Ready for a stable release

On The Way to XSRFProbe v2 (Stable)
0xInfection · Dec 29, 2018 · 675cf0a · 675cf0a
2 parents 53b620e + 3c0d175
commit 675cf0a
Show file tree

Hide file tree

Showing 43 changed files with 1,345 additions and 469 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -15,8 +15,12 @@ before_script:
   # exit-zero treats all errors as warnings.  The GitHub editor is 127 chars wide
   - flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics --quiet
 script:
+  # Help message.
   - python xsrfprobe.py --help
-  - python xsrfprobe.py -u http://www.webscantest.com --timeout 5 --max-chars 3 --quiet
+  # Crawl entire www.webscantest.com and submit forms.
+  - python xsrfprobe.py -u http://www.webscantest.com --crawl --timeout 5 --max-chars 3 --quiet
+  # Test only a single endpoint vulnerability.
+  - python xsrfprobe.py -u http://www.webscantest.com/csrf/csrfpost.php
 notifications:
   on_success: change
   on_failure: change  # `always` will be the setting once code changes slow down
diff --git a/core/banner.py b/core/banner.py
@@ -5,7 +5,7 @@
 #    XSRF Probe     #
 #-:-:-:-:-:-:-::-:-:#
 
-#Author: 0xInfection (@_tID)
+#Author: 0xInfection
 #This module requires XSRF-Probe
 #https://github.com/0xInfection/XSRF-Probe
 
@@ -17,31 +17,31 @@
 def banner():
 
     print('\n\n')
-    time.sleep(0.1)
+    time.sleep(0.05)
     print(color.ORANGE+'     _____       _____       _____      _____       _____                                    ')
-    time.sleep(0.1)
+    time.sleep(0.05)
     print(color.RED+'  __'+color.ORANGE+'|'+color.RED+'__ '+color.ORANGE+'  |_  '+color.RED+'__'+color.ORANGE+'|'+color.RED+'___ '+color.ORANGE+' |_  '+color.RED+'__'+color.ORANGE+'|'+color.RED+'___  '+color.ORANGE+'|_  '+color.RED+'_'+color.ORANGE+'|'+color.RED+'____ '+color.ORANGE+'|_'+color.RED+'   _'+color.ORANGE+'|'+color.RED+'____ '+color.ORANGE+'|_ '+color.RED+' _____   _____  ______  ______  ')
-    time.sleep(0.1)
+    time.sleep(0.05)
     print(color.RED+" \  `  /    "+color.ORANGE+'|'+color.RED+'|   ___|   '+color.ORANGE+'|'+color.RED+'|  _  _|   '+color.ORANGE+'|'+color.RED+'|   ___|  '+color.ORANGE+'| '+color.RED+'|   _  |  '+color.ORANGE+"|"+color.RED+"|  _ ,' /     \|  _   )|   ___| ")
-    time.sleep(0.1)
+    time.sleep(0.05)
     print(color.RED+'  >   <     '+color.ORANGE+'|'+color.RED+' `-.`-.    '+color.ORANGE+'|'+color.RED+'|     \    '+color.ORANGE+'|'+color.RED+'|   ___|  '+color.ORANGE+'|'+color.RED+' |    __|  '+color.ORANGE+'|'+color.RED+'|     \ |  -  || |_  { |   ___| ')
-    time.sleep(0.1)
+    time.sleep(0.05)
     print(color.RED+' /__/__\   '+color.ORANGE+'_|'+color.RED+'|______|  '+color.ORANGE+'_|'+color.RED+'|__|\__\ '+color.ORANGE+' _|'+color.RED+'|___|   '+color.ORANGE+' _|'+color.RED+' |___|   '+color.ORANGE+' _|'+color.RED+'|__|\__\＼____/|______)|______| ')
-    time.sleep(0.1)
+    time.sleep(0.05)
     print(color.ORANGE+'    |_____|     |_____|     |_____|    |_____|     |_____| \n\n')
-    time.sleep(0.1)
+    time.sleep(0.05)
 
