diff --git a/GLPIScan.py b/GLPIScan.py index 393de9f..e23df13 100644 --- a/GLPIScan.py +++ b/GLPIScan.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/env python3 import os, argparse, chalk from inc import Config, Infos, Credentials, Files, Plugins @@ -10,47 +10,47 @@ print(chalk.white("\\ \\ \\__ \\ \\ \\ \\____ \\ \\ __/ \\ \\ \\ \\ \\___ \\ \\ \\ \\____ \\ \\ __ \\ \\ \\ \\-. \\ ", bold=True)) print(chalk.white(" \\ \\_____\\ \\ \\_____\\ \\ \\_\\ \\ \\_\\ \\/\\_____\\ \\ \\_____\\ \\ \\_\\ \\_\\ \\ \\_\\\"\\_\\", bold=True)) print(chalk.white(" \\/_____/ \\/_____/ \\/_/ \\/_/ \\/_____/ \\/_____/ \\/_/\\/_/ \\/_/ \\/_/", bold=True)) -print(chalk.white(" v1.1 contact[@]digitemis.com\n\n\n", bold=True)) +print(chalk.white(" v1.2 contact[@]digitemis.com\n\n\n", bold=True)) def parsing(): - parser = argparse.ArgumentParser(description='GLPI Vulnerability Scanner.') - parser.add_argument('-u', dest='url', metavar="url", required=True, help='URL of GLPI application') - parser.add_argument('-a', dest='allcheck', action='store_true', default=False, help='Perform allcheck') - parser.add_argument('-c', dest='credscheck', action='store_true', default=False, help='Perform Credential Check') - parser.add_argument('-C', dest='credsfile', action='store_true', default=False, help='Perform Credential Check with specific wordlist (user:password)') - parser.add_argument('-f', dest='filescheck', action='store_true', default=False, help='Perform Files Check') - parser.add_argument('-p', dest='pluginscheck', action='store_true', default=False, help='Perform Plugin Check') - parser.add_argument('-d', dest='debug', action='store_true', default=False, help='Debug mode') - args = parser.parse_args() - - Config.DEBUG = args.debug - Config.BASE_URL = args.url - Config.ALLCHECK = args.allcheck - Config.CREDSCHECK = args.credscheck - Config.CREDSFILE = args.credsfile - Config.FILESCHECK = args.filescheck - Config.PLUGINSCHECK = args.pluginscheck - - if Config.DEBUG: - print("[DEBUG] Debug mode : ON") - print("[DEBUG] GLPI url : " + Config.BASE_URL) - print("[DEBUG] Checking everything : " + str(Config.ALLCHECK)) - print("[DEBUG] Checking Default Creds : " + str(Config.CREDSCHECK)) - print("[DEBUG] Checking Default File : " + str(Config.FILESCHECK)) - print("[DEBUG] Checking Default Plugins : " + str(Config.PLUGINSCHECK)) - print("") + parser = argparse.ArgumentParser(description='GLPI Vulnerability Scanner.') + parser.add_argument('-u', dest='url', metavar="url", required=True, help='URL of GLPI application') + parser.add_argument('-a', dest='allcheck', action='store_true', default=False, help='Perform allcheck') + parser.add_argument('-c', dest='credscheck', action='store_true', default=False, help='Perform Credential Check') + parser.add_argument('-C', dest='credsfile', action='store_true', default=False, help='Perform Credential Check with specific wordlist (user:password)') + parser.add_argument('-f', dest='filescheck', action='store_true', default=False, help='Perform Files Check') + parser.add_argument('-p', dest='pluginscheck', action='store_true', default=False, help='Perform Plugin Check') + parser.add_argument('-d', dest='debug', action='store_true', default=False, help='Debug mode') + args = parser.parse_args() + + Config.DEBUG = args.debug + Config.BASE_URL = args.url + Config.ALLCHECK = args.allcheck + Config.CREDSCHECK = args.credscheck + Config.CREDSFILE = args.credsfile + Config.FILESCHECK = args.filescheck + Config.PLUGINSCHECK = args.pluginscheck + + if Config.DEBUG: + print("[DEBUG] Debug mode : ON") + print("[DEBUG] GLPI url : " + Config.BASE_URL) + print("[DEBUG] Checking everything : " + str(Config.ALLCHECK)) + print("[DEBUG] Checking Default Creds : " + str(Config.CREDSCHECK)) + print("[DEBUG] Checking Default File : " + str(Config.FILESCHECK)) + print("[DEBUG] Checking Default Plugins : " + str(Config.PLUGINSCHECK)) + print("") def main(): - parsing() - print(chalk.white("[+] GLPI Scan start : " + Config.BASE_URL + "\n", bold=True)) - if (Infos.UrlCheck().getInfo()): - if (Config.ALLCHECK or Config.CREDSCHECK): - Credentials.CredentialsCheck().credentials() + parsing() + print(chalk.white("[+] GLPI Scan start : " + Config.BASE_URL + "\n", bold=True)) + if (Infos.UrlCheck().getInfo()): + if (Config.ALLCHECK or Config.CREDSCHECK): + Credentials.CredentialsCheck().credentials() - if (Config.ALLCHECK or Config.FILESCHECK): - Files.FilesCheck().files() + if (Config.ALLCHECK or Config.FILESCHECK): + Files.FilesCheck().files() - if (Config.ALLCHECK or Config.PLUGINSCHECK): - Plugins.PluginsCheck().plugins() + if (Config.ALLCHECK or Config.PLUGINSCHECK): + Plugins.PluginsCheck().plugins() main() diff --git a/Pipfile b/Pipfile new file mode 100644 index 0000000..8588f5d --- /dev/null +++ b/Pipfile @@ -0,0 +1,15 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] + +[packages] +pychalk = ">=2.0.1" +requests = ">=2.18.4" +urllib3 = ">=1.22" +packaging = ">=19.0" + +[requires] +python_version = "3" diff --git a/Pipfile.lock b/Pipfile.lock new file mode 100644 index 0000000..91a77ff --- /dev/null +++ b/Pipfile.lock @@ -0,0 +1,94 @@ +{ + "_meta": { + "hash": { + "sha256": "e3a568c64c7c18d65a9a51fed3a26c2ae3e88a8afc8efe038120745c8f9f76df" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "attrs": { + "hashes": [ + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" + ], + "version": "==19.1.0" + }, + "certifi": { + "hashes": [ + "sha256:046832c04d4e752f37383b628bc601a7ea7211496b4638f6514d0e5b9acc4939", + "sha256:945e3ba63a0b9f577b1395204e13c3a231f9bc0223888be653286534e5873695" + ], + "version": "==2019.6.16" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, + "packaging": { + "hashes": [ + "sha256:a7ac867b97fdc07ee80a8058fe4435ccd274ecc3b0ed61d852d7d53055528cf9", + "sha256:c491ca87294da7cc01902edbe30a5bc6c4c28172b5138ab4e4aa1b9d7bfaeafe" + ], + "index": "pypi", + "version": "==19.1" + }, + "pychalk": { + "hashes": [ + "sha256:f763275f6fa68835a30d22c2449f73724d569f33532a031d26e32edc604e7e39" + ], + "index": "pypi", + "version": "==2.0.1" + }, + "pyparsing": { + "hashes": [ + "sha256:6f98a7b9397e206d78cc01df10131398f1c8b8510a2f4d97d9abd82e1aacdd80", + "sha256:d9338df12903bbf5d65a0e4e87c2161968b10d2e489652bb47001d82a9b028b4" + ], + "version": "==2.4.2" + }, + "requests": { + "hashes": [ + "sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4", + "sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31" + ], + "index": "pypi", + "version": "==2.22.0" + }, + "six": { + "hashes": [ + "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", + "sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73" + ], + "version": "==1.12.0" + }, + "urllib3": { + "hashes": [ + "sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1", + "sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232" + ], + "index": "pypi", + "version": "==1.25.3" + } + }, + "develop": {} +} diff --git a/README.md b/README.md index f577ddc..18aca85 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,8 @@ GLPIScan is a vulnerability scanner for GLPI. ## Prerequisites +GLPIScan has been developped for python3. + * pychalk >= 2.0.1 - Recommended: latest * requests >= 2.18.4 - Recommended: latest * urllib3 >= 1.22 - Recommended: latest @@ -11,13 +13,23 @@ GLPIScan is a vulnerability scanner for GLPI. ## Installation -In order to install GLPIScan, you only need to clone the repository, and install the python dependencies using the requirements.txt +2 possiblities is offered to install and use GLPIScan +### Classic installation +In order to install GLPIScan, you only need to clone the repository, and install the python dependencies using the requirements.txt ```bash $ pip install -r requirements.txt ``` +### Pipenv installation +It is also possible to use pipenv in order to install all dependencies inside a virtual environnment : +```bash +$ python3 -m pip install pipenv +$ python3 -m pipenv install +$ python3 -m pipenv shell +``` + ## Usage List of options : @@ -40,7 +52,7 @@ optional arguments: Most common usage : ```bash -$ python GLPIScan.py -u http://glpi/ -a +$ python3 GLPIScan.py -u http://glpi/ -a ``` ## Further configuration diff --git a/inc/AjaxTelemetry.py b/inc/AjaxTelemetry.py index c32195b..3a507af 100644 --- a/inc/AjaxTelemetry.py +++ b/inc/AjaxTelemetry.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - -import Config +from inc import Config import chalk class AjaxTelemetry: - def getPluginVersion(self, info, name): - try: - for plugin in Config.AJAX_TELEMETRY['glpi']['plugins']: - if plugin['key'] == name: - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(plugin['version'], bold=True) + chalk.white(']', bold=True)) - return plugin['version'] - except: - return False + def getPluginVersion(self, info, name): + try: + for plugin in Config.AJAX_TELEMETRY['glpi']['plugins']: + if plugin['key'] == name: + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(plugin['version'], bold=True) + chalk.white(']', bold=True)) + return plugin['version'] + except: + return False - def getGLPIVersion(self): - try: - Config.VERSION = Config.AJAX_TELEMETRY['glpi']['version'] - return True - except: - return False + def getGLPIVersion(self): + try: + Config.VERSION = Config.AJAX_TELEMETRY['glpi']['version'] + return True + except: + return False diff --git a/inc/Config.py b/inc/Config.py index 3dfcbef..8564f33 100644 --- a/inc/Config.py +++ b/inc/Config.py @@ -37,131 +37,131 @@ COOKIE = "" FILES = ['/ajax/telemetry.php', - '/CHANGELOG.md', - '/status.php', - '/files/_log/cron.log', - '/files/_log/event.log', - '/files/_log/php-errors.log'] + '/CHANGELOG.md', + '/status.php', + '/files/_log/cron.log', + '/files/_log/event.log', + '/files/_log/php-errors.log'] FOLDERS = ['/files/', - '/files/_dumps/', - '/plugins/'] + '/files/_dumps/', + '/plugins/'] # ['USER', 'PASSWORD'] USERS = [['glpi','glpi'], - ['post-only','postonly'], - ['tech','tech'], - ['normal', 'normal']] + ['post-only','postonly'], + ['tech','tech'], + ['normal', 'normal']] # ['URL_VERIFY', 'PLUGIN_NAME', 'PLUGIN_URL', 'PLUGIN_CLASS'] PLUGINS = [['/plugins/addressing/LICENSE', 'IP Report', 'https://plugins.glpi-project.org/#/plugin/addressing', 'PluginAddressing'], - ['/plugins/fusioninventory/js/footer.js', 'FusionInventory', 'https://plugins.glpi-project.org/#/plugin/fusioninventory', 'PluginFusionInventory'], - ['/plugins/dashboard/changelog.txt', 'Dashboard', 'https://plugins.glpi-project.org/#/plugin/dashboard', 'PluginDashboard'], - ['/plugins/datainjection/datainjection.xml', 'Data Injection', 'https://plugins.glpi-project.org/#/plugin/datainjection', 