Commit d72e2ee8 authored by Devon Kearns's avatar Devon Kearns

Imported Upstream version 1.10

parents
***********************************************************
WARNING
***********************************************************
This software is meant to be used * EXCLUSIVELY * against
web servers for which you have the required authorization.
SCRT - Information Security * CANNOT * be held as responsible
for any misuse of this software. If you decide to ignore this
warning and use this software without authorization from web
server administrator/responsible it is * AT YOUR OWN RISK *.
* Note for Windows users
-----------------------------------------------------------------------------------
To ensure better compatibility with various Windows versions Webshag 1.10 Windows
installer does NOT embed Python runtime and wxPython libraries. These elements
thus have to be properly installed on the machine prior to installing Webshag.
* Requirements
-----------------------------------------------------------------------------------
Before installing Webshag 1.10, please ensure that the following holds:
* Python 2.5 or 2.6 is properly installed (http://www.python.org/download/).
Note that Webshag 1.10 is NOT compatible with Python 3.0. Also ensure that
Python directory is in the PATH.
* wxPython is properly installed (http://www.wxpython.org/download.php)
* It is possible to run different versions of Webshag on a single machine IF
they are installed in different locations. However, Webshag 1.10 CANNOT be
installed over an existing Webshag 1.00 installation. Thus if you plan
to replace Webshag 1.00 with Webshag 1.10 (which is recommended), you have
to UNINSTALL any existing instance of Webshag 1.00 before installing the
latest version.
* Install on Linux
-----------------------------------------------------------------------------------
* Decompress ws110.tar.gz to desired location (e.g. /home/<user>/webshag1.10/)
$> mkdir ~/webshag1.10
$> cp ws110.tar.gz ~/webshag1.10/
$> cd ~/webshag1.10
$> tar xzvf ws110.tar.gz
* Execute configuration script and follow instructions
$> chmod +x setup.linux.py
$> ./setup.linux.py
* Run Webshag 1.10
[GUI] $> ./webshag_gui.py
[CLI] $> ./webshag_cli.py
* Install on Windows using installer
-----------------------------------------------------------------------------------
* Run Windows installer (ws110setup.exe). Once install is finished, the
configuration script will be automaticaly run thus simply follow the
on-screen instructions.
* Manual install on Windows
-----------------------------------------------------------------------------------
* Decompress ws110.zip to desired location (e.g. C:\Program Files\Webshag1.10)
* Execute configuration script (setup.windows.py) and follow instructions
* Run Webshag 1.10
[GUI] execute webshag_gui.pyw
[CLI] execute webshag_cli.py (from command line)
* Optionaly, you can create shortcuts to webshag_gui.py on your Desktop or
Start Menu. However, ensure that "Start In" property is set to Webshag
install directory (C:\Program Files\Webshag1.10 or any other location).
This diff is collapsed.
[core_file]
nikto_db_dir =
fuzzer_file_list =
fuzzer_dir_list =
custom_db_dir =
fuzzer_ext_list =
[module_spider]
spider_threads = 3
