Using your own lists is simple, just create the list of words (one per line), without /'s or file extentions. Also note that files startinh with # are treated as comments.
15 |
Once you have created your own list simperly select that list over ones supplied with DirBuster
DirBuster supports the following authentication protocols:
15 |
16 |
17 |
Basic
18 |
Digest
19 |
NTLM
20 |
21 |
22 |
Credential can be set under Options -> Advanced Options -> Autentication Options
23 |
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/testStart.java:
--------------------------------------------------------------------------------
1 | /*
2 | * testStart.java
3 | *
4 | * Created on 11 November 2005, 22:52
5 | *
6 | * Copyright 2007 James Fisher
7 | *
8 | * This library is free software; you can redistribute it and/or
9 | * modify it under the terms of the GNU Lesser General Public
10 | * License as published by the Free Software Foundation; either
11 | * version 2.1 of the License, or (at your option) any later version.
12 | *
13 | * This library is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 | * Lesser General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU Lesser General Public
19 | * License along with this library; if not, write to the Free Software
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 | */
22 |
23 | package com.sittinglittleduck.DirBuster;
24 |
25 |
26 | public class testStart
27 | {
28 |
29 | /** Creates a new instance of testStart */
30 | public testStart()
31 | {
32 | }
33 |
34 | /**
35 | * @param args the command line arguments
36 | */
37 | public static void main(String[] args)
38 | {
39 |
40 | //Manager manager = new Manager("/", "C:/dirs.txt", "http", "192.168.0.10", 80, "php");
41 | //manager.start();
42 |
43 |
44 | }
45 |
46 | }
47 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/HTMLelementToParse.java:
--------------------------------------------------------------------------------
1 | /*
2 | * HTMLelementToParse.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | *
20 | */
21 |
22 | package com.sittinglittleduck.DirBuster;
23 |
24 | /**
25 | *
26 | * @author james
27 | */
28 | public class HTMLelementToParse
29 | {
30 | private String tag;
31 | private String attr;
32 |
33 | /** Creates a new instance of HTMLelementToParse */
34 | public HTMLelementToParse(String tag, String attr)
35 | {
36 | this.tag = tag;
37 | this.attr = attr;
38 | }
39 |
40 | public String getAttr()
41 | {
42 | return attr;
43 | }
44 |
45 | public String getTag()
46 | {
47 | return tag;
48 | }
49 |
50 | }
51 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/workGenerators/MultiThreadedGenerator.java:
--------------------------------------------------------------------------------
1 | /*
2 | * MultiThreadedGenerator.java
3 | *
4 | *
5 | * Copyright 2008 James Fisher
6 | *
7 | * This library is free software; you can redistribute it and/or
8 | * modify it under the terms of the GNU Lesser General Public
9 | * License as published by the Free Software Foundation; either
10 | * version 2.1 of the License, or (at your option) any later version.
11 | *
12 | * This library is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 | * Lesser General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU Lesser General Public
18 | * License along with this library; if not, write to the Free Software
19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 | */
21 |
22 | package com.sittinglittleduck.DirBuster.workGenerators;
23 |
24 | /**
25 | *
26 | * @author James
27 | */
28 | public abstract class MultiThreadedGenerator implements Runnable
29 | {
30 | public abstract void stopMe();
31 |
32 | public abstract boolean isWorking();
33 |
34 | public abstract void pause();
35 |
36 | public abstract void unPause();
37 |
38 | public abstract boolean isPaused();
39 |
40 | public abstract int getType();
41 |
42 | public abstract String getStartpoint();
43 |
44 | public abstract int getCurrentPoint();
45 |
46 | public abstract String getFileExt();
47 |
48 | }
49 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/test1.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
23 |
35 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/HTMLparseWorkUnit.java:
--------------------------------------------------------------------------------
1 | /*
2 | * HTMLparseWorkUnit.java
3 | *
4 | * Created on July 3, 2007, 3:22 PM
5 | *
6 | *Copyright 2007 James Fisher
7 | *
8 | * This library is free software; you can redistribute it and/or
9 | * modify it under the terms of the GNU Lesser General Public
10 | * License as published by the Free Software Foundation; either
11 | * version 2.1 of the License, or (at your option) any later version.
12 | *
13 | * This library is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 | * Lesser General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU Lesser General Public
19 | * License along with this library; if not, write to the Free Software
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 | */
22 |
23 | package com.sittinglittleduck.DirBuster;
24 |
25 |
26 | public class HTMLparseWorkUnit
27 | {
28 | private String htmlToParse;
29 | private WorkUnit workUnit;
30 |
31 | /** Creates a new instance of HTMLparseWorkUnit */
32 | public HTMLparseWorkUnit(String htmlToParse, WorkUnit workUnit)
33 | {
34 | this.workUnit = workUnit;
35 | this.htmlToParse = htmlToParse;
36 | }
37 |
38 | public String getHtmlToParse()
39 | {
40 | return htmlToParse;
41 | }
42 |
43 | public WorkUnit getWorkUnit()
44 | {
45 | return workUnit;
46 | }
47 |
48 |
49 |
50 | }
51 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/Result.java:
--------------------------------------------------------------------------------
1 | /*
2 | * To change this template, choose Tools | Templates
3 | * and open the template in the editor.
4 | */
5 |
6 | package com.sittinglittleduck.DirBuster;
7 |
8 | import java.net.URL;
9 |
10 | /**
11 | *
12 | * @author james
13 | */
14 | public class Result
15 | {
16 | public static final int DIR = 0;
17 | public static final int FILE = 1;
18 |
19 | private int type = -1;
20 | private URL itemFound;
21 | private int responceCode = 0;
22 | private String responseHeader = "";
23 | private String responseBody = "";
24 | private BaseCase baseCaseObj = null;
25 |
26 | public Result(int type, URL itemFound, int responceCode, String responceHeader, String responseBody, BaseCase baseCaseObj)
27 | {
28 | this.type = type;
29 | this.itemFound = itemFound;
30 | this.responceCode = responceCode;
31 | this.responseHeader = responceHeader;
32 | this.responseBody = responseBody;
33 | this.baseCaseObj = baseCaseObj;
34 | }
35 |
36 | public BaseCase getBaseCaseObj()
37 | {
38 | return baseCaseObj;
39 | }
40 |
41 | public URL getItemFound()
42 | {
43 | return itemFound;
44 | }
45 |
46 | public String getResponseBody()
47 | {
48 | return responseBody;
49 | }
50 |
51 | public String getResponseHeader()
52 | {
53 | return responseHeader;
54 | }
55 |
56 | public int getResponceCode()
57 | {
58 | return responceCode;
59 | }
60 |
61 | public int getType()
62 | {
63 | return type;
64 | }
65 | }
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tableModels/ProgressRenderer.java:
--------------------------------------------------------------------------------
1 | /*
2 | * To change this template, choose Tools | Templates
3 | * and open the template in the editor.
4 | */
5 | package com.sittinglittleduck.DirBuster.gui.tableModels;
6 |
7 | import com.sittinglittleduck.DirBuster.Manager;
8 | import java.awt.Component;
9 | import javax.swing.JProgressBar;
10 | import javax.swing.JTable;
11 | import javax.swing.table.DefaultTableCellRenderer;
12 |
13 | /**
14 | *
15 | * @author james
16 | */
17 | public class ProgressRenderer extends DefaultTableCellRenderer
18 | {
19 |
20 | private JProgressBar b = new JProgressBar();
21 | private Manager manager;
22 |
23 | public ProgressRenderer()
24 | {
25 | super();
26 | manager = Manager.getInstance();
27 | //setOpaque(true);
28 | b.setMaximum((int) manager.getTotalPass());
29 | b.setMinimum(0);
30 |
31 | }
32 |
33 | @Override
34 | public Component getTableCellRendererComponent(JTable table, Object value,
35 | boolean isSelected, boolean hasFocus,
36 | int row, int column)
37 | {
38 | Integer i = (Integer) value;
39 |
40 | b.setMinimum(0);
41 | b.setMaximum((int) manager.getTotalPass());
42 | b.setStringPainted(true);
43 | if(i.intValue() == -1)
44 | {
45 | b.setValue((int) manager.getTotalPass());
46 | b.setString("Complete");
47 | }
48 | else
49 | {
50 | b.setValue(i);
51 | int percent = (int) ((i.intValue() / manager.getTotalPass()) * 100);
52 | b.setString(percent + "%");
53 | }
54 | return b;
55 | }
56 | }
57 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/HTTPHeader.java:
--------------------------------------------------------------------------------
1 | /*
2 | * HTTPHeader.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster;
22 |
23 | /**
24 | *
25 | * @author james
26 | */
27 | public class HTTPHeader
28 | {
29 | private String header;
30 | private String value;
31 |
32 | /** Creates a new instance of HTTPHeader */
33 | public HTTPHeader(String header, String value)
34 | {
35 | this.header = header;
36 | this.value = value;
37 | }
38 |
39 | public String getHeader()
40 | {
41 | return header;
42 | }
43 |
44 | public String getValue()
45 | {
46 | return value;
47 | }
48 |
49 | public void setHeader(String header)
50 | {
51 | this.header = header;
52 | }
53 |
54 | public void setValue(String value)
55 | {
56 | this.value = value;
57 | }
58 | }
59 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/help.hs:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
23 |
24 |
25 |
26 |
27 | about
28 |
29 |
30 |
31 |
32 | TOC
33 |
34 | javax.help.TOCView
35 | helpTOC.xml
36 |
37 |
38 |
39 | Main_Window
40 | 737, 533
41 |
42 | DirBuster Help
43 |
44 |
45 |
46 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/OWASP.html:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
About OWASP
26 |
The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks. Everyone is free to participate in OWASP and all of our materials are available under an open source license. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work.
27 |
28 |
29 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/DirToCheck.java:
--------------------------------------------------------------------------------
1 | /*
2 | * DirToCheck.java
3 | *
4 | * Created on June 22, 2007, 11:22 AM
5 | *
6 | * Copyright 2007 James Fisher
7 | *
8 | * This library is free software; you can redistribute it and/or
9 | * modify it under the terms of the GNU Lesser General Public
10 | * License as published by the Free Software Foundation; either
11 | * version 2.1 of the License, or (at your option) any later version.
12 | *
13 | * This library is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 | * Lesser General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU Lesser General Public
19 | * License along with this library; if not, write to the Free Software
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA*
21 | */
22 |
23 | package com.sittinglittleduck.DirBuster;
24 |
25 | import java.util.Vector;
26 |
27 | /**
28 | *
29 | * @author james
30 | */
31 | public class DirToCheck
32 | {
33 | String name = "";
34 | private Vector exts = new Vector(10,10);
35 |
36 | /**
37 | * Creates a new instance of DirToCheck
38 | */
39 | public DirToCheck(String name, Vector exts)
40 | {
41 | this.name = name;
42 | this.exts = exts;
43 | }
44 |
45 | public String getName()
46 | {
47 | return name;
48 | }
49 |
50 | public Vector getExts()
51 | {
52 | return exts;
53 | }
54 |
55 | public void setExts(Vector exts)
56 | {
57 | this.exts = exts;
58 | }
59 |
60 |
61 | }
62 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/ExtToCheck.java:
--------------------------------------------------------------------------------
1 | /*
2 | * ExtToCheck.java
3 | *
4 | * Created on June 22, 2007, 11:30 AM
5 | *
6 | * Copyright 2007 James Fisher
7 | *
8 | * This library is free software; you can redistribute it and/or
9 | * modify it under the terms of the GNU Lesser General Public
10 | * License as published by the Free Software Foundation; either
11 | * version 2.1 of the License, or (at your option) any later version.
12 | *
13 | * This library is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 | * Lesser General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU Lesser General Public
19 | * License along with this library; if not, write to the Free Software
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 | */
22 |
23 |
24 | package com.sittinglittleduck.DirBuster;
25 |
26 | /**
27 | *
28 | * @author james
29 | */
30 | public class ExtToCheck
31 | {
32 | public static final String BLANK_EXT = "BLANK";
33 | private String name;
34 | private boolean toCheck;
35 |
36 | /**
37 | * Creates a new instance of ExtToCheck
38 | */
39 | public ExtToCheck(String name, boolean toCheck)
40 | {
41 | this.toCheck = toCheck;
42 | this.name = name;
43 | }
44 |
45 | public String getName()
46 | {
47 | return name;
48 | }
49 |
50 | public boolean toCheck()
51 | {
52 | return toCheck;
53 | }
54 |
55 | public void setToCheck(boolean toCheck)
56 | {
57 | this.toCheck = toCheck;
58 | }
59 | }
60 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/About.html:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
About DirBuster
26 |
DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.
27 |
28 |
However tools of this nature are often as only good as the directory and file list they come with. A different approach was taken to generating this. The list was generated from scratch, by crawling the Internet and collecting the directory and files that are actually used by developers!
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/documentListeners/TargetDocumentListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * targetDocumentListener.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui.documentListeners;
22 |
23 | import com.sittinglittleduck.DirBuster.gui.*;
24 | import com.sittinglittleduck.DirBuster.gui.JPanelSetup;
25 | import javax.swing.event.DocumentEvent;
26 | import javax.swing.event.DocumentListener;
27 |
28 | /**
29 | *
30 | * @author James
31 | */
32 | public class TargetDocumentListener implements DocumentListener
33 | {
34 | JPanelSetup setup;
35 |
36 | public TargetDocumentListener(JPanelSetup setup)
37 | {
38 | this.setup = setup;
39 | }
40 |
41 | public void insertUpdate(DocumentEvent ev) {
42 | setup.processTarget();
43 | }
44 |
45 | public void removeUpdate(DocumentEvent ev) {
46 | setup.processTarget();
47 | }
48 |
49 | public void changedUpdate(DocumentEvent ev) {
50 | setup.processTarget();
51 | }
52 |
53 | }
54 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/documentListeners/FileExtDocumentListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * targetDocumentListener.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui.documentListeners;
22 |
23 | import com.sittinglittleduck.DirBuster.gui.*;
24 | import com.sittinglittleduck.DirBuster.gui.JPanelSetup;
25 | import javax.swing.event.DocumentEvent;
26 | import javax.swing.event.DocumentListener;
27 |
28 | /**
29 | *
30 | * @author James
31 | */
32 | public class FileExtDocumentListener implements DocumentListener
33 | {
34 | JPanelSetup setup;
35 |
36 | public FileExtDocumentListener(JPanelSetup setup)
37 | {
38 | this.setup = setup;
39 | }
40 |
41 | public void insertUpdate(DocumentEvent ev) {
42 | setup.fileExtUpdated();
43 | }
44 |
45 | public void removeUpdate(DocumentEvent ev) {
46 | setup.fileExtUpdated();
47 | }
48 |
49 | public void changedUpdate(DocumentEvent ev) {
50 | setup.fileExtUpdated();
51 | }
52 |
53 | }
54 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/documentListeners/UrlFuzzDocumentListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * UrlFuzzDocumentListener.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui.documentListeners;
22 |
23 | import com.sittinglittleduck.DirBuster.gui.*;
24 | import com.sittinglittleduck.DirBuster.gui.JPanelSetup;
25 | import javax.swing.event.DocumentEvent;
26 | import javax.swing.event.DocumentListener;
27 |
28 | /**
29 | *
30 | * @author James
31 | */
32 | public class UrlFuzzDocumentListener implements DocumentListener
33 | {
34 | JPanelSetup setup;
35 |
36 | public UrlFuzzDocumentListener(JPanelSetup setup)
37 | {
38 | this.setup = setup;
39 | }
40 |
41 | public void insertUpdate(DocumentEvent ev) {
42 | setup.urlFuzzUpdated();
43 | }
44 |
45 | public void removeUpdate(DocumentEvent ev) {
46 | setup.urlFuzzUpdated();
47 | }
48 |
49 | public void changedUpdate(DocumentEvent ev) {
50 | setup.urlFuzzUpdated();
51 | }
52 |
53 | }
54 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/documentListeners/DirStartDocumentListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * targetDocumentListener.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui.documentListeners;
22 |
23 | import com.sittinglittleduck.DirBuster.gui.*;
24 | import com.sittinglittleduck.DirBuster.gui.JPanelSetup;
25 | import javax.swing.event.DocumentEvent;
26 | import javax.swing.event.DocumentListener;
27 |
28 | /**
29 | *
30 | * @author James
31 | */
32 | public class DirStartDocumentListener implements DocumentListener
33 | {
34 | JPanelSetup setup;
35 |
36 | public DirStartDocumentListener(JPanelSetup setup)
37 | {
38 | this.setup = setup;
39 | }
40 |
41 | public void insertUpdate(DocumentEvent ev) {
42 | setup.dirToStartWithUpdated();
43 | }
44 |
45 | public void removeUpdate(DocumentEvent ev) {
46 | setup.dirToStartWithUpdated();
47 | }
48 |
49 | public void changedUpdate(DocumentEvent ev) {
50 | setup.dirToStartWithUpdated();
51 | }
52 |
53 | }
54 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/headless/CatchExit.java:
--------------------------------------------------------------------------------
1 | /*
2 | * CatchExit.java
3 | *
4 | * Copyright 2008 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.headless;
22 |
23 | import com.sittinglittleduck.DirBuster.Manager;
24 | import com.sittinglittleduck.DirBuster.report.ReportWriter;
25 |
26 | /**
27 | *
28 | * @author james
29 | */
30 | public class CatchExit implements Runnable
31 | {
32 |
33 | public void run()
34 | {
35 | Manager manager = Manager.getInstance();
36 | //String reportLocation = System.getProperty("user.dir") + File.separatorChar + "DirBuster-Report-" + manager.getHost() + "-" + manager.getPort() +".txt";
37 | String reportLocation = manager.getReportLocation();
38 | ReportWriter report = new ReportWriter(reportLocation);
39 | System.out.println("");
40 | System.out.println("Caught exit of DirBuster");
41 | System.out.println("Writing report");
42 | report.writeReport();
43 | System.out.println("Report saved to " + reportLocation);
44 | System.out.println("Enjoy the rest of your day");
45 |
46 |
47 | }
48 |
49 | }
50 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tableModels/ButtonRenderer.java:
--------------------------------------------------------------------------------
1 | /*
2 | * To change this template, choose Tools | Templates
3 | * and open the template in the editor.
