b0e4ad8ec0de95e0e064013f1a76b63eb7b584cf
Hanno Böck make code compatible with p...

Hanno Böck authored 10 years ago

1) #!/usr/bin/python -tO
Hanno Böck initial commit

Hanno Böck authored 17 years ago

2) 
3) # freewvs 0.1 - the free web vulnerability scanner
4) #
5) # http://source.schokokeks.org/freewvs/
6) #
Hanno Böck License change to cc0

Hanno Böck authored 12 years ago

7) # Written 2007-2012 by schokokeks.org Hosting, http://www.schokokeks.org
Hanno Böck initial commit

Hanno Böck authored 17 years ago

8) #
9) # Contributions by
Hanno Böck License change to cc0

Hanno Böck authored 12 years ago

10) # Hanno Boeck, http://hboeck.de/
11) # Fabian Fingerle, http://www.fabian-fingerle.de/
12) # Bernd Wurst, http://bwurst.org/
Hanno Böck initial commit

Hanno Böck authored 17 years ago

13) #
Hanno Böck License change to cc0

Hanno Böck authored 12 years ago

14) # To the extent possible under law, the author(s) have dedicated all copyright
15) # and related and neighboring rights to this software to the public domain
16) # worldwide. This software is distributed without any warranty.
Hanno Böck initial commit

Hanno Böck authored 17 years ago

17) #
Hanno Böck License change to cc0

Hanno Böck authored 12 years ago

18) # You should have received a copy of the CC0 Public Domain Dedication along
19) # with this software. If not, see 
20) # http://creativecommons.org/publicdomain/zero/1.0/
21) # Nevertheless, in case you use a significant part of this code, we ask (but
22) # not require, see the license) that you keep the authors' names in place and
23) # return your changes to the public. We would be especially happy if you tell
24) # us what you're going to do with this code.
Hanno Böck initial commit

Hanno Böck authored 17 years ago

25) 
Hanno Böck make code compatible with p...

Hanno Böck authored 10 years ago

26) try: # python3
27) 	import configparser
28) except ImportError: # python2
29) 	import ConfigParser as configparser
Bernd Wurst support python-2.6 again, w...

Bernd Wurst authored 10 years ago

30) 	# overwrite default open() function
31) 	# this one supports encoding='...'
32) 	from codecs import open
Hanno Böck make code compatible with p...

Hanno Böck authored 10 years ago

33) 
34) import os, glob, pprint, re, optparse, sys, gettext
Bernd Wurst Add XML string escaping

Bernd Wurst authored 16 years ago

35) from xml.sax.saxutils import escape
Hanno Böck initial commit

Hanno Böck authored 17 years ago

36) 
Hanno Böck add fancy output

Hanno Böck authored 16 years ago

37) gettext.textdomain('freewvs')
38) _ = gettext.gettext
Hanno Böck initial commit

Hanno Böck authored 17 years ago

39) 
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

40) def versioncompare(safe_version, find_version):
41)     if safe_version == [""]:
42)         return True
43)     for i in range(min(len(find_version), len(safe_version))):
44)         if int(find_version[i])<int(safe_version[i]):
45)             return True
46)         if int(find_version[i])>int(safe_version[i]):
47)             return False
48)     return (len(find_version)<len(safe_version))
Hanno Böck initial commit

Hanno Böck authored 17 years ago

49) 
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

50) def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, style = None):
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

51)     appdir = '/'.join(os.path.abspath(vfilename).split('/')[:-1-subdir])
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

52)     if not style:
Hanno Böck replace print with function...

Hanno Böck authored 14 years ago

53)         print ("%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
54)               % vars())
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

55)     elif style=='fancy':
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

56)         print (_("Directory: %(appdir)s") % vars())
Hanno Böck indentation fix

Hanno Böck authored 16 years ago

57)         if safeversion!="ok":
Hanno Böck add support for unfixed apps

Hanno Böck authored 16 years ago

58)             if safeversion!="":
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

59)                 print (_("Vulnerable %(appname)s %(version)s found, please update to " \
60)                         "%(safeversion)s or above.") % vars())
Hanno Böck add support for unfixed apps

Hanno Böck authored 16 years ago

61)             else:
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

62)                 print (_("Vulnerable %(appname)s %(version)s found, no fixed version available." \
63)                         ) % vars())
Hanno Böck some i18n fixes

Hanno Böck authored 16 years ago

64)             if vuln[:3] == "CVE":
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

65)                 print (_("http://cve.mitre.org/cgi-bin/cvename.cgi?name=%(vuln)s") \
66)                         % vars())
Hanno Böck some i18n fixes

Hanno Böck authored 16 years ago

67)             else:
68)                 print (vuln)
Hanno Böck add fancy output

Hanno Böck authored 16 years ago

69)         else:
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

70)             print (_("%(appname)s %(version)s found." ) % vars())
Hanno Böck make code compatible with p...

