Commit 32abd524 authored by Devon Kearns's avatar Devon Kearns

Imported Upstream version 2.0-beta6+git20150114

parent 30372c2b
### This repository contains the unstable development version.
### For the stable version go to: <a href="https://github.com/golismero/golismero">https://github.com/golismero/golismero</a></font></p>
---
What's GoLismero?
=================
......@@ -163,10 +168,11 @@ Windows
On Windows, you'll have to install each tool separately. You can download them from here:
- [Python 2.7](http://python.org/download/releases/2.7.6/)
- [Git](https://code.google.com/p/msysgit/downloads/list)
- [Perl](http://www.perl.org/get.html#win32)
- [Nmap](http://nmap.org/download.html#windows)
- [SSLScan](https://code.google.com/p/sslscan-win/)
Nikto is already bundled with GoLismero, but it requires the Cygwin version of Perl to run, since the native version can't handle Unix paths. You can download if from here: [Cygwin](http://cygwin.com/install.html).
SSLScan for Windows has a bug that causes crashes when writing XML output, which is the one required by GoLismero. The issue has been [unfixed since 2010](https://code.google.com/p/sslscan-win/issues/detail?id=2), so it's not likely to change soon, but there's a workaround: simply upgrade OpenSSL to a newer version. You can get an OpenSSL build from here: [Win32OpenSSL](https://slproweb.com/products/Win32OpenSSL.html).
It's usually a good idea to install Visual Studio 2008 SP1 as well. This enables the compilation of C extensions, which can speed up some Python modules.
......@@ -355,4 +361,4 @@ Some gotchas we already know about:
* GoLismero seems to run slower on Windows than on Linux or Mac. It appears to be related to the Python standard multiprocessing module and the lack of fork() support on Windows.
* This is not a bug, just a reminder: GoLismero by default creates a new database file on each run! You can disable the database creation with the -nd switch.
[![githalytics.com alpha](https://cruel-carlota.pagodabox.com/bd520897a768ee38569775bdb8372b8a "githalytics.com")](http://githalytics.com/cr0hn/golismero)
[![githalytics.com alpha](https://cruel-carlota.pagodabox.com/bd520897a768ee38569775bdb8372b8a "githalytics.com")](http://githalytics.com/golismero/golismero)
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -2,14 +2,10 @@
# -*- coding: utf-8 -*-
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......@@ -30,18 +26,14 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
import sys
import os
from os import path
try:
_FIXED_PATH_
except NameError:
here = path.split(path.abspath(__file__))[0]
if not here: # if it fails use cwd instead
here = path.abspath(os.getcwd())
golismero = path.join(here, "..", "..")
thirdparty_libs = path.join(golismero, "thirdparty_libs")
if path.exists(thirdparty_libs):
sys.path.insert(0, thirdparty_libs)
sys.path.insert(0, golismero)
_FIXED_PATH_ = True
here = path.split(path.abspath(__file__))[0]
if not here: # if it fails use cwd instead
here = path.abspath(os.getcwd())
golismero = path.join(here, "..", "..")
thirdparty_libs = path.join(golismero, "thirdparty_libs")
if path.exists(thirdparty_libs):
sys.path.insert(0, thirdparty_libs)
sys.path.insert(0, golismero)
index = """GoLismero - The Web Knife
=========================
......
......@@ -2,14 +2,10 @@
# -*- coding: utf-8 -*-
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......@@ -30,18 +26,14 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
import sys
import os
from os import path
try:
_FIXED_PATH_
except NameError:
here = path.split(path.abspath(__file__))[0]
if not here: # if it fails use cwd instead
here = path.abspath(os.getcwd())
golismero = path.join(here, "..", "..")
thirdparty_libs = path.join(golismero, "thirdparty_libs")
if path.exists(thirdparty_libs):
sys.path.insert(0, thirdparty_libs)
sys.path.insert(0, golismero)
_FIXED_PATH_ = True
here = path.split(path.abspath(__file__))[0]
if not here: # if it fails use cwd instead
here = path.abspath(os.getcwd())
golismero = path.join(here, "..", "..")
thirdparty_libs = path.join(golismero, "thirdparty_libs")
if path.exists(thirdparty_libs):
sys.path.insert(0, thirdparty_libs)
sys.path.insert(0, golismero)
from golismero.api.plugin import get_plugin_type_display_name, get_plugin_type_description
from golismero.managers.pluginmanager import PluginManager
......
