.py b/lib/core/decorators.py index cf9886f..49a6810 100644 --- a/lib/core/decorators.py +++ b/lib/core/decorators.py @@ -31,11 +31,6 @@ def cache(func): @wraps(func) def func_wrapper(*args, **kwargs): if args in __cache: - lib.core.settings.logger.warning(lib.core.settings.set_color( - "cached detection has shown that the target URL WAF/IPS/IDS is '{}'...".format( - __cache[args] - ), level=35 - )) return __cache[args] else: __to_cache = func(*args, **kwargs) diff --git a/lib/core/settings.py b/lib/core/settings.py index ee9282d..958a927 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -46,7 +46,7 @@ CLONE = "https://github.com/ekultek/zeus-scanner.git" ISSUE_LINK = "https://github.com/ekultek/zeus-scanner/issues" # current version -VERSION = "1.3.9.{}".format(PATCH_ID) +VERSION = "1.3.10.{}".format(PATCH_ID) # colors to output depending on the version VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30} @@ -337,14 +337,16 @@ DBMS_ERRORS = { # this has to be the first function so that I can use it in the logger settings below -def create_log_name(log_path="{}/log", filename="zeus-log-{}.log", matcher="zeus-log"): +def create_log_name(log_path="{}/log", filename="zeus-log-{}.log", matcher="zeus"): """ create the current log file name by figuring out how many files are there """ if not os.path.exists(log_path.format(os.getcwd())): os.mkdir(log_path.format(os.getcwd())) - find_file_amount = len([f for f in os.listdir(log_path.format(os.getcwd())) if matcher in f]) - full_log_path = "{}/{}".format(log_path.format(os.getcwd()), filename.format(find_file_amount + 1)) + find_file_amount = len( + [f for f in os.listdir(log_path.format(os.getcwd())) if matcher in f and not os.path.isdir(f)] + ) + 1 + full_log_path = "{}/{}".format(log_path.format(os.getcwd()), filename.format(find_file_amount)) return full_log_path diff --git a/lib/header_check/__init__.py b/lib/header_check/__init__.py index 543c0df..0b971e6 100644 --- a/lib/header_check/__init__.py +++ b/lib/header_check/__init__.py @@ -105,10 +105,12 @@ def detect_protection(url, **kwargs): except (Exception, IndexError): logger.warning(set_color( "multiple firewalls identified ({}), displaying most likely...".format( - ", ".join(retval) + ", ".join([item.split("(")[0] for item in retval]) ), level=30 )) del retval[retval.index(retval[1])] + if len(retval) >= 2: + del retval[retval.index(retval[1])] if retval[0] == "Generic (Unknown)": logger.warning(set_color( "discovered firewall is unknown to Zeus, saving fingerprint to file. " @@ -159,7 +161,7 @@ def load_headers(url, **kwargs): proxy = kwargs.get("proxy", None) xforward = kwargs.get("xforward", False) - literal_match = re.compile(r"\\(\X(\d+)?\w+)?", re.I) + # literal_match = re.compile(r"\\(\X(\d+)?\w+)?", re.I) if proxy is not None: proxy = proxy_string_to_dict(proxy) @@ -203,13 +205,15 @@ def load_headers(url, **kwargs): retval[header] = unicodedata.normalize("NFKD", u"{}".format(http_headers[header])).encode("ascii", errors="ignore") # just to be safe, we're going to put all the possible Unicode errors into a tuple except (UnicodeEncodeError, UnicodeDecodeError, UnicodeError, UnicodeTranslateError, UnicodeWarning): - # if there are, we're going to append them to a `do_not_use` list + # if there are any errors, we're going to append them to a `do_not_use` list do_not_use.append(header) + # clear the dict so we can re-add to it retval.clear() for head in http_headers: # if the header is in the list, we skip it if head not in do_not_use: retval[head] = http_headers[head] + # return a dict of safe unicodeless HTTP headers return retval