use_robots = True
[module_fuzz]
fuzz_method = HEAD
fuzz_threads = 3
fuzz_show_codes = 200,401,403,500
[module_urlscan]
scan_show_codes = 200,301,302,401,500
use_db_custom = True
use_db_nikto = True
scan_threads = 3
[core_http]
user_agent = webshag/1.10
default_header =
ids_rp_list =
proxy_host =
socket_timeout = 10
default_header_value =
ids_pause = False
ids_pause_time = 1
proxy_password =
ids = False
proxy_port = 0
ssl = False
ids_rp = False
proxy_username =
proxy_auth = False
auth_password =
auth = False
auth_username =
proxy = False
[module_info]
live_id = __insert_your_live_appid_here__
[module_portscan]
nmap = True
nmap_location = /usr/bin/nmap
# last mod: 2008-02-17
apache(/1\.[1-9]{1,3})?[::]apache
apache(/2\.[1-9]{1,3})?[::]apache
^apache\s?[::]apache
Microsoft-IIS/([1-7]{1}\.0)[::]iis
^gws.*[::]gws
^IBM_HTTP_Server\b[::]apache
^Lotus-Domino\b[::]domino
lighttpd(/[0-9]\.[0-9]\.[0-9])?[::]lighttp
Zeus(/[0-9]\.[0-9])?[::]zeus
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
# source: http://en.wikipedia.org/wiki/List_of_file_formats
## last mod: 2008-09-09
.123
.3gp
.7z
.aac
.aaf
.abw
.ACCDB
.ace
.acl
.act
.ada
.ads
.afp
.aiff
.ans
.ape
.arc
.arj
.art
.as
.asc
.asf
.asl
.asm
.asp
.au
.au3
.avchd
.avi
.aws
.bas
.bat
.bb
.bin
.bkf
.blp
.bmax
.bmp
.BOX
.bw
.bz2
.c
.cab
.cam
.cbl
.cc
.cdda
.cfg
.cit
.clf
.cls
.cmd
.cob
.cpp
.cpt
.cs
.css
.csv
.cust
.cut
.cwk
.cxx
.d
.daa
.DAF
.dat
.DB
.DBF
.dds
.deb
.dib
.divx
.doc
.docx
.dot
.dotx
.dsh
.dsk
.dvi
.dwd
.e
.EAP
.ecab
.eea
.efs
.egg
.egt
.EGT
.ess
.ESS
.exif
.ezip
.f
.f77
.FDB
.fla
.flac
.flr
.flv
.for
.frm
.FRM
.frx
.ftm
.ftn
.ftx
.GDB
.ged
.gho
.ghs
.gif
.gm6
.gmd
.gmk
.gml
.gnumeric
.gsm
.gym
.gz
.h
.hdd
.hpp
.hs
.hta
.htm
.html
.hwp
.hxx
.icb
.ici
.icns
.ico
.iff
.iff-16sv
.iff-8svx
.ilbm
.img
.inc
.info
.int
.ipg
.iso
.it
.itcl
.jam
.jar
.java
.jng
.jp2
.jpeg
.jpg
.js
.jsfl
.KEXI
.KEXIC
.key
.l
.la
.lbm
.lbr
.ldb
.log
.lua
.lwp
.lzh
.lzo
.lzx
.m
.m1v
.m2v
.m4
.m4a
.m4p
.max
.mcw
.mdb
.MDE
.MDF
.mht
.mhtml
.mid
.miff
.mkv
.ml
.mng
.mod
.mov
.mp2
.mp3
.mp4
.mpc
.mpe
.mpeg
.mpg
.mrc
.msp
.mt2
.mus
.mxf
.MYD
.MYI
.n
.nb
.nbp
.ncf
.NCF
.niff
.nitf
.nsf
.NSF
.nsv
.NTF
.numbers
.nut
.nvram
.ODB
.odp
.ods
.odt
.ogm
.ORA
.otp
.ots
.ott
.p
.pac
.pak
.pap
.par
.par2
.pas
.pbm
.pc1
.pc2
.pc3
.pcf
.pcl
.pcx
.pdax
.pdd
.pdf
.pdn
.pgm
.php
.php3
.php4
.php5
.pi1
.pi2
.pi3
.pict
.piv
.pix
.pk4
.pl
.pld
.pm
.png
.pnm
.pp
.ppm
.pps
.ppt
.prz
.ps
.ps1
.ps1xml
.psb
.psc1
.psd
.psd1
.psf
.psm1
.psp
.ptb
.pvs
.px
.pxr
.py
.pyc
.pyo
.qfx
.qpw
.ra
.rar
.raw
.rb
.resx
.rgb
.rka
.rle
.rm
.rmj
.rtf
.s3m
.sav
.scm
.scpt
.sct
.sdw
.sgi
.sh
.shf
.shn
.sib
.slk
.smi
.smp
.snp
.spc
.speex
.spin
.SQL
.sspss
.stc
.std
.sti
.stk
.stw
.svi
.swa
.swf
.sxc
.sxi
.sxw
.tab
.tar
.targa
.tar.gz
.tb
.tcl
.tex
.tga
.tgz
.tib
.tif
.tiff
.tpl
.tta
.txt
.uha
.uoml
.vb
.vbp
.vbs
.vc
.vda
.vfd
.vgm
.vhd
.vmc
.vmdk
.vmem
.vmsd
.vmsn
.vmss
.vmtm
.vmx
.vmxf
.voc
.vorbis
.vox
.vqf
.vsa
.vst
.vsv
.vud
.watch
.wav
.WDB
.wk1
.wk3
.wk4
.wks
.wma
.wpd
.wps
.wpt
.wq1
.wrap
.wrd
.wrf
.wri
.wv
.xbm
.xcf
.xht
.xhtml
.xlk
.xlr
.xls
.xlsb
.xlsm
.xlsx
.xlt
.xltm
.xlw
.xm
.xml
.xpm
.xps
.xsl
.xslt
.xvid
.y
.ym
.z
.zip
.zoo
\ No newline at end of file
This diff is collapsed.