4 | */
5 | package com.sittinglittleduck.DirBuster.gui.tableModels;
6 |
7 | import com.sittinglittleduck.DirBuster.Manager;
8 | import java.awt.Component;
9 | import javax.swing.JButton;
10 | import javax.swing.JLabel;
11 | import javax.swing.JTable;
12 | import javax.swing.table.TableCellRenderer;
13 |
14 | /**
15 | *
16 | * @author james
17 | */
18 | public class ButtonRenderer extends JButton implements TableCellRenderer
19 | {
20 |
21 | Manager manager = Manager.getInstance();
22 | public ButtonRenderer()
23 | {
24 | super("Stop");
25 | this.setHorizontalAlignment(JLabel.CENTER);
26 | setOpaque(true); // so JLabel background is painted
27 | //addActionListener(this);
28 | }
29 |
30 | public Component getTableCellRendererComponent(JTable table, Object value, boolean isSelected, boolean hasFocus, int row, int column)
31 | {
32 | //int newValue = ((Integer) value).intValue();
33 |
34 | //switch(newValue)
35 | //{
36 | // case 1:
37 | // setIcon(youricon);
38 | // case 2:
39 | // setIcon(youricon2);
40 | //}
41 |
42 | if(isSelected)
43 | {
44 | setForeground(table.getSelectionForeground());
45 | setBackground(table.getSelectionBackground());
46 | }
47 | else
48 | {
49 | setForeground(table.getForeground());
50 | setBackground(table.getBackground());
51 | }
52 | repaint();
53 | return this;
54 | }
55 |
56 | //public void actionPerformed(ActionEvent e)
57 | //{
58 | // int rowclicked = manager.gui.jPanelRunning.jTableScanInformation.getSelectedRow();
59 | // System.out.println("button clicked was on row " + rowclicked);
60 | //}
61 | }
62 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/Basic.html:
--------------------------------------------------------------------------------
1 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
Basic Useage Information
14 |
To start DirBuster the following steps need to be undertaken:
15 |
16 |
17 |
Enter the target host as a full URL. eg http://www.target.com/
18 |
Select the if you wish to wish DirBuster to use only GET requests, or to auto switch between HEAD/GET
19 |
20 |
If the web server does not support head requests, then select GET only
21 |
In auto mode DirBuster will attempt to establish if the server supports HEAD requests, only if it does will DirBuster use HEAD requests
22 |
23 |
24 |
Select the number of threads required for testing. 10 threads will normally result in ~300 requests/sec. However at 200+ threads ~6000 requests/sec can be obtained, use this speed with caution!
25 |
Select if you wish to use list based file and dir guessing or a pure brute force.
26 |
27 |
If list based testing is selected enter list you wish to use via the Browse button
28 |
If pure brute force, select the char set you wish to use, and enter both min and max length of the generated string
29 |
30 |
31 |
32 |
Select the method of testing Standard or URL Fuzz
33 |
34 |
If standard testing selected, choose if you wish to test for directoies and/or files, the start point, and names of any file extentions you wish to use.
35 |
If fuzz based testing is selected, enter the URL, and subsiute the point of fuzz with {fuzz}
I wish to test an appliction that requires authentication can DirBuster do this?
27 |
Yes
28 |
If the application is using basic, digest or NTLM auth, you can add the required credentials via Options -> Advanced Options -> Authentication Options
29 |
If the application auth is done via a HTML form, the session cookie set by the applicaiton can be added. This can be done via Options -> Advanced Options -> Scan Options -> Add Custom Header
Why do the DirBuster lists contain explicit words?
31 |
It will come as no surprise to you all that the internet is full of porn, thus it not surprising that the spider used to generate the lists visited a few along the way. Thus there are explicit words contained within the lists. My stand point on this is simple, this tool was designed to used as part of legitimate security testing, and if there are directories/files based on explicit words, clients would want to know!!
32 |
DirBuster is finding too much stuff, how do I make it more managable(sp?)
33 |
This is normally due to the HTML parsing find lots of links. If DirBuster is finding too much trun off the HTML parsing, this can be done via Options -> Parse HTML.
34 |
35 |
36 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/helpTOC.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/WorkUnit.java:
--------------------------------------------------------------------------------
1 | /*
2 | * WorkUnit.java
3 | *
4 | * Created on 11 November 2005, 20:34
5 | *
6 | * Copyright 2007 James Fisher
7 | *
8 | * This library is free software; you can redistribute it and/or
9 | * modify it under the terms of the GNU Lesser General Public
10 | * License as published by the Free Software Foundation; either
11 | * version 2.1 of the License, or (at your option) any later version.
12 | *
13 | * This library is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 | * Lesser General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU Lesser General Public
19 | * License along with this library; if not, write to the Free Software
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 | */
22 |
23 | package com.sittinglittleduck.DirBuster;
24 | import java.net.*;
25 |
26 | public class WorkUnit
27 | {
28 | private URL urlToGet;
29 | private boolean isDir;
30 | private String method;
31 | //private String basecase = null;
32 | //private boolean comparebase = false;
33 |
34 | //information about the basecase used for this test.
35 | private BaseCase baseCaseObj;
36 |
37 | //the item used to produce the check
38 | private String itemToCheck;
39 | /** Creates a new instance of WorkUnit */
40 | public WorkUnit(URL url, boolean isDir, String method, BaseCase baseCaseObj, String itemToCheck)
41 | {
42 | urlToGet = url;
43 | this.isDir = isDir;
44 | this.method = method;
45 | this.baseCaseObj = baseCaseObj;
46 | this.itemToCheck = itemToCheck;
47 | }
48 |
49 |
50 | public URL getWork()
51 | {
52 | return urlToGet;
53 | }
54 |
55 | public boolean isDir()
56 | {
57 | return isDir;
58 | }
59 |
60 | public String getMethod()
61 | {
62 | return method;
63 | }
64 |
65 | //public String getBasecase()
66 | //{
67 | // return basecase;
68 | //}
69 |
70 | //public boolean compareBasecase()
71 | //{
72 | // return comparebase;
73 | //}
74 |
75 | public BaseCase getBaseCaseObj()
76 | {
77 | return baseCaseObj;
78 | }
79 |
80 | public String getItemToCheck()
81 | {
82 | return itemToCheck;
83 | }
84 |
85 |
86 |
87 | }
88 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tableModels/JButtonCellEditor.java:
--------------------------------------------------------------------------------
1 | /*
2 | * To change this template, choose Tools | Templates
3 | * and open the template in the editor.
4 | */
5 | package com.sittinglittleduck.DirBuster.gui.tableModels;
6 |
7 | import com.sittinglittleduck.DirBuster.Manager;
8 | import com.sittinglittleduck.DirBuster.workGenerators.WorkerGeneratorMultiThreaded;
9 | import java.awt.Component;
10 | import java.awt.event.ActionEvent;
11 | import java.awt.event.ActionListener;
12 | import javax.swing.AbstractCellEditor;
13 | import javax.swing.JButton;
14 | import javax.swing.JOptionPane;
15 | import javax.swing.JTable;
16 | import javax.swing.table.TableCellEditor;
17 |
18 | /**
19 | *
20 | * @author james
21 | */
22 | public class JButtonCellEditor extends AbstractCellEditor implements TableCellEditor, ActionListener
23 | {
24 |
25 | private JButton b = new JButton("Stop");
26 | private Manager manager;
27 | private int action;
28 |
29 | public JButtonCellEditor()
30 | {
31 | manager = Manager.getInstance();
32 | b.setOpaque(true);
33 |
34 | //b.setFocusPainted(false);
35 | //b.setBorderPainted(false); // fix problem 3
36 | b.addActionListener(this);
37 |
38 | }
39 |
40 |
41 | public Component getTableCellEditorComponent(JTable table, Object value,
42 | boolean isSelected, int row, int column)
43 | {
44 |
45 | try {
46 | action = ((Integer)value).intValue();
47 | } catch (Exception e) {
48 | action = 0;
49 | }
50 |
51 |
52 | return b;
53 | }
54 |
55 | public void actionPerformed(ActionEvent e)
56 | {
57 | /*
58 | int rowclicked = manager.gui.jPanelRunning.jTableScanInformation.getSelectedRow();
59 | String scanningFor = "";
60 | if(manager.genThreads.elementAt(rowclicked).getType() == WorkerGeneratorMultiThreaded.doDIR)
61 | {
62 | scanningFor = "dirs in " + manager.genThreads.elementAt(rowclicked).getStartpoint();
63 | }
64 | else
65 | {
66 | scanningFor = "files with extention " + manager.genThreads.elementAt(rowclicked).getFileExt() + " in " + manager.genThreads.elementAt(rowclicked).getStartpoint();
67 | }
68 |
69 | int n = JOptionPane.showConfirmDialog(
70 | manager.gui,
71 | "Are you sure you wish to stop scanning for: \n" + scanningFor,
72 | "Are you sure?",
73 | JOptionPane.YES_NO_OPTION);
74 | //if the anwser is yes
75 | if (n == 0)
76 | {
77 | manager.genThreads.elementAt(rowclicked).stopMe();
78 | }
79 |
80 | this.fireEditingStopped();
81 | */
82 | }
83 |
84 | public Object getCellEditorValue()
85 | {
86 | return null;
87 | }
88 | }
89 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/utils/HeadRequestCheck.java:
--------------------------------------------------------------------------------
1 | /*
2 | * HeadRequestCheck.java
3 | *
4 | *
5 | * This library is free software; you can redistribute it and/or
6 | * modify it under the terms of the GNU Lesser General Public
7 | * License as published by the Free Software Foundation; either
8 | * version 2.1 of the License, or (at your option) any later version.
9 | *
10 | * This library is distributed in the hope that it will be useful,
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 | * Lesser General Public License for more details.
14 | *
15 | * You should have received a copy of the GNU Lesser General Public
16 | * License along with this library; if not, write to the Free Software
17 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 | */
19 |
20 |
21 | package com.sittinglittleduck.DirBuster.utils;
22 |
23 | import com.sittinglittleduck.DirBuster.*;
24 | import java.io.IOException;
25 | import java.net.MalformedURLException;
26 | import java.net.URL;
27 | import java.util.Vector;
28 | import org.apache.commons.httpclient.HttpClient;
29 | import org.apache.commons.httpclient.methods.HeadMethod;
30 |
31 | /**
32 | *
33 | * @author James
34 | */
35 | public class HeadRequestCheck
36 | {
37 |
38 | public static void test(String url)
39 | {
40 |
41 | Manager manager = Manager.getInstance();
42 |
43 | HttpClient httpclient = manager.getHttpclient();
44 |
45 | if(manager.getAuto())
46 | {
47 | try
48 | {
49 | URL headurl = new URL(url);
50 |
51 | HeadMethod httphead = new HeadMethod(headurl.toString());
52 |
53 | /*
54 | * set the custom HTTP headers
55 | */
56 | Vector HTTPheaders = manager.getHTTPHeaders();
57 | for(int a = 0; a < HTTPheaders.size(); a ++)
58 | {
59 | HTTPHeader httpHeader = (HTTPHeader) HTTPheaders.elementAt(a);
60 | httphead.setRequestHeader(httpHeader.getHeader(), httpHeader.getValue());
61 | }
62 | int responceCode = httpclient.executeMethod(httphead);
63 |
64 | /*
65 | * if the responce code is method not implemented or fails
66 | */
67 | if(responceCode == 501 || responceCode == 400)
68 | {
69 | //switch the mode to just GET requests
70 | manager.setAuto(false);
71 | }
72 | }
73 | catch(MalformedURLException e)
74 | {
75 | e.printStackTrace();
76 | }
77 | catch(IOException e)
78 | {
79 | e.printStackTrace();
80 | }
81 | }
82 |
83 | }
84 | }
85 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tableModels/HTTPHeaderTableModel.java:
--------------------------------------------------------------------------------
1 | /*
2 | * HTTPHeaderTableModel.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui.tableModels;
22 |
23 | import com.sittinglittleduck.DirBuster.*;
24 | import java.lang.annotation.Target;
25 | import java.util.Vector;
26 | import javax.swing.table.AbstractTableModel;
27 |
28 | /**
29 | *
30 | * @author james
31 | */
32 | public class HTTPHeaderTableModel extends AbstractTableModel
33 | {
34 | String[] columnNames = {new String("Header"), new String("Value")};
35 |
36 |
37 | private Vector tableData;
38 | Object data[][];
39 |
40 | /** Creates a new instance of HTTPHeaderTableModel */
41 | public HTTPHeaderTableModel(Vector d)
42 | {
43 | data = null;
44 |
45 | this.tableData = d;
46 |
47 | data = new Object[tableData.size()][2];
48 |
49 | for(int a = 0; a < tableData.size(); a++)
50 | {
51 | HTTPHeader header = (HTTPHeader) tableData.elementAt(a);
52 |
53 | data[a][0] = header.getHeader();
54 | data[a][1] = header.getValue();
55 | }
56 | }
57 |
58 | public void setColumnName(int index, String name)
59 | {
60 | if (index < columnNames.length)
61 | columnNames[index] = name;
62 | }
63 |
64 | public boolean isCellEditable(int row, int col)
65 | {
66 | return false;
67 | }
68 |
69 |
70 | public int getRowCount()
71 | {
72 | return data==null ? 0 : data.length;
73 | }
74 |
75 | public int getColumnCount()
76 | {
77 | return columnNames.length;
78 | }
79 |
80 | public String getColumnName(int col)
81 | {
82 | return columnNames[col];
83 | }
84 |
85 |
86 | public Object getValueAt(int row, int col)
87 | {
88 | if ( row < 0 || row >= data.length ) return null;
89 |
90 | return data[row][col];
91 | }
92 |
93 | public void setValueAt(Object value, int row, int col)
94 | {
95 | data[row][col] = value;
96 | fireTableCellUpdated(row, col);
97 | }
98 |
99 | public void clearData()
100 | {
101 | data = null;
102 | }
103 |
104 | public Vector getVector()
105 | {
106 | return tableData;
107 | }
108 | }
109 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JTableTree/TreeTableModelEvent.java:
--------------------------------------------------------------------------------
1 | /*
2 | * TreeTableModelEvent.java
3 | *
4 | * Created on 07 December 2004, 07:19
5 | *
6 | * Code taken from the owasp webscrab project which is GPL
7 | */
8 |
9 | package com.sittinglittleduck.DirBuster.gui.JTableTree;
10 |
11 | import javax.swing.event.TreeModelEvent;
12 |
13 | import javax.swing.tree.TreePath;
14 |
15 |
16 | /**
17 | *
18 | * @author rogan
19 | */
20 | public class TreeTableModelEvent extends TreeModelEvent{
21 |
22 | protected int column;
23 | protected int type = 0;
24 |
25 | /** Identifies the addtion of new columns. */
26 | public static final int INSERT = 1;
27 | /** Identifies a change to existing data. */
28 | public static final int UPDATE = 0;
29 | /** Identifies the removal of columns. */
30 | public static final int DELETE = -1;
31 |
32 | /**
33 | * Used to create an event when the node structure has changed in some way,
34 | * identifying the path to the root of the modified subtree as a TreePath
35 | * object. For more information on this event specification, see
36 | * TreeModelEvent(Object,Object[]).
37 | *
38 | * @param source the Object responsible for generating the event (typically
39 | * the creator of the event object passes this
40 | * for its value)
41 | * @param path a TreePath object that identifies the path to the
42 | * change. In the DefaultTreeModel,
43 | * this object contains an array of user-data objects,
44 | * but a subclass of TreePath could use some totally
45 | * different mechanism -- for example, a node ID number
46 | * @param column the column in which the change occurred
47 | */
48 | public TreeTableModelEvent(Object source, TreePath path, int column)
49 | {
50 | super(source, path);
51 | this.path = path;
52 | this.childIndices = new int[0];
53 | this.column = column;
54 | }
55 |
56 | /**
57 | * Used to create an event when the node structure has changed in some way,
58 | * identifying the path to the root of the modified subtree as a TreePath
59 | * object. For more information on this event specification, see
60 | * TreeModelEvent(Object,Object[]).
61 | *
62 | * @param source the Object responsible for generating the event (typically
63 | * the creator of the event object passes this
64 | * for its value)
65 | * @param path a TreePath object that identifies the path to the
66 | * change. In the DefaultTreeModel,
67 | * this object contains an array of user-data objects,
68 | * but a subclass of TreePath could use some totally
69 | * different mechanism -- for example, a node ID number
70 | * @param column the column in which the change occurred
71 | */
72 | public TreeTableModelEvent(Object source, TreePath path, int column, int type)
73 | {
74 | this(source, path, column);
75 | this.type = type;
76 | }
77 |
78 | public int getColumn() {
79 | return column;
80 | }
81 |
82 | public int getType() {
83 | return type;
84 | }
85 |
86 | }
87 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tableModels/HTMLParseTableModel.java:
--------------------------------------------------------------------------------
1 | /*
2 | * HTTPHeaderTableModel.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui.tableModels;
22 |
23 | import com.sittinglittleduck.DirBuster.*;
24 | import java.lang.annotation.Target;
25 | import java.util.Vector;
26 | import javax.swing.table.AbstractTableModel;
27 |
28 | /**
29 | *
30 | * @author james
31 | */
32 | public class HTMLParseTableModel extends AbstractTableModel
33 | {
34 | String[] columnNames = {new String("HTML Tag"), new String("Attribute")};
35 |
36 |
37 | private Vector tableData;
38 | Object data[][];
39 |
40 | /** Creates a new instance of HTTPHeaderTableModel */
41 | public HTMLParseTableModel(Vector d)
42 | {
43 | data = null;
44 |
45 | this.tableData = d;
46 |
47 | data = new Object[tableData.size()][2];
48 |
49 | for(int a = 0; a < tableData.size(); a++)
50 | {
51 | HTMLelementToParse element = (HTMLelementToParse) tableData.elementAt(a);
52 |
53 | data[a][0] = element.getTag();
54 | data[a][1] = element.getAttr();
55 |
56 | }
57 | }
58 |
59 | public void setColumnName(int index, String name)
60 | {
61 | if (index < columnNames.length)
62 | columnNames[index] = name;
63 | }
64 |
65 | public boolean isCellEditable(int row, int col)
66 | {
67 | return false;
68 | }
69 |
70 |
71 | public int getRowCount()
72 | {
73 | return data==null ? 0 : data.length;
74 | }
75 |
76 | public int getColumnCount()
77 | {
78 | return columnNames.length;
79 | }
80 |
81 | public String getColumnName(int col)
82 | {
83 | return columnNames[col];
84 | }
85 |
86 |
87 | public Object getValueAt(int row, int col)
88 | {
89 | if ( row < 0 || row >= data.length ) return null;
90 |
91 | return data[row][col];
92 |
93 | }
94 |
95 | public void setValueAt(Object value, int row, int col)
96 | {
97 | data[row][col] = value;
98 | fireTableCellUpdated(row, col);
99 | }
100 |
101 | public void clearData()
102 | {
103 | data = null;
104 | }
105 |
106 | public Vector getVector()
107 | {
108 | return tableData;
109 | }
110 |
111 | }
112 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/utils/Utils.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Utils.java
3 | *
4 | *
5 | * This library is free software; you can redistribute it and/or
6 | * modify it under the terms of the GNU Lesser General Public
7 | * License as published by the Free Software Foundation; either
8 | * version 2.1 of the License, or (at your option) any later version.
9 | *
10 | * This library is distributed in the hope that it will be useful,
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 | * Lesser General Public License for more details.
