OWTF 0.16 "shady citizen" - Minor improvements to pull request from t…

…unnelshade

dictionaries/install_dicts.sh

@@ -94,41 +94,46 @@ DICTS_DIRECTORY="$(dirname $0)"
 INSTALL_DIR="$DICTS_DIRECTORY/restricted"
 mkdir -p $INSTALL_DIR
 (
-    # Copying raft dicts from shipped files in OWTF
-    echo "[*] Copying RAFT dictionaries"
-    mkdir -p $INSTALL_DIR/raft
-    for file in $(ls $DICTS_DIRECTORY/fuzzdb/fuzzdb-1.09/Discovery/PredictableRes/ | grep raft); do
-        cp $DICTS_DIRECTORY/fuzzdb/fuzzdb-1.09/Discovery/PredictableRes/$file $DICTS_DIRECTORY/restricted/raft/
-    done
-    echo "[*] Done"
+	cd $DICTS_DIRECTORY
+	DICTS_DIRECTORY=$(pwd) # Ensuring full path to avoid symbolic link issues below
+	# Copying raft dicts from shipped files in OWTF
+	echo "[*] Linking RAFT dictionaries from Fuzz DB"
+	mkdir -p $INSTALL_DIR/raft
+	for file in $(ls $DICTS_DIRECTORY/fuzzdb/fuzzdb-1.09/Discovery/PredictableRes/ | grep raft); do
+		#cp $DICTS_DIRECTORY/fuzzdb/fuzzdb-1.09/Discovery/PredictableRes/$file $DICTS_DIRECTORY/restricted/raft/
+		ln -s $DICTS_DIRECTORY/fuzzdb/fuzzdb-1.09/Discovery/PredictableRes/$file $DICTS_DIRECTORY/restricted/raft/$file
+	done
+	echo "[*] Done"
 
-    # Fetching cms-explorer dicts, update them and copy the updated dicts
-    WgetInstall "http://cms-explorer.googlecode.com/files/cms-explorer-1.0.tar.bz2" "cms-explorer" "tar.bz2"
-    mkdir -p $INSTALL_DIR/cms
-    "$DICTS_DIRECTORY/update_convert_cms_explorer_dicts.sh"
-    echo "[*] Cleaning Up"
-    rm -rf cms-explorer
-    echo "[*] Done"
+	# Fetching cms-explorer dicts, update them and copy the updated dicts
+	WgetInstall "http://cms-explorer.googlecode.com/files/cms-explorer-1.0.tar.bz2" "cms-explorer" "tar.bz2"
+	mkdir -p $INSTALL_DIR/cms
+	"$DICTS_DIRECTORY/update_convert_cms_explorer_dicts.sh"
+	echo "[*] Cleaning Up"
+	rm -rf cms-explorer
+	echo "[*] Done"
 
 	cd $INSTALL_DIR
 
-    #Fetching svndigger dicts
-    echo "\n[*] Fetching SVNDigger dictionaries"
+	#Fetching svndigger dicts
+	echo "\n[*] Fetching SVNDigger dictionaries"
 	WgetInstall "http://www.mavitunasecurity.com/s/research/SVNDigger.zip" "svndigger" "zip"
-    echo "[*] Done"
+	echo "[*] Done"
 
-    # Copying dirbuster dicts
-    echo "\n[*] Copying Dirbuster dictionaries"
-    mkdir -p dirbuster
-    cp -r /usr/share/dirbuster/wordlists/. dirbuster/.
-    echo "[*] Done"
+	# Copying dirbuster dicts
+	echo "\n[*] Copying Dirbuster dictionaries"
+	mkdir -p dirbuster
+	cp -r /usr/share/dirbuster/wordlists/. dirbuster/.
+	echo "[*] Done"
 
-    cd ../
-
-    # Merging svndigger and raft dicts to form hybrid dicts based on case
-    echo "\n[*] Please wait while dictionaries are merged, this may take a few minutes.."
-    mkdir -p $INSTALL_DIR/combined
-    "./svndigger_raft_dict_merger.py"
-    echo "[*] Done"
+	# Returning to parent directory
+	cd ..
+
+	# Merging svndigger and raft dicts to form hybrid dicts based on case
+	echo "\n[*] Please wait while dictionaries are merged, this may take a few minutes.."
+	mkdir -p $INSTALL_DIR/combined
+	pwd
+	"./svndigger_raft_dict_merger.py"
+	echo "[*] Done"
 
 )

readme/CHANGELOG

@@ -17,6 +17,9 @@
 + Kali Linux fix: Removed setrubyenv.sh from default.cfg resource configuration file due to no longer being necessary and because it was stopping execution of ruby tools
 + Improved exception handling in framework/http/requester.py to avoid crashing OWTF for small library things like 'raise BadStatusLine(line)'
 + Kali Linux fix: Fixed DirBuster path and centralised binary name on profiles/general/default.cfg
++ fixed minor pentesting vs. pen testing typo on owtf.py :)
++ Merged new pull request from Bharadwaj Machiraju (@tunnelshade): OWTF restricted dictionary installation and merging scripts thank you!
++ Minor improvements to pull request above after testing (linking raft files instead of copying again) 
 
 24/09/2012 - 0.15 "Brucon" pre-alpha release: Dedicated to Brucon (http://brucon.org), its organisers and attendants
 + Changed name to OWASP OWTF since this is an OWASP project now, thank you OWASP! - https://www.owasp.org/index.php/OWASP_OWTF