Hotfix 2.3.4 (xmendez#114)

* added macos pycurl problems in docs

* windows: removed queue overflow timeout

* windows: removed wconio dependency for colorama

* --interact support k is none

* added pycurl installation for windows

* bump wfuzz version

* added coloroma to setup.py

* added colorama to setup.py

* added colorama to dependencies

* fuzzobjects description is ro

* change default to not cancel on plugin exception

* set seed_payload correctly

* added additional regext to errors plugin

* added --AA, --AA flags and change plugins categories

* updated installing pycurl docs

docs/user/installation.rst

@@ -34,10 +34,54 @@ Wfuzz uses:
 * `pycurl <http://pycurl.sourceforge.net/>`_ library to perform HTTP requests.
 * `pyparsing <https://github.com/pyparsing/pyparsing>`_ library to create filter's grammars.
 * `JSON.miniy (C) Gerald Storer <https://github.com/getify/JSON.minify/blob/master/minify_json.py>`_ to read json recipes.
+* `chardet <https://chardet.github.io/>`_ to detect dictionaries encoding.
+* `coloroma <https://github.com/tartley/colorama/>`_ to support ANSI escape characters in Windows.
 
-PyCurl SSL bug
----------
+Installation issues
+===================
+
+Pycurl on MacOS
+--------------------------
+
+Wfuzz uses pycurl as HTTP library. You might get errors like the listed below when running Wfuzz::
+
+    pycurl: libcurl link-time ssl backend (openssl) is different from compile-time ssl backend (none/other)
+
+Or::
+
+    pycurl: libcurl link-time ssl backend (none/other) is different from compile-time ssl backend (openssl)
+
+This is due to the fact that, MacOS might need some tweaks before pycurl is installed correctly:
+
+#. First you need to install OpenSSL via Homebrew::
+
+    $ brew install openssl
+
+#. Curl is normally already installed in MacOs, but to be sure it uses OpenSSL, we need to install it using brew::
+
+    $ brew install curl --with-openssl
+
+#. Curl is installed keg-only by brew. This means that is installed but not linked. Therefore, we need to instruct pip to use the recently installed curl before installing pycurl. We can do this permanently by changing our bash_profile::
+
+    $ echo 'export PATH="/usr/local/opt/curl/bin:$PATH"' >> ~/.bash_profile
+
+#. Or temporary in the current shell::
 
+    $ export PATH="/usr/local/opt/curl/bin:$PATH"
+
+#. Then, we need to install pycurl as follows::
+
+    $ PYCURL_SSL_LIBRARY=openssl LDFLAGS="-L/usr/local/opt/openssl/lib" CPPFLAGS="-I/usr/local/opt/openssl/include" pip install --no-cache-dir pycurl
+
+#. Finally, if we re-install or execute wfuzz again it should work correctly.
+
+Pycurl on Windows
+-----------------
+
+Install pycurl matching your python version from https://pypi.org/project/pycurl/#files
+
+PyCurl SSL bug
+--------------
 
 If you experience errors when using Wfuzz against SSL sites, it could be because an old know issue:
 
@@ -64,19 +108,18 @@ Verifying the problem
     >>> pycurl.version
     'libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18'
 
-Workaround
-^^^^^^^^
+Installing pycurl openssl flavour
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-* We should built pycurl against openssl:
+In newer Ubuntu versions, you can install libcurl openssl flavour::
 
-In newer Ubuntu versions, you can install libcurl in openssl or gnutls flavour::
+    $ sudo apt install libcurl4-openssl-dev
+    $ sudo pip3 install --upgrade wfuzz 
 
-    # apt-cache search libcurl
-    libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
-    libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
-    libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
+Installing pycurl against openssl
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-* Alternatively, it can be done manually:
+Alternatively, it can be done manually:
 
 1. sudo apt-get install build-essential fakeroot dpkg-dev
 2. mkdir ~/python-pycurl-openssl
@@ -87,23 +130,11 @@ In newer Ubuntu versions, you can install libcurl in openssl or gnutls flavour::
 7. sudo dpkg-source -x pycurl_7.19.0-3build1.dsc
 8. cd pycurl-7.19.0
 9. edit debian/control file and replace all instances of “libcurl4-gnutls-dev” with “libcurl4-openssl-dev”
-10. sudo dpkg-buildpackage -rfakeroot -b
+10. sudo PYCURL_SSL_LIBRARY=openssl dpkg-buildpackage -rfakeroot -b
 11. sudo dpkg -i ../python-pycurl_7.19.0-3build1_i386.deb
 
-* Updates from other users:
-
-Comment by andreas.fitzek, Sep 13, 2014
-Hi,
-
-Got it working on Ubuntu 14.04 amd64 with step 10 being: sudo PYCURL_SSL_LIBRARY=openssl dpkg-buildpackage -rfakeroot -b
-
-Their are still some errors: ImportError?: No module named bottle
-
-But the library is working now with openssl::
-
-    >>> import pycurl
-    >>> pycurl.version 'PycURL/7.19.3 libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3'
+If there is still the error::
 