'PluginDataInjection'], - ['/plugins/fields/plugin.xml', 'Fields', 'https://plugins.glpi-project.org/#/plugin/field', 'PluginFields'], - ['/plugins/formcreator/package.json', 'FormCreator', 'https://plugins.glpi-project.org/#/plugin/formcreator', 'PluginFormCreator'], - ['/plugins/genericobject/genericobject.xml', 'Generic Objects Management', 'https://plugins.glpi-project.org/#/plugin/genericobject', 'PluginGenericObjectsManagement'], - ['/plugins/mreporting/mreporting.xml', 'More Reporting', 'https://plugins.glpi-project.org/#/plugin/mreporting', 'PluginMoreReporting'], - ['/plugins/ocsinventoryng/docs/CHANGELOG.txt', 'OCS Inventory NG', 'https://plugins.glpi-project.org/#/plugin/ocsinventoryng', 'PluginOCSInventoryng'], - ['/plugins/reports/LICENSE', 'Reports', 'https://plugins.glpi-project.org/#/plugin/reports', 'PluginReports'], - ['/plugins/pdf/LICENSE', 'PDF', 'https://plugins.glpi-project.org/#/plugin/pdf', False], - ['/plugins/archires/LICENSE', 'Network Architecture', 'https://plugins.glpi-project.org/#/plugin/archires', 'PluginArchires'], - ['/plugins/room/room.xml', 'Room Management', 'https://plugins.glpi-project.org/#/plugin/room', 'PluginRoom'], - ['/plugins/racks/locales/glpi.pot', 'Racks / Bays Management', 'https://plugins.glpi-project.org/#/plugin/racks', 'PluginRacks'], - ['/plugins/manageentities/LICENSE', 'Entities Management', 'https://plugins.glpi-project.org/#/plugin/manageentities', False], - ['/plugins/accounts/LICENSE', 'Accounts Inventory', 'https://plugins.glpi-project.org/#/plugin/accounts', False], - ['/plugins/appliances/LICENSE', 'Appliances Inventory', 'https://plugins.glpi-project.org/#/plugin/appliances', 'PluginAppliances'], - ['/plugins/badges/locales/glpi.pot', 'Badges Inventory', 'https://plugins.glpi-project.org/#/plugin/badges', 'PluginBadgesInventory'], - ['/plugins/certificates/LICENSE', 'Certificates Inventory', 'https://plugins.glpi-project.org/#/plugin/certificates', False], - ['/plugins/databases/LICENSE', 'Databases Inventory', 'https://plugins.glpi-project.org/#/plugin/databases', 'PluginDatabases'], - ['/plugins/domains/locales/glpi.pot', 'Domains Inventory', 'https://plugins.glpi-project.org/#/plugin/domains', 'PluginDomainsInventory'], - ['/plugins/financialreports/LICENSE', 'Financial Reports', 'https://plugins.glpi-project.org/#/plugin/financialreports', False], - ['/plugins/environment/LICENSE', 'Meta-Plugin Environment', 'https://plugins.glpi-project.org/#/plugin/environment', False], - ['/plugins/shellcommands/locales/glpi.pot', 'Launch Shell Commands', 'https://plugins.glpi-project.org/#/plugin/shellcommands', 'PluginLaunchShellCommands'], - ['/plugins/webapplications/LICENSE', 'Web Applications Inventory', 'https://plugins.glpi-project.org/#/plugin/webapplications', 'PluginWebApplications'], - ['/plugins/order/plugin.xml', 'Order Management', 'https://plugins.glpi-project.org/#/plugin/order', 'PluginOrderManagement'], - ['/plugins/uninstall/uninstall.xml', 'Uninstall', 'https://plugins.glpi-project.org/#/plugin/uninstall', 'PluginUninstall'], - ['/plugins/geninventorynumber/plugin.xml', 'Inventory Number Generation', 'https://plugins.glpi-project.org/#/plugin/geninventorynumber', 'PluginInventoryNumberGeneration'], - ['/plugins/behaviors/LICENSE', 'Behaviors', 'https://plugins.glpi-project.org/#/plugin/behaviors', 'PluginBehaviors'], - ['/plugins/barcode/barcode.xml', 'Barcode', 'https://plugins.glpi-project.org/#/plugin/barcode', 'PluginBarcode'], - ['/plugins/positions/locales/glpi.pot', 'Cartography', 'https://plugins.glpi-project.org/#/plugin/positions', 'PluginCartography'], - ['/plugins/typology/locales/glpi.pot', 'Typology', 'https://plugins.glpi-project.org/#/plugin/typology', 'PluginTypology'], - ['/plugins/mask/mask.xml', 'Mask', 'https://plugins.glpi-project.org/#/plugin/mask', 'PluginMask'], - ['/plugins/surveyticket/LICENSE', 'SurveyTicket', 'https://plugins.glpi-project.org/#/plugin/surveyticket', 'PluginSurveyTicket'], - ['/plugins/mantis/mantis.xml', 'MantisBT synchronization', 'https://plugins.glpi-project.org/#/plugin/mantis', 'PluginMantis'], - ['/plugins/reservation/LICENCE', 'Reservation', 'https://plugins.glpi-project.org/#/plugin/reservation', 'PluginReservation'], - ['/plugins/timezones/timezones.xml', 'Timezones', 'https://plugins.glpi-project.org/#/plugin/timezones', 'PluginTimezones'], - ['/plugins/sccm/sccm.xml', 'SCCM', 'https://plugins.glpi-project.org/#/plugin/sccm', 'PluginSCCM'], - ['/plugins/tag/plugin.xml', 'Tag', 'https://plugins.glpi-project.org/#/plugin/tag', 'PluginTag'], - ['/plugins/news/plugin.xml', 'News', 'https://plugins.glpi-project.org/#/plugin/news', 'PluginNews'], - ['/plugins/purgelogs/plugin.xml', 'Historical purge', 'https://plugins.glpi-project.org/#/plugin/purgelogs', 'PluginHistoricalPurge'], - ['/plugins/escalade/escalade.xml', 'Escalade', 'https://plugins.glpi-project.org/#/plugin/escalade', 'PluginEscalade'], - ['/plugins/moreticket/LICENSE', 'Moreticket', 'https://plugins.glpi-project.org/#/plugin/moreticket', 'PluginMoreTicket'], - ['/plugins/itilcategorygroups/itilcategorygroups.xm l', 'ItilCategory Groups', 'https://plugins.glpi-project.org/#/plugin/itilcategorygroups', 'PluginItilCategoryGroups'], - ['/plugins/consumables/LICENSE', 'Consumables', 'https://plugins.glpi-project.org/#/plugin/consumables', 'PluginConsumables'], - ['/plugins/printercounters/LICENSE', 'PrinterCounters', 'https://plugins.glpi-project.org/#/plugin/printercounters', 'PluginPrinterCounters'], - ['/plugins/processmaker/processmaker.xml', 'Processmaker', 'https://plugins.glpi-project.org/#/plugin/processmaker', 'PluginProcessmaker'], - ['/plugins/seasonality/README.md', 'Seasonality', 'https://plugins.glpi-project.org/#/plugin/seasonality', 'PluginSeasonality'], - ['/plugins/tasklists/locales/glpi.pot', 'Tasks List (Kanban)', 'https://plugins.glpi-project.org/#/plugin/tasklists', 'PluginTasksList'], - ['/plugins/mailanalyzer/mailanalyzer.xml', 'Mail Analyzer', 'https://plugins.glpi-project.org/#/plugin/mailanalyzer', 'PluginMailAnalyzer'], - ['/plugins/mydashboard/locales/glpi.pot', 'My Dashboard', 'https://plugins.glpi-project.org/#/plugin/mydashboard', 'PluginMyDashboard'], - ['/plugins/timelineticket/locales/glpi.pot', 'Timelineticket', 'https://plugins.glpi-project.org/#/plugin/timelineticket', 'PluginTimelineticket'], - ['/plugins/airwatch/airwatch.xml', 'Airwatch connector', 'https://plugins.glpi-project.org/#/plugin/airwatch', 'PluginAirwatchConnector'], - ['/plugins/archifun/funcarea.xml', 'Functional Areas', 'https://plugins.glpi-project.org/#/plugin/archifun', 'PluginFunctionalAreas'], - ['/plugins/useditemsexport/plugin.xml', 'Used items export', 'https://plugins.glpi-project.org/#/plugin/useditemsexport', 'PluginUsedItemsExport'], - ['/plugins/nebackup/nebackup.xml', 'Network Equipment Backup', 'https://plugins.glpi-project.org/#/plugin/nebackup', 'PluginNetworkEquipmentBackup'], - ['/plugins/openvas/openvas.xml', 'OpenVAS', 'https://plugins.glpi-project.org/#/plugin/openvas', 'PluginOpenVAS'], - ['/plugins/browsernotification/browsernotification.xml', 'Browser Notification', 'https://plugins.glpi-project.org/#/plugin/browsernotification', 'PluginBrowserNotification'], - ['/plugins/credit/plugin.xml', 'Credit', 'https://plugins.glpi-project.org/#/plugin/credit', 'PluginCredit'], - ['/plugins/xivo/xivo.xml', 'xivo', 'https://plugins.glpi-project.org/#/plugin/xivo', 'PluginXivo'], - ['/plugins/glpi2mdt/glpi2mdt.xml', 'GLPI to MDT connector', 'https://plugins.glpi-project.org/#/plugin/glpi2mdt', 'PluginMDTConnector'], - ['/plugins/telegrambot/telegrambot.xml', 'TelegramBot', 'https://plugins.glpi-project.org/#/plugin/telegrambot', 'PluginTelegramBot'], - ['/plugins/cleanarchivedemails/cleanarchivedemails.xml', 'Clean Archived Emails', 'https://plugins.glpi-project.org/#/plugin/cleanarchivedemails', 'PluginCleanArchivedEmails'], - ['/plugins/officeonline/js/officeonline.js', 'Office Online', 'https://plugins.glpi-project.org/#/plugin/officeonline', 'PluginOfficeOnline'], - ['/plugins/satisfaction/satisfaction.js', 'More satisfaction', 'https://plugins.glpi-project.org/#/plugin/satisfaction', 'PluginMoreSatisfaction'], - ['/plugins/gdrive/README.md', 'GDrive', 'https://plugins.glpi-project.org/#/plugin/GDrive', 'PluginGDrive'], - ['/plugins/archisw/archisw.xml', 'Apps structure inventory', 'https://plugins.glpi-project.org/#/plugin/archisw', 'PluginAppsStructureInventory'], - ['/plugins/dataflows/dataflows.xml', 'Dataflows inventory', 'https://plugins.glpi-project.org/#/plugin/dataflows', 'PluginDataflowsInventory'], - ['/plugins/statecheck/statecheck.xml', 'Statecheck', 'https://plugins.glpi-project.org/#/plugin/statecheck', 'PluginStatecheck'], - ['/plugins/archimap/archimap.xml', 'Diagrams', 'https://plugins.glpi-project.org/#/plugin/archimap', 'PluginDiagrams'], - ['/plugins/metabase/metabase.xml', 'Metabase', 'https://plugins.glpi-project.org/#/plugin/metabase', 'PluginMetabase'], - ['/plugins/orderservice/orderservice.xml', 'Order Service', 'https://plugins.glpi-project.org/#/plugin/orderservice', 'PluginOrderService'], - ['/plugins/glpicheckingversion/glpicheckingversion.xml', 'GLPI Checking Version', 'https://plugins.glpi-project.org/#/plugin/glpicheckingversion', 'PluginGLPICheckingVersion'], - ['/plugins/taskdrop/LICENSE', 'Task n Drop', 'https://plugins.glpi-project.org/#/plugin/TaskDrop', 'PluginTaskDrop'], - ['/plugins/impacts/impacts.xml', 'Impacts', 'https://plugins.glpi-project.org/#/plugin/impacts', 'PluginImpacts'], - ['/plugins/manufacturersimports/LICENSE', 'Manufacturers Web Imports', 'https://plugins.glpi-project.org/#/plugin/manufacturersimports', 'PluginManufacturersImports'], - ] + ['/plugins/fusioninventory/js/footer.js', 'FusionInventory', 'https://plugins.glpi-project.org/#/plugin/fusioninventory', 'PluginFusionInventory'], + ['/plugins/dashboard/changelog.txt', 'Dashboard', 'https://plugins.glpi-project.org/#/plugin/dashboard', 'PluginDashboard'], + ['/plugins/datainjection/datainjection.xml', 'Data Injection', 'https://plugins.glpi-project.org/#/plugin/datainjection', 'PluginDataInjection'], + ['/plugins/fields/plugin.xml', 'Fields', 'https://plugins.glpi-project.org/#/plugin/field', 'PluginFields'], + ['/plugins/formcreator/package.json', 'FormCreator', 'https://plugins.glpi-project.org/#/plugin/formcreator', 'PluginFormCreator'], + ['/plugins/genericobject/genericobject.xml', 'Generic Objects Management', 'https://plugins.glpi-project.org/#/plugin/genericobject', 'PluginGenericObjectsManagement'], + ['/plugins/mreporting/mreporting.xml', 