Skip to content

Commit

Permalink
fix max-attack-time
Browse files Browse the repository at this point in the history
  • Loading branch information
bretfourbe committed Nov 24, 2023
1 parent 9efbdf7 commit 99da7d7
Show file tree
Hide file tree
Showing 11 changed files with 27 additions and 69 deletions.
2 changes: 1 addition & 1 deletion wapitiCore/attack/attack.py
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,7 @@ def external_endpoint(self):

@property
def max_attack_time(self):
return self.options.get("max_attack_time", 0)
return self.options.get("max_attack_time", None)

@property
def cms(self):
Expand Down
5 changes: 0 additions & 5 deletions wapitiCore/attack/mod_buster.py
Original file line number Diff line number Diff line change
Expand Up @@ -100,11 +100,6 @@ async def test_directory(self, path: str):

with open(path_join(self.DATA_DIR, self.PATHS_FILE), encoding="utf-8", errors="ignore") as wordlist:
while True:
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

if pending_count < self.options["tasks"] and not self._stop_event.is_set():
try:
Expand Down
6 changes: 1 addition & 5 deletions wapitiCore/attack/mod_exec.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,11 +84,7 @@ async def attack(self, request: Request, response: Optional[Response] = None):
vulnerable_parameter = False

for mutated_request, parameter, payload_info in self.mutator.mutate(request, self.get_payloads):
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

if current_parameter != parameter:
# Forget what we know about current parameter
current_parameter = parameter
Expand Down
5 changes: 0 additions & 5 deletions wapitiCore/attack/mod_file.py
Original file line number Diff line number Diff line change
Expand Up @@ -154,11 +154,6 @@ async def attack(self, request: Request, response: Optional[Response] = None):
vulnerable_parameter = False

for mutated_request, parameter, payload_info in self.mutator.mutate(request, self.get_payloads):
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

if current_parameter != parameter:
# Forget what we know about current parameter
Expand Down
12 changes: 2 additions & 10 deletions wapitiCore/attack/mod_log4shell.py
Original file line number Diff line number Diff line change
Expand Up @@ -178,11 +178,7 @@ async def attack(self, request: Request, response: Optional[Response] = None):
batch_malicious_headers, headers_uuid_record = self._get_batch_malicious_headers(headers)

for malicious_headers in batch_malicious_headers:
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

modified_request = Request(request.url)

try:
Expand All @@ -199,11 +195,7 @@ async def attack(self, request: Request, response: Optional[Response] = None):
)

for malicious_request, param_name, param_uuid in injected_get_and_post_requests:
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

try:
log_verbose(f"[¨] {malicious_request}")
page = await self.crawler.async_send(malicious_request, follow_redirects=True)
Expand Down
6 changes: 1 addition & 5 deletions wapitiCore/attack/mod_nikto.py
Original file line number Diff line number Diff line change
Expand Up @@ -152,11 +152,7 @@ async def attack(self, request: Request, response: Optional[Response] = None):
with open(os.path.join(self.user_config_dir, self.NIKTO_DB), encoding='utf-8') as nikto_db_file:
reader = csv.reader(nikto_db_file)
while True:
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

if pending_count < self.options["tasks"] and not self._stop_event.is_set():
try:
line = next(reader)
Expand Down
12 changes: 2 additions & 10 deletions wapitiCore/attack/mod_sql.py
Original file line number Diff line number Diff line change
Expand Up @@ -359,11 +359,7 @@ async def error_based_attack(self, request: Request):
request,
str_to_payloadinfo(self.payloads),
):
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

if current_parameter != parameter:
# Forget what we know about current parameter
current_parameter = parameter
Expand Down Expand Up @@ -471,11 +467,7 @@ async def boolean_based_attack(self, request: Request, parameters_to_skip: set):
last_response = None

for mutated_request, parameter, payload_info in mutator.mutate(request, generate_boolean_payloads):
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

# Make sure we always pass through the following block to see changes of payloads formats
if current_session != payload_info.platform:
# We start a new set of payloads, let's analyse results for previous ones
Expand Down
5 changes: 0 additions & 5 deletions wapitiCore/attack/mod_timesql.py
Original file line number Diff line number Diff line change
Expand Up @@ -64,11 +64,6 @@ async def attack(self, request: Request, response: Optional[Response] = None):
vulnerable_parameter = False

for mutated_request, parameter, _payload in self.mutator.mutate(request, self.get_payloads):
if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

if current_parameter != parameter:
# Forget what we know about current parameter
Expand Down
12 changes: 0 additions & 12 deletions wapitiCore/attack/mod_wp_enum.py
Original file line number Diff line number Diff line change
Expand Up @@ -105,12 +105,6 @@ async def detect_plugin(self, url):
if self._stop_event.is_set():
break

if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

request = Request(f'{url}/wp-content/plugins/{plugin}/readme.txt', 'GET')
response = await self.crawler.async_send(request)

Expand Down Expand Up @@ -169,12 +163,6 @@ async def detect_theme(self, url):
if self._stop_event.is_set():
break

if monotonic() - self.start > self.max_attack_time >= 1:
logging.info(
f"Skipping: attack time reached for module {self.name}."
)
break

request = Request(f'{url}/wp-content/themes/{theme}/readme.txt', 'GET')
response = await self.crawler.async_send(request)

Expand Down
29 changes: 19 additions & 10 deletions wapitiCore/controller/wapiti.py
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ def __init__(self, scope_request: Request, scope="folder", session_dir=None, con
self._max_files_per_dir = 0
self._scan_force = "normal"
self._max_scan_time = 0
self._max_attack_time = 0
self._max_attack_time = None
self._bug_report = True
self._logfile = ""
self._auth_state = None
Expand Down Expand Up @@ -500,16 +500,25 @@ async def attack(self, stop_event: asyncio.Event):
if await attack_module.must_attack(original_request, original_response):
logging.info(f"[+] {original_request}")

await attack_module.attack(original_request, original_response)
try:
await asyncio.wait_for(
attack_module.attack(original_request, original_response),
self._max_attack_time
)
except asyncio.TimeoutError:
logging.info(
f"Max attack time was reached for module {attack_module.name}, stopping."
)
break

if (datetime.utcnow() - start).total_seconds() > self._max_attack_time >= 1:
# FIXME: Right now we cannot remove the pylint: disable line because the current I18N system
# uses the string as a token so we cannot use f string
# pylint: disable=consider-using-f-string
logging.info(
f"Max attack time was reached for module {attack_module.name}, stopping."
)
break
# if (datetime.utcnow() - start).total_seconds() > self._max_attack_time >= 1:
# # FIXME: Right now we cannot remove the pylint: disable line because the current I18N system
# # uses the string as a token so we cannot use f string
# # pylint: disable=consider-using-f-string
# logging.info(
# f"Max attack time was reached for module {attack_module.name}, stopping."
# )
# break
except RequestError:
# Hmm, it should be caught inside the module
await asyncio.sleep(1)
Expand Down
2 changes: 1 addition & 1 deletion wapitiCore/parsers/commandline.py
Original file line number Diff line number Diff line change
Expand Up @@ -329,7 +329,7 @@ def parse_args():
"--max-attack-time",
metavar="SECONDS",
help="Set how many seconds you want each attack module to last (floats accepted)",
type=float, default=0
type=float, default=None
)

parser.add_argument(
Expand Down

0 comments on commit 99da7d7

Please sign in to comment.