svn commit: r367404 - in head/security: . webshag webshag/files
Kubilay Kocak
koobs at FreeBSD.org
Sat Sep 6 09:32:36 UTC 2014
On 6/09/2014 5:46 PM, Carlo Strub wrote:
> Author: cs
> Date: Sat Sep 6 07:46:57 2014
> New Revision: 367404
> URL: http://svnweb.freebsd.org/changeset/ports/367404
> QAT: https://qat.redports.org/buildarchive/r367404/
>
> Log:
> Webshag is a multi-threaded, multi-platform web server audit tool. Written in
> Python, it gathers commonly useful functionalities for web server auditing like
> website crawling, URL scanning or file fuzzing.
>
> WWW: http://www.scrt.ch/en/attack/downloads/webshag
>
> PR: ports/187676
> Submitted by: clutton at zoho.com
>
> Added:
> head/security/webshag/
> head/security/webshag/Makefile (contents, props changed)
> head/security/webshag/distinfo (contents, props changed)
> head/security/webshag/files/
> head/security/webshag/files/patch-setup_linux_py (contents, props changed)
> head/security/webshag/pkg-descr (contents, props changed)
> head/security/webshag/pkg-plist (contents, props changed)
> Modified:
> head/security/Makefile
>
> Modified: head/security/Makefile
> ==============================================================================
> --- head/security/Makefile Sat Sep 6 06:16:50 2014 (r367403)
> +++ head/security/Makefile Sat Sep 6 07:46:57 2014 (r367404)
> @@ -1005,6 +1005,7 @@
> SUBDIR += wapiti
> SUBDIR += webfwlog
> SUBDIR += webscarab
> + SUBDIR += webshag
> SUBDIR += whatweb
> SUBDIR += wipe
> SUBDIR += xca
>
> Added: head/security/webshag/Makefile
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/webshag/Makefile Sat Sep 6 07:46:57 2014 (r367404)
> @@ -0,0 +1,55 @@
> +# $FreeBSD$
> +
> +PORTNAME= webshag
> +PORTVERSION= 1.10
> +CATEGORIES= security www
> +MASTER_SITES= http://www.scrt.ch/outils/webshag/
> +DISTNAME= ws110
> +
> +MAINTAINER= clutton at zoho.com
> +COMMENT= Multi-threaded, multi-platform web server audit tool
> +
> +LICENSE= GPLv3
LICENSE_FILE
> +USES= python:2.7 dos2unix
> +USE_PYTHON=distutils
- Is 'autoplist' usable here given distutils is in use?
- Tab align
> +PYSETUP= setup.linux.py
> +
> +NO_WRKSUBDIR= yes
> +
> +OPTIONS_DEFINE= NMAP WXGTK
> +OPTIONS_DEFAULT=NMAP
> +OPTIONS_SUB= yes
Tab alignment
> +.include <bsd.port.options.mk>
> +
> +.if ${PORT_OPTIONS:MNMAP}
> +BUILD_DEPENDS+= ${LOCALBASE}/bin/nmap:${PORTSDIR}/security/nmap
> +.endif
- OPTIONS helpers: NMAP_BUILD_DEPENDS=
- Its definitely a BUILD not RUN_DEPENDS?
> +.if ${PORT_OPTIONS:MWXGTK}
> +USE_WX= 2.6+
> +WX_COMPS= python:run
> +.endif
> +
> +post-patch:
> + @${MV} ${WRKSRC}/config ${WRKSRC}/etc
> + @${REINPLACE_CMD} -e 's|#!/usr/bin/python|#!/usr/bin/env python|g' \
> + ${WRKSRC}/webshag_cli.py
> + @${REINPLACE_CMD} -e 's|#!/usr/bin/python|#!/usr/bin/env python|g' \
> + ${WRKSRC}/webshag_gui.py
- USES=shebangfix?