#VERSION,2.000
#LASTMOD,11.10.2007
# http://www.cirt.net
# This file may only be distributed and used with the full Nikto package.
# This file may not be used with any software product without written permission from CIRT, Inc.
# (c) 2007 CIRT, Inc., All Rights Reserved.
# By sending any database updates to CIRT, Inc., it is assumed that you
# grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes.
#######################################################################
# Variables which will be used as replacements for values in
# the scan_database.db and user_scan_database.db files.
# Any values to be replaced must start with the @ character, such as: @CGIDIRS.
#
# User defined variables should be set in config.txt as this file may be
# over-written during updates.
#
# If you have additions, please send to sullo@cirt.net
@CGIDIRS=/cgi.cgi/ /webcgi/ /cgi-914/ /cgi-915/ /bin/ /cgi/ /mpcgi/ /cgi-bin/ /ows-bin/ /cgi-sys/ /cgi-local/ /htbin/ /cgibin/ /cgis/ /scripts/ /cgi-win/ /fcgi-bin/ /cgi-exe/ /cgi-home/ /cgi-perl/
@NUKE=/ /postnuke/ /postnuke/html/ /modules/ /phpBB/ /forum/
@MUTATEDIRS=/....../ /members/ /porn/ /restricted/ /xxx/
@MUTATEFILES=xxx.htm xxx.html porn.htm porn.html
@ADMIN=/admin/ /adm/ /administrator/
@USERS=adm bin daemon ftp guest listen lp mysql noaccess nobody nobody4 nuucp operator root smmsp smtp sshd sys test unknown uucp web www
@PASSWORDDIRS=/ /admin/ /clients/ /pass/ /password/ /passwords/ /store/ /users/ /access/ /members/ /private/ /ccbill/ /dmr/ /mastergate/ /dmr/ /epoch/ /netbilling/ /webcash/ /wwwjoin/ /etc/security/
@PASSWORDFILES=admins clients pass password passwords passwd passwd.adjunct store users .htpasswd .passwd
@PHPMYADMIN=/ /3rdparty/phpMyAdmin/ /phpMyAdmin/
# proxy_host[::]proxy_port[::]username[::]password
\ No newline at end of file
#!/usr/bin/python
## ################################################################# ##
## (C) SCRT - Information Security, 2007 - 2008 // author: ~SaD~ ##
## ################################################################# ##
## This program is free software: you can redistribute it and/or ##
## modify it under the terms of the GNU General Public License as ##
## published by the Free Software Foundation, either version 3 of ##
## the License, or (at your option) any later version. ##
## This program is distributed in the hope that it will be useful, ##
## but WITHOUT ANY WARRANTY; without even the implied warranty of ##
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ##
## GNU General Public License for more details. ##
## You should have received a copy of the GNU General Public License ##
## along with this program. If not, see http://www.gnu.org/licenses. ##
## ################################################################# ##
## last mod: 2008-12-31
import re
import codecs
from ConfigParser import SafeConfigParser
import os.path
## ################################################################# ##
## INIT ##
## ################################################################# ##
path_prefix = os.path.abspath(os.path.curdir) + '/'
## ################################################################# ##
## CONSTANTS ##
## ################################################################# ##
NMAP = u'/usr/bin/nmap'
CORE_FILE = u'webshag/core/core_file.py'
CFG_FILE = u'config/webshag.conf'
FUZZ_DIRS = path_prefix + u'/database/fuzzer/directory-list-2.3-small.txt'
FUZZ_FILES = path_prefix + u'/database/fuzzer/directory-list-1.0.txt'
FUZZ_EXT = path_prefix + u'/database/fuzzer/extensions.txt'
CUSTOM_DB = path_prefix + u'/database/custom'
NIKTO_DB = path_prefix + u'/database/nikto'
IDS_PROXIES = path_prefix + u'/database/proxies/proxies.txt'
CORE_CFG_RE = re.compile(ur'CFG_FILE\s=\s(?P<path>.*)')
## ################################################################# ##
## NMAP PORT SCANNER ##
## ################################################################# ##
print u'[*] Looking for Nmap on your system...\t',
if os.path.exists(NMAP):
nmap = u'True'
nmap_location = NMAP
print u'Found!'