14 | *
15 | * You should have received a copy of the GNU Lesser General Public
16 | * License along with this library; if not, write to the Free Software
17 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 | */
19 |
20 | package com.sittinglittleduck.DirBuster.utils;
21 |
22 | import java.io.BufferedReader;
23 | import java.io.FileInputStream;
24 | import java.io.FileNotFoundException;
25 | import java.io.IOException;
26 | import java.io.InputStreamReader;
27 | import java.util.logging.Level;
28 | import java.util.logging.Logger;
29 |
30 | /**
31 | *
32 | * @author James
33 | */
34 | public class Utils
35 | {
36 |
37 | public static int getNumberOfLineInAFile(String file)
38 | {
39 | BufferedReader d = null;
40 | String line;
41 | int passTotal = 0;
42 | try
43 | {
44 | d = new BufferedReader(new InputStreamReader(new FileInputStream(file)));
45 | passTotal = 0;
46 | while((line = d.readLine()) != null)
47 | {
48 | if( ! line.startsWith("#"))
49 | {
50 | passTotal ++;
51 | }
52 | }
53 |
54 | }
55 | catch(FileNotFoundException ex)
56 | {
57 | ex.printStackTrace();
58 | }
59 | catch(IOException ex)
60 | {
61 | ex.printStackTrace();
62 | }
63 | finally
64 | {
65 | try
66 | {
67 | d.close();
68 | }
69 | catch(IOException ex)
70 | {
71 | Logger.getLogger(Utils.class.getName()).log(Level.SEVERE, null, ex);
72 | }
73 | return passTotal;
74 | }
75 | }
76 |
77 | public static String makeItemsafe(String item)
78 | {
79 | //covert spaces
80 | item = item.replaceAll(" ", "%20");
81 | //remove "
82 | item = item.replaceAll("\"", "");
83 | //convert \ into /
84 | item = item.replaceAll("\\\\", "");
85 |
86 |
87 | if(item.length() > 2)
88 | {
89 | //remove / from the end
90 | if(item.endsWith("/"))
91 | {
92 | item = item.substring(1, item.length() - 1);
93 | }
94 | //remove / from the front
95 | if(item.startsWith("/"))
96 | {
97 | item = item.substring(2, item.length());
98 | }
99 | }
100 | else
101 | {
102 | //change a single / for DirBuster -> this stops errors and recursive loops
103 | if(item.startsWith("/"))
104 | {
105 | item = "DirBuster";
106 | }
107 | }
108 | return item;
109 | }
110 | }
111 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JTableTree/TreeTableModel.java:
--------------------------------------------------------------------------------
1 | /*
2 | * TreeTableModel.java
3 | *
4 | * Copyright 1998 Sun Microsystems, Inc. All Rights Reserved.
5 | *
6 | * Redistribution and use in source and binary forms, with or without
7 | * modification, are permitted provided that the following conditions
8 | * are met:
9 | *
10 | * - Redistributions of source code must retain the above copyright
11 | * notice, this list of conditions and the following disclaimer.
12 | *
13 | * - Redistributions in binary form must reproduce the above copyright
14 | * notice, this list of conditions and the following disclaimer in the
15 | * documentation and/or other materials provided with the distribution.
16 | *
17 | * - Neither the name of Sun Microsystems nor the names of its
18 | * contributors may be used to endorse or promote products derived
19 | * from this software without specific prior written permission.
20 | *
21 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
22 | * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
23 | * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
25 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
26 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
27 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
28 | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
29 | * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30 | * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
31 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 | */
33 | package com.sittinglittleduck.DirBuster.gui.JTableTree;
34 |
35 | import javax.swing.tree.TreeModel;
36 |
37 | /**
38 | * TreeTableModel is the model used by a JTreeTable. It extends TreeModel
39 | * to add methods for getting inforamtion about the set of columns each
40 | * node in the TreeTableModel may have. Each column, like a column in
41 | * a TableModel, has a name and a type associated with it. Each node in
42 | * the TreeTableModel can return a value for each of the columns and
43 | * set that value if isCellEditable() returns true.
44 | *
45 | * @author Philip Milne
46 | * @author Scott Violet
47 | */
48 | public interface TreeTableModel extends TreeModel
49 | {
50 | /**
51 | * Returns the number ofs availible column.
52 | */
53 | public int getColumnCount();
54 |
55 | /**
56 | * Returns the name for column number column.
57 | */
58 | public String getColumnName(int column);
59 |
60 | /**
61 | * Returns the type for column number column.
62 | */
63 | public Class getColumnClass(int column);
64 |
65 | /**
66 | * Returns the value to be displayed for node node,
67 | * at column number column.
68 | */
69 | public Object getValueAt(Object node, int column);
70 |
71 | /**
72 | * Indicates whether the the value for node node,
73 | * at column number column is editable.
74 | */
75 | public boolean isCellEditable(Object node, int column);
76 |
77 | /**
78 | * Sets the value for node node,
79 | * at column number column.
80 | */
81 | public void setValueAt(Object aValue, Object node, int column);
82 |
83 | }
84 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/bruteForceIterator/BruteForceIterator.java:
--------------------------------------------------------------------------------
1 | /*
2 | * BruteForceIterator.java
3 | *
4 | * Copyright 2008 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.bruteForceIterator;
22 |
23 | import java.util.Iterator;
24 | import java.util.concurrent.ArrayBlockingQueue;
25 | import java.util.concurrent.BlockingQueue;
26 | import java.util.concurrent.TimeUnit;
27 | import java.util.logging.Level;
28 | import java.util.logging.Logger;
29 |
30 | /**
31 | *
32 | * @author james
33 | */
34 | public class BruteForceIterator implements Iterator
35 | {
36 | /*
37 | * min size for the string
38 | */
39 | private int min;
40 |
41 | /*
42 | * max size for the string
43 | */
44 | private int max;
45 |
46 | /*
47 | * char set used for the brute force
48 | */
49 | private String[] list;
50 |
51 | /*
52 | * queue to hold all th string that are produced, by the thread
53 | */
54 | private BlockingQueue queue;
55 |
56 | /*
57 | * thread that will generate the items;
58 | */
59 |
60 | private BruteForceGenThread genThread;
61 |
62 | public BruteForceIterator(int min, int max, String[] list)
63 | {
64 | this.min = min;
65 | this.max = max;
66 | this.list = list;
67 |
68 | queue = new ArrayBlockingQueue(10);
69 |
70 | /*
71 | * create the thread and start it.
72 | */
73 | genThread = new BruteForceGenThread(this.min, this.max, this.list, queue);
74 | new Thread(genThread).start();
75 |
76 | }
77 |
78 | public boolean hasNext()
79 | {
80 | if(queue.size() > 0 || genThread.isWorking)
81 | {
82 | return true;
83 | }
84 |
85 | return false;
86 | }
87 |
88 | public String next()
89 | {
90 | try
91 | {
92 | /*
93 | * little hack to prevent deadlock
94 | */
95 | String item = null;
96 | while((item = queue.poll(1, TimeUnit.SECONDS)) == null)
97 | {
98 |
99 | }
100 | return item;
101 | }
102 | catch(InterruptedException ex)
103 | {
104 | Logger.getLogger(BruteForceIterator.class.getName()).log(Level.SEVERE, null, ex);
105 | }
106 | return null;
107 | }
108 |
109 | public void remove()
110 | {
111 | throw new UnsupportedOperationException("Not supported yet.");
112 | }
113 |
114 | public double getTotalToDo()
115 | {
116 | double total = 0;
117 | for(int a = min; a <= max; a++)
118 | {
119 | total = total + Math.pow(list.length, a);
120 | }
121 | return total;
122 | }
123 |
124 | }
125 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tableModels/ErrorTableModel.java:
--------------------------------------------------------------------------------
1 | /*
2 | * To change this template, choose Tools | Templates
3 | * and open the template in the editor.
4 | */
5 | package com.sittinglittleduck.DirBuster.gui.tableModels;
6 |
7 | import com.sittinglittleduck.DirBuster.Manager;
8 | import java.util.Vector;
9 | import javax.swing.JTable;
10 | import javax.swing.table.AbstractTableModel;
11 |
12 | /**
13 | *
14 | * @author James
15 | */
16 | public class ErrorTableModel extends AbstractTableModel
17 | {
18 | /*
19 | * Table column name
20 | */
21 |
22 | String start = "";
23 | String end = "";
24 |
25 | private String[] columnNames =
26 | {
27 | new String("Request"), new String("Error Message")
28 | };
29 | /*
30 | * Store of the data
31 | */
32 | private Vector data;
33 | private JTable table;
34 | Manager manager;
35 |
36 | public ErrorTableModel(JTable table)
37 | {
38 | manager = Manager.getInstance();
39 | this.table = table;
40 | this.data = manager.errors;
41 | }
42 |
43 | /*
44 | * Function to set the table column names
45 | */
46 | public void setColumnName(int index, String name)
47 | {
48 | if(index < columnNames.length)
49 | {
50 | columnNames[index] = name;
51 | }
52 | }
53 |
54 | /*
55 | * Set the column names
56 | */
57 | @Override
58 | public String getColumnName(int col)
59 | {
60 | return columnNames[col];
61 | }
62 |
63 | /*
64 | * Cells are not to be editited
65 | */
66 | @Override
67 | public boolean isCellEditable(int row, int col)
68 | {
69 | return false;
70 | }
71 |
72 | @Override
73 | public Object getValueAt(int row, int col)
74 | {
75 | if(row < 0 || row >= data.size())
76 | {
77 | return null;
78 | }
79 | if(col == 0)
80 | {
81 | return start + data.elementAt(row).getUrl().toString() + end;
82 | }
83 | else if(col == 1)
84 | {
85 | return start + data.elementAt(row).getReason() + end;
86 | }
87 | else
88 | {
89 | return null;
90 | }
91 | }
92 |
93 | public void addRow(ErrorTableObject object)
94 | {
95 |
96 | //check the item is not already in the table
97 | if( ! data.contains(object))
98 | {
99 | data.addElement(object);
100 | if(table.getRowSorter() != null)
101 | {
102 | int location = table.getRowSorter().convertRowIndexToView(data.size() - 1);
103 |
104 | if(location > 0)
105 | {
106 | this.fireTableRowsInserted(location - 1, location - 1);
107 | }
108 | else
109 | {
110 | this.fireTableDataChanged();
111 | }
112 | }
113 | else
114 | {
115 | this.fireTableDataChanged();
116 | }
117 | }
118 | else
119 | {
120 | return;
121 | }
122 | }
123 |
124 | public int getRowCount()
125 | {
126 | return data == null ? 0 : data.size();
127 | }
128 |
129 | public int getColumnCount()
130 | {
131 | return columnNames.length;
132 | }
133 |
134 | @Override
135 | public Class getColumnClass(int c)
136 | {
137 | return getValueAt(0, c).getClass();
138 | }
139 |
140 | public void clearAllResults()
141 | {
142 | data.removeAllElements();
143 | fireTableDataChanged();
144 | }
145 | }
146 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JDialogViewLicence.form:
--------------------------------------------------------------------------------
1 |
2 |
3 |
64 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JTableTree/MergeSort.java:
--------------------------------------------------------------------------------
1 | /*
2 | * %W% %E%
3 | *
4 | * Copyright 1997, 1998 Sun Microsystems, Inc. All Rights Reserved.
5 | *
6 | * Redistribution and use in source and binary forms, with or
7 | * without modification, are permitted provided that the following
8 | * conditions are met:
9 | *
10 | * - Redistributions of source code must retain the above copyright
11 | * notice, this list of conditions and the following disclaimer.
12 | *
13 | * - Redistribution in binary form must reproduce the above
14 | * copyright notice, this list of conditions and the following
15 | * disclaimer in the documentation and/or other materials
16 | * provided with the distribution.
17 | *
18 | * Neither the name of Sun Microsystems, Inc. or the names of
19 | * contributors may be used to endorse or promote products derived
20 | * from this software without specific prior written permission.
21 | *
22 | * This software is provided "AS IS," without a warranty of any
23 | * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
24 | * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
25 | * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
26 | * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
27 | * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
28 | * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THIS SOFTWARE OR
29 | * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
30 | * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
31 | * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
32 | * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
33 | * THE USE OF OR INABILITY TO USE THIS SOFTWARE, EVEN IF SUN HAS
34 | * BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
35 | *
36 | * You acknowledge that this software is not designed, licensed or
37 | * intended for use in the design, construction, operation or
38 | * maintenance of any nuclear facility.
39 | */
40 |
41 | package com.sittinglittleduck.DirBuster.gui.JTableTree;
42 |
43 | /**
44 | * An implementation of MergeSort, needs to be subclassed to provide a
45 | * comparator.
46 | *
47 | * @version %I% %G%
48 | *
49 | * @author Scott Violet
50 | */
51 | public abstract class MergeSort extends Object {
52 | protected Object toSort[];
53 | protected Object swapSpace[];
54 |
55 | public void sort(Object array[]) {
56 | if(array != null && array.length > 1)
57 | {
58 | int maxLength;
59 |
60 | maxLength = array.length;
61 | swapSpace = new Object[maxLength];
62 | toSort = array;
63 | this.mergeSort(0, maxLength - 1);
64 | swapSpace = null;
65 | toSort = null;
66 | }
67 | }
68 |
69 | public abstract int compareElementsAt(int beginLoc, int endLoc);
70 |
71 | protected void mergeSort(int begin, int end) {
72 | if(begin != end)
73 | {
74 | int mid;
75 |
76 | mid = (begin + end) / 2;
77 | this.mergeSort(begin, mid);
78 | this.mergeSort(mid + 1, end);
79 | this.merge(begin, mid, end);
80 | }
81 | }
82 |
83 | protected void merge(int begin, int middle, int end) {
84 | int firstHalf, secondHalf, count;
85 |
86 | firstHalf = count = begin;
87 | secondHalf = middle + 1;
88 | while((firstHalf <= middle) && (secondHalf <= end))
89 | {
90 | if(this.compareElementsAt(secondHalf, firstHalf) < 0)
91 | swapSpace[count++] = toSort[secondHalf++];
92 | else
93 | swapSpace[count++] = toSort[firstHalf++];
94 | }
95 | if(firstHalf <= middle)
96 | {
97 | while(firstHalf <= middle)
98 | swapSpace[count++] = toSort[firstHalf++];
99 | }
100 | else
101 | {
102 | while(secondHalf <= end)
103 | swapSpace[count++] = toSort[secondHalf++];
104 | }
105 | for(count = begin;count <= end;count++)
106 | toSort[count] = swapSpace[count];
107 | }
108 | }
109 |
110 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/BaseCase.java:
--------------------------------------------------------------------------------
1 | /*
2 | * BaseCase.java
3 | *
4 | * Copyright 2006 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster;
22 |
23 | import java.net.URL;
24 |
25 | /**
26 | *
27 | * Used to store information about a base case.
28 | */
29 |
30 |
31 | public class BaseCase
32 | {
33 | //The URL for which the base applies to, eg if we are testing within /wibble/, then this will be set to /wibble/
34 | private URL baseCaseURL;
35 |
36 | //http responce code for the base case
37 | private int returnCode = 0;
38 |
39 | //store of the actual base case if required
40 | private String baseCase = null;
41 |
42 | //was it a dir or a file
43 | private boolean dir = true;
44 |
45 | //URL of the base that was requested
46 | private URL baseCaseRequestURL;
47 |
48 | //used to store the fileextention used
49 | private String fileExt = null;
50 |
51 | /*
52 | * Store the flag for if we are to use the regex match instead
53 | */
54 | private boolean useRegexInstead = false;
55 |
56 | /*
57 | * the regex to use
58 | */
59 | private String regex;
60 |
61 | /** Creates a new instance of BaseCase */
62 | public BaseCase(URL baseCaseURL, int returnCode, boolean dir, URL baseCaseRequestURL, String baseCase, String fileExt, boolean useRegexInstead, String regex)
63 | {
64 | this.baseCaseURL = baseCaseURL;
65 | this.baseCaseRequestURL = baseCaseRequestURL;
66 | this.returnCode = returnCode;
67 | this.dir = dir;
68 | this.baseCase = baseCase;
69 | this.fileExt = fileExt;
70 | this.useRegexInstead = useRegexInstead;
71 | this.regex = regex;
72 |
73 | }
74 |
75 | public String getBaseCase()
76 | {
77 | return baseCase;
78 | }
79 |
80 | public URL getBaseCaseRequestURL()
81 | {
82 | return baseCaseRequestURL;
83 | }
84 |
85 | public URL getBaseCaseURL()
86 | {
87 | return baseCaseURL;
88 | }
89 |
90 | public int getFailCode()
91 | {
92 | return returnCode;
93 | }
94 |
95 | public boolean isDir()
96 | {
97 | return dir;
98 | }
99 |
100 | public void setBaseCaseURL(URL baseCaseURL)
101 | {
102 | this.baseCaseURL = baseCaseURL;
103 | }
104 |
105 | public void setDir(boolean dir)
106 | {
107 | this.dir = dir;
108 | }
109 |
110 | public boolean useContentAnalysisMode()
111 | {
112 | if(baseCase == null || baseCase.equalsIgnoreCase("") || useRegexInstead)
113 | {
114 | return false;
115 | }
116 |
117 | return true;
118 | }
119 |
120 | public String getFileExt()
121 | {
122 | return fileExt;
123 | }
124 |
125 | public String getRegex()
126 | {
127 | return regex;
128 | }
129 |
130 | public int getReturnCode()
131 | {
132 | return returnCode;
133 | }
134 |
135 | public boolean isUseRegexInstead()
136 | {
137 | return useRegexInstead;
138 | }
139 |
140 |
141 |
142 |
143 |
144 |
145 |
146 | }
147 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JFrameHelp.form:
--------------------------------------------------------------------------------
1 |
2 |
3 |
92 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JTableTree/AbstractCellEditor.java:
--------------------------------------------------------------------------------
1 | /*
2 | * %W% %E%
3 | *
4 | * Copyright 1997, 1998 Sun Microsystems, Inc. All Rights Reserved.
5 | *
6 | * Redistribution and use in source and binary forms, with or
7 | * without modification, are permitted provided that the following
8 | * conditions are met:
9 | *
10 | * - Redistributions of source code must retain the above copyright
11 | * notice, this list of conditions and the following disclaimer.
12 | *
13 | * - Redistribution in binary form must reproduce the above
14 | * copyright notice, this list of conditions and the following
15 | * disclaimer in the documentation and/or other materials
16 | * provided with the distribution.
17 | *
18 | * Neither the name of Sun Microsystems, Inc. or the names of
19 | * contributors may be used to endorse or promote products derived
20 | * from this software without specific prior written permission.