 def banabout(): # some fancy banner stuff :p
 
-    print(color.BLUE+'   [---]           '+color.GREY+'XSRF Probe |'+color.RED+' A'+color.ORANGE+' Cross Site Request Forgery '+color.RED+'Audit Toolkit          '+color.BLUE+'[---]')
-    time.sleep(0.2)
+    print(color.BLUE+'   [---]            '+color.GREY+'XSRF Probe,'+color.RED+' A'+color.ORANGE+' Cross Site Request Forgery '+color.RED+'Audit Toolkit          '+color.BLUE+'[---]')
+    time.sleep(0.1)
     print(color.BLUE+'   [---]                                                                            [---]')
-    time.sleep(0.2)
+    time.sleep(0.1)
     print(color.BLUE+'   [---]   '+color.PURPLE+'                  '+color.GREEN+'~  Author : '+color.CYAN+'The Infected Drake  ~                 '+color.BLUE+'     [---]')
-    time.sleep(0.2)
+    time.sleep(0.1)
     print(color.BLUE+'   [---]   '+color.CYAN+'                    ~  github.com / '+color.GREY+'0xInfection  ~                     '+color.BLUE+'  [---]')
-    time.sleep(0.2)
+    time.sleep(0.1)
     print(color.BLUE+'   [---]                                                                            [---]')
-    time.sleep(0.2)
-    print(color.BLUE+'   [---]   '+color.ORANGE+'                          ~  Version '+color.RED+open('files/VersionNum').read().strip()+color.ORANGE+'  ~                         '+color.BLUE+'  [---]\n')
-    time.sleep(0.2)
+    time.sleep(0.1)
+    print(color.BLUE+'   [---]   '+color.ORANGE+'                       ~  Version '+color.RED+open('files/VersionNum').read().strip()+color.ORANGE+'  ~                       '+color.BLUE+'  [---]\n')
+    time.sleep(0.1)
diff --git a/core/colors.py b/core/colors.py
@@ -5,7 +5,7 @@
 #    XSRF Probe     #
 #-:-:-:-:-:-:-::-:-:#
 
-# Author: @_tID
+# Author: 0xInfection
 # This module requires XSRFProbe
 # https://github.com/0xInfection/XSRFProbe
 

diff --git a/core/forms.py b/core/forms.py
@@ -9,42 +9,42 @@
 #This module requires XSRF-Probe
 #https://github.com/0xInfection/XSRF-Probe
 
-def form10(): # an example form to make sure the stuff works properly ;)
+def testFormx1(): # an example xsrfprobe-test-form to make sure the stuff works properly ;)
 
-    form0x01 = """<form action="/drupal/?q=node&amp;destination=node"  accept-charset="UTF-8" method="post" id="user-login-form">
-    <div><div class="form-item" id="edit-name-wrapper">
-     <label for="edit-name">Username: <span class="form-required" title="This field is required.">*</span></label>
-     <input type="text" maxlength="60" name="name" id="edit-name" size="15" value="test1" class="form-text required" />
+    test_form_0x01 = """<form action="/somendpoint" method="post" id="xsrfprobe-xsrfprobe-test-form">
+    <div><div class="xsrfprobe-test-form-item" id="edit-name-wrapper">
+     <label for="edit-name">Username: <span class="xsrfprobe-test-form-required" title="This field is required.">*</span></label>
+     <input type="text" maxlength="60" name="name" id="edit-name" size="15" value="test1" class="xsrfprobe-test-form-text required" />
     </div>
-    <div class="form-item" id="edit-pass-wrapper">
-     <label for="edit-pass">Password: <span class="form-required" title="This field is required.">*</span></label>
-     <input type="password" value="a9z8e7" name="pass" id="edit-pass"  maxlength="60"  size="15"  class="form-text required" />
+    <div class="xsrfprobe-test-form-item" id="edit-pass-wrapper">
+     <label for="edit-pass">Password: <span class="xsrfprobe-test-form-required" title="This field is required.">*</span></label>
+     <input type="password" value="a9z8e7" name="pass" id="edit-pass"  maxlength="60"  class="xsrfprobe-test-form-text required" />
     </div>
-    <input type="submit" name="op" id="edit-submit" value="Log in"  class="form-submit" />
-    <div class="item-list"><ul><li class="first"><a href="/drupal/?q=user/register" title="Create a new user account.">Create new account</a></li>
-    <li class="last"><a href="/drupal/?q=user/password" title="Request new password via e-mail.">Request new password</a></li>
-    </ul></div><input type="hidden" name="form_build_id" id="form-6a060c0861888b7321fab4f5ac6cb908" value="form-6a060c0861888b7321fab4f5ac6cb908"  />
-    <input type="hidden" name="form_id" id="edit-user-login-block" value="user_login_block"  />
+    <input type="submit" name="op" id="edit-submit" value="Log in"  class="xsrfprobe-test-form-submit" />
+    <div class="item-list"><ul><li class="first"><a href="/somednpoint/register" title="Create a new user account.">Create new account</a></li>
+    <li class="last"><a href="/somendpoint/tho" title="Request new password via e-mail.">Request new password</a></li>
+    </ul></div><input type="hidden" name="xsrfprobe-test-form_build_id" id="xsrfprobe-test-form-6ab908" value="xsrfprobe-test-form-6a060cc6cb908"  />
+    <input type="hidden" name="xsrfprobe-test-form_id" id="edit-xsrfprobe-block" value="user_login_block"  />
     </div></form> """
 