'More Reporting', 'https://plugins.glpi-project.org/#/plugin/mreporting', 'PluginMoreReporting'], + ['/plugins/ocsinventoryng/docs/CHANGELOG.txt', 'OCS Inventory NG', 'https://plugins.glpi-project.org/#/plugin/ocsinventoryng', 'PluginOCSInventoryng'], + ['/plugins/reports/LICENSE', 'Reports', 'https://plugins.glpi-project.org/#/plugin/reports', 'PluginReports'], + ['/plugins/pdf/LICENSE', 'PDF', 'https://plugins.glpi-project.org/#/plugin/pdf', 'PluginPdf'], + ['/plugins/archires/LICENSE', 'Network Architecture', 'https://plugins.glpi-project.org/#/plugin/archires', 'PluginArchires'], + ['/plugins/room/room.xml', 'Room Management', 'https://plugins.glpi-project.org/#/plugin/room', 'PluginRoom'], + ['/plugins/racks/locales/glpi.pot', 'Racks / Bays Management', 'https://plugins.glpi-project.org/#/plugin/racks', 'PluginRacks'], + ['/plugins/manageentities/LICENSE', 'Entities Management', 'https://plugins.glpi-project.org/#/plugin/manageentities', 'PluginManageEntities'], + ['/plugins/accounts/LICENSE', 'Accounts Inventory', 'https://plugins.glpi-project.org/#/plugin/accounts', 'PluginAccounts'], + ['/plugins/appliances/LICENSE', 'Appliances Inventory', 'https://plugins.glpi-project.org/#/plugin/appliances', 'PluginAppliances'], + ['/plugins/badges/locales/glpi.pot', 'Badges Inventory', 'https://plugins.glpi-project.org/#/plugin/badges', 'PluginBadgesInventory'], + ['/plugins/certificates/LICENSE', 'Certificates Inventory', 'https://plugins.glpi-project.org/#/plugin/certificates', 'PluginCertificates'], + ['/plugins/databases/LICENSE', 'Databases Inventory', 'https://plugins.glpi-project.org/#/plugin/databases', 'PluginDatabases'], + ['/plugins/domains/locales/glpi.pot', 'Domains Inventory', 'https://plugins.glpi-project.org/#/plugin/domains', 'PluginDomainsInventory'], + ['/plugins/financialreports/LICENSE', 'Financial Reports', 'https://plugins.glpi-project.org/#/plugin/financialreports', 'PluginFinancialReports'], + ['/plugins/environment/LICENSE', 'Meta-Plugin Environment', 'https://plugins.glpi-project.org/#/plugin/environment', 'PluginEnvironment'], + ['/plugins/shellcommands/locales/glpi.pot', 'Launch Shell Commands', 'https://plugins.glpi-project.org/#/plugin/shellcommands', 'PluginLaunchShellCommands'], + ['/plugins/webapplications/LICENSE', 'Web Applications Inventory', 'https://plugins.glpi-project.org/#/plugin/webapplications', 'PluginWebApplications'], + ['/plugins/order/plugin.xml', 'Order Management', 'https://plugins.glpi-project.org/#/plugin/order', 'PluginOrderManagement'], + ['/plugins/uninstall/uninstall.xml', 'Uninstall', 'https://plugins.glpi-project.org/#/plugin/uninstall', 'PluginUninstall'], + ['/plugins/geninventorynumber/plugin.xml', 'Inventory Number Generation', 'https://plugins.glpi-project.org/#/plugin/geninventorynumber', 'PluginInventoryNumberGeneration'], + ['/plugins/behaviors/LICENSE', 'Behaviors', 'https://plugins.glpi-project.org/#/plugin/behaviors', 'PluginBehaviors'], + ['/plugins/barcode/barcode.xml', 'Barcode', 'https://plugins.glpi-project.org/#/plugin/barcode', 'PluginBarcode'], + ['/plugins/positions/locales/glpi.pot', 'Cartography', 'https://plugins.glpi-project.org/#/plugin/positions', 'PluginCartography'], + ['/plugins/typology/locales/glpi.pot', 'Typology', 'https://plugins.glpi-project.org/#/plugin/typology', 'PluginTypology'], + ['/plugins/mask/mask.xml', 'Mask', 'https://plugins.glpi-project.org/#/plugin/mask', 'PluginMask'], + ['/plugins/surveyticket/LICENSE', 'SurveyTicket', 'https://plugins.glpi-project.org/#/plugin/surveyticket', 'PluginSurveyTicket'], + ['/plugins/mantis/mantis.xml', 'MantisBT synchronization', 'https://plugins.glpi-project.org/#/plugin/mantis', 'PluginMantis'], + ['/plugins/reservation/LICENCE', 'Reservation', 'https://plugins.glpi-project.org/#/plugin/reservation', 'PluginReservation'], + ['/plugins/timezones/timezones.xml', 'Timezones', 'https://plugins.glpi-project.org/#/plugin/timezones', 'PluginTimezones'], + ['/plugins/sccm/sccm.xml', 'SCCM', 'https://plugins.glpi-project.org/#/plugin/sccm', 'PluginSCCM'], + ['/plugins/tag/plugin.xml', 'Tag', 'https://plugins.glpi-project.org/#/plugin/tag', 'PluginTag'], + ['/plugins/news/plugin.xml', 'News', 'https://plugins.glpi-project.org/#/plugin/news', 'PluginNews'], + ['/plugins/purgelogs/plugin.xml', 'Historical purge', 'https://plugins.glpi-project.org/#/plugin/purgelogs', 'PluginHistoricalPurge'], + ['/plugins/escalade/escalade.xml', 'Escalade', 'https://plugins.glpi-project.org/#/plugin/escalade', 'PluginEscalade'], + ['/plugins/moreticket/LICENSE', 'Moreticket', 'https://plugins.glpi-project.org/#/plugin/moreticket', 'PluginMoreTicket'], + ['/plugins/itilcategorygroups/itilcategorygroups.xm l', 'ItilCategory Groups', 'https://plugins.glpi-project.org/#/plugin/itilcategorygroups', 'PluginItilCategoryGroups'], + ['/plugins/consumables/LICENSE', 'Consumables', 'https://plugins.glpi-project.org/#/plugin/consumables', 'PluginConsumables'], + ['/plugins/printercounters/LICENSE', 'PrinterCounters', 'https://plugins.glpi-project.org/#/plugin/printercounters', 'PluginPrinterCounters'], + ['/plugins/processmaker/processmaker.xml', 'Processmaker', 'https://plugins.glpi-project.org/#/plugin/processmaker', 'PluginProcessmaker'], + ['/plugins/seasonality/README.md', 'Seasonality', 'https://plugins.glpi-project.org/#/plugin/seasonality', 'PluginSeasonality'], + ['/plugins/tasklists/locales/glpi.pot', 'Tasks List (Kanban)', 'https://plugins.glpi-project.org/#/plugin/tasklists', 'PluginTasksList'], + ['/plugins/mailanalyzer/mailanalyzer.xml', 'Mail Analyzer', 'https://plugins.glpi-project.org/#/plugin/mailanalyzer', 'PluginMailAnalyzer'], + ['/plugins/mydashboard/locales/glpi.pot', 'My Dashboard', 'https://plugins.glpi-project.org/#/plugin/mydashboard', 'PluginMyDashboard'], + ['/plugins/timelineticket/locales/glpi.pot', 'Timelineticket', 'https://plugins.glpi-project.org/#/plugin/timelineticket', 'PluginTimelineticket'], + ['/plugins/airwatch/airwatch.xml', 'Airwatch connector', 'https://plugins.glpi-project.org/#/plugin/airwatch', 'PluginAirwatchConnector'], + ['/plugins/archifun/funcarea.xml', 'Functional Areas', 'https://plugins.glpi-project.org/#/plugin/archifun', 'PluginFunctionalAreas'], + ['/plugins/useditemsexport/plugin.xml', 'Used items export', 'https://plugins.glpi-project.org/#/plugin/useditemsexport', 'PluginUsedItemsExport'], + ['/plugins/nebackup/nebackup.xml', 'Network Equipment Backup', 'https://plugins.glpi-project.org/#/plugin/nebackup', 'PluginNetworkEquipmentBackup'], + ['/plugins/openvas/openvas.xml', 'OpenVAS', 'https://plugins.glpi-project.org/#/plugin/openvas', 'PluginOpenVAS'], + ['/plugins/browsernotification/browsernotification.xml', 'Browser Notification', 'https://plugins.glpi-project.org/#/plugin/browsernotification', 'PluginBrowserNotification'], + ['/plugins/credit/plugin.xml', 'Credit', 'https://plugins.glpi-project.org/#/plugin/credit', 'PluginCredit'], + ['/plugins/xivo/xivo.xml', 'xivo', 'https://plugins.glpi-project.org/#/plugin/xivo', 'PluginXivo'], + ['/plugins/glpi2mdt/glpi2mdt.xml', 'GLPI to MDT connector', 'https://plugins.glpi-project.org/#/plugin/glpi2mdt', 'PluginMDTConnector'], + ['/plugins/telegrambot/telegrambot.xml', 'TelegramBot', 'https://plugins.glpi-project.org/#/plugin/telegrambot', 'PluginTelegramBot'], + ['/plugins/cleanarchivedemails/cleanarchivedemails.xml', 'Clean Archived Emails', 'https://plugins.glpi-project.org/#/plugin/cleanarchivedemails', 'PluginCleanArchivedEmails'], + ['/plugins/officeonline/js/officeonline.js', 'Office Online', 'https://plugins.glpi-project.org/#/plugin/officeonline', 'PluginOfficeOnline'], + ['/plugins/satisfaction/satisfaction.js', 'More satisfaction', 'https://plugins.glpi-project.org/#/plugin/satisfaction', 'PluginMoreSatisfaction'], + ['/plugins/gdrive/README.md', 'GDrive', 'https://plugins.glpi-project.org/#/plugin/GDrive', 'PluginGDrive'], + ['/plugins/archisw/archisw.xml', 'Apps structure inventory', 'https://plugins.glpi-project.org/#/plugin/archisw', 'PluginAppsStructureInventory'], + ['/plugins/dataflows/dataflows.xml', 'Dataflows inventory', 'https://plugins.glpi-project.org/#/plugin/dataflows', 'PluginDataflowsInventory'], + ['/plugins/statecheck/statecheck.xml', 'Statecheck', 'https://plugins.glpi-project.org/#/plugin/statecheck', 'PluginStatecheck'], + ['/plugins/archimap/archimap.xml', 'Diagrams', 'https://plugins.glpi-project.org/#/plugin/archimap', 'PluginDiagrams'], + ['/plugins/metabase/metabase.xml', 'Metabase', 'https://plugins.glpi-project.org/#/plugin/metabase', 'PluginMetabase'], + ['/plugins/orderservice/orderservice.xml', 'Order Service', 'https://plugins.glpi-project.org/#/plugin/orderservice', 'PluginOrderService'], + ['/plugins/glpicheckingversion/glpicheckingversion.xml', 'GLPI Checking Version', 'https://plugins.glpi-project.org/#/plugin/glpicheckingversion', 'PluginGLPICheckingVersion'], + ['/plugins/taskdrop/LICENSE', 'Task n Drop', 'https://plugins.glpi-project.org/#/plugin/TaskDrop', 'PluginTaskDrop'], + ['/plugins/impacts/impacts.xml', 'Impacts', 'https://plugins.glpi-project.org/#/plugin/impacts', 'PluginImpacts'], + ['/plugins/manufacturersimports/LICENSE', 'Manufacturers Web Imports', 'https://plugins.glpi-project.org/#/plugin/manufacturersimports', 'PluginManufacturersImports'], + ] # ['VENDOR', ['OPERANDE', 'VERSION'], 'DESC' ,'LINK', 'CVE'] CVE = [ - ['GLPI', [['<', '0.80.2']], 'Sensitive information disclosure' ,'https://nvd.nist.gov/vuln/detail/CVE-2011-2720', 'CVE-2011-2720'], - ['GLPI', [['>=', '0.78'], ['<=', '0.80.61']], 'Remote file inclusion vulnerability in front/popup.php' ,'https://seclists.org/fulldisclosure/2012/Feb/157', 'CVE-2012-1037'], - ['GLPI', [['<', '0.83.3']], 'Cross-site request forgery (CSRF)' ,'http://www.prajalkulkarni.com/2012/10/multiple-csrf-and-xss-vulnerabilities.html', 'CVE-2012-4002'], - ['GLPI', [['<', '0.83.3']],'Multiple cross-site scripting', 'http://www.prajalkulkarni.com/2012/10/multiple-csrf-and-xss-vulnerabilities.html', 'CVE-2012-4003'], - ['GLPI', [['=', '0.83.9']], 'Unserialize() Remote Code Execution' ,'https://www.exploit-db.com/exploits/26530', 'CVE-2013-2225'], - ['GLPI', [['>=', '0.83'], ['<=', '0.83.8']], 'Multiple Error-based SQL Injection' ,'https://downloads.securityfocus.com/vulnerabilities/exploits/60693.txt', 'CVE-2013-2226'], - ['GLPI', [['<', '0.84.2']], 'GLPI install.php Remote Command Execution' ,'https://www.exploit-db.com/exploits/28483', 'CVE-2013-5696'], - ['GLPI', [['<', '0.84.7']], 'Access control defecting on cost