......@@ -10,7 +10,7 @@ profile = default
# Verbosity level. May be one of the following values:
# 0: silent
# 1: normal
# 1: minimal
# 2: verbose
# 3: very verbose
verbose = 2
......
This diff is collapsed.
......@@ -2,14 +2,10 @@
# -*- coding: utf-8 -*-
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......@@ -45,11 +41,10 @@ __all__ = [
# Metadata
__author__ = "GoLismero project team"
__copyright__ = "Copyright 2011-2013 - GoLismero Project"
__credits__ = ["Daniel Garcia Garcia a.k.a cr0hn (@ggdaniel)",
"Mario Vilas (@Mario_Vilas)"]
__email__ = "golismero.project<@>gmail.com"
__version__ = "2.0.0b3"
__copyright__ = "Copyright (C) 2011-2014 GoLismero Project"
__credits__ = ["GoLismero Project Team"]
__email__ = "contact@golismero-project.com"
__version__ = "2.0.0b6"
#------------------------------------------------------------------------------
......@@ -59,13 +54,11 @@ def get_banner():
:rtype: str
"""
banner_lines = [
"GoLismero %s - The Web Knife" % __version__,
##__copyright__,
"Contact: " + __email__,
"GoLismero %s, The Web Knife" % __version__,
__copyright__,
"",
"Contact: " + __email__,
]
for ppl in __credits__:
banner_lines.append(ppl)
width = max(len(line) for line in banner_lines)
banner = "\n/-" + ("-" * width) + "-\\\n"
for line in banner_lines:
......
......@@ -9,14 +9,10 @@ Audit control API.
"""
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......
......@@ -6,14 +6,10 @@ Plugin configuration API.
"""
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......
......@@ -6,14 +6,10 @@ Cryptographic utility functions.
"""
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......
This diff is collapsed.
......@@ -6,14 +6,10 @@ Information, resources and vulnerabilities database API.
"""
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......@@ -88,74 +84,59 @@ class Database(Singleton):
#--------------------------------------------------------------------------
@staticmethod
def remove(identity, data_type = None):
def remove(identity):
"""
Remove an object given its identity hash.
Optionally restrict the result by data type. Depending on the
underlying database, this may result in a performance gain.
.. warning: Only use this if you *really* know what you're doing!
:param identity: Identity hash.
:type identity: str
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
:returns: True if the object was removed, False if it didn't exist.
:rtype: bool
"""
return Config._context.remote_call(
MessageCode.MSG_RPC_DATA_REMOVE, identity, data_type)
MessageCode.MSG_RPC_DATA_REMOVE, identity)
#--------------------------------------------------------------------------
@staticmethod
def async_remove(identity, data_type = None):
def async_remove(identity):
"""
Asynchronously remove an object given its identity hash.
Optionally restrict the result by data type. Depending on the
underlying database, this may result in a performance gain.
.. warning: Only use this if you *really* know what you're doing!
:param identity: Identity hash.
:type identity: str
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
"""
Config._context.async_remote_call(
MessageCode.MSG_RPC_DATA_REMOVE, identity, data_type)
MessageCode.MSG_RPC_DATA_REMOVE, identity)
#--------------------------------------------------------------------------
@staticmethod
def async_remove_many(identities, data_type = None):
def async_remove_many(identities):
"""
Asynchronously remove multiple objects given their identity hashes.
Optionally restrict the result by data type. Depending on the
underlying database, this may result in a performance gain.
.. warning: Only use this if you *really* know what you're doing!
:param identities: Identity hashes.
:type identities: str
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
"""
Config._context.async_remote_call(
MessageCode.MSG_RPC_DATA_REMOVE_MANY, identities, data_type)
MessageCode.MSG_RPC_DATA_REMOVE_MANY, identities)
#--------------------------------------------------------------------------
@staticmethod
def has_key(identity, data_type = None):
def has_key(identity):
"""
Check if an object with the given
identity hash is present in the database.
Optionally restrict the result by data type. Depending on the
underlying database, this may result in a performance gain.
:param identity: Identity hash.
