#!/usr/bin/python -tO # freewvs 0.1 - the free web vulnerability scanner # # http://source.schokokeks.org/freewvs/ # # Copyright 2007 Hanno Boeck, schokokeks.org # # Contributions by # Fabian Fingerle # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . import ConfigParser, os, glob, pprint, re, optparse, sys, gettext gettext.textdomain('freewvs') _ = gettext.gettext def versioncompare(safe_version, find_version): if safe_version == [""]: return True for i in range(min(len(find_version), len(safe_version))): if int(find_version[i])int(safe_version[i]): return False return (len(find_version)0: if opts.ALL: if opts.DEBUG: print "File "+mfile vulnprint(item['name'], findversion, \ "ok", "", mfile, item['subdir'], \ opts.FANCY) else: if opts.DEBUG: print "File "+mfile safev="9999" for ver in item['old_safe']: if (versioncompare(ver.split('.'), \ findversion.split('.') ) and \ not versioncompare(ver.split('.'), \ safev.split('.')) ): safev=ver if safev=="9999": safev=item['safe'] vulnprint (item['name'], findversion, \ safev, item['vuln'], \ mfile, item['subdir'], opts.FANCY) else: if opts.DEBUG: print "regexp failed for " + \ item['name'] + " on " + mfile