criteria' ,'https://nvd.nist.gov/vuln/detail/CVE-2014-5032', 'CVE-2014-5032'], - ['GLPI', [['<', '0.84.8']], 'Directory traversal vulnerability in inc/autoload.function.php' ,'http://tlk.tuxfamily.org/doku.php?id=writeup:cve-2014-8360', 'CVE-2014-8360'], - ['GLPI', [['<', '0.85.1']], 'Blind SQL Injection in ajax/getDropdownValue.php' ,'https://www.exploit-db.com/exploits/35528', 'CVE-2014-9258'], - ['GLPI', [['<=', '0.85.2']], 'Privilege escalation' ,'https://seclists.org/fulldisclosure/2015/Feb/71', 'CVE-2015-7685'], - ['GLPI', [['>=', '0.85.0'], ['<=', '0.85.2']], 'Remote Code Execution' ,'https://seclists.org/fulldisclosure/2015/Feb/71', 'CVE-2015-7684'], - ['GLPI', [['=', '0.90.4']], 'Cross-Site Request Forgery' ,'https://nvd.nist.gov/vuln/detail/CVE-2016-7507', 'CVE-2016-7507'], - ['GLPI', [['=', '0.90.4']], 'Multiple SQL injection' ,'https://www.exploit-db.com/exploits/42262', 'CVE-2016-7508'], - ['GLPI', [['=', '0.90.4']], 'Store XSS in Ticket' ,'https://nvd.nist.gov/vuln/detail/CVE-2016-7509', 'CVE-2016-7509'], - ['GLPI', [['<=', '9.1.5']], 'front/backup.php file denial of service' ,'https://nvd.nist.gov/vuln/detail/CVE-2017-11183', 'CVE-2017-11183'], - ['GLPI', [['<', '9.1.5']], 'SQL injection in front/devicesoundcard.php' ,'https://github.com/glpi-project/glpi/issues/2450', 'CVE-2017-11183'], - ['GLPI', [['<=', '9.2.1']], 'Cross Site Scripting in /front/preference.php' ,'https://members.backbox.org/glpi-9-2-1-multiple-vulnerabilities/', 'CVE-2018-7563'], - ['GLPI', [['<', '9.1.5']], 'SQL injection in front/devicesoundcard.php' ,'https://github.com/glpi-project/glpi/issues/2449', 'CVE-2017-11184'], - ['GLPI', [['<', '9.1.5']], 'SQL injection in ajax/getDropdownValue.php' ,'https://github.com/glpi-project/glpi/issues/2456', 'CVE-2017-11329'], - ['GLPI', [['<', '9.1.5.1']], 'SQL injection in ajax/common.tabs.php' ,'https://github.com/glpi-project/glpi/issues/2475', 'CVE-2017-11474'], - ['GLPI', [['<', '9.1.5.1']], 'SQL injection in front/rulesengine.test.php' ,'https://github.com/glpi-project/glpi/issues/2476', 'CVE-2017-11475'], - ['GLPI', [['<=', '9.2.1']], 'Remote code execution' ,'https://github.com/bowline90/RemoteCodeUploadGLPI', 'CVE-2018-7562'], - ['GLPI', [['<=', '9.3.3']], 'Pre-authenticated SQL injection' ,'https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf', 'CVE-2019-10232'], - ['GLPI', [['>=', '9.3'], ['<', ' 9.3.4']], 'Type juggling authentication bypass', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Type_juggling_auth_bypass.pdf', 'CVE-2019-10231'], - ['GLPI', [['>=', '9.4'], ['<', ' 9.4.1.1']], 'Type juggling authentication bypass', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Type_juggling_auth_bypass.pdf', 'CVE-2019-10231'], - ['GLPI', [['>=', '9.3'], ['<', ' 9.3.4']], 'Timing attack user enumeration', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Timing_attack_user_enumeration.pdf', 'CVE-2019-10233'], - ['GLPI', [['>=', '9.4'], ['<', ' 9.4.1.1']], 'Timing attack user enumeration', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Timing_attack_user_enumeration.pdf', 'CVE-2019-10233'], - ['FusionInventory', [['>=', '9.3'], ['<', ' 9.3+1.4']], 'Arbitrary PHP function call', 'https://www.synacktiv.com/ressources/GLPI_FusionInventory_9.4.0_Arbitrary_call_user_func_array.pdf', 'CVE-2019-10477'], - ['FusionInventory', [['>=', '9.4'], ['<', ' 9.4+1.1']], 'Arbitrary PHP function call', 'https://www.synacktiv.com/ressources/GLPI_FusionInventory_9.4.0_Arbitrary_call_user_func_array.pdf', 'CVE-2019-10477'], - ] + ['GLPI', [['<', '0.80.2']], 'Sensitive information disclosure' ,'https://nvd.nist.gov/vuln/detail/CVE-2011-2720', 'CVE-2011-2720'], + ['GLPI', [['>=', '0.78'], ['<=', '0.80.61']], 'Remote file inclusion vulnerability in front/popup.php' ,'https://seclists.org/fulldisclosure/2012/Feb/157', 'CVE-2012-1037'], + ['GLPI', [['<', '0.83.3']], 'Cross-site request forgery (CSRF)' ,'http://www.prajalkulkarni.com/2012/10/multiple-csrf-and-xss-vulnerabilities.html', 'CVE-2012-4002'], + ['GLPI', [['<', '0.83.3']],'Multiple cross-site scripting', 'http://www.prajalkulkarni.com/2012/10/multiple-csrf-and-xss-vulnerabilities.html', 'CVE-2012-4003'], + ['GLPI', [['=', '0.83.9']], 'Unserialize() Remote Code Execution' ,'https://www.exploit-db.com/exploits/26530', 'CVE-2013-2225'], + ['GLPI', [['>=', '0.83'], ['<=', '0.83.8']], 'Multiple Error-based SQL Injection' ,'https://downloads.securityfocus.com/vulnerabilities/exploits/60693.txt', 'CVE-2013-2226'], + ['GLPI', [['<', '0.84.2']], 'GLPI install.php Remote Command Execution' ,'https://www.exploit-db.com/exploits/28483', 'CVE-2013-5696'], + ['GLPI', [['<', '0.84.7']], 'Access control defecting on cost criteria' ,'https://nvd.nist.gov/vuln/detail/CVE-2014-5032', 'CVE-2014-5032'], + ['GLPI', [['<', '0.84.8']], 'Directory traversal vulnerability in inc/autoload.function.php' ,'http://tlk.tuxfamily.org/doku.php?id=writeup:cve-2014-8360', 'CVE-2014-8360'], + ['GLPI', [['<', '0.85.1']], 'Blind SQL Injection in ajax/getDropdownValue.php' ,'https://www.exploit-db.com/exploits/35528', 'CVE-2014-9258'], + ['GLPI', [['<=', '0.85.2']], 'Privilege escalation' ,'https://seclists.org/fulldisclosure/2015/Feb/71', 'CVE-2015-7685'], + ['GLPI', [['>=', '0.85.0'], ['<=', '0.85.2']], 'Remote Code Execution' ,'https://seclists.org/fulldisclosure/2015/Feb/71', 'CVE-2015-7684'], + ['GLPI', [['=', '0.90.4']], 'Cross-Site Request Forgery' ,'https://nvd.nist.gov/vuln/detail/CVE-2016-7507', 'CVE-2016-7507'], + ['GLPI', [['=', '0.90.4']], 'Multiple SQL injection' ,'https://www.exploit-db.com/exploits/42262', 'CVE-2016-7508'], + ['GLPI', [['=', '0.90.4']], 'Store XSS in Ticket' ,'https://nvd.nist.gov/vuln/detail/CVE-2016-7509', 'CVE-2016-7509'], + ['GLPI', [['<=', '9.1.5']], 'front/backup.php file denial of service' ,'https://nvd.nist.gov/vuln/detail/CVE-2017-11183', 'CVE-2017-11183'], + ['GLPI', [['<', '9.1.5']], 'SQL injection in front/devicesoundcard.php' ,'https://github.com/glpi-project/glpi/issues/2450', 'CVE-2017-11183'], + ['GLPI', [['<=', '9.2.1']], 'Cross Site Scripting in /front/preference.php' ,'https://members.backbox.org/glpi-9-2-1-multiple-vulnerabilities/', 'CVE-2018-7563'], + ['GLPI', [['<', '9.1.5']], 'SQL injection in front/devicesoundcard.php' ,'https://github.com/glpi-project/glpi/issues/2449', 'CVE-2017-11184'], + ['GLPI', [['<', '9.1.5']], 'SQL injection in ajax/getDropdownValue.php' ,'https://github.com/glpi-project/glpi/issues/2456', 'CVE-2017-11329'], + ['GLPI', [['<', '9.1.5.1']], 'SQL injection in ajax/common.tabs.php' ,'https://github.com/glpi-project/glpi/issues/2475', 'CVE-2017-11474'], + ['GLPI', [['<', '9.1.5.1']], 'SQL injection in front/rulesengine.test.php' ,'https://github.com/glpi-project/glpi/issues/2476', 'CVE-2017-11475'], + ['GLPI', [['<=', '9.2.1']], 'Remote code execution' ,'https://github.com/bowline90/RemoteCodeUploadGLPI', 'CVE-2018-7562'], + ['GLPI', [['<=', '9.3.3']], 'Pre-authenticated SQL injection' ,'https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf', 'CVE-2019-10232'], + ['GLPI', [['>=', '9.3'], ['<', ' 9.3.4']], 'Type juggling authentication bypass', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Type_juggling_auth_bypass.pdf', 'CVE-2019-10231'], + ['GLPI', [['>=', '9.4'], ['<', ' 9.4.1.1']], 'Type juggling authentication bypass', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Type_juggling_auth_bypass.pdf', 'CVE-2019-10231'], + ['GLPI', [['>=', '9.3'], ['<', ' 9.3.4']], 'Timing attack user enumeration', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Timing_attack_user_enumeration.pdf', 'CVE-2019-10233'], + ['GLPI', [['>=', '9.4'], ['<', ' 9.4.1.1']], 'Timing attack user enumeration', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Timing_attack_user_enumeration.pdf', 'CVE-2019-10233'], + ['FusionInventory', [['>=', '9.3'], ['<', ' 9.3+1.4']], 'Arbitrary PHP function call', 'https://www.synacktiv.com/ressources/GLPI_FusionInventory_9.4.0_Arbitrary_call_user_func_array.pdf', 'CVE-2019-10477'], + ['FusionInventory', [['>=', '9.4'], ['<', ' 9.4+1.1']], 'Arbitrary PHP function call', 'https://www.synacktiv.com/ressources/GLPI_FusionInventory_9.4.0_Arbitrary_call_user_func_array.pdf', 'CVE-2019-10477'], + ] diff --git a/inc/Credentials.py b/inc/Credentials.py index 30bc576..c8f9117 100644 --- a/inc/Credentials.py +++ b/inc/Credentials.py @@ -1,58 +1,55 @@ -#!/usr/bin/python - -import Config +from inc import Config import requests, chalk, re class CredentialsCheck: - def checkAuthent(self, request, user): - if request.status_code == 302: - print(chalk.white('[+] Valid user account found : ', bold=True) + chalk.red(user[0] + ':' + user[1], bold=True)) - elif request.status_code == 200 and request.content.find("window.location='/front/") != -1: - print(chalk.white('[+] Valid user account found : ', bold=True) + chalk.red(user[0] + ':' + user[1], bold=True)) - - def getLoginField(self, content): - - content = re.findall(r'name=\".*id=\"login_name\"', content)[0] - login = content[content.find('name="')+len('name="'):] - login = login[:login.find('"')] - return login - - def getPasswordField(self, content): - content = re.findall(r'type="password" name=\".*.id=\"login_password\"', content)[0] - password = content[content.find('name="')+len('name="'):] - password = password[:password.find('"')] - return password - - def getCSRFField(self, content): - csrf = content[content.find('_glpi_csrf_token" value="')+len('_glpi_csrf_token" value="'):] - csrf = csrf[:csrf.find('"')] - return csrf - - def Authenticate(self, user, loginField, passwordField, CSRFField): - payload = {'_glpi_csrf_token': CSRFField, passwordField: user[1], loginField: user[0], 'submit': 'Submit'} - cookie = {Config.COOKIE.split('=')[0]:Config.COOKIE.split('=')[1]} - if Config.DEBUG: - print("[DEBUG] POST : " + Config.BASE_URL + "/front/login.php") - Config.HEADERS['Referer'] = Config.BASE_URL + "/" - r = requests.post(Config.BASE_URL + "/front/login.php", data=payload, cookies=cookie, allow_redirects=False, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - self.checkAuthent(r, user) - - def getAuthForm(self, user): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL) - r = requests.get(Config.BASE_URL, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - Config.COOKIE = r.headers.get('Set-Cookie').split(';')[0] - loginField = self.getLoginField(r.content) - passwordField = self.getPasswordField(r.content) - CSRFField = self.getCSRFField(r.content) - self.Authenticate(user, loginField, passwordField, CSRFField) - - def credentials(self): - print(chalk.green('\n[+] Performing Credential check', bold=True)) - print(chalk.green('===============================\n', bold=True)) - for user in Config.USERS: - if Config.DEBUG: - print("[DEBUG] Trying " + user[0] + ":" + user[1]) - self.getAuthForm(user) \ No newline at end of file + def checkAuthent(self, request, user): + if request.status_code == 302: + print(chalk.white('[+] Valid user account found : ', bold=True) + chalk.red(user[0] + ':' + user[1], bold=True)) + elif request.status_code == 200 and request.content.decode('utf-8').find("window.location='/front/") != -1: + print(chalk.white('[+] Valid user account found : ', bold=True) + chalk.red(user[0] + ':' + user[1], bold=True)) + + def getLoginField(self, content): + content = re.findall(r'name=\".