added common substrings test
This commit is contained in:
Somdev Sangwan
27
bolt.py
27
bolt.py
@@ -30,7 +30,7 @@ import statistics
|
|||||||
|
|
||||||
import core.config
|
import core.config
|
||||||
from core.entropy import isRandom
|
from core.entropy import isRandom
|
||||||
from core.config import token
|
from core.config import tokenPattern
|
||||||
from core.datanize import datanize
|
from core.datanize import datanize
|
||||||
from core.prompt import prompt
|
from core.prompt import prompt
|
||||||
from core.photon import photon
|
from core.photon import photon
|
||||||
@@ -39,7 +39,7 @@ from core.evaluate import evaluate
|
|||||||
from core.ranger import ranger
|
from core.ranger import ranger
|
||||||
from core.zetanize import zetanize
|
from core.zetanize import zetanize
|
||||||
from core.requester import requester
|
from core.requester import requester
|
||||||
from core.utils import extractHeaders, strength, isProtected, stringToBinary
|
from core.utils import extractHeaders, strength, isProtected, stringToBinary, longestCommonSubstring
|
||||||
|
|
||||||
parser = argparse.ArgumentParser()
|
parser = argparse.ArgumentParser()
|
||||||
parser.add_argument('-u', help='target url', dest='target')
|
parser.add_argument('-u', help='target url', dest='target')
|
||||||
@@ -115,7 +115,7 @@ aToken = allTokens[0]
|
|||||||
matches = []
|
matches = []
|
||||||
for element in hashPatterns:
|
for element in hashPatterns:
|
||||||
pattern = element['regex']
|
pattern = element['regex']
|
||||||
if re.match(pattern, aToken):
|
if re.match(tokenPattern, aToken):
|
||||||
for name in element['matches']:
|
for name in element['matches']:
|
||||||
matches.append(name)
|
matches.append(name)
|
||||||
if matches:
|
if matches:
|
||||||
@@ -146,6 +146,27 @@ except statistics.StatisticsError:
|
|||||||
print ('%s No CSRF protection to test' % bad)
|
print ('%s No CSRF protection to test' % bad)
|
||||||
quit()
|
quit()
|
||||||
|
|
||||||
|
def staticParts(allTokens):
|
||||||
|
strings = list(set(allTokens.copy()))
|
||||||
|
commonSubstrings = {}
|
||||||
|
for theString in strings:
|
||||||
|
strings.remove(theString)
|
||||||
|
for string in strings:
|
||||||
|
commonSubstring = longestCommonSubstring(theString, string)
|
||||||
|
if commonSubstring not in commonSubstrings:
|
||||||
|
commonSubstrings[commonSubstring] = []
|
||||||
|
if len(commonSubstring) > 2:
|
||||||
|
if theString not in commonSubstrings[commonSubstring]:
|
||||||
|
commonSubstrings[commonSubstring].append(theString)
|
||||||
|
if string not in commonSubstrings[commonSubstring]:
|
||||||
|
commonSubstrings[commonSubstring].append(string)
|
||||||
|
return commonSubstrings
|
||||||
|
result = {k: v for k, v in staticParts(allTokens).items() if v}
|
||||||
|
|
||||||
|
if result:
|
||||||
|
print ('%s Common substring found')
|
||||||
|
print (json.dumps(result, indent=4))
|
||||||
|
|
||||||
simTokens = []
|
simTokens = []
|
||||||
|
|
||||||
print (' %s Phase: Observing %s[%s4/6%s]%s' % (lightning, green, end, green, end))
|
print (' %s Phase: Observing %s[%s4/6%s]%s' % (lightning, green, end, green, end))
|
||||||
|
|||||||
@@ -2,7 +2,7 @@ password = 'xXx!69!xXx'
|
|||||||
email = 'testing@gmail.com'
|
email = 'testing@gmail.com'
|
||||||
strings = ['red', 'bob', 'admin', 'alex', 'testing', 'test', 'lol', 'yes', 'dragon', 'bad']
|
strings = ['red', 'bob', 'admin', 'alex', 'testing', 'test', 'lol', 'yes', 'dragon', 'bad']
|
||||||
commonNames = ['csrf', 'auth', 'token', 'verify', 'hash']
|
commonNames = ['csrf', 'auth', 'token', 'verify', 'hash']
|
||||||
token = r'^[\w\-_+=/]{14,256}$'
|
tokenPattern = r'^[\w\-_+=/]{14,256}$'
|
||||||
|
|
||||||
headers = { # default headers
|
headers = { # default headers
|
||||||
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
|
