Added file extensions

dirdigger.py

@@ -3,6 +3,8 @@
 #
 # DirDigger
 # ---------
+# A simple Python script that tries to do something like DIRB or DirBuster.
+#
 # Coded by: Riccardo Mollo (riccardomollo84@gmail.com)
 #
 
@@ -46,22 +48,22 @@ def test(url, ua, timeout):
     return ret
 
 def show(status, url, ignored_statuses):
-    if (ignored_statuses is not None) and (str(status) in ignored_statuses):
+    if ignored_statuses is not None and str(status) in ignored_statuses:
         pass
     else:
         str_status = str(status)
 
-        if (status == 0):
+        if status == 0:
             status = colored('ERR', 'red', attrs=['reverse', 'bold'])
-        elif (status == 200):
+        elif status == 200:
             status = colored(str_status, 'green')
-        elif ((status == 301) or (status == 302)):
+        elif status == 301 or status == 302:
             status = colored(str_status, 'yellow')
-        elif ((status == 400) or (status == 401) or (status == 403) or (status == 404) or (status == 405)):
+        elif status == 400 or status == 401 or status == 403 or status == 404 or status == 405:
             status = colored(str_status, 'red')
-        elif (status == 408):
+        elif status == 408:
             status = colored(str_status, 'magenta')
-        elif ((status == 500) or (status == 501) or (status == 502) or (status == 503) or (status == 504) or (status == 550)):
+        elif status == 500 or status == 501 or status == 502 or status == 503 or status == 504 or status == 550:
             status = colored(str_status, 'red')
         else:
             status = str_status
@@ -82,6 +84,7 @@ def main(argv):
     parser.add_argument('-u', '--url', help = 'The base URL to start the scan from', required = True)
     parser.add_argument('-w', '--wordlist', help = 'The file containing the wordlist', required = True)
     parser.add_argument('-m', '--mode', help = 'Scan mode is "dir" or "file" (default: "dir")', required = False, default = 'dir')
+    parser.add_argument('-e', '--file-extensions', help = 'File extensions when mode is "file" (eg: php,aspx)', required = False)
     parser.add_argument('-i', '--ignore-statuses', help = 'HTTP statuses to be ignored (eg: 404,302)', required = False, default = None)
     parser.add_argument('-t', '--timeout', help = 'Request timeout in seconds (default: 5)', type = int, required = False, default = 5)
     args = parser.parse_args()
@@ -102,56 +105,68 @@ def main(argv):
 
     mode = args.mode
 
-    if (mode != 'dir' and mode != 'file'):
+    if mode != 'dir' and mode != 'file':
         print(colored('ERROR!', 'red', attrs=['reverse', 'bold']) + ' Invalid mode: ' + colored(mode, 'red'))
         print()
         sys.exit(1)
 
-    ignored_statuses = args.ignore_statuses
-
-    if ignored_statuses is not None:
-        ignored_statuses = ignored_statuses.split(',')
+    file_extensions = args.file_extensions
 
+    ignored_statuses = args.ignore_statuses
     timeout = int(args.timeout)
 
-    if (base_url[-1] != '/'):
+    if base_url[-1] != '/':
         base_url += '/'
 
     start = time.time()
 
     logo()
 
-    ua = UserAgent(cache=False, fallback='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36').random
     hostname = base_url.split("://")[1].split("/")[0]
 
     try:
         hostip = socket.gethostbyname(hostname)
     except socket.gaierror:
         hostip = ''
 
+    try:
+        ua = UserAgent(cache=False, fallback='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36').random
+    except fake_useragent.errors.FakeUserAgentError:
+        print("ROTTO USERAGENTE!")
+
     print('[+] Base URL:            ' + colored(base_url, 'white', attrs=['bold']))
     print('[+]   Hostname:          ' + hostname)
     print('[+]   Host IP:           ' + hostip)
     print('[+] Wordlist:            ' + wordlist_file)
     print('[+]   Words count:       ' + str(line_count(wordlist_file)))
     print('[+] Scan mode:           ' + mode)
+    if file_extensions is not None and mode == 'file':
+        file_extensions = file_extensions.split(',')
+        print('[+]   File extensions:   ' + ', '.join(map(str, file_extensions)))
     print('[+] Random user agent:   ' + ua)
     if ignored_statuses is not None:
+        ignored_statuses = ignored_statuses.split(',')
         print('[+] Ignored HTTP codes:  ' + ', '.join(map(str, ignored_statuses)))
-#    print('[+] Mode: DIRECTORY (adding trailing \'/\' when needed)')
     print('[+] Timeout:             ' + str(timeout) + ' seconds')
     print('[+]')
 
     t = test(base_url, ua, timeout)
     show(t, base_url, ignored_statuses)
 
-    if (t != 0):
+    if t != 0:
         with open(wordlist_file, 'r') as wordlist:
             for word in wordlist:
                 url = base_url + word.strip()
 
-                if (mode == 'dir'):
+                if mode == 'dir':
                     url += '/'
+                elif mode == 'file':
+                    if file_extensions is not None and len(file_extensions) > 0:
+                        for extension in file_extensions:
+                            url2 = url + '.' + extension
+                            t = test(url2, ua, timeout)
+                            show(t, url2, ignored_statuses)
+                        continue
 
                 t = test(url, ua, timeout)
                 show(t, url, ignored_statuses)
@@ -166,4 +181,3 @@ def main(argv):
 
 #### TODO:
 #### - output file
-#### - handle dirs or files