else:
print u'Not Found!'
user_nmap = raw_input(u'[#] Please specify Nmap (nmap.exe) location (blank to skip): ')
if user_nmap != '':
if os.path.isfile(user_nmap):
nmap = 'True'
nmap_location = user_nmap
else:
nmap = u'False'
nmap_location = ''
print u'[!] Nmap has not been found. Port scan module will not be functional.'
else:
nmap = u'False'
nmap_location = ''
print u'[!] Nmap has not been found. Port scan module will not be functional.'
## ################################################################# ##
## LIVE SEARCH APPID ##
## ################################################################# ##
user_live = raw_input(u'[#] Enter your Live Search AppID (blank to skip): ')
if user_live != '':
live_id = user_live
print u'[*] Live Search AppID: ' + user_live + u'\t Done!'
else:
live_id = ''
print u'[!] AppID missing. Domain information module will not be functional.'
## ################################################################# ##
## ALTERING FILES ##
## ################################################################# ##
core_file = path_prefix + CORE_FILE
cfg_file = path_prefix + CFG_FILE
# core_file.py
print u'[*] Patching source code (configuration file location)...\t',
# reading file
core_file_handler = codecs.open(core_file, u'r', u'utf-8')
core_file_contents = core_file_handler.read()
core_file_handler.close()
# replacing path value
old_path = CORE_CFG_RE.findall(core_file_contents)[-1]
core_file_contents = core_file_contents.replace(old_path, '\'' + cfg_file + '\'')
# writing file back
core_file_handler = codecs.open(core_file, u'w', u'utf-8')
core_file_handler.write(core_file_contents)
core_file_handler.close()
print u'Done!'
# webshag.conf
print u'[*] Fixing configuration file settings...\t',
configParser = SafeConfigParser()
configParser.readfp(codecs.open(cfg_file, u'r', u'utf-8'))
configParser.set(u'core_file', u'fuzzer_file_list', FUZZ_FILES)
configParser.set(u'core_file', u'fuzzer_dir_list', FUZZ_DIRS)
configParser.set(u'core_file', u'fuzzer_ext_list', FUZZ_EXT)
configParser.set(u'core_file', u'custom_db_dir', CUSTOM_DB)
configParser.set(u'core_file', u'nikto_db_dir', NIKTO_DB)
configParser.set('core_http', 'ids_rp_list', IDS_PROXIES)
configParser.set(u'module_info', u'live_id', live_id)
configParser.set(u'module_portscan', u'nmap', nmap)
configParser.set(u'module_portscan', u'nmap_location', nmap_location)
cfg_file_handler = codecs.open(cfg_file, u'w', u'utf-8')
configParser.write(cfg_file_handler)
cfg_file_handler.close()
print u'Done!'
## ################################################################# ##
## END ##
## ################################################################# ##
print ''
print 'Thanks for your interest in webshag! It is now ready to be used!'
print 'Enjoy! For more information please visit www.scrt.ch'
print ''
raw_input('Press any key to exit.\n')
__all__ = []
\ No newline at end of file
__all__ = []
\ No newline at end of file
## ################################################################# ##
## (C) SCRT - Information Security, 2007 - 2008 // author: ~SaD~ ##
## ################################################################# ##
## This program is free software: you can redistribute it and/or ##
## modify it under the terms of the GNU General Public License as ##