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
import random
|
import random
|
||||||
import re
|
import re
|
||||||
|
|
||||||
from core.config import password, email, token, strings
|
from core.config import password, email, tokenPattern, strings
|
||||||
|
|
||||||
def datanize(forms, tolerate=False):
|
def datanize(forms, tolerate=False):
|
||||||
parsedForms = list(forms.values())
|
parsedForms = list(forms.values())
|
||||||
@@ -16,7 +16,7 @@ def datanize(forms, tolerate=False):
|
|||||||
name = inp['name']
|
name = inp['name']
|
||||||
kind = inp['type']
|
kind = inp['type']
|
||||||
value = inp['value']
|
value = inp['value']
|
||||||
if re.match(token, value):
|
if re.match(tokenPattern, value):
|
||||||
protected = True
|
protected = True
|
||||||
if kind == 'password':
|
if kind == 'password':
|
||||||
data[name] = password
|
data[name] = password
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
from core.config import token
|
from core.config import tokenPattern
|
||||||
import random
|
import random
|
||||||
import re
|
import re
|
||||||
|
|
||||||
@@ -8,24 +8,24 @@ def tweaker(data, strategy, index=0, seeds=[None, None]):
|
|||||||
newData = {}
|
newData = {}
|
||||||
if strategy == 'clear':
|
if strategy == 'clear':
|
||||||
for name, value in data.items():
|
for name, value in data.items():
|
||||||
if re.match(token, value):
|
if re.match(tokenPattern, value):
|
||||||
value = ''
|
value = ''
|
||||||
newData[name] = value
|
newData[name] = value
|
||||||
return newData
|
return newData
|
||||||
elif strategy == 'remove':
|
elif strategy == 'remove':
|
||||||
for name, value in data.items():
|
for name, value in data.items():
|
||||||
if not re.match(token, value):
|
if not re.match(tokenPattern, value):
|
||||||
newData[name] = value
|
newData[name] = value
|
||||||
elif strategy == 'break':
|
elif strategy == 'break':
|
||||||
for name, value in data.items():
|
for name, value in data.items():
|
||||||
if re.match(token, value):
|
if re.match(tokenPattern, value):
|
||||||
value = value[:index]
|
value = value[:index]
|
||||||
for i in index:
|
for i in index:
|
||||||
value += random.choice(digits + alphabets)
|
value += random.choice(digits + alphabets)
|
||||||
newData[name] = value
|
newData[name] = value
|
||||||
elif strategy == 'generate':
|
elif strategy == 'generate':
|
||||||
for name, value in data.items():
|
for name, value in data.items():
|
||||||
if re.match(token, value):
|
if re.match(tokenPattern, value):
|
||||||
newToken = ''
|
newToken = ''
|
||||||
for char in list(value):
|
for char in list(value):
|
||||||
if char in digits:
|
if char in digits:
|
||||||
@@ -39,6 +39,6 @@ def tweaker(data, strategy, index=0, seeds=[None, None]):
|
|||||||
newData[name] = value
|
newData[name] = value
|
||||||
elif strategy == 'replace':
|
elif strategy == 'replace':
|
||||||
for name, value in data.items():
|
for name, value in data.items():
|
||||||
if re.match(token, value):
|
if re.match(tokenPattern, value):
|
||||||
value
|
value
|
||||||
return newData
|
return newData
|
||||||
@@ -1,5 +1,6 @@
|
|||||||
import re
|
import re
|
||||||
from core.config import token
|
import math
|
||||||
|
from core.config import tokenPattern
|
||||||
|
|
||||||
def longestCommonSubstring(s1, s2):
|
def longestCommonSubstring(s1, s2):
|
||||||
m = [[0] * (1 + len(s2)) for i in range(1 + len(s1))]
|
m = [[0] * (1 + len(s2)) for i in range(1 + len(s1))]
|
||||||
@@ -36,7 +37,7 @@ def isProtected(parsed):
|
|||||||
name = inp['name']
|
name = inp['name']
|
||||||
kind = inp['type']
|
kind = inp['type']
|
||||||
value = inp['value']
|
value = inp['value']
|
||||||
if re.match(token, value):
|
if re.match(tokenPattern, value):
|
||||||
protected = True
|
protected = True
|
||||||
return protected
|
return protected
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user