*id=\"login_name\"', content)[0] + login = content[content.find('name="')+len('name="'):] + login = login[:login.find('"')] + return login + + def getPasswordField(self, content): + content = re.findall(r'type="password" name=\".*.id=\"login_password\"', content)[0] + password = content[content.find('name="')+len('name="'):] + password = password[:password.find('"')] + return password + + def getCSRFField(self, content): + csrf = content[content.find('_glpi_csrf_token" value="')+len('_glpi_csrf_token" value="'):] + csrf = csrf[:csrf.find('"')] + return csrf + + def Authenticate(self, user, loginField, passwordField, CSRFField): + payload = {'_glpi_csrf_token': CSRFField, passwordField: user[1], loginField: user[0], 'submit': 'Submit'} + cookie = {Config.COOKIE.split('=')[0]:Config.COOKIE.split('=')[1]} + if Config.DEBUG: + print("[DEBUG] POST : " + Config.BASE_URL + "/front/login.php") + Config.HEADERS['Referer'] = Config.BASE_URL + "/" + r = requests.post(Config.BASE_URL + "/front/login.php", data=payload, cookies=cookie, allow_redirects=False, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + self.checkAuthent(r, user) + + def getAuthForm(self, user): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL) + r = requests.get(Config.BASE_URL, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + Config.COOKIE = r.headers.get('Set-Cookie').split(';')[0] + loginField = self.getLoginField(r.content.decode('utf-8')) + passwordField = self.getPasswordField(r.content.decode('utf-8')) + CSRFField = self.getCSRFField(r.content.decode('utf-8')) + self.Authenticate(user, loginField, passwordField, CSRFField) + + def credentials(self): + print(chalk.green('\n[+] Performing Credential check', bold=True)) + print(chalk.green('===============================\n', bold=True)) + for user in Config.USERS: + if Config.DEBUG: + print("[DEBUG] Trying " + user[0] + ":" + user[1]) + self.getAuthForm(user) diff --git a/inc/Exploits.py b/inc/Exploits.py index 1791cd9..89d20b2 100644 --- a/inc/Exploits.py +++ b/inc/Exploits.py @@ -1,34 +1,32 @@ -#!/usr/bin/python - -import Config +from inc import Config from packaging.version import Version, parse import requests, chalk -class ExploitsCheck: +class Exploits: - def verifVersion(self, version, CVE): - for v in CVE: - if v[0] == "<" and parse(version) >= parse(v[1]): - return False - if v[0] == "<=" and parse(version) > parse(v[1]): - return False - if v[0] == ">" and parse(version) <= parse(v[1]): - return False - if v[0] == ">=" and parse(version) < parse(v[1]): - return False - if v[0] == "=" and parse(version) is not parse(v[1]): - return False - return True + def verifVersion(self, version, CVE): + for v in CVE: + if v[0] == "<" and parse(version) >= parse(v[1]): + return False + if v[0] == "<=" and parse(version) > parse(v[1]): + return False + if v[0] == ">" and parse(version) <= parse(v[1]): + return False + if v[0] == ">=" and parse(version) < parse(v[1]): + return False + if v[0] == "=" and parse(version) is not parse(v[1]): + return False + return True - def getCVE(self, CVE): - print(chalk.red('\n\t[+] Vulnerable to: ' + CVE[2], bold=True)) - print("\t[+] Reference: " + CVE[3]) - if CVE[4]: - print("\t[+] CVE: " + CVE[4]) + def getCVE(self, CVE): + print(chalk.red('\n\t[+] Vulnerable to: ' + CVE[2], bold=True)) + print("\t[+] Reference: " + CVE[3]) + if CVE[4]: + print("\t[+] CVE: " + CVE[4]) - def verifExploit(self, module, version): - print(chalk.white('\t[+] Looking for [', bold=True) + chalk.yellow(module, bold=True) + chalk.white('] exploits depending on version [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - for CVE in Config.CVE: - if CVE[0] == module and self.verifVersion(version, CVE[1]): - self.getCVE(CVE) + def verifExploit(self, module, version): + print(chalk.white('\t[+] Looking for [', bold=True) + chalk.yellow(module, bold=True) + chalk.white('] exploits depending on version [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + for CVE in Config.CVE: + if CVE[0] == module and self.verifVersion(version, CVE[1]): + self.getCVE(CVE) diff --git a/inc/Files.py b/inc/Files.py index d558b53..6d28361 100644 --- a/inc/Files.py +++ b/inc/Files.py @@ -1,42 +1,40 @@ -#!/usr/bin/python - -import Config +from inc import Config import requests, chalk, re class FilesCheck: - def listFolder(self, folder): - if Config.DEBUG: - print("[DEBUG] GET : " + folder) - r = requests.get(folder, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - contents = re.findall(r'')]) + def tryTelemetry(self): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + "/ajax/telemetry.php") + r = requests.get(Config.BASE_URL + "/ajax/telemetry.php", verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + if (r.status_code == 200): + content = r.content.decode('utf-8') + Config.AJAX_TELEMETRY = json.loads(content[content.find('{'):content.find('')]) - def getVersion(self, request): - try: - version = request.content[request.content.find('GLPI version ')+len('GLPI version '):] - version = version[:version.find(' Copyright')] - Version(version) - return version - except: - pass - try: - version = request.content[request.content.find('?v=')+len('?v='):] - version = version[:version.find('"')] - Version(version) - return version - except: - pass - try: - version = request.content[request.content.find('">GLPI ')+len('">GLPI '):] - version = version[:version.find(' Copyright')] - Version(version) - return version - except: - return False + def getVersion(self, request): + try: + version = request.content[request.content.find('GLPI version ')+len('GLPI version '):] + version = version[:version.find(' Copyright')] + Version(version) + return version + except: + pass + try: + version = request.content[request.content.find('?v=')+len('?v='):] + version = version[:version.find('"')] + Version(version) + return version + except: + pass + try: + version = request.content[request.content.find('">GLPI ')+len('">GLPI '):] + version = version[:version.find(' Copyright')] + Version(version) + return version + except: + return False - def checkVersion(self): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL) - if not Config.VERSION: - if not AjaxTelemetry.AjaxTelemetry().getGLPIVersion(): - r = requests.get(Config.BASE_URL, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - Config.VERSION = self.getVersion(r) - if not Config.VERSION: - print(chalk.white('[!] Cannot find GLPI Version', bold=True)) - return False - print(chalk.white('[+] Version of GLPI : ', bold=True) + chalk.yellow(Config.VERSION, bold=True)) - Exploits.ExploitsCheck().verifExploit('GLPI', Config.VERSION) - - def checkServer(self): - try: - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL) - r = requests.get(Config.BASE_URL, timeout=10, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - print(chalk.white('[+] Server Header : ', bold=True) + chalk.yellow(r.headers['Server'], bold=True)) - self.getURLBase(r.content) - self.getRootDoc(r.content) - self.tryTelemetry() - self.checkVersion() - return True - except Exception as e: - print(chalk.red('[-] ' + Config.BASE_URL + ' seems not accessible', bold=True)) - return False + def checkVersion(self): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL) + if not Config.VERSION: + if not AjaxTelemetry().getGLPIVersion(): + r = requests.get(Config.BASE_URL, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + Config.VERSION = self.getVersion(r.decode('utf-8')) + if not Config.VERSION: + print(chalk.white('[!] Cannot find GLPI Version', bold=True)) + return False + print(chalk.white('[+] Version of GLPI : ', bold=True) + chalk.yellow(Config.VERSION, bold=True)) + Exploits().verifExploit('GLPI', Config.VERSION) + + def checkServer(self): + # try: + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL) + r = requests.get(Config.BASE_URL, timeout=10, verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + print(chalk.white('[+] Server Header : ', bold=True) + chalk.yellow(r.headers['Server'], bold=True)) + self.getURLBase(r.content.decode('utf-8')) + self.getRootDoc(r.content.decode('utf-8')) + self.tryTelemetry() + self.checkVersion() + return True + # except Exception as e: + # print(chalk.red('[-] ' + Config.BASE_URL + ' seems not accessible', bold=True)) + # return False - def getInfo(self): - print(chalk.green('[+] Gathering basic information', bold=True)) - print(chalk.green('===============================\n', bold=True)) - if (self.checkServer()): - return True - return False \ No newline at end of file + def getInfo(self): + print(chalk.green('[+] Gathering basic information', bold=True)) + print(chalk.green('===============================\n', bold=True)) + if (self.checkServer()): + return True + return False diff --git a/inc/Plugins.py b/inc/Plugins.py index 6c5de1b..691e332 100644 --- a/inc/Plugins.py +++ b/inc/Plugins.py @@ -1,29 +1,25 @@ -#!