-Comment by DoommedRaven, Sep 14, 2014
-for your import error check this http://stackoverflow.com/questions/9122200/importerror-no-module-named-bottle
+    ImportError?: No module named bottle
 
+Check this http://stackoverflow.com/questions/9122200/importerror-no-module-named-bottle

setup.py

@@ -1,3 +1,4 @@
+import sys
 import re
 from setuptools import setup, find_packages
 
@@ -6,7 +7,7 @@
 
 
 version = re.search(
-    '^__version__\s*=\s*"(.*)"',
+    r'^__version__\s*=\s*"(.*)"',
     open('src/wfuzz/__init__.py').read(),
     re.M
 ).group(1)
@@ -27,6 +28,9 @@
     'chardet',
 ]
 
+if sys.platform.startswith("win"):
+    install_requires += ["colorama"]
+
 setup(
     name="wfuzz",
     packages=find_packages(where='src'),

src/wfuzz/__init__.py

@@ -1,5 +1,5 @@
 __title__ = 'wfuzz'
-__version__ = "2.3.3"
+__version__ = "2.3.4"
 __build__ = 0x023000
 __author__ = 'Xavier Mendez'
 __license__ = 'GPL 2.0'

src/wfuzz/facade.py

@@ -28,7 +28,7 @@ def set_defaults(self):
             ],
             general=[
                 ("default_printer", 'raw'),
-                ("cancel_on_plugin_except", "1"),
+                ("cancel_on_plugin_except", "0"),
                 ("concurrent_plugins", '3'),
                 ("lookup_dirs", '.'),
                 ("encode_space", '1')

src/wfuzz/fuzzobjects.py

@@ -517,7 +517,7 @@ def from_seed(seed, payload, seed_options):
             newres.payload.append(payload_content)
 
             # substitute entire seed when using a request payload generator without specifying field
-            if (fuzz_word == "FUZZ" and (rawUrl == "FUZZ" or seed_options["seed_payload"] is True)) and isinstance(payload_content, FuzzResult):
+            if fuzz_word == "FUZZ" and seed_options["seed_payload"] and isinstance(payload_content, FuzzResult):
                 # new seed
                 newres = payload_content.from_soft_copy()
 

src/wfuzz/myqueues.py

@@ -33,7 +33,7 @@ def put_last(self, item, wait=True):
         self._put_priority(self.max_prio + 1, item, wait)
 
     def get(self):
-        prio, item = PriorityQueue.get(self, True, 365 * 24 * 60 * 60)
+        prio, item = PriorityQueue.get(self, True)
 
         return item
 

src/wfuzz/plugins/scripts/backups.py

@@ -19,7 +19,7 @@ class backups(BasePlugin):
     "* http://localhost/dir.EXTENSIONS",
     author = ("Xavi Mendez (@xmendez)",)
     version = "0.1"
-    category = ["active", "discovery"]
+    category = ["re-enqueue", "active", "discovery"]
     priority = 99
 
     parameters = (

src/wfuzz/plugins/scripts/cookies.py

@@ -9,7 +9,7 @@ class cookies(BasePlugin):
     version = "0.1"
     summary = "Looks for new cookies"
     description = ("Looks for new cookies", )
-    category = ["default", "passive"]
+    category = ["verbose", "passive"]
     priority = 99
 
     parameters = (

src/wfuzz/plugins/scripts/errors.py

@@ -20,30 +20,96 @@ class errors(BasePlugin):
     def __init__(self):
         BasePlugin.__init__(self)
 