Hanno Böck authored 10 years ago

71)         print ("")
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

72)     elif style=='xml':
73)         state = 'vulnerable'
74)         if safeversion == 'ok':
75)             state = 'ok'
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

76)         print ('  <app state="%s">' % state)
77)         print ('    <appname>%s</appname>' % escape(appname))
78)         print ('    <version>%s</version>' % escape(version))
79)         print ('    <directory>%s</directory>' % escape(appdir))
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

80)         if state == 'vulnerable':
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

81)             print ('    <safeversion>%s</safeversion>' % escape(safeversion))
82)             print ('    <vulninfo>%s</vulninfo>' % escape(vuln))
83)         print ('  </app>')
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

84) 
Hanno Böck initial commit

Hanno Böck authored 17 years ago

85) 
86) pp = pprint.PrettyPrinter(indent=4)
87) 
88) # Command-line options
Bernd Wurst add correct usage notice

Bernd Wurst authored 10 years ago

89) parser = optparse.OptionParser(usage="usage: %prog [options] <path> [<path2> ...]")
Hanno Böck initial commit

Hanno Böck authored 17 years ago

90) parser.add_option("-a", "--all", action="store_true", dest="ALL",
91)                   help="Show all webapps found, not just vulnerable")
92) parser.add_option("-d", "--debug", action="store_true", dest="DEBUG",
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

93)                   help="Show lots of debugging output, mainly useful"+ \
94)                   "for development")
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

95) parser.add_option("-f", "--fancy", action="store_const", dest="OUTPUT", const="fancy",
Hanno Böck add fancy output

Hanno Böck authored 16 years ago

96)                   help="Show more fancy output")
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

97) parser.add_option("-x", "--xml", action="store_const", dest="OUTPUT", const="xml",
98)                   help="Output results as XML")
Hanno Böck initial commit

Hanno Böck authored 17 years ago

99) opts, args = parser.parse_args()
100) 
101) # Parse vulnerability database
Hanno Böck make code compatible with p...

Hanno Böck authored 10 years ago

102) config = configparser.ConfigParser()
Hanno Böck catch error message on pars...

Hanno Böck authored 7 years ago

103) try:
104)     config.read(glob.glob('/usr/share/freewvs/*.freewvs'))
105)     config.read(glob.glob('/usr/local/share/freewvs/*.freewvs'))
106)     config.read(glob.glob(os.path.dirname(sys.argv[0])+'/freewvsdb/*.freewvs'))
107) except configparser.MissingSectionHeaderError as err:
108)     print("Error parsing config files: %s" % err);
Hanno Böck initial commit

Hanno Böck authored 17 years ago

109) 
110) vdb = []
111) for sect in config.sections():
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

112)     item = {}
113) 
114)     # base options
115)     item['name'] = sect
116)     item['safe'] = config.get(sect, 'safe')
117)     item['file'] = config.get(sect, 'file')
118)     item['vuln'] = config.get(sect, 'vuln')
119)     item['subdir'] = int(config.get(sect, 'subdir'))
120) 
121)     # match magic
122)     item['variable'] = []
123)     for var in config.get(sect,'variable').split(","):
124)         item['variable'].append(re.compile(re.escape(var)+
Bernd Wurst Version-Pattern darf nicht...

Bernd Wurst authored 13 years ago

125)                                 r"[^0-9.\n\r]*[.]*([0-9.]*[0-9])[^0-9.]"))
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

126) 
127)     # optional options
128)     if config.has_option(sect,'extra_match'):
129)         item['extra_match'] = config.get(sect,'extra_match')
130)     else:
131)         item['extra_match'] = False
132)     if config.has_option(sect,'add_minor'):
133)         item['add_minor'] = config.get(sect,'add_minor')
134)     else:
135)         item['add_minor'] = False
136)     if config.has_option(sect,'old_safe'):
137)         item['old_safe'] = config.get(sect,'old_safe').split(",")
138)     else:
139)         item['old_safe'] = []
140) 
141)     vdb.append(item)
142) if opts.DEBUG:
143)     pp.pprint(vdb)
Hanno Böck initial commit

Hanno Böck authored 17 years ago

144) 
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

145) if opts.OUTPUT == 'xml':
Hanno Böck more print to function conv...