/usr/bin/python - -import Config - -from inc import ImportPlugin +from inc import Config, ImportPlugin import requests, chalk, json class PluginsCheck: - def getPlugin(self, plugin): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + plugin[0]) - r = requests.get(Config.BASE_URL + plugin[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - if (r.status_code == 200): - print(chalk.white('\n[+] Plugin [', bold=True) + chalk.yellow(plugin[1], bold=True) + chalk.white('] found !', bold=True)) - if plugin[3]: - obj = ImportPlugin.ImportPlugin().importModule(plugin[3]) - obj.initPlugin(plugin) - else: - print(chalk.white('\t[-] Version not found : ', bold=True) + chalk.yellow(Config.BASE_URL + plugin[0], bold=True)) + def getPlugin(self, plugin): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + plugin[0]) + r = requests.get(Config.BASE_URL + plugin[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + if (r.status_code == 200): + print(chalk.white('\n[+] Plugin [', bold=True) + chalk.yellow(plugin[1], bold=True) + chalk.white('] found !', bold=True)) + if plugin[3]: + obj = ImportPlugin().importModule(plugin[3]) + obj.initPlugin(plugin) + else: + print(chalk.white('\t[-] Version not found : ', bold=True) + chalk.yellow(Config.BASE_URL + plugin[0], bold=True)) - def plugins(self): - plugins = Config.PLUGINS - print(chalk.green('\n[+] Performing Plugins check', bold=True)) - print(chalk.green('============================', bold=True)) - for plugin in plugins: - self.getPlugin(plugin) + def plugins(self): + plugins = Config.PLUGINS + print(chalk.green('\n[+] Performing Plugins check', bold=True)) + print(chalk.green('============================', bold=True)) + for plugin in plugins: + self.getPlugin(plugin) diff --git a/inc/__init__.py b/inc/__init__.py index e69de29..64bb7a1 100644 --- a/inc/__init__.py +++ b/inc/__init__.py @@ -0,0 +1,10 @@ +#-*- coding: utf-8 -*- + +from .Config import * +from .AjaxTelemetry import * +from .Credentials import * +from .Exploits import * +from .Files import * +from .ImportPlugin import * +from .Plugins import * +from .Infos import * diff --git a/plugins/PluginAccounts.py b/plugins/PluginAccounts.py new file mode 100644 index 0000000..67e792f --- /dev/null +++ b/plugins/PluginAccounts.py @@ -0,0 +1,10 @@ +from inc import Config, Exploits, AjaxTelemetry + +import requests, chalk + +class PluginAccounts: + + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'accounts') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginAddressing.py b/plugins/PluginAddressing.py index 3727b8c..feef6d4 100644 --- a/plugins/PluginAddressing.py +++ b/plugins/PluginAddressing.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginAddressing: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'addressing') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'addressing') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginAirwatchConnector.py b/plugins/PluginAirwatchConnector.py index 51d4163..f6f88e1 100644 --- a/plugins/PluginAirwatchConnector.py +++ b/plugins/PluginAirwatchConnector.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginAirwatchConnector: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginAppliances.py b/plugins/PluginAppliances.py index 524cfb5..b9194a3 100644 --- a/plugins/PluginAppliances.py +++ b/plugins/PluginAppliances.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginAppliances: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'appliances') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'appliances') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginAppsStructureInventory.py b/plugins/PluginAppsStructureInventory.py index 41fe86b..56776e0 100644 --- a/plugins/PluginAppsStructureInventory.py +++ b/plugins/PluginAppsStructureInventory.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginAppsStructureInventory: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginArchires.py b/plugins/PluginArchires.py index 7514ae5..f93d848 100644 --- a/plugins/PluginArchires.py +++ b/plugins/PluginArchires.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginArchires: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'archires') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'archires') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginBadgesInventory.py b/plugins/PluginBadgesInventory.py index 4d8435e..012be24 100644 --- a/plugins/PluginBadgesInventory.py +++ b/plugins/PluginBadgesInventory.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginBadgesInventory: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Badges plugin ') + len('Badges plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Badges plugin ') + len('Badges plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginBarcode.py b/plugins/PluginBarcode.py index d3c1944..fbce227 100644 --- a/plugins/PluginBarcode.py +++ b/plugins/PluginBarcode.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginBarcode: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginBehaviors.py b/plugins/PluginBehaviors.py index cdaac5d..95c1766 100644 --- a/plugins/PluginBehaviors.py +++ b/plugins/PluginBehaviors.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginBehaviors: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'behaviors') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'behaviors') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginBrowserNotification.py b/plugins/PluginBrowserNotification.py index 99e6445..95c2888 100644 --- a/plugins/PluginBrowserNotification.py +++ b/plugins/PluginBrowserNotification.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginBrowserNotification: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.rfind('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.rfind('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginCartography.py b/plugins/PluginCartography.py index 5f75885..b0aa750 100644 --- a/plugins/PluginCartography.py +++ b/plugins/PluginCartography.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginCartography: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Positions plugin ') + len('Positions plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Positions plugin ') + len('Positions plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginCertificates.py b/plugins/PluginCertificates.py new file mode 100644 index 0000000..cf4076f --- /dev/null +++ b/plugins/PluginCertificates.py @@ -0,0 +1,10 @@ +from inc import Config, Exploits, AjaxTelemetry + +import requests, chalk + +class PluginCertificates: + + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'certificates') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginCleanArchivedEmails.py b/plugins/PluginCleanArchivedEmails.py index 883a042..5319305 100644 --- a/plugins/PluginCleanArchivedEmails.py +++ b/plugins/PluginCleanArchivedEmails.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginCleanArchivedEmails: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginConsumables.py b/plugins/PluginConsumables.py index 0567178..b9e30ba 100644 --- a/plugins/PluginConsumables.py +++ b/plugins/PluginConsumables.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginConsumables: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'consumables') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'consumables') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginCredit.py b/plugins/PluginCredit.py index 35bab60..1a633e0 100644 --- a/plugins/PluginCredit.py +++ b/plugins/PluginCredit.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginCredit: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginDashboard.py b/plugins/PluginDashboard.py index cf83be8..abb2c39 100644 --- a/plugins/PluginDashboard.py +++ b/plugins/PluginDashboard.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginDashboard: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Version ') + len('Version '):] - version = version[:version.find(':')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Version ') + len('Version '):] + version = version[:version.find(':')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'dashboard') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'dashboard') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginDataInjection.py b/plugins/PluginDataInjection.py index cf49aaf..f5c9d19 100644 --- a/plugins/PluginDataInjection.py +++ b/plugins/PluginDataInjection.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginDataInjection: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginDatabases.py b/plugins/PluginDatabases.py index c5f631e..26cac0f 100644 --- a/plugins/PluginDatabases.py +++ b/plugins/PluginDatabases.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginDatabases: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'databases') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'databases') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginDataflowsInventory.py b/plugins/PluginDataflowsInventory.py index d684ec8..1824fca 100644 --- a/plugins/PluginDataflowsInventory.py +++ b/plugins/PluginDataflowsInventory.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginDataflowsInventory: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginDiagrams.py b/plugins/PluginDiagrams.py index 81e75a3..243ce00 100644 --- a/plugins/PluginDiagrams.py +++ b/plugins/PluginDiagrams.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginDiagrams: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginDomainsInventory.py b/plugins/PluginDomainsInventory.py index 8ce48d0..5b2e8ca 100644 --- a/plugins/PluginDomainsInventory.py +++ b/plugins/PluginDomainsInventory.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginDomainsInventory: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Domains plugin ') + len('Domains plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Domains plugin ') + len('Domains plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginEnvironment.py b/plugins/PluginEnvironment.py new file mode 100644 index 0000000..3e85c76 --- /dev/null +++ b/plugins/PluginEnvironment.py @@ -0,0 +1,10 @@ +from inc import Config, Exploits, AjaxTelemetry + +import requests, chalk + +class PluginEnvironment: + + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'environment') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginEscalade.py b/plugins/PluginEscalade.py index efce8d1..5018cd0 100644 --- a/plugins/PluginEscalade.py +++ b/plugins/PluginEscalade.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginEscalade: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'escalade') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'escalade') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginFields.py b/plugins/PluginFields.py index 8f2e76a..ba8bb7a 100644 --- a/plugins/PluginFields.py +++ b/plugins/PluginFields.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginFields: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'fields') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'fields') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginFinancialReports.py b/plugins/PluginFinancialReports.py new file mode 100644 index 0000000..b9f7af5 --- /dev/null +++ b/plugins/PluginFinancialReports.py @@ -0,0 +1,10 @@ +from inc import Config, Exploits, AjaxTelemetry + +import requests, chalk + +class PluginFinancialReports: + + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'financialreports') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginFormCreator.py b/plugins/PluginFormCreator.py index 3aed13c..9a4a080 100644 --- a/plugins/PluginFormCreator.py +++ b/plugins/PluginFormCreator.