21 | *
22 | * This software is provided "AS IS," without a warranty of any
23 | * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
24 | * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
25 | * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
26 | * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
27 | * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
28 | * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THIS SOFTWARE OR
29 | * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
30 | * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
31 | * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
32 | * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
33 | * THE USE OF OR INABILITY TO USE THIS SOFTWARE, EVEN IF SUN HAS
34 | * BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
35 | *
36 | * You acknowledge that this software is not designed, licensed or
37 | * intended for use in the design, construction, operation or
38 | * maintenance of any nuclear facility.
39 | */
40 | package com.sittinglittleduck.DirBuster.gui.JTableTree;
41 |
42 |
43 | import java.awt.event.*;
44 | import javax.swing.*;
45 | import javax.swing.event.*;
46 | import java.util.EventObject;
47 |
48 |
49 | /**
50 | * @version %I% %G%
51 | *
52 | * A base class for CellEditors, providing default implementations for all
53 | * methods in the CellEditor interface and support for managing a series
54 | * of listeners.
55 | *
56 | * @author Philip Milne
57 | */
58 |
59 | public class AbstractCellEditor implements CellEditor {
60 |
61 | protected EventListenerList listenerList = new EventListenerList();
62 |
63 | public Object getCellEditorValue() { return null; }
64 | public boolean isCellEditable(EventObject e) { return true; }
65 | public boolean shouldSelectCell(EventObject anEvent) { return false; }
66 | public boolean stopCellEditing() { return true; }
67 | public void cancelCellEditing() {}
68 |
69 | public void addCellEditorListener(CellEditorListener l) {
70 | listenerList.add(CellEditorListener.class, l);
71 | }
72 |
73 | public void removeCellEditorListener(CellEditorListener l) {
74 | listenerList.remove(CellEditorListener.class, l);
75 | }
76 |
77 | /**
78 | * Notify all listeners that have registered interest for
79 | * notification on this event type.
80 | * @see EventListenerList
81 | */
82 | protected void fireEditingStopped() {
83 | // Guaranteed to return a non-null array
84 | Object[] listeners = listenerList.getListenerList();
85 | // Process the listeners last to first, notifying
86 | // those that are interested in this event
87 | for (int i = listeners.length-2; i>=0; i-=2) {
88 | if (listeners[i]==CellEditorListener.class) {
89 | ((CellEditorListener)listeners[i+1]).editingStopped(new ChangeEvent(this));
90 | }
91 | }
92 | }
93 |
94 | /**
95 | * Notify all listeners that have registered interest for
96 | * notification on this event type.
97 | * @see EventListenerList
98 | */
99 | protected void fireEditingCanceled() {
100 | // Guaranteed to return a non-null array
101 | Object[] listeners = listenerList.getListenerList();
102 | // Process the listeners last to first, notifying
103 | // those that are interested in this event
104 | for (int i = listeners.length-2; i>=0; i-=2) {
105 | if (listeners[i]==CellEditorListener.class) {
106 | ((CellEditorListener)listeners[i+1]).editingCanceled(new ChangeEvent(this));
107 | }
108 | }
109 | }
110 | }
111 |
112 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/bruteForceIterator/BruteForceGenThread.java:
--------------------------------------------------------------------------------
1 | /*
2 | * BruteForceGenThread.java
3 | *
4 | * Copyright 2008 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.bruteForceIterator;
22 |
23 | import java.util.concurrent.BlockingQueue;
24 | import java.util.logging.Level;
25 | import java.util.logging.Logger;
26 |
27 | /**
28 | *
29 | * @author james
30 | */
31 | public class BruteForceGenThread implements Runnable
32 | {
33 | private int min;
34 | private int max;
35 | private String[] list;
36 | private BlockingQueue queue;
37 | private int[] listindex;
38 | boolean isWorking = true;
39 |
40 | public BruteForceGenThread(int min, int max, String[] list, BlockingQueue queue)
41 | {
42 | this.min = min;
43 | this.max = max;
44 | this.list = list;
45 | this.queue = queue;
46 | listindex = new int[list.length];
47 | }
48 |
49 | public void run()
50 | {
51 | makeList(min, max);
52 | isWorking = false;
53 | }
54 |
55 | private void makeList(int minLen, int maxLen)
56 | {
57 | for (int x = minLen; x <= maxLen; x++)
58 | {
59 | while (listindex[0] < list.length)
60 | {
61 | showString(x);
62 | incrementCounter(x);
63 | }
64 | /* re-initialize the index */
65 | initIndex();
66 | }
67 | }
68 |
69 |
70 | private void showString(int len)
71 | {
72 | int chrx, endchr;
73 | String temp = "";
74 | /* print the current index */
75 | StringBuffer buf = new StringBuffer();
76 | for (int x = 0; x < len; x++)
77 | {
78 | chrx = listindex[x];
79 | //printf("%c", charlist[chrx]);
80 | buf.append(list[chrx]);
81 | //temp = temp + list[chrx];
82 | }
83 | temp = buf.toString();
84 | try
85 | {
86 | //System.out.println("bfi gen: " + temp);
87 | queue.put(temp);
88 | }
89 | catch(InterruptedException ex)
90 | {
91 | Logger.getLogger(BruteForceGenThread.class.getName()).log(Level.SEVERE, null, ex);
92 | }
93 |
94 | }
95 |
96 | private void incrementCounter(int len)
97 | {
98 |
99 | int x, z;
100 | int limit, last, check;
101 |
102 | /* nasty kludge */
103 | len--;
104 |
105 | limit = list.length;
106 | //printf("Limit is %d\n", limit);
107 |
108 | /* this sets the last octet of the index up by one */
109 |
110 | last = listindex[len];
111 | //printf("Last index was %d\n", last);
112 | last++;
113 | listindex[len] = last;
114 | //printf("set index to %d\n", chrindex[len]);
115 |
116 | /* this loop goes backwards through the index */
117 | /* each time determining if the char limit is reached */
118 |
119 | for (x = len; x > 0; x--)
120 | {
121 | //printf("Checking index %d of chrindex which is set to %d\n", x, chrindex[x]);
122 | if (listindex[x] == limit)
123 | {
124 | /* set this index to 0 */
125 | listindex[x] = 0;
126 | /* increment the next index */
127 | z = x - 1;
128 | listindex[z] = listindex[z] + 1;
129 | /* this loop should continue */
130 | //printf("Set index %d to 0 and incremented index %d by 1\n", x, z);
131 | }
132 | }
133 |
134 | }
135 |
136 | private void initIndex()
137 | {
138 | for(int a = 0; a < listindex.length; a++)
139 | {
140 | listindex[a] = 0;
141 | }
142 | }
143 |
144 | public boolean isWorking()
145 | {
146 | return isWorking;
147 | }
148 |
149 | }
150 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tree/ResultsNode.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2007 James Fisher
3 | *
4 | * This library is free software; you can redistribute it and/or
5 | * modify it under the terms of the GNU Lesser General Public
6 | * License as published by the Free Software Foundation; either
7 | * version 2.1 of the License, or (at your option) any later version.
8 | *
9 | * This library is distributed in the hope that it will be useful,
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 | * Lesser General Public License for more details.
13 | *
14 | * You should have received a copy of the GNU Lesser General Public
15 | * License along with this library; if not, write to the Free Software
16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 | */
18 | package com.sittinglittleduck.DirBuster.gui.tree;
19 |
20 | import com.sittinglittleduck.DirBuster.Result;
21 | import java.net.MalformedURLException;
22 | import java.net.URL;
23 | import java.util.Vector;
24 | import java.util.logging.Level;
25 | import java.util.logging.Logger;
26 | import javax.swing.tree.DefaultMutableTreeNode;
27 |
28 | /**
29 | *
30 | * @author james
31 | */
32 | public class ResultsNode extends DefaultMutableTreeNode
33 | {
34 |
35 | Result result;
36 | Vector children = new Vector(100, 10);
37 | String name;
38 |
39 | public ResultsNode(Result result)
40 | {
41 | this.result = result;
42 | }
43 |
44 | public ResultsNode(String name)
45 | {
46 | this.result = null;
47 | this.name = name;
48 | }
49 |
50 | public void addChild(ResultsNode object)
51 | {
52 | children.addElement(object);
53 | }
54 |
55 | public ResultsNode getChild(int index)
56 | {
57 | return children.elementAt(index);
58 | }
59 |
60 | public Object[] getChildren()
61 | {
62 | return children.toArray();
63 | }
64 |
65 | public boolean isLeaf()
66 | {
67 | if(result == null)
68 | {
69 | return false;
70 | }
71 | if (result.getType() == Result.DIR)
72 | {
73 | return false;
74 | }
75 | else
76 | {
77 | return true;
78 | }
79 |
80 | }
81 |
82 | public String toString()
83 | {
84 | if(result == null)
85 | {
86 | return name;
87 | }
88 |
89 | String string = null;
90 | try
91 | {
92 |
93 | string = covertData(new URL(result.getItemFound().toString()));
94 | //return result.getFieldFound() + " | " + result.getFieldResponceCode();
95 | }
96 | catch (MalformedURLException ex)
97 | {
98 | Logger.getLogger(ResultsNode.class.getName()).log(Level.SEVERE, null, ex);
99 | }
100 |
101 | return string;
102 | }
103 |
104 | private String covertData(URL url)
105 | {
106 |
107 | String item = url.getPath();
108 |
109 | if (item.equals("/"))
110 | {
111 | return item;
112 | }
113 | if (item.endsWith("/"))
114 | {
115 | item = item.substring(0, item.length() - 1);
116 |
117 | }
118 | //System.out.println("item = " + item);
119 | int location = item.lastIndexOf("/");
120 | item = item.substring(location + 1);
121 | //System.out.println("item = " + item);
122 | return item;
123 | }
124 |
125 | public Vector getChildrenVector()
126 | {
127 | return children;
128 | }
129 |
130 | public void clearData()
131 | {
132 | children.removeAll(children);
133 | result = null;
134 | name = null;
135 | }
136 |
137 | public Result getResult()
138 | {
139 | return result;
140 | }
141 |
142 | public int getNumberOfChildren()
143 | {
144 | return children.size();
145 | }
146 |
147 | public boolean isResultSet()
148 | {
149 | if(result == null)
150 | {
151 | return false;
152 | }
153 | else
154 | {
155 | return true;
156 | }
157 | }
158 |
159 | public void setResult(Result result)
160 | {
161 | this.result = result;
162 | }
163 |
164 | public ResultsNode findChildBasedOnString(String name)
165 | {
166 | for(int a = 0; a < children.size(); a++)
167 | {
168 | if(children.elementAt(a).toString().equals(name))
169 | {
170 | return children.elementAt(a);
171 | }
172 | }
173 | return null;
174 | }
175 |
176 | }
177 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/monitorThreads/ProcessEnd.java:
--------------------------------------------------------------------------------
1 | /*
2 | * ProcessEnd.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 | package com.sittinglittleduck.DirBuster.monitorThreads;
21 |
22 | import com.sittinglittleduck.DirBuster.*;
23 | import java.util.*;
24 |
25 | public class ProcessEnd extends TimerTask
26 | {
27 |
28 | Manager manager;
29 |
30 | /** Creates a new instance of ProcessChecker */
31 | public interface ProcessUpdate
32 | {
33 |
34 | public void isAlive();
35 | }
36 |
37 | public ProcessEnd()
38 | {
39 | this.manager = Manager.getInstance();
40 |
41 | }
42 |
43 | public void run()
44 | {
45 | if(manager.dirQueue.isEmpty() && manager.workQueue.isEmpty() && manager.parseQueue.isEmpty() && !manager.isFailCaseDialogVisable())
46 | {
47 |
48 | if(areAllWorkerFinished() && areAllParsesFinished())
49 | {
50 | //all the workers are finished and there is nothing
51 | manager.setStatus("Finished");
52 | manager.youAreFinished();
53 | }
54 |
55 | }
56 | else
57 | {
58 | //if we are fuzzing
59 | if(manager.getScanType() == Manager.LIST_BASED_FUZZ || manager.getScanType() == Manager.BRUTE_BASED_FUZZ)
60 | {
61 | if(manager.isURLFuzzGenFinished())
62 | {
63 |
64 | if(areAllWorkerFinished() && areAllParsesFinished())
65 | {
66 | //all the workers are finished and there is nothing
67 | manager.setStatus("Finished");
68 | manager.youAreFinished();
69 | }
70 | }
71 | }
72 | else if(manager.getScanType() == Manager.LIST_BASED || manager.getScanType() == Manager.BRUTE_BASED)
73 | {
74 | /*
75 | * new end process killer
76 | */
77 | if(manager.workQueue.isEmpty() && manager.parseQueue.isEmpty() && !manager.isFailCaseDialogVisable())
78 | {
79 |
80 | if(areAllWorkerFinished() && areAllParsesFinished() && areAllGenThreadsFinished())
81 | {
82 | //all the workers are finished and there is nothing
83 | manager.setStatus("Finished");
84 | manager.youAreFinished();
85 | }
86 |
87 | }
88 |
89 | }
90 |
91 | }
92 |
93 | }
94 |
95 | /*
96 | * tests if all the wrokers have finished
97 | */
98 | private boolean areAllWorkerFinished()
99 | {
100 | Vector workers = manager.getWorkers();
101 |
102 |
103 | for(int a = 0; a < workers.size(); a++)
104 | {
105 | if(((Worker) workers.elementAt(a)).isWorking())
106 | {
107 | //there is a worker still working so break
108 | return false;
109 |
110 | }
111 | }
112 |
113 | return true;
114 |
115 | }
116 |
117 | /*
118 | * tests if all the parsers are finished
119 | */
120 | private boolean areAllParsesFinished()
121 | {
122 | Vector parsers = manager.getParseWorkers();
123 |
124 | for(int a = 0; a < parsers.size(); a++)
125 | {
126 | if(((HTMLparse) parsers.elementAt(a)).isWorking())
127 | {
128 | return false;
129 | }
130 | }
131 |
132 | return true;
133 | }
134 |
135 | /*
136 | * tests if all genthreads
137 | */
138 | private boolean areAllGenThreadsFinished()
139 | {
140 | for(int a = 0; a < manager.genThreads.size(); a++)
141 | {
142 | if(manager.genThreads.elementAt(a).isWorking())
143 | {
144 | return false;
145 | }
146 | }
147 |
148 | return true;
149 | }
150 | }
151 |
152 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/tableModels/ScanInfoTableModel.java:
--------------------------------------------------------------------------------
1 | /*
2 | * To change this template, choose Tools | Templates
3 | * and open the template in the editor.
4 | */
5 | package com.sittinglittleduck.DirBuster.gui.tableModels;
6 |
7 | import com.sittinglittleduck.DirBuster.Manager;
8 | import com.sittinglittleduck.DirBuster.workGenerators.MultiThreadedGenerator;
9 | import com.sittinglittleduck.DirBuster.workGenerators.WorkerGeneratorMultiThreaded;
10 | import java.util.Vector;
11 | import javax.swing.JTable;
12 | import javax.swing.table.AbstractTableModel;
13 |
14 | /**
15 | *
16 | * @author James
17 | */
18 | public class ScanInfoTableModel extends AbstractTableModel
19 | {
20 | /*
21 | * Table column name
22 | */
23 | private String[] columnNames =
24 | {
25 | new String("Task"), new String("Progress"), new String("Control")
26 | };
27 | /*
28 | * Store of the data
29 | */
30 | private Vector data;
31 | private JTable table;
32 | Manager manager;
33 |
34 | public ScanInfoTableModel(JTable table)
35 | {
36 | manager = Manager.getInstance();
37 | this.table = table;
38 | this.data = manager.errors;
39 | }
40 |
41 | /*
42 | * Function to set the table column names
43 | */
44 | public void setColumnName(int index, String name)
45 | {
46 | if(index < columnNames.length)
47 | {
48 | columnNames[index] = name;
49 | }
50 | }
51 |
52 | /*
53 | * Set the column names
54 | */
55 | @Override
56 | public String getColumnName(int col)
57 | {
58 | return columnNames[col];
59 | }
60 |
61 | /*
62 | * Cells are not to be editited
63 | */
64 | @Override
65 | public boolean isCellEditable(int row, int col)
66 | {
67 | if(col == 2)
68 | {
69 | return true;
70 | }
71 | return false;
72 | }
73 |
74 | @Override
75 | public Object getValueAt(int row, int col)
76 | {
77 | MultiThreadedGenerator gen = manager.genThreads.elementAt(row);
78 |
79 | //if(row < 0 || row >= data.size())
80 | //{
81 | // return null;
82 | //}
83 | if(col == 0)
84 | {
85 | if(gen.getType() == WorkerGeneratorMultiThreaded.doDIR)
86 | {
87 | return "Testing for dirs in " + gen.getStartpoint();
88 | }
89 | else if(gen.getType() == WorkerGeneratorMultiThreaded.doFile)
90 | {
91 | return "Testing for files in " + gen.getStartpoint() + " with extention " + gen.getFileExt();
92 | }
93 | else
94 | {
95 | return null;
96 | }
97 |
98 | //return
99 | }
100 | else if(col == 1)
101 | {
102 | //TODO complete this to use a progress bar
103 | //return gen.getCurrentPoint() + "/" + manager.getTotalPass();
104 | return gen.getCurrentPoint();
105 | }
106 | else if(col == 2)
107 | {
108 | //TODO complete this to have the buttons on
109 | return "";
110 | }
111 | else
112 | {
113 | return null;
114 | }
115 | }
116 |
117 | /*
118 | *
119 | *
120 | public void addRow(ErrorTableObject object)
121 | {
122 |
123 | //check the item is not already in the table
124 | if( ! data.contains(object))
125 | {
126 | data.addElement(object);
127 | if(table.getRowSorter() != null)
128 | {
129 | int location = table.getRowSorter().convertRowIndexToView(data.size() - 1);
130 |
131 | if(location > 0)
132 | {
133 | this.fireTableRowsInserted(location - 1, location - 1);
134 | }
135 | else
136 | {
137 | this.fireTableDataChanged();
138 | }
139 | }
140 | else
141 | {
142 | this.fireTableDataChanged();
143 | }
144 | }
145 | else
146 | {
147 | return;
148 | }
149 | }
150 | */
151 |
152 | public int getRowCount()
153 | {
154 | return data == null ? 0 : manager.genThreads.size();
155 | }
156 |
157 | public int getColumnCount()
158 | {
159 | return columnNames.length;
160 | }
161 |
162 | @Override
163 | public Class getColumnClass(int c)
164 | {
165 | //return getValueAt(0, c).getClass();
166 | return columnNames[c].getClass();
167 | }
168 |
169 | public void clearAllResults()
170 | {
171 | data.removeAllElements();
172 | fireTableDataChanged();
173 | }
174 |
175 | public void refreshTable()
176 | {
177 | fireTableDataChanged();
178 | }
179 | }
180 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JDialogDisplayErrors.form:
--------------------------------------------------------------------------------
1 |
2 |
3 |
97 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/urlTest.java:
--------------------------------------------------------------------------------
1 | /*
2 | * urlTest.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster;
22 | import com.sittinglittleduck.DirBuster.bruteForceIterator.BruteForceIterator;
23 | import java.net.*;
24 | import java.util.Date;
25 |
26 | public class urlTest
27 | {
28 |
29 | /** Creates a new instance of urlTest */
30 | public urlTest()
31 | {
32 | }
33 |
34 | /**
35 | * @param args the command line arguments
36 | */
37 | public static void main(String[] args)
38 | {
39 | BruteForceIterator bfi = new BruteForceIterator(1, 4, new String[]{"a","b","c","d"});
40 |
41 | while(bfi.hasNext())
42 | {
43 | System.out.println(bfi.next());
44 | }
45 |
46 | try
47 | {
48 | //URL url = new URL("http://www.sittinglittleduck.com/testing1/wibble/getit/test.php?id=1&id2=qwerty#here");
49 | URL url = new URL("http://www.sittinglittleduck.com/testing1/test2/index.jsp");
50 | System.out.println("Path = " + url.getPath());
51 | System.out.println("toString = " + url.toString());
52 | System.out.println("file = " + url.getFile());
53 | System.out.println("host = " + url.getHost());
54 | System.out.println("port = " + url.getPort());
55 | System.out.println("last bit of file = " + url.getPath());
56 | System.out.println("Processing the url");
57 |
58 | String item = url.getPath();
59 | String fullItem = item;
60 |
61 | if(item.endsWith("/"))
62 | {
63 | item = item.substring(0, item.length() -1);
64 |
65 | }
66 | System.out.println("item = " + item);
67 | int location = item.lastIndexOf("/");
68 | item = item.substring(location + 1);
69 | System.out.println("item = " + item);
70 |
71 | int index = 0;
72 | while((index = fullItem.indexOf("/")) != -1)
73 | {
74 | String realitem = fullItem.substring(0, index);
75 | String rest = fullItem.substring(index + 1);
76 | System.out.println("real = " + realitem);
77 | System.out.println("rest = " + rest);
78 | fullItem = rest;
79 | }
80 |
81 | Date now = new Date();
82 | //if(now.)