Hanno Böck authored 14 years ago

146)   print ('<?xml version="1.0" ?>')
147)   print ('<freewvs>')
Hanno Böck initial commit

Hanno Böck authored 17 years ago

148) 
149) # start the search
150) 
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

151) for fdir in args:
152)     for root, NULL, files in os.walk(fdir):
153)         for filename in files:
154)             for item in vdb:
155)                 if filename == item['file']:
156)                     mfile = os.path.join(root, filename)
Bernd Wurst error handling when opening...

Bernd Wurst authored 12 years ago

157)                     try:
Hanno Böck don't enforce encoding on f...

Hanno Böck authored 7 years ago

158)                       file = open(mfile)
Bernd Wurst error handling when opening...

Bernd Wurst authored 12 years ago

159)                     except:
160)                       continue
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

161)                     filestr = file.read()
162)                     file.close()
163) 
164)                     if item['extra_match']:
165)                         ematch = (filestr.find(item['extra_match']) != -1)
166)                     else:
167)                         ematch = True
168) 
169)                     findversion = []
170)                     for var in item['variable']:
171)                         var = var.search(filestr)
172)                         if not var:
173)                             findversion = False
174)                             break
175)                         else:
176)                             findversion.append(var.group(1))
177) 
178)                     if findversion and ematch:
179)                         findversion = '.'.join(findversion)
180) 
181)                         # Very ugly phpbb workaround
182)                         if item['add_minor']:
183)                             findversion = findversion.split('.')
184)                             findversion[-1] = str(int(findversion[-1])+
185)                                             int(item['add_minor']))
186)                             findversion = '.'.join(findversion)
187) 
188)                         if not (versioncompare(item['safe'].split('.'), \
189)                                 findversion.split('.'))) or \
190)                                 item['old_safe'].count(findversion)>0:
191)                             if opts.ALL:
192)                                 if opts.DEBUG:
Hanno Böck replace print with function...

Hanno Böck authored 14 years ago

193)                                     print ("File "+mfile)
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

194)                                 vulnprint(item['name'], findversion, \
Hanno Böck add fancy output

Hanno Böck authored 16 years ago

195)                                           "ok", "", mfile, item['subdir'], \
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

196)                                           opts.OUTPUT)
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

197)                         else:
198)                             if opts.DEBUG:
Hanno Böck replace print with function...

Hanno Böck authored 14 years ago

199)                                 print ("File "+mfile)
Hanno Böck better code for old versions 6

Hanno Böck authored 16 years ago

200)                             safev="9999"
Hanno Böck print more intelligent warn...

Hanno Böck authored 16 years ago

201)                             for ver in item['old_safe']:
202)                                 if (versioncompare(ver.split('.'), \
Hanno Böck better code for old versions 3

Hanno Böck authored 16 years ago

203)                                     findversion.split('.') ) and \
Hanno Böck better code for old versions 6

Hanno Böck authored 16 years ago

204)                                     not versioncompare(ver.split('.'), \
Hanno Böck better code for old versions 3

Hanno Böck authored 16 years ago

205)                                     safev.split('.')) ):
Hanno Böck print more intelligent warn...

Hanno Böck authored 16 years ago

206)                                     safev=ver
Hanno Böck really fix safeversions

Hanno Böck authored 16 years ago

207)                             if safev=="9999":
Hanno Böck print more intelligent warn...

Hanno Böck authored 16 years ago

208)                                 safev=item['safe']
209) 
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

210)                             vulnprint (item['name'], findversion, \
Hanno Böck print more intelligent warn...

Hanno Böck authored 16 years ago

211)                                        safev, item['vuln'], \
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

212)                                        mfile, item['subdir'], opts.OUTPUT)
Hanno Böck fix lot's of pylint issues...

Hanno Böck authored 16 years ago

213) 
214)                     else:
215)                         if opts.DEBUG:
Hanno Böck replace print with function...

Hanno Böck authored 14 years ago

216)                             print ("regexp failed for " + \
217)                                   item['name'] + " on " + mfile)
Bernd Wurst add XML output format

Bernd Wurst authored 16 years ago

218) 
219) if opts.OUTPUT == 'xml':