-    return form0x01
+    return test_form_0x01
 
-def form20(): # an example of a form (used drupal)
+def testFormx2(): # an example of a xsrfprobe-test-form (used drupal)
 
-    form0x02 = """<form action="/drupal/?q=node&amp;destination=node"  accept-charset="UTF-8" method="post" id="user-login-form">
-    <div><div class="form-item" id="edit-name-wrapper">
-     <label for="edit-name">Username: <span class="form-required" title="This field is required.">*</span></label>
-     <input type="text" maxlength="60" name="name" id="edit-name" size="15" value="test2" class="form-text required" />
+    test_form_0x02 = """<form action="/somendpoint" method="post" id="xsrfprobe-xsrfprobe-test-form">
+    <div><div class="xsrfprobe-test-form-item" id="edit-name-wrapper">
+     <label for="edit-name">Username: <span class="xsrfprobe-test-form-required" title="This field is required.">*</span></label>
+     <input type="text" maxlength="60" name="name" id="edit-name" size="15" value="test2" class="xsrfprobe-test-form-text required" />
     </div>
-    <div class="form-item" id="edit-pass-wrapper">
-     <label for="edit-pass">Password: <span class="form-required" title="This field is required.">*</span></label>
-     <input type="password" value="a9z8e7" name="pass" id="edit-pass"  maxlength="60"  size="15"  class="form-text required" />
+    <div class="xsrfprobe-test-form-item" id="edit-pass-wrapper">
+     <label for="edit-pass">Password: <span class="xsrfprobe-test-form-required" title="This field is required.">*</span></label>
+     <input type="password" value="a9z8e7" name="pass" id="edit-pass"  maxlength="60"  size="15"  class="xsrfprobe-test-form-text required" />
     </div>
-    <input type="submit" name="op" id="edit-submit" value="Log in"  class="form-submit" />
-    <div class="item-list"><ul><li class="first"><a href="/drupal/?q=user/register" title="Create a new user account.">Create new account</a></li>
-    <li class="last"><a href="/drupal/?q=user/password" title="Request new password via e-mail.">Request new password</a></li>
-    </ul></div><input type="hidden" name="form_build_id" id="form-6a060c0861888b7321fab4f5ac6cb908" value="form-6a060c0861888b7321fab4f5ac6cb908"  />
-    <input type="hidden" name="form_id" id="edit-user-login-block" value="user_login_block"  />
+    <input type="submit" name="op" id="edit-submit" value="Log in"  class="xsrfprobe-test-form-submit" />
+    <div class="item-list"><ul><li class="first"><a href="/somednpoint/register" title="Create a new user account.">Create new account</a></li>
+    <li class="last"><a href="/somendpoint/tho" title="Request new password via e-mail.">Request new password</a></li>
+    </ul></div><input type="hidden" name="xsrfprobe-test-form_build_id" id="xsrfprobe-test-form-6a060cc6cb908" value="xsrfprobe-test-form-6a060cc6cb908"  />
+    <input type="hidden" name="xsrfprobe-test-form_id" id="edit-xsrfprobe-block" value="user_login_block"  />
     </div></form> """
 
-    return form0x02
+    return test_form_0x02
diff --git a/core/inputin.py b/core/inputin.py
@@ -9,8 +9,8 @@
 #This module requires XSRF-Probe
 #https://github.com/0xInfection/XSRF-Probe
 
-import sys
-import socket
+import socket, requests
+from tld import get_fld
 from core.colors import *
 from files.config import SITE_URL
 
@@ -22,15 +22,37 @@ def inputin():
     if 'http' not in web: # add protocol to site
         web = 'http://' + web
 
