crt0mega
/
skipfish
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

1.92b: Reading starting URLs from file now supported (@ prefix).

This commit is contained in:
Steve Pinkham 2011-08-09 16:01:39 -04:00
parent 16bd99b75c
commit 831a3a497b
20 changed files with 91 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
Version 1.92b:
--------------
- Reading starting URLs from file is now supported (@ prefix).
Version 1.90b / 1.91b:
----------------------

6
Makefile
View File

@ -4,7 +4,7 @@
#
# Author: Michal Zalewski <lcamtuf@google.com>
#
# Copyright 2009, 2010 by Google Inc. All Rights Reserved.
# Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -20,7 +20,7 @@
#
PROGNAME = skipfish
VERSION = 1.91b
VERSION = 1.92b
OBJFILES = http_client.c database.c crawler.c analysis.c report.c
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
@ -28,7 +28,7 @@ INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -I/usr/local/include/ \
-I/opt/local/include/ $(CFLAGS) -DVERSION=\"$(VERSION)\"
CFLAGS_DBG = -DLOG_STDERR=1 -DDEBUG_ALLOCATOR=1 $(CFLAGS_GEN)
CFLAGS_DBG = -DLOG_STDERR=1 -DDEBUG_ALLOCATOR=1 $(CFLAGS_GEN)
CFLAGS_OPT = -O3 -Wno-format $(CFLAGS_GEN)
LDFLAGS += -L/usr/local/lib/ -L/opt/local/lib

9
README
View File

@ -5,7 +5,7 @@ skipfish - web application security scanner
http://code.google.com/p/skipfish/
* Written and maintained by Michal Zalewski <lcamtuf@google.com>.
* Copyright 2009, 2010 Google Inc, rights reserved.
* Copyright 2009, 2010, 2011 Google Inc, rights reserved.
* Released under terms and conditions of the Apache License, version 2.0.
--------------------
@ -237,8 +237,11 @@ Once you have the dictionary selected, you can try:
$ ./skipfish -o output_dir http://www.example.com/some/starting/path.txt
Note that you can provide more than one starting URL if so desired; all of
them will be crawled.
Note that you can provide more than one starting URL if so desired; all of
them will be crawled. It is also possible to read URLs from file, using
the following syntax:
$ ./skipfish -o output_dir @../path/to/url_list.txt
The tool will display some helpful stats while the scan is in progress. You
can also switch to a list of in-flight HTTP requests by pressing return.

2
alloc-inl.h
View File

@ -7,7 +7,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
analysis.c
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
analysis.h
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
assets/index.html
View File

@ -7,7 +7,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
config.h
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
crawler.c
View File

@ -6,7 +6,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
crawler.h
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
database.c
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
database.h
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
debug.h
View File

@ -5,7 +5,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
http_client.c
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
http_client.h
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
report.c
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
report.h
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
same_test.c
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

65
skipfish.c
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -181,6 +181,54 @@ void splash_screen(void) {
#endif /* SHOW_SPLASH */
/* Load URLs from file. */
static void read_urls(u8* fn) {
FILE* f = fopen((char*)fn, "r");
u8 tmp[MAX_URL_LEN];
u32 loaded = 0;
if (!f) FATAL("Unable to open '%s'.", fn);
while (fgets((char*)tmp, MAX_URL_LEN, f)) {
struct http_request *req;
u8* url = tmp;
u32 l;
while (isspace(*url)) url++;
l = strlen((char*)url);
while (l && isspace(url[l-1])) l--;
url[l] = 0;
if (*url == '#' || !*url) continue;
req = ck_alloc(sizeof(struct http_request));
if (parse_url(url, req, NULL))
FATAL("Scan target '%s' in file '%s' is not a valid absolute URL.", url, fn);
if (!url_allowed_host(req))
APPEND_FILTER(allow_domains, num_allow_domains,
__DFL_ck_strdup(req->host));
if (!url_allowed(req))
FATAL("URL '%s' in file '%s' explicitly excluded by -I / -X rules.",
url, fn);
maybe_add_pivot(req, NULL, 2);
destroy_request(req);
loaded++;
}
fclose(f);
if (!loaded) FATAL("No valid URLs found in '%s'.", fn);
}
/* Main entry point */
int main(int argc, char** argv) {
@ -458,14 +506,23 @@ int main(int argc, char** argv) {
load_keywords((u8*)wordlist, purge_age);
/* Schedule all URLs in the command line for scanning */
/* Schedule all URLs in the command line for scanning. */
while (optind < argc) {
struct http_request *req = ck_alloc(sizeof(struct http_request));
struct http_request *req;
/* Support @ notation for reading URL lists from files. */
if (argv[optind][0] == '@') {
read_urls((u8*)argv[optind++] + 1);
continue;
}
req = ck_alloc(sizeof(struct http_request));
if (parse_url((u8*)argv[optind], req, NULL))
FATAL("One of specified scan targets is not a valid absolute URL.");
FATAL("Scan target '%s' is not a valid absolute URL.", argv[optind]);
if (!url_allowed_host(req))
APPEND_FILTER(allow_domains, num_allow_domains,

2
types.h
View File

@ -4,7 +4,7 @@
Author: Michal Zalewski <lcamtuf@google.com>
Copyright 2009, 2010 by Google Inc. All Rights Reserved.
Copyright 2009, 2010, 2011 by Google Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.