83 | Date update = new Date(0l);
84 |
85 | Long passed = now.getTime() - update.getTime();
86 | System.out.println("now: " + now.getTime());
87 | System.out.println("update: " + update.getTime());
88 | System.out.println("time passed: " + passed);
89 |
90 |
91 |
92 | //HTMLparse.processURL(url);
93 | }
94 | catch(Exception e)
95 | {
96 |
97 | }
98 |
99 |
100 | /*
101 | Date date = new Date(System.currentTimeMillis());
102 | System.out.println("date = "+ date);
103 |
104 | System.out.println("user.dir = " + System.getProperty("user.dir"));
105 |
106 | int test = 2^4;
107 | System.out.println("2^4 = " + test);
108 |
109 | long timeInSecs = 1452;
110 | System.out.println(convertSecsToTime(timeInSecs));
111 |
112 | String fuzzURL = "\text.html?start=123&url={dir}&wibble=wobble";
113 |
114 | int startLoc = fuzzURL.indexOf("{dir}");
115 |
116 | System.out.println("start: " + fuzzURL.substring(0, startLoc));
117 | System.out.println("end: " + fuzzURL.substring(startLoc + 5, fuzzURL.length()));
118 | *
119 | */
120 |
121 | }
122 |
123 | private static String convertSecsToTime(long secs)
124 | {
125 | //get the number of minuates
126 | if(secs < 60)
127 | {
128 | return "00:00:" + secs;
129 | }
130 | long mins = secs / 60;
131 | long secsleft = secs - (mins * 60);
132 | if(mins < 60)
133 | {
134 | return "00:" + mins + ":" + secsleft;
135 | }
136 | long hours = mins / 60;
137 | long minsleft = mins - (hours * 60);
138 | if(hours < 10)
139 | {
140 | return "0" + hours + ":" + minsleft + ":" + secsleft;
141 | }
142 | else
143 | {
144 | return hours + ":" + minsleft + ":" + secsleft;
145 | }
146 | }
147 |
148 |
149 | }
150 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JDialogDisplayErrors.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JDialogDisplayErrors.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui;
22 | import com.sittinglittleduck.DirBuster.*;
23 | import java.util.Vector;
24 | /**
25 | *
26 | * @author James
27 | */
28 | public class JDialogDisplayErrors extends javax.swing.JDialog
29 | {
30 | private Vector errors;
31 | /** Creates new form JDialogDisplayErrors */
32 | public JDialogDisplayErrors(java.awt.Frame parent, boolean modal, Vector errors)
33 | {
34 | super(parent, modal);
35 | initComponents();
36 | this.setTitle("DirBuster " + Config.version + " - You have Errors!");
37 | this.errors = errors;
38 | jListErrors.setListData(this.errors);
39 |
40 | }
41 |
42 | /** This method is called from within the constructor to
43 | * initialize the form.
44 | * WARNING: Do NOT modify this code. The content of this method is
45 | * always regenerated by the Form Editor.
46 | */
47 | // //GEN-BEGIN:initComponents
48 | private void initComponents()
49 | {
50 |
51 | jLabel1 = new javax.swing.JLabel();
52 | jLabel2 = new javax.swing.JLabel();
53 | jScrollPane1 = new javax.swing.JScrollPane();
54 | jListErrors = new javax.swing.JList();
55 | jButtonOK = new javax.swing.JButton();
56 |
57 | jLabel1.setText("jLabel1");
58 |
59 | setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE);
60 |
61 | jLabel2.setText("The following errors have been detected, you must correct these before brute forcing can start");
62 |
63 | jListErrors.setBackground(new java.awt.Color(224, 223, 227));
64 | jListErrors.setFont(new java.awt.Font("Dialog", 1, 11));
65 | jScrollPane1.setViewportView(jListErrors);
66 |
67 | jButtonOK.setText("OK");
68 | jButtonOK.addActionListener(new java.awt.event.ActionListener()
69 | {
70 | public void actionPerformed(java.awt.event.ActionEvent evt)
71 | {
72 | jButtonOKActionPerformed(evt);
73 | }
74 | });
75 |
76 | org.jdesktop.layout.GroupLayout layout = new org.jdesktop.layout.GroupLayout(getContentPane());
77 | getContentPane().setLayout(layout);
78 | layout.setHorizontalGroup(
79 | layout.createParallelGroup(org.jdesktop.layout.GroupLayout.LEADING)
80 | .add(layout.createSequentialGroup()
81 | .add(10, 10, 10)
82 | .add(layout.createParallelGroup(org.jdesktop.layout.GroupLayout.CENTER)
83 | .add(jScrollPane1, org.jdesktop.layout.GroupLayout.DEFAULT_SIZE, 510, Short.MAX_VALUE)
84 | .add(jButtonOK, org.jdesktop.layout.GroupLayout.PREFERRED_SIZE, 100, org.jdesktop.layout.GroupLayout.PREFERRED_SIZE))
85 | .addContainerGap())
86 | .add(org.jdesktop.layout.GroupLayout.CENTER, layout.createSequentialGroup()
87 | .add(12, 12, 12)
88 | .add(jLabel2, org.jdesktop.layout.GroupLayout.PREFERRED_SIZE, 510, org.jdesktop.layout.GroupLayout.PREFERRED_SIZE)
89 | .add(10, 10, 10))
90 | );
91 | layout.setVerticalGroup(
92 | layout.createParallelGroup(org.jdesktop.layout.GroupLayout.LEADING)
93 | .add(layout.createSequentialGroup()
94 | .add(13, 13, 13)
95 | .add(jLabel2)
96 | .add(15, 15, 15)
97 | .add(jScrollPane1, org.jdesktop.layout.GroupLayout.DEFAULT_SIZE, 158, Short.MAX_VALUE)
98 | .add(33, 33, 33)
99 | .add(jButtonOK)
100 | .addContainerGap())
101 | );
102 |
103 | java.awt.Dimension screenSize = java.awt.Toolkit.getDefaultToolkit().getScreenSize();
104 | setBounds((screenSize.width-542)/2, (screenSize.height-299)/2, 542, 299);
105 | }// //GEN-END:initComponents
106 |
107 | private void jButtonOKActionPerformed(java.awt.event.ActionEvent evt)//GEN-FIRST:event_jButtonOKActionPerformed
108 | {//GEN-HEADEREND:event_jButtonOKActionPerformed
109 | this.dispose();
110 | }//GEN-LAST:event_jButtonOKActionPerformed
111 |
112 |
113 |
114 | // Variables declaration - do not modify//GEN-BEGIN:variables
115 | public javax.swing.JButton jButtonOK;
116 | public javax.swing.JLabel jLabel1;
117 | public javax.swing.JLabel jLabel2;
118 | public javax.swing.JList jListErrors;
119 | public javax.swing.JScrollPane jScrollPane1;
120 | // End of variables declaration//GEN-END:variables
121 |
122 | }
123 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JDialogViewListInfo.form:
--------------------------------------------------------------------------------
1 |
2 |
3 |
67 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JPanelScanInfo.form:
--------------------------------------------------------------------------------
1 |
2 |
3 |
100 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/workGenerators/BruteForceURLFuzz.java:
--------------------------------------------------------------------------------
1 | /*
2 | * BruteForceURLFuzz.java
3 | *
4 | *
5 | * Copyright 2006 James Fisher
6 | *
7 | * This library is free software; you can redistribute it and/or
8 | * modify it under the terms of the GNU Lesser General Public
9 | * License as published by the Free Software Foundation; either
10 | * version 2.1 of the License, or (at your option) any later version.
11 | *
12 | * This library is distributed in the hope that it will be useful,
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 | * Lesser General Public License for more details.
16 | *
17 | * You should have received a copy of the GNU Lesser General Public
18 | * License along with this library; if not, write to the Free Software
19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 | */
21 | package com.sittinglittleduck.DirBuster.workGenerators;
22 |
23 | import com.sittinglittleduck.DirBuster.BaseCase;
24 | import com.sittinglittleduck.DirBuster.bruteForceIterator.BruteForceIterator;
25 | import com.sittinglittleduck.DirBuster.GenBaseCase;
26 | import com.sittinglittleduck.DirBuster.HTTPHeader;
27 | import com.sittinglittleduck.DirBuster.Manager;
28 | import com.sittinglittleduck.DirBuster.WorkUnit;
29 | import com.sittinglittleduck.DirBuster.utils.HeadRequestCheck;
30 | import java.io.IOException;
31 | import java.net.MalformedURLException;
32 | import java.net.URL;
33 | import java.util.Vector;
34 | import java.util.concurrent.BlockingQueue;
35 | import java.util.logging.Level;
36 | import java.util.logging.Logger;
37 | import org.apache.commons.httpclient.HttpClient;
38 | import org.apache.commons.httpclient.methods.HeadMethod;
39 |
40 | /**
41 | *
42 | * @author James
43 | */
44 | public class BruteForceURLFuzz implements Runnable
45 | {
46 |
47 | private String[] list;
48 | private int minLen;
49 | private int maxLen;
50 | private Manager manager;
51 | private BlockingQueue workQueue;
52 |
53 | private String firstPart;
54 | private String finished;
55 | private String started;
56 |
57 | HttpClient httpclient;
58 | private String urlFuzzStart;
59 | private String urlFuzzEnd;
60 |
61 | private int counter = 0;
62 | private boolean isWorking = true;
63 |
64 | /** Creates a new instance of BruteForceWorkGenerator */
65 | public BruteForceURLFuzz()
66 | {
67 | manager = Manager.getInstance();
68 |
69 | this.maxLen = manager.getMaxLen();
70 | this.minLen = manager.getMinLen();
71 | this.list = manager.getCharSet();
72 |
73 | workQueue = manager.workQueue;
74 |
75 | firstPart = manager.getFirstPartOfURL();
76 |
77 | httpclient = manager.getHttpclient();
78 |
79 | urlFuzzStart = manager.getUrlFuzzStart();
80 | urlFuzzEnd = manager.getUrlFuzzEnd();
81 |
82 | }
83 |
84 | public void run()
85 | {
86 | //checks if the server surports heads requests
87 |
88 | HeadRequestCheck.test(firstPart);
89 |
90 | System.out.println("Starting fuzz on " + firstPart + urlFuzzStart + "{dir}" + urlFuzzEnd);
91 | manager.setStatus("Starting fuzz on " + firstPart + urlFuzzStart + "{dir}" + urlFuzzEnd);
92 | //manager.updateTable(finished, started);
93 |
94 |
95 | //store for the basecase object set to null;
96 | BaseCase baseCaseObj = null;
97 | try
98 | {
99 | baseCaseObj = GenBaseCase.genURLFuzzBaseCase(firstPart + urlFuzzStart, urlFuzzEnd);
100 | }
101 | catch(MalformedURLException e)
102 | {
103 | e.printStackTrace();
104 | }
105 | catch(IOException e)
106 | {
107 | e.printStackTrace();
108 | }
109 |
110 |
111 |
112 | //baseCaseObj = new BaseCase(null, failcode, true, failurl, baseCase);
113 | //call function to generate the brute force
114 | BruteForceIterator bfi = new BruteForceIterator(minLen, maxLen, list);
115 |
116 | /*
117 | * set how many we are going to do.
118 | */
119 | manager.setTotalPass(bfi.getTotalToDo());
120 |
121 | while(bfi.hasNext())
122 | {
123 | String method;
124 | if(manager.getAuto() && !baseCaseObj.useContentAnalysisMode() && !baseCaseObj.isUseRegexInstead())
125 | {
126 | method = "HEAD";
127 | }
128 | else
129 | {
130 | method = "GET";
131 | }
132 | String item = bfi.next();
133 |
134 | URL currentURL;
135 | try
136 | {
137 | currentURL = new URL(firstPart + urlFuzzStart + item + urlFuzzEnd);
138 | workQueue.put(new WorkUnit(currentURL, true, method, baseCaseObj, item));
139 | counter++;
140 | }
141 | catch(InterruptedException ex)
142 | {
143 | Logger.getLogger(BruteForceURLFuzz.class.getName()).log(Level.SEVERE, null, ex);
144 | }
145 | catch(MalformedURLException ex)
146 | {
147 | Logger.getLogger(BruteForceURLFuzz.class.getName()).log(Level.SEVERE, null, ex);
148 | }
149 | }
150 | //manager.youAreFinished();
151 | isWorking = false;
152 | }
153 |
154 | public int getCurrentDone()
155 | {
156 | return counter;
157 | }
158 |
159 | public boolean isWorking()
160 | {
161 | return isWorking;
162 | }
163 |
164 | public String getStartPoint()
165 | {
166 | return urlFuzzStart + "{dir}" + urlFuzzEnd;
167 | }
168 | }
169 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/EasyX509TrustManager.java:
--------------------------------------------------------------------------------
1 | /*
2 | * ====================================================================
3 | *
4 | * The Apache Software License, Version 1.1
5 | *
6 | * Copyright (c) 2002-2003 The Apache Software Foundation. All rights
7 | * reserved.
8 | *
9 | * Redistribution and use in source and binary forms, with or without
10 | * modification, are permitted provided that the following conditions
11 | * are met:
12 | *
13 | * 1. Redistributions of source code must retain the above copyright
14 | * notice, this list of conditions and the following disclaimer.
15 | *
16 | * 2. Redistributions in binary form must reproduce the above copyright
17 | * notice, this list of conditions and the following disclaimer in
18 | * the documentation and/or other materials provided with the
19 | * distribution.
20 | *
21 | * 3. The end-user documentation included with the redistribution, if
22 | * any, must include the following acknowlegement:
23 | * "This product includes software developed by the
24 | * Apache Software Foundation (http://www.apache.org/)."
25 | * Alternately, this acknowlegement may appear in the software itself,
26 | * if and wherever such third-party acknowlegements normally appear.
27 | *
28 | * 4. The names "The Jakarta Project", "Commons", and "Apache Software
29 | * Foundation" must not be used to endorse or promote products derived
30 | * from this software without prior written permission. For written
31 | * permission, please contact apache@apache.org.
32 | *
33 | * 5. Products derived from this software may not be called "Apache"
34 | * nor may "Apache" appear in their names without prior written
35 | * permission of the Apache Group.
36 | *
37 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
38 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
39 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
40 | * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
41 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
43 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
44 | * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
46 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
47 | * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
48 | * SUCH DAMAGE.
49 | * ====================================================================
50 | *
51 | * This software consists of voluntary contributions made by many
52 | * individuals on behalf of the Apache Software Foundation. For more
53 | * information on the Apache Software Foundation, please see
54 | * .
55 | *
56 | * [Additional notices, if required by prior licensing conditions]
57 | *
58 | */
59 |
60 | package com.sittinglittleduck.DirBuster;
61 |
62 | import java.security.KeyStore;
63 | import java.security.KeyStoreException;
64 | import java.security.NoSuchAlgorithmException;
65 | import java.security.cert.CertificateException;
66 | import java.security.cert.X509Certificate;
67 |
68 | import javax.net.ssl.TrustManagerFactory;
69 | import javax.net.ssl.TrustManager;
70 | import javax.net.ssl.X509TrustManager;
71 | //import org.apache.commons.logging.Log;
72 | //import org.apache.commons.logging.LogFactory;
73 |
74 | /**
75 | *
76 | *
77 | * EasyX509TrustManager unlike default {@link X509TrustManager} accepts * self-signed certificates. *
78 | *
79 | *
80 | *
81 | * This trust manager SHOULD NOT be used for productive systems * due to security reasons, unless it is a concious decision and * you are perfectly aware of security implications of accepting * self-signed certificates *
82 | *
83 | *
84 | * @author Adrian Sutton
85 | * @author Oleg Kalnichevski
86 | *
87 | * DISCLAIMER: HttpClient developers DO NOT actively support this component.
88 | * The component is provided as a reference material, which may be inappropriate
89 | * to be used without additional customization.
90 | */
91 |
92 | public class EasyX509TrustManager implements X509TrustManager
93 | {
94 | private X509TrustManager standardTrustManager = null;
95 |
96 | /** Log object for this class. */
97 | //private static final Log LOG = LogFactory.getLog(EasyX509TrustManager.class);
98 |
99 | /**
100 | * Constructor for EasyX509TrustManager.