-    web0 = web.split('//')[1]
+    web0 = get_fld(web)
     try:
-        print(O+'Testing site status...')
+        print(O+'Testing site '+color.GREY+web0+color.END+' status...')
         socket.gethostbyname(web0) # test whether site is up or not
         print(color.GREEN+' [+] Site seems to be up!'+color.END)
     except socket.gaierror: # if site is down
         print(R+'Site seems to be down...')
-        sys.exit(0)
-
-    if not web.endswith('/'): # check
-        web = web + '/' # make sure the site address ends with '/'
-    return web
+        quit()
+    try:
+        print(O+'Testing '+color.CYAN+web.split('//')[1].replace(web0,'')+color.END+' endpoint status...')
+        requests.get(web)
+        print(color.GREEN+' [+] Endpoint seems to be up!'+color.END)
+    except requests.exceptions.MissingSchema as e:
+        verbout(R, 'Exception at: '+color.GREY+url)
+        verbout(R, 'Error: Invalid URL Format')
+        ErrorLogger(url, e.__str__())
+        quit()
+    except requests.exceptions.HTTPError as e:  # if error
+        verbout(R, "HTTP Error : "+main_url)
+        ErrorLogger(main_url, e.__str__())
+        quit()
+    except requests.exceptions.ConnectionError as e:
+        verbout(R, 'Connection Aborted : '+main_url)
+        ErrorLogger(main_url, e.__str__())
+        quit()
+    except Exception as e:
+        verbout(R, "Exception Caught: "+e.__str__())
+        ErrorLogger(main_url, e.__str__())
+        quit()  # if at all nothing happens :(
+    if not web0.endswith('/'):
+        web0 = web0 + '/'
+    if web.split('//')[1] == web0:
+        return web, ''
+    return (web, web0)
diff --git a/core/logger.py b/core/logger.py
@@ -5,24 +5,29 @@
 #    XSRF Probe     #
 #-:-:-:-:-:-:-::-:-:#
 
-# Author: @_tID
+# Author: 0xInfection
 # This module requires XSRFProbe
 # https://github.com/0xInfection/XSRFProbe
 
 import os
 from core.colors import *
 from files.config import *
 from core.verbout import verbout
+from files.discovered import INTERNAL_URLS, FILES_EXEC, SCAN_ERRORS
+from files.discovered import VULN_LIST, FORMS_TESTED, REQUEST_TOKENS, STRENGTH_LIST
 
 def logger(filename, content):
     '''
     This module is for logging all the stuff we found
             while crawling and scanning.
     '''
-    output_file = OUTPUT_DIR + filename + '.txt'
+    output_file = OUTPUT_DIR + filename + '.log'
     with open(output_file, 'w+', encoding='utf8') as f:
-        for m in content:
-            f.write(m+'\n')
+        if type(content) is tuple or type(content) is list:
+            for m in content:  # if it is list or tuple, it is iterable
+                f.write(m+'\n')
+        else:
+            f.write(content)  # else we write out as it is... ;)
         f.write('\n')
 
 def pheaders(tup):
@@ -35,3 +40,31 @@ def pheaders(tup):
     for key, val in tup.items():
         verbout('  ',color.CYAN+key+': '+color.ORANGE+val)
     verbout('','')
+
+def GetLogger():
+    if INTERNAL_URLS:
+        logger('internal-links', INTERNAL_URLS)
+    if SCAN_ERRORS:
+        logger('errored', SCAN_ERRORS)
+    if FILES_EXEC:
+        logger('files-found', FILES_EXEC)
+    if REQUEST_TOKENS:
+        logger('anti-csrf-tokens', REQUEST_TOKENS)
+    if FORMS_TESTED:
+        logger('forms-tested', FORMS_TESTED)
+    if VULN_LIST:
+        logger('vulnerabilities', VULN_LIST)
+    if STRENGTH_LIST:
+        logger('strengths', STRENGTH_LIST)
+
+def ErrorLogger(url, error):
+    con = '(i) '+url+' -> '+error.__str__()
+    SCAN_ERRORS.append(con)
+
+def VulnLogger(url, vuln, content=''):
+    tent = '[!] '+url+' -> '+vuln+'\n\n'+str(content)+'\n\n'
+    VULN_LIST.append(tent)
+
+def NovulLogger(url, strength):
+    tent = '[+] '+url+' -> '+strength
+    STRENGTH_LIST.append(tent)