-        regex = [
-            ('Apache Tomcat', 'Apache Tomcat/(.*?) - Error report'),
-        ]
-
-        self.server_regex = []
-        for server_name, i in regex:
-            self.server_regex.append((server_name, re.compile(i, re.MULTILINE | re.DOTALL)))
-
-        regex = [
-            ('MySQL', 'You have an error in your SQL syntax'),
+        regex_list = [
+            'A syntax error has occurred',
+            'ADODB.Field error',
+            'ASP.NET is configured to show verbose error messages',
+            'ASP.NET_SessionId',
+            'Active Server Pages error',
+            'An illegal character has been found in the statement',
+            'An unexpected token "END-OF-STATEMENT" was found',
+            'Can\'t connect to local',
+            'Custom Error Message',
+            'DB2 Driver',
+            'DB2 Error',
+            'DB2 ODBC',
+            'Disallowed Parent Path',
+            'Error Diagnostic Information',
+            'Error Message : Error loading required libraries.',
+            'Error Report',
+            'Error converting data type varchar to numeric',
+            'Fatal error',
+            'Incorrect syntax near',
+            'Internal Server Error',
+            'Invalid Path Character',
+            'Invalid procedure call or argument',
+            'Invision Power Board Database Error',
+            'JDBC Driver',
+            'JDBC Error',
+            'JDBC MySQL',
+            'JDBC Oracle',
+            'JDBC SQL',
+            'Microsoft OLE DB Provider for ODBC Drivers',
+            'Microsoft VBScript compilation error',
+            'Microsoft VBScript error',
+            'MySQL Driver',
+            'MySQL Error',
+            'MySQL ODBC',
+            'ODBC DB2',
+            'ODBC Driver',
+            'ODBC Error',
+            'ODBC Microsoft Access',
+            'ODBC Oracle',
+            'ODBC SQL',
+            'ODBC SQL Server',
+            'OLE/DB provider returned message',
+            'ORA-0',
+            'ORA-1',
+            'Oracle DB2',
+            'Oracle Driver',
+            'Oracle Error',
+            'Oracle ODBC',
+            'PHP Error',
+            'PHP Parse error',
+            'PHP Warning',
+            'Permission denied: \'GetObject\'',
+            'PostgreSQL query failed: ERROR: parser: parse error',
+            r'SQL Server Driver\]\[SQL Server',
+            'SQL command not properly ended',
+            'SQLException',
+            'Supplied argument is not a valid PostgreSQL result',
+            'Syntax error in query expression',
+            'The error occurred in',
+            'The script whose uid is',
+            'Type mismatch',
+            'Unable to jump to row',
+            'Unclosed quotation mark before the character string',
+            'Unterminated string constant',
+            'Warning: Cannot modify header information - headers already sent',
+            'Warning: Supplied argument is not a valid File-Handle resource in',
+            r'Warning: mysql_query\(\)',
+            r'Warning: mysql_fetch_array\(\)',
+            r'Warning: pg_connect\(\): Unable to connect to PostgreSQL server: FATAL',
+            'You have an error in your SQL syntax near',
+            'data source=',
+            'detected an internal error [IBM][CLI Driver][DB2/6000]',
+            'invalid query',
+            'is not allowed to access',
+            'missing expression',
+            'mySQL error with query',
+            'mysql error',
+            'on MySQL result index',
+            'supplied argument is not a valid MySQL result resource',
         ]
 
         self.error_regex = []
-        for server_name, i in regex:
-            self.error_regex.append((server_name, re.compile(i, re.MULTILINE | re.DOTALL)))
+        for regex in regex_list:
+            self.error_regex.append(re.compile(regex, re.MULTILINE | re.DOTALL))
 
     def validate(self, fuzzresult):
         return True
 
     def process(self, fuzzresult):
-        for server_name, r in self.server_regex:
-            for i in r.findall(fuzzresult.history.content):
-                self.add_result("Server error identified, version: %s %s" % (server_name, i))
-
-        for name, r in self.error_regex:
-            for i in r.findall(fuzzresult.history.content):
-                self.add_result("%s error identified" % (name))
+        for regex in self.error_regex:
+            for regex_match in regex.findall(fuzzresult.history.content):
+                self.add_result("Error identified: {}".format(regex_match))

src/wfuzz/plugins/scripts/grep.py

@@ -15,7 +15,7 @@ class grep(BasePlugin):
         "Extracts the given regex pattern from the HTTP response and prints it",
         "(It is not a filter operator)",
     )
-    category = ["passive"]
+    category = ["tools"]
     priority = 99
 
     parameters = (

src/wfuzz/plugins/scripts/headers.py

@@ -9,7 +9,7 @@ class headers(BasePlugin):
     version = "0.1"
     summary = "Looks for server headers"
     description = ("Looks for new server headers",)
-    category = ["default", "passive"]
+    category = ["verbose", "passive"]
     priority = 99
     parameters = (
     )

src/wfuzz/plugins/scripts/links.py

@@ -19,7 +19,7 @@ class links(BasePlugin, DiscoveryPluginMixin):
     version = "0.1"
     summary = "Parses HTML looking for new content."
     description = ("Parses HTML looking for new content",)
-    category = ["default", "active", "discovery"]
+    category = ["active", "discovery"]
     priority = 99
 
     parameters = (

src/wfuzz/plugins/scripts/screenshot.py

@@ -17,7 +17,7 @@ class screenshot(BasePlugin):
         "Performs a screen capture using linux cutycapt tool",
         "The tool must be installed and in the executable path",
     )
-    category = ["active"]
+    category = ["tools", "active"]
     priority = 99
 
     parameters = (

src/wfuzz/plugins/scripts/title.py

@@ -9,7 +9,7 @@ class title(BasePlugin):
     version = "0.1"
     summary = "Parses HTML page title"
     description = ("Parses HTML page title",)
-    category = ["default", "passive"]
+    category = ["verbose", "passive"]
     priority = 99
 
     parameters = (