Changeset 449
- Timestamp:
- 06/18/2010 01:39:41 AM (3 years ago)
- Location:
- trunk
- Files:
-
- 4 edited
-
docs/CHANGES.txt (modified) (1 diff)
-
plugins/nikto_apacheusers.plugin (modified) (2 diffs)
-
plugins/nikto_core.plugin (modified) (5 diffs)
-
plugins/nikto_robots.plugin (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/docs/CHANGES.txt
r442 r449 1 2010-06-17 2 - Fix for #133: regular expression matching causes errors. Removed char_escape and some other 3 regexs in favor of the faster quotemeta(). Also set many regexs to non-capturing for speed. 4 - Optimized rm_active_content() a little by shuffling code and reducing some mem copies/regexs. Needs more work. 1 5 2010-06-15 2 6 - Fix for #127: dav methods are treated specially and reported all at once -
trunk/plugins/nikto_apacheusers.plugin
r392 r449 48 48 (my $result, $content) = nfetch($mark, "/~root", "GET", "", "", "", "apacheusers: known user"); 49 49 50 $content = char_escape($content);50 $content = quotemeta($content); 51 51 if ($content =~ /forbidden/i) # good on "root" 52 52 { … … 54 54 "GET", "", "", "", "apacheusers: invalid user"); 55 55 56 $content = char_escape($content);56 $content = quotemeta($content); 57 57 if ($content !~ /forbidden/i) # Good, it gave an error instead of forbidden 58 58 { -
trunk/plugins/nikto_core.plugin
r447 r449 282 282 283 283 # Try to remove active content which could mess up the file's signature 284 my $cont = $_[0]; 285 my $file = $_[1]; 286 287 # filename 288 if ($file ne '') { 289 $file =~ s/([^a-zA-Z0-9\s])/\\$1/g; 290 $cont =~ s/$file//g; 291 } 284 my ($cont, $file) = @_; 292 285 293 286 # Dates … … 301 294 # URI, if provided, plus encoded versions of it 302 295 # $_[1] has unescaped file name, and $file has escaped. use appropriate one! 303 if (defined $file) { 304 305 # match pages which link to themselves w/diff args 306 my $e = $file; 307 $e =~ s/^\/$file\??//; 308 $cont =~ s/$e//gs; 309 310 # again but with the index in place 311 $e = $file; 312 $cont =~ s/$e//gs; 296 if ($file ne '') { 297 $file = quotemeta($file); 298 $cont =~ s/$file//g; 313 299 314 300 # base 64 315 $e = LW2::encode_base64($_[1]);301 my $e = LW2::encode_base64($_[1]); 316 302 $cont =~ s/$e//gs; 317 303 … … 330 316 331 317 # url encoding, query portion 332 if ($file =~ /\?/) { 333 $e = $file; 334 $e =~ s/\?(.*$)//; 335 my $qs = $1; 318 if ($file =~ /\?(.*$)/) { 319 my $qs = $1; 320 321 # match pages which link to themselves w/diff args 322 $cont =~ s/$qs//gs; 323 324 # url encoded 336 325 $qs =~ s/([^A-Za-z0-9])/sprintf("%%%02X", ord($1))/seg; 337 $e .= "?$qs"; 338 $cont =~ s/$e//gs; 326 $cont =~ s/$qs//gs; 339 327 } 340 328 } … … 2026 2014 $db_extensions{$ext} = 1; 2027 2015 2028 # This escapes regex characters in the conditionals. 2029 # This will have to change if regex is ever allowed in the db 2030 for (my $y = 5 ; $y <= 9 ; $y++) { $item[$y] =~ s/([^a-zA-Z0-9\s])/\\$1/g; } 2016 # Escape chars in the conditionals. This must change if regexs are allowed in the db. 2017 for (my $y = 5 ; $y <= 9 ; $y++) { $item[$y] = quotemeta($item[$y]); } 2031 2018 2032 2019 $NIKTO{total_checks}++; … … 2058 2045 sub max_test_id { 2059 2046 return (sort { $a <=> $b } keys %TESTS)[-1]; 2060 }2061 2062 #######################################################################2063 sub char_escape {2064 $_[0] =~ s/([^a-zA-Z0-9 ])/\\$1/g;2065 return $_[0];2066 2047 } 2067 2048 -
trunk/plugins/nikto_robots.plugin
r448 r449 48 48 my @DOC = split(/\n/, $CONTENT); 49 49 foreach my $line (@DOC) { 50 $line = char_escape($line);50 $line = quotemeta($line); 51 51 if ($line =~ /allow/i) 52 52 {
Note: See TracChangeset
for help on using the changeset viewer.
