Merge pull request #285 from faf0-addepar/faf0/colors-fix

Fix DOM scanner on Windows/macOS/iOS

CHANGELOG.md

@@ -1,3 +1,7 @@
+### 3.1.5
+- Fix color bug that resulted in DOM XSS vulnerabilities not
+  being reported on certain systems (Windows, macOS, iOS)
+
 ### 3.1.4
 - Negligible DOM XSS false positives
 - x10 Faster crawling by

core/colors.py

@@ -6,7 +6,7 @@ colors = True  # Output should be colored
 machine = sys.platform  # Detecting the os of current system
 checkplatform = platform.platform() # Get current version of OS
 if machine.lower().startswith(('os', 'win', 'darwin', 'ios')):
-    colors = False  # Colors shouldn't be displayed in mac & windows
+    colors = False  # Colors shouldn't be displayed on mac & windows
 if checkplatform.startswith("Windows-10") and int(platform.version().split(".")[2]) >= 10586:
     colors = True
     os.system('')   # Enables the ANSI

core/dom.py

@@ -1,7 +1,9 @@
 import re
 
-from core.colors import red, end, yellow
+from core.colors import end, red, yellow
 
+if len(end) < 1:
+    end = red = yellow = '*'
 
 def dom(response):
     highlighted = []

core/updater.py

@@ -3,7 +3,7 @@ import re
 from requests import get
 
 from core.config import changes
-from core.colors import run, que, good, info, end, green
+from core.colors import que, info, end, green
 from core.log import setup_logger
 
 logger = setup_logger(__name__)

modes/crawl.py

@@ -2,7 +2,7 @@ import copy
 import re
 
 import core.config
-from core.colors import red, good, green, end
+from core.colors import green, end
 from core.config import xsschecker
 from core.filterChecker import filterChecker
 from core.generator import generator

modes/scan.py

@@ -4,7 +4,7 @@ from urllib.parse import urlparse, quote, unquote
 
 from core.arjun import arjun
 from core.checker import checker
-from core.colors import good, bad, end, info, green, red, que
+from core.colors import end, green, que
 import core.config
 from core.config import xsschecker, minEfficiency
 from core.dom import dom