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginFormCreator: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('"version": "') + len('"version": "'):] - version = version[:version.find('"')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('"version": "') + len('"version": "'):] + version = version[:version.find('"')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'formcreator') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'formcreator') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginFunctionalAreas.py b/plugins/PluginFunctionalAreas.py index 204e787..bd7aee1 100644 --- a/plugins/PluginFunctionalAreas.py +++ b/plugins/PluginFunctionalAreas.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginFunctionalAreas: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginFusionInventory.py b/plugins/PluginFusionInventory.py index f1de43e..c40172b 100644 --- a/plugins/PluginFusionInventory.py +++ b/plugins/PluginFusionInventory.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginFusionInventory: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('FusionInventory ') + len('FusionInventory '):] - version = version[:version.find(' ')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('FusionInventory ') + len('FusionInventory '):] + version = version[:version.find(' ')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'fusioninventory') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'fusioninventory') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginGDrive.py b/plugins/PluginGDrive.py index dbc1102..fe90c6c 100644 --- a/plugins/PluginGDrive.py +++ b/plugins/PluginGDrive.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginGDrive: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'gdrive') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) \ No newline at end of file + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'gdrive') + if version: + Exploits().verifExploit(info[1], version) \ No newline at end of file diff --git a/plugins/PluginGLPICheckingVersion.py b/plugins/PluginGLPICheckingVersion.py index 7f6cc44..5f06f23 100644 --- a/plugins/PluginGLPICheckingVersion.py +++ b/plugins/PluginGLPICheckingVersion.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginGLPICheckingVersion: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginGenericObjectsManagement.py b/plugins/PluginGenericObjectsManagement.py index 736757b..fc0c2eb 100644 --- a/plugins/PluginGenericObjectsManagement.py +++ b/plugins/PluginGenericObjectsManagement.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginGenericObjectsManagement: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginHistoricalPurge.py b/plugins/PluginHistoricalPurge.py index 77d02a4..9de099e 100644 --- a/plugins/PluginHistoricalPurge.py +++ b/plugins/PluginHistoricalPurge.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginHistoricalPurge: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginImpacts.py b/plugins/PluginImpacts.py index 72ca64e..a7b06cf 100644 --- a/plugins/PluginImpacts.py +++ b/plugins/PluginImpacts.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginImpacts: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginInventoryNumberGeneration.py b/plugins/PluginInventoryNumberGeneration.py index bde3f56..5d4ad2e 100644 --- a/plugins/PluginInventoryNumberGeneration.py +++ b/plugins/PluginInventoryNumberGeneration.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginInventoryNumberGeneration: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginItilCategoryGroups.py b/plugins/PluginItilCategoryGroups.py index d853420..ce6a793 100644 --- a/plugins/PluginItilCategoryGroups.py +++ b/plugins/PluginItilCategoryGroups.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginItilCategoryGroups: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginLaunchShellCommands.py b/plugins/PluginLaunchShellCommands.py index 7dfce38..6827e17 100644 --- a/plugins/PluginLaunchShellCommands.py +++ b/plugins/PluginLaunchShellCommands.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginLaunchShellCommands: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Shellcommands plugin ') + len('Shellcommands plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Shellcommands plugin ') + len('Shellcommands plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'shellcommands') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'shellcommands') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMDTConnector.py b/plugins/PluginMDTConnector.py index e5825b1..7683960 100644 --- a/plugins/PluginMDTConnector.py +++ b/plugins/PluginMDTConnector.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMDTConnector: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMailAnalyzer.py b/plugins/PluginMailAnalyzer.py index 8a81d35..485cea3 100644 --- a/plugins/PluginMailAnalyzer.py +++ b/plugins/PluginMailAnalyzer.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMailAnalyzer: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginManageEntities.py b/plugins/PluginManageEntities.py new file mode 100644 index 0000000..c066b6d --- /dev/null +++ b/plugins/PluginManageEntities.py @@ -0,0 +1,10 @@ +from inc import Config, Exploits, AjaxTelemetry + +import requests, chalk + +class PluginManageEntities: + + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'manageentities') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMantis.py b/plugins/PluginMantis.py index 989cbaa..336ab57 100644 --- a/plugins/PluginMantis.py +++ b/plugins/PluginMantis.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMantis: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginManufacturersImports.py b/plugins/PluginManufacturersImports.py index 78857be..560e3ad 100644 --- a/plugins/PluginManufacturersImports.py +++ b/plugins/PluginManufacturersImports.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginManufacturersImports: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'manufacturersimports') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'manufacturersimports') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMask.py b/plugins/PluginMask.py index ccb88e4..3fba3a8 100644 --- a/plugins/PluginMask.py +++ b/plugins/PluginMask.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMask: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.rfind('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.rfind('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMetabase.py b/plugins/PluginMetabase.py index 9800095..968f929 100644 --- a/plugins/PluginMetabase.py +++ b/plugins/PluginMetabase.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class pluginDiagrams: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMoreReporting.py b/plugins/PluginMoreReporting.py index 360da74..2290573 100644 --- a/plugins/PluginMoreReporting.py +++ b/plugins/PluginMoreReporting.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMoreReporting: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMoreSatisfaction.py b/plugins/PluginMoreSatisfaction.py index f8e5d9f..6166cc3 100644 --- a/plugins/PluginMoreSatisfaction.py +++ b/plugins/PluginMoreSatisfaction.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMoreSatisfaction: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'satisfaction') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) \ No newline at end of file + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'satisfaction') + if version: + Exploits().verifExploit(info[1], version) \ No newline at end of file diff --git a/plugins/PluginMoreTicket.py b/plugins/PluginMoreTicket.py index 3092175..e9e51ed 100644 --- a/plugins/PluginMoreTicket.py +++ b/plugins/PluginMoreTicket.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMoreTicket: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'moreticket') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'moreticket') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginMyDashboard.py b/plugins/PluginMyDashboard.py index e992b91..8655d95 100644 --- a/plugins/PluginMyDashboard.py +++ b/plugins/PluginMyDashboard.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginMyDashboard: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Project-Id-Version: GLPI - MyDashboard plugin ') + len('Project-Id-Version: GLPI - MyDashboard plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Project-Id-Version: GLPI - MyDashboard plugin ') + len('Project-Id-Version: GLPI - MyDashboard plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'mydashboard') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'mydashboard') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginNetworkEquipmentBackup.py b/plugins/PluginNetworkEquipmentBackup.py index 82e86c6..b3e5553 100644 --- a/plugins/PluginNetworkEquipmentBackup.py +++ b/plugins/PluginNetworkEquipmentBackup.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginNetworkEquipmentBackup: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.rfind('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.rfind('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginNews.py b/plugins/PluginNews.py index a1aec69..9eccd42 100644 --- a/plugins/PluginNews.py +++ b/plugins/PluginNews.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginNews: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'news') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'news') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginOCSInventoryng.py b/plugins/PluginOCSInventoryng.py index 16e8678..a3331d5 100644 --- a/plugins/PluginOCSInventoryng.py +++ b/plugins/PluginOCSInventoryng.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginOCSInventoryng: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'ocsinventoryng') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'ocsinventoryng') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginOfficeOnline.py b/plugins/PluginOfficeOnline.py index 8b8feb2..6fb8669 100644 --- a/plugins/PluginOfficeOnline.py +++ b/plugins/PluginOfficeOnline.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginOfficeOnline: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'officeonline') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) \ No newline at end of file + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'officeonline') + if version: + Exploits().verifExploit(info[1], version) \ No newline at end of file diff --git a/plugins/PluginOpenVAS.py b/plugins/PluginOpenVAS.py index c362146..d6f2f18 100644 --- a/plugins/PluginOpenVAS.py +++ b/plugins/PluginOpenVAS.