Merge branch 'develop'

Author: tijme

.travis.yml

@@ -5,6 +5,7 @@ language: python
 
 env:
   global:
+    # Prevent Google Chrome driver from freezing
     - DBUS_SESSION_BUS_ADDRESS=/dev/null
 
 python:

acstis/Driver.py

@@ -1,19 +1,19 @@
 # -*- coding: utf-8 -*-
 
 # MIT License
-# 
+#
 # Copyright (c) 2017 Tijme Gommers
-# 
+#
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
 # in the Software without restriction, including without limitation the rights
 # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 # copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
-# 
+#
 # The above copyright notice and this permission notice shall be included in all
 # copies or substantial portions of the Software.
-# 
+#
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -47,7 +47,7 @@ class Driver:
     input_quit_if_vulnerable = False
 
     crawler_options = Options()
-    
+
     website_details = None
 
     vulnerable_requests = []
@@ -68,9 +68,9 @@ def __init__(self, uri, verify_exploit, use_crawler, quit_if_vulnerable):
         self.crawler_options.scope.protocol_must_match = False
         self.crawler_options.scope.subdomain_must_match = True
         self.crawler_options.scope.domain_must_match = True
-        self.crawler_options.scope.max_depth = 0 if not self.input_use_crawler else None 
+        self.crawler_options.scope.max_depth = 0 if not self.input_use_crawler else None
 
-        self.crawler_options.performance.max_threads = 8
+        self.crawler_options.performance.max_threads = 12
 
         try:
             self.website_details = Scraper.get_details(self.input_uri);
@@ -98,7 +98,7 @@ def cb_crawler_after_finish(self, queue):
 
     def cb_request_before_start(self, queue, queue_item):
         Logging.info("Checking {}".format(queue_item.request.url))
-        
+
         result = Exploit.is_vulnerable(queue_item, self.website_details["angular_version"], self.input_verify_exploit)
 
         if result is not False:

acstis/Exploit.py

@@ -1,19 +1,19 @@
 # -*- coding: utf-8 -*-
 
 # MIT License
-# 
+#
 # Copyright (c) 2017 Tijme Gommers
-# 
+#
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
 # in the Software without restriction, including without limitation the rights
 # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 # copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
-# 
+#
 # The above copyright notice and this permission notice shall be included in all
 # copies or substantial portions of the Software.
-# 
+#
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -148,7 +148,7 @@ def is_vulnerable(queue_item, version, use_javascript_engine=False):
 
                     if use_javascript_engine and not Selenium.alert_is_popped(vulnerable_item):
                         continue
-                        
+
                     return vulnerable_item
 
         for param in post_params:
@@ -208,9 +208,9 @@ def get_payloads(version):
     def make_request(url, method, data, cookies, headers):
         request_by_method = getattr(requests, method)
         return request_by_method(
-            url=url, 
-            data=data, 
-            cookies=cookies, 
+            url=url,
+            data=data,
+            cookies=cookies,
             headers=headers,
             allow_redirects=True,
             stream=True

acstis/__init__.py

@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+
+# MIT License
+#
+# Copyright (c) 2017 Tijme Gommers
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+import sys
+
+if sys.version_info.major != 3 or sys.version_info.minor < 4:
+    print("ACSTIS requires Python 3.4 or higher!")
+    print("You are currently using Python {}.{}.".format(sys.version_info.major, sys.version_info.minor))
+    sys.exit(1)

scripts/__init__.py renamed to acstis_scripts/__init__.py

@@ -2,4 +2,4 @@ beautifulsoup4==4.5.3
 colorama==0.3.7
 selenium==3.0.2
 requests==2.13.0
-nyawc==1.4.1
+nyawc==1.4.7

scripts/acstis_cli.py renamed to acstis_scripts/acstis_cli.py

@@ -1,19 +1,19 @@
 # -*- coding: utf-8 -*-
 
 # MIT License
-# 
+#
 # Copyright (c) 2017 Tijme Gommers
-# 
+#
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
 # in the Software without restriction, including without limitation the rights
 # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 # copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
-# 
+#
 # The above copyright notice and this permission notice shall be included in all
 # copies or substantial portions of the Software.
-# 
+#
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -28,7 +28,7 @@
     requirements = file.read().splitlines()
 
 setup(
-    version ="2.0.8",   
+    version ="2.0.8",
     name = "acstis",
     description = "Automated client-side template injection (CSTI, sandbox escape/bypass) detection for AngularJS!",
     long_description = "",
@@ -48,7 +48,6 @@
         "Programming Language :: Python :: 3.6",
         "Programming Language :: Python :: 3.5",
         "Programming Language :: Python :: 3.4",
-        "Programming Language :: Python :: 3.3",
         "Topic :: Security"
     ],
     packages = find_packages(),
@@ -60,7 +59,7 @@
     install_requires = requirements,
     entry_points = {
         'console_scripts': [
-            'acstis = scripts.acstis_cli:main'
+            'acstis = acstis_scripts.acstis_cli:main'
         ]
     },
     package_data={