#!/usr/bin/python -tO
# freewvs 0.1 - the free web vulnerability scanner
#
# http://source.schokokeks.org/freewvs/
#
# Copyright 2007 Hanno Boeck, schokokeks.org <hanno@schokokeks.org>
#
# Contributions by
# Fabian Fingerle <fabian@datensalat.eu>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import ConfigParser, os, glob, pprint, re, optparse, sys, gettext
from xml.sax.saxutils import escape
gettext.textdomain('freewvs')
_ = gettext.gettext
def versioncompare(safe_version, find_version):
if safe_version == [""]:
return True
for i in range(min(len(find_version), len(safe_version))):
if int(find_version[i])<int(safe_version[i]):
return True
if int(find_version[i])>int(safe_version[i]):
return False
return (len(find_version)<len(safe_version))
def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, style = None):
appdir = '/'.join(os.path.abspath(vfilename).split('/')[:-1-subdir])
if not style:
print "%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
% vars()
elif style=='fancy':
print _("Directory: %(appdir)s") % vars()
if safeversion!="ok":
if safeversion!="":
print _("Vulnerable %(appname)s %(version)s found, please update to " \
"%(safeversion)s or above.") % vars()