:type identity: str
......@@ -163,48 +144,39 @@ class Database(Singleton):
:rtype: bool
"""
return Config._context.remote_call(
MessageCode.MSG_RPC_DATA_CHECK, identity, data_type)
MessageCode.MSG_RPC_DATA_CHECK, identity)
#--------------------------------------------------------------------------
@staticmethod
def get(identity, data_type = None):
def get(identity):
"""
Get an object given its identity hash.
Optionally restrict the result by data type. Depending on the
underlying database, this may result in a performance gain.
:param identity: Identity hash.
:type identity: str
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
:returns: Data object if found, None otherwise.
:rtype: Data | None
"""
return Config._context.remote_call(
MessageCode.MSG_RPC_DATA_GET, identity, data_type)
MessageCode.MSG_RPC_DATA_GET, identity)
#--------------------------------------------------------------------------
@staticmethod
def get_many(identities, data_type = None):
def get_many(identities):
"""
Get an object given its identity hash.
:param identities: Identity hashes.
:type identities: list(str)
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
:returns: Data objects.
:rtype: list(Data)
"""
return Config._context.remote_call(
MessageCode.MSG_RPC_DATA_GET_MANY, identities, data_type)
MessageCode.MSG_RPC_DATA_GET_MANY, identities)
#--------------------------------------------------------------------------
......@@ -215,10 +187,10 @@ class Database(Singleton):
type, optionally filtering by subtype.
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
:type data_type: int | None
:param data_subtype: Optional data subtype.
:type data_subtype: int | str
:type data_subtype: str | None
:returns: Identity hashes.
:rtype: set(str)
......@@ -239,10 +211,10 @@ class Database(Singleton):
optionally filtering by subtype.
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
:type data_type: int | None
:param data_subtype: Optional data subtype.
:type data_subtype: int | str
:type data_subtype: str | None
:returns: Count of requested objects.
:rtype: int
......@@ -263,10 +235,10 @@ class Database(Singleton):
optionally filtering by subtype.
:param data_type: Optional data type. One of the Data.TYPE_* values.
:type data_type: int
:type data_type: int | None
:param data_subtype: Optional data subtype.
:type data_subtype: int | str
:type data_subtype: str | None
:returns: Generator of Data objects.
:rtype: generator(Data)
......
......@@ -6,14 +6,10 @@ Information types.
"""
__license__ = """
GoLismero 2.0 - The web knife - Copyright (C) 2011-2013
Authors:
Daniel Garcia Garcia a.k.a cr0hn | cr0hn<@>cr0hn.com
Mario Vilas | mvilas<@>gmail.com
GoLismero 2.0 - The web knife - Copyright (C) 2011-2014
Golismero project site: https://github.com/golismero
Golismero project mail: golismero.project<@>gmail.com
Golismero project mail: contact@golismero-project.com
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
......@@ -41,8 +37,6 @@ class Information(Data):
Base class for informational results.
"""
#--------------------------------------------------------------------------
# Categories of informational data.
CATEGORY_UNKNOWN = 0 # Not a real value!
CATEGORY_FILE = 1
......@@ -50,85 +44,46 @@ class Information(Data):
CATEGORY_CAPTURE = 3
CATEGORY_FINGERPRINT = 4
#--------------------------------------------------------------------------
# Types of informational data.
INFORMATION_UNKNOWN = 0 # Not a real value!
# File Data: raw file contents.
INFORMATION_HTML = 1000 # HTML source code
INFORMATION_FORM = 1001 # HTML form
INFORMATION_PLAIN_TEXT = 1002 # Text file
INFORMATION_BINARY = 1003 # Binary file of unknown type
##INFORMATION_EXECUTABLE = 1004 # Executable file (various platforms)
INFORMATION_IMAGE = 1005 # Image file
##INFORMATION_VIDEO = 1006 # Video file
##INFORMATION_PDF = 1007 # PDF file
##INFORMATION_FLASH = 1008 # Flash file
##INFORMATION_DOCUMENT = 1009 # Document file (various formats)
# Assets: sensitive information captured from the targets.
INFORMATION_USERNAME = 1100 # Username
INFORMATION_PASSWORD = 1101 # Password
##INFORMATION_DATABASE_DUMP = 1102 # Database dump in SQL format
# Protocol captures: raw network protocol d