101 | */
102 | public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException
103 | {
104 | super();
105 | TrustManagerFactory factory = TrustManagerFactory.getInstance("SunX509");
106 | factory.init(keystore);
107 | TrustManager[] trustmanagers = factory.getTrustManagers();
108 | if (trustmanagers.length == 0)
109 | {
110 | throw new NoSuchAlgorithmException("SunX509 trust manager not supported");
111 | }
112 | this.standardTrustManager = (X509TrustManager)trustmanagers[0];
113 | }
114 |
115 | /**
116 | * @see com.sun.net.ssl.X509TrustManager#isClientTrusted(X509Certificate[])
117 | */
118 | public java.security.cert.X509Certificate[] getAcceptedIssuers()
119 | {
120 | return null;
121 | }
122 | public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
123 | {
124 | }
125 | public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
126 | {
127 | }
128 | public boolean isServerTrusted(java.security.cert.X509Certificate[] certs)
129 | {
130 | return true;
131 | }
132 | public boolean isClientTrusted(java.security.cert.X509Certificate[] certs)
133 | {
134 | return true;
135 | }
136 | }
137 |
138 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/workGenerators/WorkerGeneratorURLFuzz.java:
--------------------------------------------------------------------------------
1 | /*
2 | * WorkerGeneratorURLFuzz.java
3 | *
4 | * Created on 11 November 2005, 20:33
5 | *
6 | * Copyright 2007 James Fisher
7 | *
8 | * This library is free software; you can redistribute it and/or
9 | * modify it under the terms of the GNU Lesser General Public
10 | * License as published by the Free Software Foundation; either
11 | * version 2.1 of the License, or (at your option) any later version.
12 | *
13 | * This library is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 | * Lesser General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU Lesser General Public
19 | * License along with this library; if not, write to the Free Software
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 | */
22 |
23 | package com.sittinglittleduck.DirBuster.workGenerators;
24 |
25 | import com.sittinglittleduck.DirBuster.*;
26 | import com.sittinglittleduck.DirBuster.utils.HeadRequestCheck;
27 | import com.sittinglittleduck.DirBuster.utils.Utils;
28 | import java.io.*;
29 | import java.util.concurrent.*;
30 | import java.net.*;
31 | import java.util.Vector;
32 | import java.util.logging.Level;
33 | import java.util.logging.Logger;
34 | import org.apache.commons.httpclient.HttpClient;
35 | import org.apache.commons.httpclient.methods.HeadMethod;
36 |
37 | /**
38 | * Produces the work to be done, when we are reading from a list
39 | */
40 | public class WorkerGeneratorURLFuzz implements Runnable
41 | {
42 |
43 | private Manager manager;
44 | private BlockingQueue workQueue;
45 | private String inputFile;
46 | private String firstPart;
47 | private boolean stopMe = false;
48 | HttpClient httpclient;
49 | private boolean isWorking = true;
50 |
51 | private String urlFuzzStart;
52 | private String urlFuzzEnd;
53 | private int counter = 0;
54 |
55 | /**
56 | * Creates a new instance of WorkerGenerator
57 | * @param manager Manager object
58 | */
59 | public WorkerGeneratorURLFuzz()
60 | {
61 | manager = Manager.getInstance();
62 | workQueue = manager.workQueue;
63 | inputFile = manager.getInputFile();
64 | firstPart = manager.getFirstPartOfURL();
65 |
66 | httpclient = manager.getHttpclient();
67 |
68 | urlFuzzStart = manager.getUrlFuzzStart();
69 | urlFuzzEnd = manager.getUrlFuzzEnd();
70 | }
71 |
72 | /**
73 | * Thread run method
74 | */
75 | public void run()
76 | {
77 |
78 | /*
79 | * Read in all the items and create all the work we need to.
80 | */
81 |
82 |
83 | BufferedReader d = null;
84 | try
85 | {
86 | manager.setURLFuzzGenFinished(false);
87 | String line;
88 |
89 | //int passTotal = 0;
90 |
91 | //Utils.getNumberOfLineInAFile(inputFile);
92 |
93 | HeadRequestCheck.test(firstPart);
94 |
95 | d = new BufferedReader(new InputStreamReader(new FileInputStream(inputFile)));
96 | System.out.println("Starting fuzz on " + firstPart + urlFuzzStart + "{dir}" + urlFuzzEnd);
97 | manager.setStatus("Starting fuzz on " + firstPart + urlFuzzStart + "{dir}" + urlFuzzEnd);
98 |
99 | BaseCase baseCaseObj = GenBaseCase.genURLFuzzBaseCase(firstPart + urlFuzzStart, urlFuzzEnd);
100 |
101 |
102 | while ((line = d.readLine()) != null)
103 | {
104 | if(stopMe)
105 | {
106 | isWorking = false;
107 | return;
108 | }
109 |
110 | if (!line.startsWith("#"))
111 | {
112 | String method;
113 | if (manager.getAuto() && !baseCaseObj.useContentAnalysisMode() && !baseCaseObj.isUseRegexInstead())
114 | {
115 | method = "HEAD";
116 | }
117 | else
118 | {
119 | method = "GET";
120 | }
121 |
122 | //url encode all the items
123 | line = URLEncoder.encode(line);
124 |
125 | URL currentURL = new URL(firstPart + urlFuzzStart + line + urlFuzzEnd);
126 |
127 | workQueue.put(new WorkUnit(currentURL, true, method, baseCaseObj, line));
128 | counter++;
129 | }
130 |
131 | //Thread.sleep(3);
132 |
133 | }
134 | }
135 | catch (InterruptedException ex)
136 | {
137 | Logger.getLogger(WorkerGeneratorURLFuzz.class.getName()).log(Level.SEVERE, null, ex);
138 | } catch (MalformedURLException ex)
139 | {
140 | Logger.getLogger(WorkerGeneratorURLFuzz.class.getName()).log(Level.SEVERE, null, ex);
141 | }
142 | catch (IOException ex)
143 | {
144 | Logger.getLogger(WorkerGeneratorURLFuzz.class.getName()).log(Level.SEVERE, null, ex);
145 | }
146 | finally
147 | {
148 | try
149 | {
150 | d.close();
151 | manager.setURLFuzzGenFinished(true);
152 | }
153 | catch (IOException ex)
154 | {
155 | Logger.getLogger(WorkerGeneratorURLFuzz.class.getName()).log(Level.SEVERE, null, ex);
156 | }
157 | }
158 | isWorking = false;
159 | }
160 |
161 | /**
162 | * Method to stop the manager while it is working
163 | */
164 | public void stopMe()
165 | {
166 | stopMe = true;
167 | }
168 |
169 | public String getStartPoint()
170 | {
171 | return urlFuzzStart + "{dir}" + urlFuzzEnd;
172 | }
173 |
174 | public int getCurrentCount()
175 | {
176 | return counter;
177 | }
178 |
179 | public boolean isWorking()
180 | {
181 | return isWorking;
182 | }
183 | }
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JFrameHelp.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JFrameHelp.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | *
20 | * Created on 16 January 2008, 23:18
21 | */
22 |
23 | package com.sittinglittleduck.DirBuster.gui;
24 |
25 | import java.util.logging.Level;
26 | import java.util.logging.Logger;
27 | import javax.help.JHelp;
28 | import javax.swing.ImageIcon;
29 | import javax.swing.UIManager;
30 | import javax.swing.UnsupportedLookAndFeelException;
31 |
32 | /**
33 | *
34 | * @author James
35 | */
36 | public class JFrameHelp extends javax.swing.JFrame
37 | {
38 |
39 | /** Creates new form jFrameHelp */
40 | public JFrameHelp(JHelp help)
41 | {
42 | try
43 | {
44 | //TODO does not work under linux!
45 |
46 |
47 | UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
48 |
49 |
50 | initComponents();
51 | setIconImage(new ImageIcon(getClass().getResource("/com/sittinglittleduck/DirBuster/images/duck.gif")).getImage());
52 | add(help);
53 | }
54 | catch (ClassNotFoundException ex)
55 | {
56 | Logger.getLogger(JFrameHelp.class.getName()).log(Level.SEVERE, null, ex);
57 | }
58 | catch (InstantiationException ex)
59 | {
60 | Logger.getLogger(JFrameHelp.class.getName()).log(Level.SEVERE, null, ex);
61 | }
62 | catch (IllegalAccessException ex)
63 | {
64 | Logger.getLogger(JFrameHelp.class.getName()).log(Level.SEVERE, null, ex);
65 | }
66 | catch (UnsupportedLookAndFeelException ex)
67 | {
68 | Logger.getLogger(JFrameHelp.class.getName()).log(Level.SEVERE, null, ex);
69 | }
70 |
71 | }
72 |
73 | /** This method is called from within the constructor to
74 | * initialize the form.
75 | * WARNING: Do NOT modify this code. The content of this method is
76 | * always regenerated by the Form Editor.
77 | */
78 | // //GEN-BEGIN:initComponents
79 | private void initComponents()
80 | {
81 |
82 | jHelp1 = new javax.help.JHelp();
83 | jHelp2 = new javax.help.JHelp();
84 | jHelp3 = new javax.help.JHelp();
85 |
86 | javax.swing.GroupLayout jHelp1Layout = new javax.swing.GroupLayout(jHelp1);
87 | jHelp1.setLayout(jHelp1Layout);
88 | jHelp1Layout.setHorizontalGroup(
89 | jHelp1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
90 | .addGap(0, 100, Short.MAX_VALUE)
91 | );
92 | jHelp1Layout.setVerticalGroup(
93 | jHelp1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
94 | .addGap(0, 100, Short.MAX_VALUE)
95 | );
96 |
97 | setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE);
98 | setTitle("DirBuster Help");
99 | setAlwaysOnTop(true);
100 |
101 | javax.swing.GroupLayout jHelp3Layout = new javax.swing.GroupLayout(jHelp3);
102 | jHelp3.setLayout(jHelp3Layout);
103 | jHelp3Layout.setHorizontalGroup(
104 | jHelp3Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
105 | .addGap(0, 100, Short.MAX_VALUE)
106 | );
107 | jHelp3Layout.setVerticalGroup(
108 | jHelp3Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
109 | .addGap(0, 100, Short.MAX_VALUE)
110 | );
111 |
112 | javax.swing.GroupLayout jHelp2Layout = new javax.swing.GroupLayout(jHelp2);
113 | jHelp2.setLayout(jHelp2Layout);
114 | jHelp2Layout.setHorizontalGroup(
115 | jHelp2Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
116 | .addGroup(jHelp2Layout.createSequentialGroup()
117 | .addContainerGap(263, Short.MAX_VALUE)
118 | .addComponent(jHelp3, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
119 | .addGap(376, 376, 376))
120 | );
121 | jHelp2Layout.setVerticalGroup(
122 | jHelp2Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
123 | .addGroup(jHelp2Layout.createSequentialGroup()
124 | .addGap(177, 177, 177)
125 | .addComponent(jHelp3, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
126 | .addContainerGap(252, Short.MAX_VALUE))
127 | );
128 |
129 | getContentPane().add(jHelp2, java.awt.BorderLayout.CENTER);
130 |
131 | java.awt.Dimension screenSize = java.awt.Toolkit.getDefaultToolkit().getScreenSize();
132 | setBounds((screenSize.width-747)/2, (screenSize.height-563)/2, 747, 563);
133 | }// //GEN-END:initComponents
134 |
135 | /**
136 | * @param args the command line arguments
137 | */
138 | public static void main(String args[])
139 | {
140 | java.awt.EventQueue.invokeLater(new Runnable()
141 | {
142 | public void run()
143 | {
144 | //new jFrameHelp().setVisible(true);
145 | }
146 | });
147 | }
148 |
149 | // Variables declaration - do not modify//GEN-BEGIN:variables
150 | private javax.help.JHelp jHelp1;
151 | private javax.help.JHelp jHelp2;
152 | private javax.help.JHelp jHelp3;
153 | // End of variables declaration//GEN-END:variables
154 |
155 | }
156 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JDialogViewListInfo.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JDialogViewReport.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui;
22 |
23 | import com.sittinglittleduck.DirBuster.*;
24 | import javax.swing.JScrollBar;
25 |
26 | /**
27 | *
28 | * @author James
29 | */
30 | public class JDialogViewListInfo extends javax.swing.JDialog
31 | {
32 |
33 | /** Creates new form JDialogViewReport */
34 | public JDialogViewListInfo(java.awt.Frame parent, boolean modal)
35 | {
36 | super(parent, modal);
37 | initComponents();
38 | this.setTitle("DirBuster " + Config.version + " Brute Forcing List Information");
39 | jTextAreaReport.setCaretPosition(0);
40 |
41 | //JScrollBar sb = jScrollPane1.getVerticalScrollBar();
42 | //sb.setValue(sb.getMaximum());
43 | //jScrollPane1.getVerticalScrollBar().setValue(0);
44 |
45 | //JViewport view = jScrollPane1.getViewport();
46 |
47 | //Point p = new Point(0,0);
48 | //view.setViewPosition(p);
49 | //view.setLocation(p);
50 |
51 |
52 | //jScrollPane1.setViewport(view);
53 | //jScrollPane1.setViewportView(view);
54 | }
55 |
56 | /** This method is called from within the constructor to
57 | * initialize the form.
58 | * WARNING: Do NOT modify this code. The content of this method is
59 | * always regenerated by the Form Editor.
60 | */
61 | // //GEN-BEGIN:initComponents
62 | private void initComponents() {
63 | java.awt.GridBagConstraints gridBagConstraints;
64 |
65 | jButton1 = new javax.swing.JButton();
66 | jScrollPane1 = new javax.swing.JScrollPane();
67 | jTextAreaReport = new javax.swing.JTextArea();
68 |
69 | setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE);
70 | getContentPane().setLayout(new java.awt.GridBagLayout());
71 |
72 | jButton1.setIcon(new javax.swing.ImageIcon(getClass().getResource("/com/sittinglittleduck/DirBuster/gui/icons/fileclose.png"))); // NOI18N
73 | jButton1.setText("Close");
74 | jButton1.addActionListener(new java.awt.event.ActionListener() {
75 | public void actionPerformed(java.awt.event.ActionEvent evt) {
76 | jButton1ActionPerformed(evt);
77 | }
78 | });
79 | gridBagConstraints = new java.awt.GridBagConstraints();
80 | gridBagConstraints.gridx = 0;
81 | gridBagConstraints.gridy = 1;
82 | gridBagConstraints.anchor = java.awt.GridBagConstraints.SOUTHWEST;
83 | gridBagConstraints.insets = new java.awt.Insets(10, 10, 7, 10);
84 | getContentPane().add(jButton1, gridBagConstraints);
85 |
86 | jScrollPane1.setFont(new java.awt.Font("Arial", 0, 11));
87 |
88 | jTextAreaReport.setColumns(20);
89 | jTextAreaReport.setRows(5);
