public void delayRequest(String hostname){ if (hostname.equals("bwapps") || hostname.equals("labs-linux")) { return; } synchronized(hostname.intern()) { if (locks.containsKey(hostname)) { long waitFor = Utilities.globalSettings.getInt("throttle") - (new Date().getTime() - locks.get(hostname)); if (waitFor > 0) { try { Thread.sleep(waitFor); } catch (java.lang.InterruptedException e) { Utilities.err("Interrupted while sleeping"); } } } locks.put(hostname, new Date().getTime()); } } }
public void run() { HashMap<String, ArrayDeque<WorkTarget>> itemsByHost = splitItemsByHost(); try { to_spider = new PrintWriter("to_spider", "UTF-8"); Utilities.out("File will be created at "+System.getProperty("user.dir")+"/to_spider"); distributeWork(itemsByHost); } catch (FileNotFoundException e) { Utilities.err(e.getMessage()); } catch (UnsupportedEncodingException e) { Utilities.err(e.getMessage()); } finally { to_spider.close(); } completed = true; requests = null; }
public static void doActiveScan(IHttpRequestResponse req, int[] offsets) { String host = helpers.analyzeRequest(req).getUrl().getHost(); int port = helpers.analyzeRequest(req).getUrl().getPort(); boolean useHTTPS = helpers.analyzeRequest(req).getUrl().toString().startsWith("https"); ArrayList<int[]> offsetList = new ArrayList<>(); offsetList.add(offsets); try { callbacks.doActiveScan( host, port, useHTTPS, req.getRequest(), offsetList ); } catch (IllegalArgumentException e) { Utilities.err("Couldn't scan, bad insertion points: "+Arrays.toString(offsetList.get(0))); } }
private Attack buildAttackFromProbe(Probe probe, String payload) { boolean randomAnchor = probe.getRandomAnchor(); byte prefix = probe.getPrefix(); String anchor = ""; if (randomAnchor) { anchor = Utilities.generateCanary(); } //else { // payload = payload.replace("z", Utilities.generateCanary()); //} String base_payload = payload; if (prefix == Probe.PREPEND) { payload += insertionPoint.getBaseValue(); } else if (prefix == Probe.APPEND) { payload = insertionPoint.getBaseValue() + anchor + payload; } else if (prefix == Probe.REPLACE) { // payload = payload; } else { Utilities.err("Unknown payload position"); } IHttpRequestResponse req = buildRequest(payload, probe.useCacheBuster()); if(randomAnchor) { req = Utilities.highlightRequestResponse(req, anchor, anchor, insertionPoint); } return new Attack(req, probe, base_payload, anchor); }
private Attack buildAttackFromProbe(Probe probe, String payload) { boolean randomAnchor = probe.getRandomAnchor(); byte prefix = probe.getPrefix(); String anchor = ""; if (randomAnchor) { anchor = Utilities.generateCanary(); } //else { // payload = payload.replace("z", Utilities.generateCanary()); //} String base_payload = payload; if (prefix == Probe.PREPEND) { payload += insertionPoint.getBaseValue(); } else if (prefix == Probe.APPEND) { payload = insertionPoint.getBaseValue() + anchor + payload; } else if (prefix == Probe.REPLACE) { // payload = payload; } else { Utilities.err("Unknown payload position"); } IHttpRequestResponse req = buildRequest(payload, probe.useCacheBuster()); if(randomAnchor) { req = Utilities.highlightRequestResponse(req, anchor, anchor, insertionPoint); } return new Attack(req, probe, base_payload, anchor); }
Utilities.err(e.getMessage()+"\n\n"+e.getStackTrace()[0]);