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginOpenVAS: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginOrderManagement.py b/plugins/PluginOrderManagement.py index 3a9b58c..5c41d2b 100644 --- a/plugins/PluginOrderManagement.py +++ b/plugins/PluginOrderManagement.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginOrderManagement: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginOrderService.py b/plugins/PluginOrderService.py index 9800095..968f929 100644 --- a/plugins/PluginOrderService.py +++ b/plugins/PluginOrderService.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class pluginDiagrams: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginPdf.py b/plugins/PluginPdf.py new file mode 100644 index 0000000..eb8a0a1 --- /dev/null +++ b/plugins/PluginPdf.py @@ -0,0 +1,10 @@ +from inc import Config, Exploits, AjaxTelemetry + +import requests, chalk + +class PluginPdf: + + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'pdf') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginPrinterCounters.py b/plugins/PluginPrinterCounters.py index 92e2874..523478b 100644 --- a/plugins/PluginPrinterCounters.py +++ b/plugins/PluginPrinterCounters.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginPrinterCounters: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'printercounters') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) \ No newline at end of file + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'printercounters') + if version: + Exploits().verifExploit(info[1], version) \ No newline at end of file diff --git a/plugins/PluginProcessmaker.py b/plugins/PluginProcessmaker.py index e182905..3a4a5e6 100644 --- a/plugins/PluginProcessmaker.py +++ b/plugins/PluginProcessmaker.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginProcessmaker: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.rfind('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.rfind('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginRacks.py b/plugins/PluginRacks.py index 553df24..d7dff9c 100644 --- a/plugins/PluginRacks.py +++ b/plugins/PluginRacks.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginRacks: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Racks plugin ') + len('Racks plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Racks plugin ') + len('Racks plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'racks') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'racks') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginReports.py b/plugins/PluginReports.py index 6b0f7d9..20d9b40 100644 --- a/plugins/PluginReports.py +++ b/plugins/PluginReports.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginReports: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'reports') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'reports') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginReservation.py b/plugins/PluginReservation.py index 063895e..735237a 100644 --- a/plugins/PluginReservation.py +++ b/plugins/PluginReservation.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginReservation: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'reservation') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'reservation') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginRoom.py b/plugins/PluginRoom.py index f331b76..040dbab 100644 --- a/plugins/PluginRoom.py +++ b/plugins/PluginRoom.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginRoom: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.rfind('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.rfind('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginSCCM.py b/plugins/PluginSCCM.py index 830ba2f..9b208c2 100644 --- a/plugins/PluginSCCM.py +++ b/plugins/PluginSCCM.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginSCCM: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginSeasonality.py b/plugins/PluginSeasonality.py index ce91179..1c05c51 100644 --- a/plugins/PluginSeasonality.py +++ b/plugins/PluginSeasonality.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginSeasonality: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'seasonality') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) \ No newline at end of file + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'seasonality') + if version: + Exploits().verifExploit(info[1], version) \ No newline at end of file diff --git a/plugins/PluginStatecheck.py b/plugins/PluginStatecheck.py index a742958..6bf1047 100644 --- a/plugins/PluginStatecheck.py +++ b/plugins/PluginStatecheck.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginStatecheck: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginSurveyTicket.py b/plugins/PluginSurveyTicket.py index b7d61c9..869e4d5 100644 --- a/plugins/PluginSurveyTicket.py +++ b/plugins/PluginSurveyTicket.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginSurveyTicket: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'surveyticket') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'surveyticket') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginTag.py b/plugins/PluginTag.py index b154938..f832c49 100644 --- a/plugins/PluginTag.py +++ b/plugins/PluginTag.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginTag: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginTaskDrop.py b/plugins/PluginTaskDrop.py index 2091a25..36fa4f7 100644 --- a/plugins/PluginTaskDrop.py +++ b/plugins/PluginTaskDrop.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginTaskDrop: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'taskdrop') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) \ No newline at end of file + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'taskdrop') + if version: + Exploits().verifExploit(info[1], version) \ No newline at end of file diff --git a/plugins/PluginTasksList.py b/plugins/PluginTasksList.py index c792c10..259c260 100644 --- a/plugins/PluginTasksList.py +++ b/plugins/PluginTasksList.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginTasksList: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Tasklists plugin ') + len('Tasklists plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Tasklists plugin ') + len('Tasklists plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginTelegramBot.py b/plugins/PluginTelegramBot.py index 0fa726a..727c22f 100644 --- a/plugins/PluginTelegramBot.py +++ b/plugins/PluginTelegramBot.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginTelegramBot: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginTimelineticket.py b/plugins/PluginTimelineticket.py index e028f17..3b24a99 100644 --- a/plugins/PluginTimelineticket.py +++ b/plugins/PluginTimelineticket.py @@ -1,23 +1,21 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginTimelineticket: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Project-Id-Version: GLPI - Timelineticket plugin ') + len('Project-Id-Version: GLPI - Timelineticket plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Project-Id-Version: GLPI - Timelineticket plugin ') + len('Project-Id-Version: GLPI - Timelineticket plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'timelineticket') - if not version: - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'timelineticket') + if not version: + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginTimezones.py b/plugins/PluginTimezones.py index 3fcb334..7313e6d 100644 --- a/plugins/PluginTimezones.py +++ b/plugins/PluginTimezones.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginTimezones: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginTypology.py b/plugins/PluginTypology.py index 249c1c1..a69bee6 100644 --- a/plugins/PluginTypology.py +++ b/plugins/PluginTypology.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginTypology: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('Typology plugin ') + len('Typology plugin '):] - version = version[:version.find('\\')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('Typology plugin ') + len('Typology plugin '):] + version = version[:version.find('\\')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginUninstall.py b/plugins/PluginUninstall.py index 713d664..731fc36 100644 --- a/plugins/PluginUninstall.py +++ b/plugins/PluginUninstall.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginUninstall: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginUsedItemsExport.py b/plugins/PluginUsedItemsExport.py index b51f748..96529fd 100644 --- a/plugins/PluginUsedItemsExport.py +++ b/plugins/PluginUsedItemsExport.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginUsedItemsExport: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginWebApplications.py b/plugins/PluginWebApplications.py index dc3d39c..312ebde 100644 --- a/plugins/PluginWebApplications.py +++ b/plugins/PluginWebApplications.py @@ -1,12 +1,10 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginWebApplications: - def initPlugin(self, info): - version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'webapplications') - if version: - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = AjaxTelemetry().getPluginVersion(info, 'webapplications') + if version: + Exploits().verifExploit(info[1], version) diff --git a/plugins/PluginXivo.py b/plugins/PluginXivo.py index 5a3542b..191a7d1 100644 --- a/plugins/PluginXivo.py +++ b/plugins/PluginXivo.py @@ -1,21 +1,19 @@ -#!/usr/bin/python - from inc import Config, Exploits, AjaxTelemetry import requests, chalk class PluginXivo: - def getVersion(self, info): - if Config.DEBUG: - print("[DEBUG] GET : " + Config.BASE_URL + info[0]) - r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) - content = r.content - version = content[content.find('') + len(''):] - version = version[:version.find('<')] - print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) - return version + def getVersion(self, info): + if Config.DEBUG: + print("[DEBUG] GET : " + Config.BASE_URL + info[0]) + r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS) + content = r.content.decode("utf-8") + version = content[content.find('') + len(''):] + version = version[:version.find('<')] + print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(version, bold=True) + chalk.white(']', bold=True)) + return version - def initPlugin(self, info): - version = self.getVersion(info) - Exploits.ExploitsCheck().verifExploit(info[1], version) + def initPlugin(self, info): + version = self.getVersion(info) + Exploits().verifExploit(info[1], version)