90 | jTextAreaReport.setText("The following lists are included with DirBuster:\n\napache-user-enum-1.0.txt (8916 usernames) \nUsed for guessing system users on apache with the userdir module enabled, based on a \nusername list I had lying around (unordered)\n\napache-user-enum-2.0.txt (10341 usernames) \nUsed for guessing system users on apache with the userdir module enabled, based \non ~XXXXX found during list generation (Ordered)\n\ndirectory-list-2.3-small.txt (87650 words) \nDirectories/files that where found on at least 3 different hosts\n\ndirectory-list-2.3-medium.txt (220546 words) \nDirectories/files that where found on at least 2 different hosts\n\ndirectory-list-lowercase-2.3-small.txt (81629 words) \nCase insensitive version of directory-list-2.3-small.txt\n\ndirectory-list-lowercase-2.3-medium.txt (207629 words) \nCase insensitive version of directory-list-2.3-medium.txt\n\ndirectory-list-1.0.txt (141694 words) \nOriginal unordered list \n\ndirectories.jbrofuzz (50000 words)\nCase sensitive list from the OWASP JbroFuzz Project. Explicit words have been removed\n\nOld lists (not included, avalible from http://sourceforge.net/projects/dirbuster/)\n\ndirectory-list-2.3-big.txt (1273819 words) \nAll directories/files that where found\n\ndirectory-list-lowercase-2.3-big.txt (1185240 words) \nCase insensitive version of directory-list-2.3-big.txt");
91 | jTextAreaReport.setAutoscrolls(false);
92 | jScrollPane1.setViewportView(jTextAreaReport);
93 |
94 | gridBagConstraints = new java.awt.GridBagConstraints();
95 | gridBagConstraints.gridx = 0;
96 | gridBagConstraints.gridy = 0;
97 | gridBagConstraints.gridwidth = 2;
98 | gridBagConstraints.fill = java.awt.GridBagConstraints.BOTH;
99 | gridBagConstraints.ipadx = 357;
100 | gridBagConstraints.ipady = 227;
101 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
102 | gridBagConstraints.weightx = 1.0;
103 | gridBagConstraints.weighty = 1.0;
104 | gridBagConstraints.insets = new java.awt.Insets(10, 10, 0, 10);
105 | getContentPane().add(jScrollPane1, gridBagConstraints);
106 |
107 | java.awt.Dimension screenSize = java.awt.Toolkit.getDefaultToolkit().getScreenSize();
108 | setBounds((screenSize.width-617)/2, (screenSize.height-551)/2, 617, 551);
109 | }// //GEN-END:initComponents
110 |
111 | private void jButton1ActionPerformed(java.awt.event.ActionEvent evt)//GEN-FIRST:event_jButton1ActionPerformed
112 | {//GEN-HEADEREND:event_jButton1ActionPerformed
113 | this.dispose();
114 | }//GEN-LAST:event_jButton1ActionPerformed
115 |
116 |
117 | // Variables declaration - do not modify//GEN-BEGIN:variables
118 | private javax.swing.JButton jButton1;
119 | private javax.swing.JScrollPane jScrollPane1;
120 | private javax.swing.JTextArea jTextAreaReport;
121 | // End of variables declaration//GEN-END:variables
122 |
123 | }
124 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/ImageCreator.java:
--------------------------------------------------------------------------------
1 | /*
2 | * ImageCreator.java
3 | *
4 | * Created on June 21, 2007, 2:45 PM
5 | *
6 | */
7 |
8 | package com.sittinglittleduck.DirBuster;
9 |
10 | import javax.swing.ImageIcon;
11 | import org.apache.commons.codec.binary.Base64;
12 |
13 | /**
14 | *
15 | * @author james
16 | */
17 | public class ImageCreator
18 | {
19 | private static Base64 base64 = new Base64();
20 | public static final ImageIcon OWASP_IMAGE = new ImageIcon(base64.decode("iVBORw0KGgoAAAANSUhEUgAAAGAAAABYCAMAAAA9bwLKAAAAAXNSR0ICQMB9xQAAAqxQTFRFAAAAExMTGxsbCwsLFBkbFBUaCgkGDxASBggFBwgKAAETAAEaAwkUDhIbGBYYEBAOBgsZDhAPCQwaGBkWCAcFCw0SAQIjExkiCAs1DBE8CxEhBgkvAwUrCAsuExUhGx0hDRREFR1WERZGHSIkHCMqHiQwGSJaGCBHHCdlHy5xHzR3IBwbICAeOzs7KyssLjAuMjIzIiMiNTg2JSksKS0wNTk7KScoMTEvKjAzNDU5KCgmJSUpODc8KzI4PD1BJTFrMDx2JjV4ISxqJC50KDyIJj6RMT2HPkM/PUJEKkGMNEWMNEuYOVKcKkWVNU+jPFWgQD4/U1NTSktLQkNDWVdYW1tbWFZXUFJPRkhHTU5RTVBTVFVZVlhbRkhKSEdMRUVJVlhXXVxgQE6VQ1abRFSPVF2cRFujXWBfXWBhXmObS2OnVWmrW3CuWnSyWW2wTXGtTnSxXYG3YF5fc3JzY2Nja2tre3p7bnBvaGpnb3Fyd3h5ZWlrdXV4eXd4aGZneHZ3YmqqZnm0dHy2YnOtdnarfoGAdoa6aoO5e5C9e4zAe5TDbYrBgH+Ai4uMg4OEmpqbiYeIkpKTmJiWiomHkJCOlpiVkpiYlpaYjo6Qh4iKj5CRkI6PhIu8i5C4kZC6go3Bh5fFkZzInqCfi6HLl6bMmqvRnrHSjqXRoJ6foZ+goKCeu7u7q6uso6OjrbCvs7OzuLq3p6mmtri3p6ipt7i5qKqnr7CxpqWosK+xoK3Ooa3Rp7XVs7vZo7DOucLcv8DBvMXgwL/C29vbw8PDy8vL09PT0M7Q1tjXzNDR1tbYyczVxsbIx8jKyMbH2dnW2NbXyMfKw8rhy9Hk1t/w3d7h3uHg4d/g4ODe8/Pz6+vr4+Pj8PDu+Pj29vb46efo6ubl7u7w6Ojm7vDu9vj3GyzEYgAAAAF0Uk5TAEDm2GYAAAAJcEhZcwAACdgAAAnYAcegua0AAAAZdEVYdFNvZnR3YXJlAE1pY3Jvc29mdCBPZmZpY2V/7TVxAAAQ+ElEQVRo3s1Z+19TZ5oniY4nJxbdtkSozG6QGY1WzhLH67Q7GkioyclFYCJqLzubSNzmJAGagFbnwgmaGDDJorTdCzRhkkC3SSbjTre7kJQyJHF2OrvdxdmuAafby/wj+zzvCYrWWmv9YZ/wAfl82u/3eb7P5X2fl6qq/zdWXiik0plMOv2LbKpYWnq02KV0yHOqvaOjs7Oj/YcWb/9AOBTJFh4VSyHU3sT8eXPTkc6Ooxavt/+0Z2DgQvhvQqORdOqbcyxnLIxIxTQ3NYHz7ZZXvP39gB8Oh0YvR1CvVGn5m8AvDDSLRWKmubnpuc6OLvD/DIG/cmUM8dPp7C9TqWLxoaNYCDMSkVhF8I91tR+1/NDyVyBR/6tnw2ORzFWCXygUS6WF8kNldrQZ4HcS/M5jx47sYr7XKF6zds2axsbdew63nwtd/SeAL1wD/OXlhwji2vFvAb54L7NvV1NTs2odJZVKaZmcmIym1z+2af9fj6ULpdJvFm4sL9382jGEVRT6zzD7mhmxBLDltYoG5cGDhw6pNertyq3b6uS07Kk93teK4P5S+eviL1koSlItblQxjGoDRdFyhVKt07NW1mowmFgDGKvTtWyTyzZ+58SvPioj/h/KSw/OUmyiqHXVYjHDPP0nlFSmUB4ysgYrAtvsDofw5bDbDfoWhVzW+HwGMvAxsCw9aCZSDOCD/oxKgvDgO/HajLCcg+OcTpfL7XZznMNu0G2Tyb57rgQ1cXPpf5eXHyiIlJiSgv8qlYiiZIrtRtZoYs02O8Aj9iDP8z6fP+DnAzzv4hy2Q1vkG3/w+idlxF94kILNion/KnR/s9KI6GZA5wB9iB/i/X5/MDg+HI0FY8Gg3z/k5AyHamWbzv3bp4D/m9LCV8pUEAn+A42sYYfJyJrMiO52usF1BI/GJiYn4/ABm4gF/Tzn0DfIHj/+DvhfKhVLXxFDiaGkIqhPkKdeqTWaBHjOXYG/OB6LTcYTYDPEEpOxcb+Lsx+spfe8DgTXioXifRmWOinpBtCnGuTZgfIQ5Qk8j9IA/CSiz+YEm52djU8G/S6Hrpbe/cZvS8VCIVW6H0E/qU9Ir7R2B6pPxHe7KuoI8DMIn8/n5/Jo88nkZAx0stbJdv9tEQmy92HISAD/CdBfqtCYtCYT+u92D0HdYG4F/OQKPlp+bn4+N5uIj/NOq4LePVr8dSqVzX7pBC+pKCG/0lqNFnpL8J93gv8BxI/FgWB2VnAf4BcX5+fmF/M5TEXAdbKOPhCBALLp7JeUUrmd4O98kuiP1UnKBwTy+/xQmiQAxEeGRYTHr+tzkIvE5Ljfba3deDiNBJnCvQnSEkk1qX/5dlL+pHOdUP2rMgD474H/19H/D+avL+aBYC4PKmGq9fKNL/wC8DNvL9wzgE7A3/l9MUVv1QIBJtgBE+FWhqMkAySAxcW5uQ8W56//fi43jwT595CBdx6kNw1k/znz1uXsvQgiWJ97VU9KFYDPkgoCiVxCAP5gFAigA2Zzi6gPJuD6f1/P5efn4d9EpIkgz22j949l3oq8NnqPSlpuFsF83ieCBECDsSa7kOJBfoWA5HiGpHgRqmdu8ffz8E/AnsPvM4n4RT9/snb9iUwkMhqKfLHdRqF/n9mnougGIQBzpcdQooBAABLlZ2awgqCGFq+D/1CwuSn8AQSxmD/AtdCNFyCA0JXi3fg3u0QqOH9F1GaNVighMiM4Icc8DAnCkM/D13sf5ICBEAD21FQO05BPxII+3lYnfTEyFgpdytwdwu/EiP99SgYTCAhw/JMkOEkZVTSCNEPVz83m80nQ6bowLqaSU2Rm5GLBEd55SLbGAwGEwzfuIvixWAXXhyeoWn23VmfUg0gGg9VgtXXbgGUQSALIkJicQWeTeSyneQI/NZWcjidzszAxon7eZa+jX/y7K+ELnrsKafnATmbfs80SWsme727TWuEABjtps8Ep2Y1HZE9PT2+f/yLGsDgXn55OJJOzyeQUwZ+OJaFMkSAwxKnpxrPhCwNnL928s8nw/nOEoepbdTbfeatOb8WP1WyzOczkCO5x9Lp6+1x9IxeH4/n5eDyeTE7PJnNJ+JGEX2YSiTgeDjD1vr3eEh4Y8HjubOcBVfOzTR3VlMLYpreen3hZr9efRIVsNsxFJYJeV1/fSGBkZBjw44npJLHp6Xg8l0zgyQAELs7cQO259BOP58zVO+8pzK6mzk5QSI/28sT5bvgBDFBNWE+Y7h4noQB8MGCYTiSmp+cXc8l4bnYGFYr5MQKHmt50+qzntPfK6pFX6oD7YQcDNdqGwNaTQxPj3Ua8AJnxvBc0cgWG49NQMdBqhAEbezqfn8ol4WiLxyAFft7J2dlaacfZ02e8no9W3yTgev5S106pog0IQHxWb+djPgdcsAxmohFwRKGZklN4Ts7k44QBDdIwOzMDUyQWDfoDvBOuMtuk+z1nvF7v6l7LNHce6+oQSbe2EYlYqFLWMTQ+7uO5kxgHhDAUwGYYH/YHAoH4VEWmYagf0IcINE4U4uwmJd3o7fda2lcX6ijuF101shadpk0HbQD4cNkyc77YBObuYvyiE+5ByBDoAyNpAIsBSQLhYU6MYwCDcBlj1bK1sAlZuiKrJrUH8I++VCNvbdO1QZfhMGJNJoPVZOeG8Lz0wZVo6HwgEON7SK2OxKemUabhZB4KCSYR3JMwACfnMBs0sprjXoul49LtaVH2Hms/+krn+nq1TqPT6fSEwMAKCSbnDowMmEnRmT4Oa7WvLxDP54aH5+PD0zk8bqCCsAkwx3ZWU7++09ve3uW9TbDU3tVu8R6Do1iDBDojiQEZSJFWCJyTCR7wkSHQN5KcHRmZmp9KxtCikGG/DwOwG1htnXSPpb294+jtOl2G/c7b/xxdp75FwJJpJNSQg1wcnbEJp6OHExq6b2Q2OTISyydx8CVjw4Af4AUCIxDsfx6W3o7bt4sl2O9+2n8YLitCCBoMwWQ0CTNViMEZneRIv7l6e/v6eodn4oG+4akktMZsbhLSL2QAcswaFVKmvQuW6k9WNTIsdz/rpAkBmNaIMxuONVDJZBM6ORrtJv3W0+PGIIKzcVBqMpdDeaL+8QBfCcBg1G0DAsA/sioCwPcMHKO3VPDBhBhui+SbdJBIIAbA7x2JJWKQ61gsmYtHg8GgLxBA/G67mbXqFDSD+E2rCQD/wotSResKg5EYlCpcv1CnoUmuMvW4nh5HDxwOyREX1CvcNaaxhX0BfsgNAdhNVn3bFqnqJcDftYqg3/OTgfAJuu52BEQjkmi4wJgdk4NshQBlcsFqMAsEvQGo/3EhwUNuJ9cNRarX6xSUqvO5pubm2wTlAc9AOPTC45vVd2pkgHYjy9O4D0qWaIUULrwEzAR6e3t5rH+Cz7uFAEwGvW6zVNXZtKv5yGe3CUIDF8KhM49tBonUq0KAIPS4UvJv2oHAWpncHF5V/Qkec43lQ/AxACAwQwSazdLvwW7NdKya1xEI4PLZTfLtd0aAaQaf7BMO1mTFpgMGmwPvMXws6caCugPfARkAgtZ6imlq3rf3lVUXi2w4NHb5yjOyFo1auxKBlrQCpMHEnxeWY0LRgzcx3peIYboxGJ4kgCydZtDUqG2RUXD+MuJLqzfj8Njo26/tkW2tRLBjJQQW8uCYtLGkrQHA7nAO4lQKJgZ7MN284P+KQCbWqNdulUoAf684svphZXQ0krl6glZoNdqK/wKBAdotOAhzw4D1ZIUEuHHsDU36Ad7tcJBwhnBrht8Bn9UadQqpaD+zdyez+jz4LDOayWTP1tQSeVYlGRh6fCwrDFeDnUw9p8vpJ2MDRHcL+E4OM0AE0mg2U6J9e1Xi5tUX4HI2kkln394vUxp1AK0VZgUmwWjyd1cIDMLU45wudywqtISd452wY6H/UKIG+D80GiVNqRhY4zs+u2M9Bvxs4QXpFr3xtkGOTcaeCQN0NHysZE6QucolonacHHY7BuQk+sAUYo3gmkYhlQC+WOS583UL8FP/Hv7Teo0eT0uoTfiYcNhNcHrWpDcZBJcR340EBtLXZoeTE+Sp4Gs0UKRrQaAnqjN3rje/zKYKxfQBmZIVSnLF+vwGcjxXBp1gjpgP8W3QFPAL1o/NQBIABEoZVa36M/EG5q5ds5QtFIrFc4/X6QxmkxlLjmjgCL5sIpcK8tDidkC5u+ETHLfjfwHjowcmKMgDsULeNDqNpk4qVYnFIonn7h0fn/cW0s/IWwS8HuKxw+W3mSuOYy9xWJDwxUcd0BVoDiG9Br0Jy0+ngxSLxOJqkeg/vrAkF/B579WNtTrhGIZBwPVwUR95quC4QTdiD3ECgftNjsCbDQBvJ/JggnUada2UQnxJx80v7GiI//n7B2RbyQMIVgesyAHoqkHoVOhV8o0YEEbdZgPiw4RCeIIPp62mQUatQ3zJ2D2eST+8sby09OOn6jWVDRw2myF+lSEH7yZjh/PzBjN5uwOeFf+BoHUzRVWDPtT+/7nHnnzjxtLnVb89LNuGO7jwhIBjDU4rHw40NPcKAR8VigwrjuALASikVA3iU5fv+ZZDnj/f/Y5MaSIzgexmAO9HjsAKAcwiLM3oy4iO1ydjRR8gaKApKeBLqGf/cC+CP5Ln1c8HnpLvAAYnWWBxw/TjyPSRqenCsUkay/cmTDYWL7HIoBVaQE5RIsSnMvd5Ua4qPb+xVgPlhzkGhQiDL3BrbOLBgqUZ5bQ4mwm8lgTQWktRNYAvpY5//KXw5fKn5Xd+IKuDWnU4K0kAAkEhEKjiP5T+4PjK2NIKBFihUtE6iYQSX/ty/8ufLi0t/Wo3rTCa7ZUtnPevVJGQX4IPJTTuIEMXvmEDa3bUAf7aDZL7CwSJ/mR5+aPR3XCDMdkcXCWIlTIV5j4cjYDPOt5ktdo2TC987dhRBwkWEfxX7vsq+Bk+ry68/l26Vm0iQQDH0K1ji8ADPuZWe/68pk3bJhyyrajPug2gP9V0/6fTpY8WFv6zVBr7C7peaYSpR+a/cwj7uiIP6SwczazPWoHXNNRTFLUO9aeeKd3/4bS8/GGpVCoW//HwRnmDhmXN9ltDWlDfAO6bhM7tHm9rxfS2KmRCfsF/0a+/6um3vADwxULxX048Rtduh8NMOGoEcTC5pHPh3IbJNni+Ta1RKzfTFCUB/CcB/1+/+vG6XCr+rlBIvf+uZzctV6j1eGMhW4LJjvd5Io/GiINBrbFaW1sVcim+dhN9qlMP8vxeLgF+KpV95+9fXEPj8z7LVo59E7at3qjTVaTXVOBr1gr4qgfCB4YiPq++m3735/17HsM/fxwiI4HMNEBvq+CrW7cqvg3wUlG1iNTPgWLVg1opm02nr2bezrzxKlDQ9XUtag2st3qjVicYDB6lQi5D76vFIgG//ev8LWrhnXQ68/NI5I3XQ97Oxo00La/dslWpbFG3HjzYotzaoKiV0+j8OvHTcL5gfkXhqq9lnxcykcjl0dF/CIWueE4dXrNOKqVpmazyZy7Axmd0lUr1NIxn0bcoqvNa1de1Unp0dHQsFAqH8X3J8pfNTOPaGklNjQRMtFasYpi9cL9CfIraG3qYPwaWi5FQ+ArCn/W8err/3Kkfkb/4NoHt2YX3Z5WqGs5HmJ6XFqoezsqpywAP+Kf7z3hPnbLA/n684yWyfzXD9RDvP9Q6xvOw8GQ0lTLh0/2n+71eL8LD+g7rI+DvY1R7QR7p05bIN4EndiM75jnntfyoHbb3FXwGnBeLmc7wf31c9Qjsj8vvZ8bOei0dnYLvDLOvqeOn4cy1ctUjtPJyMZWOkNJ9K5368JFifxP7P3WlcRVYxi88AAAAAElFTkSuQmCC".getBytes()));
21 |
22 | /** Creates a new instance of ImageCreator */
23 | public ImageCreator()
24 | {
25 | }
26 |
27 |
28 |
29 | }
30 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JTableTree/TreeTableModelAdapter.java:
--------------------------------------------------------------------------------
1 | /*
2 | * @(#)TreeTableModelAdapter.java 1.2 98/10/27
3 | *
4 | * Copyright 1997, 1998 by Sun Microsystems, Inc.,
5 | * 901 San Antonio Road, Palo Alto, California, 94303, U.S.A.
6 | * All rights reserved.
7 | *
8 | * This software is the confidential and proprietary information
9 | * of Sun Microsystems, Inc. ("Confidential Information"). You
10 | * shall not disclose such Confidential Information and shall use
11 | * it only in accordance with the terms of the license agreement
12 | * you entered into with Sun.
13 | */
14 |
15 | package com.sittinglittleduck.DirBuster.gui.JTableTree;
16 |
17 | import javax.swing.JTree;
18 | import javax.swing.SwingUtilities;
19 | import javax.swing.table.AbstractTableModel;
20 | import javax.swing.tree.TreePath;
21 | import javax.swing.event.TreeExpansionEvent;
22 | import javax.swing.event.TreeExpansionListener;
23 | import javax.swing.event.TreeModelEvent;
24 | import javax.swing.event.TreeModelListener;
25 |
26 | /**
27 | * This is a wrapper class takes a TreeTableModel and implements
28 | * the table model interface. The implementation is trivial, with
29 | * all of the event dispatching support provided by the superclass:
30 | * the AbstractTableModel.
31 | *
32 | * @version 1.2 10/27/98
33 | *
34 | * @author Philip Milne
35 | * @author Scott Violet
36 | */
37 | public class TreeTableModelAdapter extends AbstractTableModel
38 | {
39 | JTree tree;
40 | TreeTableModel treeTableModel;
41 |
42 | public TreeTableModelAdapter(TreeTableModel treeTableModel, JTree tree) {
43 | this.tree = tree;
44 | this.treeTableModel = treeTableModel;
45 |
46 | tree.addTreeExpansionListener(new TreeExpansionListener() {
47 | // Don't use fireTableRowsInserted() here; the selection model
48 | // would get updated twice.
49 | public void treeExpanded(TreeExpansionEvent event) {
50 | fireTableDataChanged();
51 | }
52 | public void treeCollapsed(TreeExpansionEvent event) {
53 | fireTableDataChanged();
54 | }
55 | });
56 |
57 | // Install a TreeModelListener that can update the table when
58 | // tree changes. We use delayedFireTableDataChanged as we can
59 | // not be guaranteed the tree will have finished processing
60 | // the event before us.
61 | //
62 | // FIXME we are ignoring the above warning, and trying to do the
63 | // relevant calculations directly. This may break something
64 | // but I guess we won't know if we don't try!
65 | treeTableModel.addTreeModelListener(new TreeModelListener() {
66 | public void treeNodesChanged(TreeModelEvent e) {
67 | int row = TreeTableModelAdapter.this.tree.getRowForPath(e.getTreePath());
68 | if (row < 0) return; // parent is not visible
69 |
70 | // This is painful! Why does the relevant TreePath constructor have to be protected?!
71 | Object[] children = e.getChildren();
72 | Object[] path = e.getTreePath().getPath();
73 | Object[] childPath = new Object[path.length+1];
74 | System.arraycopy(path, 0, childPath, 0, path.length);
75 |
76 | childPath[childPath.length - 1] = children[0];
77 | TreePath firstChildChanged = new TreePath(childPath);
78 | int firstRow = TreeTableModelAdapter.this.tree.getRowForPath(firstChildChanged);
79 |
80 | childPath[childPath.length - 1] = children[children.length-1];
81 | TreePath lastChildChanged = new TreePath(childPath);
82 | int lastRow = TreeTableModelAdapter.this.tree.getRowForPath(lastChildChanged);
83 |
84 | if (firstRow * lastRow < 0) System.err.println("First row is " + firstRow + " and last row is " + lastRow);
85 | if (firstRow < 0 || lastRow < 0) return;
86 |
87 | if (e instanceof TreeTableModelEvent && firstRow == lastRow) {
88 | int column = ((TreeTableModelEvent) e).getColumn();
89 | delayedFireTableCellUpdated(firstRow, column);
90 | } else {
91 | delayedFireTableRowsUpdated(firstRow, lastRow);
92 | }
93 | }
94 |
95 | public void treeNodesInserted(TreeModelEvent e) {
96 | delayedFireTableDataChanged();
97 | }
98 |
99 | public void treeNodesRemoved(TreeModelEvent e) {
100 | delayedFireTableDataChanged();
101 | }
102 |
103 | public void treeStructureChanged(TreeModelEvent e) {
104 | delayedFireTableStructureChanged();
105 | }
106 | });
107 | }
108 |
109 | // Wrappers, implementing TableModel interface.
110 |
111 | public int getColumnCount() {
112 | return treeTableModel.getColumnCount();
113 | }
114 |
115 | public String getColumnName(int column) {
116 | return treeTableModel.getColumnName(column);
117 | }
118 |
119 | public Class getColumnClass(int column) {
120 | return treeTableModel.getColumnClass(column);
121 | }
122 |
123 | public int getRowCount() {
124 | return tree.getRowCount();
125 | }
126 |
127 | protected Object nodeForRow(int row) {
128 | TreePath treePath = tree.getPathForRow(row);
129 | return treePath.getLastPathComponent();
130 | }
131 |
132 | public Object getValueAt(int row, int column) {
133 | return treeTableModel.getValueAt(nodeForRow(row), column);
134 | }
135 |
136 | public Object getRowNode(int row)
137 | {
138 | return nodeForRow(row);
139 | }
140 |
141 | public boolean isCellEditable(int row, int column) {
142 | return treeTableModel.isCellEditable(nodeForRow(row), column);
143 | }
144 |
145 | public void setValueAt(Object value, int row, int column) {
146 | treeTableModel.setValueAt(value, nodeForRow(row), column);
147 | }
148 |
149 | /**
150 | * Invokes fireTableDataChanged after all the pending events have been
151 | * processed. SwingUtilities.invokeLater is used to handle this.
152 | */
153 | protected void delayedFireTableDataChanged() {
154 | SwingUtilities.invokeLater(new Runnable() {
155 | public void run() {
156 | fireTableDataChanged();
157 | }
158 | });
159 | }
160 |
161 | /**
162 | * Invokes fireTableDataChanged after all the pending events have been
163 | * processed. SwingUtilities.invokeLater is used to handle this.
164 | */
165 | protected void delayedFireTableCellUpdated(final int row, final int column) {
166 | SwingUtilities.invokeLater(new Runnable() {
167 | public void run() {
168 | fireTableCellUpdated(row, column);
169 | }
170 | });
171 | }
172 |
173 | /**
174 | * Invokes fireTableDataChanged after all the pending events have been
175 | * processed. SwingUtilities.invokeLater is used to handle this.
176 | */
177 | protected void delayedFireTableRowsUpdated(final int first, final int last) {
178 | SwingUtilities.invokeLater(new Runnable() {
179 | public void run() {
180 | fireTableRowsUpdated(first, last);
181 | }
182 | });
183 | }
184 |
185 | /**
186 | * Invokes fireTableDataChanged after all the pending events have been
187 | * processed. SwingUtilities.invokeLater is used to handle this.
188 | */
189 | protected void delayedFireTableStructureChanged() {
190 | SwingUtilities.invokeLater(new Runnable() {
191 | public void run() {
192 | fireTableStructureChanged();
193 | }
194 | });
195 | }
196 | }
197 |
198 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/gui/JDialogVersion.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JDialogVersion.java
3 | *
4 | * Copyright 2007 James Fisher
5 | *
6 | * This library is free software; you can redistribute it and/or
7 | * modify it under the terms of the GNU Lesser General Public
8 | * License as published by the Free Software Foundation; either
9 | * version 2.1 of the License, or (at your option) any later version.
10 | *
11 | * This library is distributed in the hope that it will be useful,
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | * Lesser General Public License for more details.
15 | *
16 | * You should have received a copy of the GNU Lesser General Public
17 | * License along with this library; if not, write to the Free Software
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 | */
20 |
21 | package com.sittinglittleduck.DirBuster.gui;
22 |
23 | import com.sittinglittleduck.DirBuster.*;
24 |
25 | /**
26 | *
27 | * @author James
28 | */
29 | public class JDialogVersion extends javax.swing.JDialog
30 | {
31 |
32 | /** Creates new form JDialogVersion */
33 | public JDialogVersion(java.awt.Frame parent, boolean modal)
34 | {
35 | super(parent, modal);
36 | initComponents();
37 | this.setTitle("DirBuster " + Config.version + " - Version Information");
38 | jLabel1.setText("DirBuster " + Config.version);
39 | jLabel7.setText(Config.versionDate);
40 | }
41 |
42 | /** This method is called from within the constructor to
43 | * initialize the form.
44 | * WARNING: Do NOT modify this code. The content of this method is
45 | * always regenerated by the Form Editor.
46 | */
47 | // //GEN-BEGIN:initComponents
48 | private void initComponents()
49 | {
50 | java.awt.GridBagConstraints gridBagConstraints;
51 |
52 | jButtonOk = new javax.swing.JButton();
53 | jLabel1 = new javax.swing.JLabel();
54 | jLabel2 = new javax.swing.JLabel();
55 | jLabel3 = new javax.swing.JLabel();
56 | jLabel4 = new javax.swing.JLabel();
57 | jLabel5 = new javax.swing.JLabel();
58 | jLabel6 = new javax.swing.JLabel();
59 | jLabel7 = new javax.swing.JLabel();
60 |
61 | setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE);
62 | getContentPane().setLayout(new java.awt.GridBagLayout());
63 |
64 | jButtonOk.setIcon(new javax.swing.ImageIcon(getClass().getResource("/com/sittinglittleduck/DirBuster/gui/icons/fileclose.png"))); // NOI18N
65 | jButtonOk.setText("Close");
66 | jButtonOk.addActionListener(new java.awt.event.ActionListener()
67 | {
68 | public void actionPerformed(java.awt.event.ActionEvent evt)
69 | {
70 | jButtonOkActionPerformed(evt);
71 | }
72 | });
73 | gridBagConstraints = new java.awt.GridBagConstraints();
74 | gridBagConstraints.gridx = 0;
75 | gridBagConstraints.gridy = 7;
76 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
77 | gridBagConstraints.insets = new java.awt.Insets(25, 10, 30, 0);
78 | getContentPane().add(jButtonOk, gridBagConstraints);
79 |
80 | jLabel1.setFont(new java.awt.Font("Tahoma", 1, 11));
81 | jLabel1.setText("DirBuster");
82 | gridBagConstraints = new java.awt.GridBagConstraints();
83 | gridBagConstraints.gridx = 0;
84 | gridBagConstraints.gridy = 0;
85 | gridBagConstraints.ipadx = 237;
86 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
87 | gridBagConstraints.insets = new java.awt.Insets(20, 10, 0, 13);
88 | getContentPane().add(jLabel1, gridBagConstraints);
89 |
90 | jLabel2.setText("The web application file and directory brute forcer");
91 | gridBagConstraints = new java.awt.GridBagConstraints();
92 | gridBagConstraints.gridx = 0;
93 | gridBagConstraints.gridy = 1;
94 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
95 | gridBagConstraints.insets = new java.awt.Insets(13, 10, 0, 0);
96 | getContentPane().add(jLabel2, gridBagConstraints);
97 |
98 | jLabel3.setText("Writen by: sittinglittleluck");
99 | gridBagConstraints = new java.awt.GridBagConstraints();
100 | gridBagConstraints.gridx = 0;
101 | gridBagConstraints.gridy = 2;
102 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
103 | gridBagConstraints.insets = new java.awt.Insets(15, 10, 0, 0);
104 | getContentPane().add(jLabel3, gridBagConstraints);
105 |
106 | jLabel4.setText("With help from Madmax");
107 | gridBagConstraints = new java.awt.GridBagConstraints();
108 | gridBagConstraints.gridx = 0;
109 | gridBagConstraints.gridy = 3;
110 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
111 | gridBagConstraints.insets = new java.awt.Insets(15, 10, 0, 0);
112 | getContentPane().add(jLabel4, gridBagConstraints);
113 |
114 | jLabel5.setText("Home: www.sittinglittleduck.com");
115 | gridBagConstraints = new java.awt.GridBagConstraints();
116 | gridBagConstraints.gridx = 0;
117 | gridBagConstraints.gridy = 4;
118 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
119 | gridBagConstraints.insets = new java.awt.Insets(15, 10, 0, 0);
120 | getContentPane().add(jLabel5, gridBagConstraints);
121 |
122 | jLabel6.setText("Contact: dirbuster@sittinglittleduck.com");
123 | gridBagConstraints = new java.awt.GridBagConstraints();
124 | gridBagConstraints.gridx = 0;
125 | gridBagConstraints.gridy = 5;
126 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
127 | gridBagConstraints.insets = new java.awt.Insets(15, 10, 0, 0);
128 | getContentPane().add(jLabel6, gridBagConstraints);
129 |
130 | jLabel7.setFont(new java.awt.Font("Arial", 0, 12));
131 | jLabel7.setText("-------");
132 | gridBagConstraints = new java.awt.GridBagConstraints();
133 | gridBagConstraints.gridx = 0;
134 | gridBagConstraints.gridy = 6;
135 | gridBagConstraints.anchor = java.awt.GridBagConstraints.NORTHWEST;
136 | gridBagConstraints.insets = new java.awt.Insets(15, 10, 0, 0);
137 | getContentPane().add(jLabel7, gridBagConstraints);
138 |
139 | java.awt.Dimension screenSize = java.awt.Toolkit.getDefaultToolkit().getScreenSize();
140 | setBounds((screenSize.width-371)/2, (screenSize.height-334)/2, 371, 334);
141 | }// //GEN-END:initComponents
142 |
143 | private void jButtonOkActionPerformed(java.awt.event.ActionEvent evt)//GEN-FIRST:event_jButtonOkActionPerformed
144 | {//GEN-HEADEREND:event_jButtonOkActionPerformed
145 | this.dispose();
146 | }//GEN-LAST:event_jButtonOkActionPerformed
147 |
148 |
149 | // Variables declaration - do not modify//GEN-BEGIN:variables
150 | private javax.swing.JButton jButtonOk;
151 | private javax.swing.JLabel jLabel1;
152 | private javax.swing.JLabel jLabel2;
153 | private javax.swing.JLabel jLabel3;
154 | private javax.swing.JLabel jLabel4;
155 | private javax.swing.JLabel jLabel5;
156 | private javax.swing.JLabel jLabel6;
157 | private javax.swing.JLabel jLabel7;
158 | // End of variables declaration//GEN-END:variables
159 |
160 | }
161 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/FilterResponce.java:
--------------------------------------------------------------------------------
1 | /*
2 | * FilterResponce.java
3 | *
4 | * Created on 01 December 2005, 22:10
5 | *
6 | * Copyright 2007 James Fisher
7 | *
8 | * This library is free software; you can redistribute it and/or
9 | * modify it under the terms of the GNU Lesser General Public
10 | * License as published by the Free Software Foundation; either
11 | * version 2.1 of the License, or (at your option) any later version.
12 | *
13 | * This library is distributed in the hope that it will be useful,
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 | * Lesser General Public License for more details.
17 | *
18 | * You should have received a copy of the GNU Lesser General Public
19 | * License along with this library; if not, write to the Free Software
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 | */
22 |
23 | package com.sittinglittleduck.DirBuster;
24 | import java.util.regex.*;
25 | import java.net.URL;
26 |
27 |
28 | /**
29 | * Util class to normliaze http responces
30 | */
31 | public class FilterResponce
32 | {
33 |
34 | /**
35 | * Creates a new instance of FilterResponce
36 | */
37 | public FilterResponce()
38 | {
39 |
40 | }
41 |
42 | /**
43 | * Clean the responce of a work unit
44 | * @param toclean String to clean
45 | * @param work Unit of work the toclean string refferes to
46 | * @return Cleaned responce
47 | */
48 | public static String CleanResponce(String toclean, WorkUnit work)
49 | {
50 | return CleanResponce(toclean, work.getWork(), work.getItemToCheck());
51 | }
52 |
53 | /**
54 | * Clean the responce of a work based on a URL
55 | * @param toclean String to clean
56 | * @param url URL that generated the reponce that is to be cleaned
57 | * @return String of cleaned responce
58 | */
59 | public static String CleanResponce(String toclean, URL url, String itemChecked)
60 | {
61 |
62 | if(toclean != null)
63 | {
64 | if(!toclean.equals(""))
65 | {
66 | //remove the firstline from the responce
67 | //firstline = toclean.
68 |
69 | //remove date header
70 | Pattern p = Pattern.compile("Date: [\\w\\d, :;=/]+\\W", Pattern.CASE_INSENSITIVE);
71 | Matcher m = p.matcher(toclean);
72 | if(m.find())
73 | {
74 | //System.out.println("Found Date value = '" + m.group(0) + "'");
75 | toclean = toclean.replaceAll(m.group(0), "DATE LINE REMOVED");
76 | }
77 |
78 | //remove P3P header
79 | p = Pattern.compile("P3P: [\\w\\d, :;=/]+\\W", Pattern.CASE_INSENSITIVE);
80 | m = p.matcher(toclean);
81 | if(m.find())
82 | {
83 | //System.out.println("Found Date value = '" + m.group(0) + "'");
84 | toclean = toclean.replaceAll(m.group(0), "PSP LINE REMOVED");
85 | }
86 |
87 | //Remove cookie header
88 | p = Pattern.compile("Set-Cookie:.*?\r\n", Pattern.CASE_INSENSITIVE);
89 | m = p.matcher(toclean);
90 | if(m.find())
91 | {
92 | //System.out.println("Found Date value = '" + m.group(0) + "'");
93 | toclean = toclean.replaceAll(m.group(0), "SET-COOKIE LINE REMOVED\r\n");
94 | }
95 |
96 | //Remove Expires
97 | p = Pattern.compile("Expires: [\\w\\d, :-;=/]+\\W", Pattern.CASE_INSENSITIVE);
98 | m = p.matcher(toclean);
99 | if(m.find())
100 | {
101 | //System.out.println("Found Date value = '" + m.group(0) + "'");
102 | toclean = toclean.replaceAll(m.group(0), "EXPIRES LINE REMOVED");
103 | }
104 |
105 | //Remove Etag
106 | p = Pattern.compile("ETag: [\\w\\d\"\', :]+\\W", Pattern.CASE_INSENSITIVE);
107 | m = p.matcher(toclean);
108 | if(m.find())
109 | {
110 | //System.out.println("Found Date value = '" + m.group(0) + "'");
111 | toclean = toclean.replaceAll(m.group(0), "");
112 | }
113 |
114 | //Remove a possible date
115 | p = Pattern.compile("\\w\\w\\w,? \\d\\d? \\w\\w\\w \\d\\d\\d\\d \\d?\\d?:?\\d?\\d?:?\\d?\\d? \\w?\\w?\\w?", Pattern.CASE_INSENSITIVE);
116 | m = p.matcher(toclean); // get a matcher object
117 | toclean = m.replaceAll("DATE REMOVED");
118 |
119 | //remove the host
120 | p = Pattern.compile(Pattern.quote(url.getHost()), Pattern.CASE_INSENSITIVE);
121 | m = p.matcher(toclean); // get a matcher object
122 | toclean = m.replaceAll("HOST REMOVED");
123 |
124 | //remove the entire URL
125 | p = Pattern.compile(Pattern.quote(url.toString()), Pattern.CASE_INSENSITIVE);
126 | m = p.matcher(toclean); // get a matcher object
127 | toclean = m.replaceAll("ADDRESSED REMOVED");
128 |
129 | //remove the file location
130 | p = Pattern.compile(Pattern.quote(url.getFile()), Pattern.CASE_INSENSITIVE);
131 | m = p.matcher(toclean); // get a matcher object
132 | toclean = m.replaceAll("FILE REMOVED");
133 |
134 | p = Pattern.compile(Pattern.quote(url.getPath()), Pattern.CASE_INSENSITIVE);
135 | m = p.matcher(toclean); // get a matcher object
136 | toclean = m.replaceAll("PATH REMOVED");
137 |
138 | //remove any ip address
139 | p = Pattern.compile("\\d\\d\\d?\\.\\d\\d\\d?\\.\\d\\d\\d?\\.\\d\\d\\d?", Pattern.CASE_INSENSITIVE);
140 | m = p.matcher(toclean); // get a matcher object
141 | toclean = m.replaceAll("IP ADDRESSED REMOVED");
142 | /*
143 | if(itemChecked != null)
144 | {
145 | //remove the item that is being checked for
146 | p = Pattern.compile(itemChecked, Pattern.CASE_INSENSITIVE);
147 | m = p.matcher(toclean); // get a matcher object
148 | toclean = m.replaceAll("ITEM TOCHECK REMOVED");
149 | }
150 | */
151 | }
152 |
153 | }
154 | return toclean;
155 |
156 | }
157 |
158 | public static String removeItemCheckedFor(String toclean, String itemToCheckFor)
159 | {
160 | /*
161 | if (itemToCheckFor != null && toclean != null)
162 | {
163 | //remove the item that is being checked for
164 | Pattern p = Pattern.compile(itemToCheckFor, Pattern.CASE_INSENSITIVE);
165 | Matcher m = p.matcher(toclean); // get a matcher object
166 | toclean = m.replaceAll("ITEM TOCHECK REMOVED");
167 | }
168 | */
169 |
170 | return toclean;
171 | }
172 |
173 | private static String RegexSafe(String toMakeSafe)
174 | {
175 | //toMakeSafe.replaceAll("\\", "\\\\");
176 | toMakeSafe.replaceAll("\\.", "\\\\.");
177 | toMakeSafe.replaceAll("\\*", "\\\\*");
178 | return toMakeSafe;
179 | }
180 |
181 | }
182 |
--------------------------------------------------------------------------------
17 |
18 |
19 |
20 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/Own-Lists.html:
--------------------------------------------------------------------------------
1 |
6 |
7 |
8 |
9 | 
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/src/com/sittinglittleduck/DirBuster/help/Auth.html:
--------------------------------------------------------------------------------
1 |
6 |
7 |
8 |
9 |