- Use ${PYTHON_CMD} ? 'python' may or may not exist
> +do-install:
> +.if ${PORT_OPTIONS:MWXGTK}
> + ${INSTALL_SCRIPT} ${WRKSRC}/webshag_gui.py \
> + ${STAGEDIR}${PREFIX}/bin/webshag_gui
> +.endif
> + ${INSTALL_SCRIPT} ${WRKSRC}/webshag_cli.py \
> + ${STAGEDIR}${PREFIX}/bin/webshag_cli
> + @${INSTALL_DATA} ${WRKSRC}/etc/webshag.conf ${STAGEDIR}${PREFIX}/etc
> + (cd ${WRKSRC}/database && ${COPYTREE_SHARE} . \
> + ${STAGEDIR}${PREFIX}/share/webshag)
> + (cd ${WRKSRC}/webshag && ${COPYTREE_SHARE} . \
> + ${STAGEDIR}${PYTHON_SITELIBDIR}/webshag)
> +
> +.include <bsd.port.mk>
>
> Added: head/security/webshag/distinfo
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/webshag/distinfo Sat Sep 6 07:46:57 2014 (r367404)
> @@ -0,0 +1,2 @@
> +SHA256 (ws110.tar.gz) = a1ea1cc0c87e44a19fad7edc1658c6c57705aa1fc3ff3304f1e4a669b523a049
> +SIZE (ws110.tar.gz) = 1512389
>
> Added: head/security/webshag/files/patch-setup_linux_py
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/webshag/files/patch-setup_linux_py Sat Sep 6 07:46:57 2014 (r367404)
> @@ -0,0 +1,99 @@
> +--- /tmp/setup.linux.py 2014-08-29 20:27:32.000000000 +0300
> ++++ setup.linux.py 2014-08-29 20:57:35.000000000 +0300
> +@@ -24,21 +24,21 @@
> + ## INIT ##
> + ## ################################################################# ##
> +
> +-path_prefix = os.path.abspath(os.path.curdir) + '/'
> ++path_prefix = '/usr/local/'
> +
> + ## ################################################################# ##
> + ## CONSTANTS ##
> + ## ################################################################# ##
> +
> +-NMAP = u'/usr/bin/nmap'
> ++NMAP = u'/usr/local/bin/nmap'
> + CORE_FILE = u'webshag/core/core_file.py'
> +-CFG_FILE = u'config/webshag.conf'
> +-FUZZ_DIRS = path_prefix + u'/database/fuzzer/directory-list-2.3-small.txt'
> +-FUZZ_FILES = path_prefix + u'/database/fuzzer/directory-list-1.0.txt'
> +-FUZZ_EXT = path_prefix + u'/database/fuzzer/extensions.txt'
> +-CUSTOM_DB = path_prefix + u'/database/custom'
> +-NIKTO_DB = path_prefix + u'/database/nikto'
> +-IDS_PROXIES = path_prefix + u'/database/proxies/proxies.txt'
> ++CFG_FILE = u'etc/webshag.conf'
> ++FUZZ_DIRS = path_prefix + u'share/webshag/fuzzer/directory-list-2.3-small.txt'
> ++FUZZ_FILES = path_prefix + u'share/webshag/fuzzer/directory-list-1.0.txt'
> ++FUZZ_EXT = path_prefix + u'share/webshag/fuzzer/extensions.txt'
> ++CUSTOM_DB = path_prefix + u'share/webshag/custom'
> ++NIKTO_DB = path_prefix + u'share/webshag/nikto'
> ++IDS_PROXIES = path_prefix + u'share/webshag/proxies/proxies.txt'
> +
> + CORE_CFG_RE = re.compile(ur'CFG_FILE\s=\s(?P<path>.*)')
> +
> +@@ -55,7 +55,7 @@
> +
> + else:
> + print u'Not Found!'
> +- user_nmap = raw_input(u'[#] Please specify Nmap (nmap.exe) location (blank to skip): ')
> ++ user_nmap = ''
> + if user_nmap != '':
> + if os.path.isfile(user_nmap):
> + nmap = 'True'
> +@@ -73,13 +73,8 @@
> + ## LIVE SEARCH APPID ##
> + ## ################################################################# ##
> +
> +-user_live = raw_input(u'[#] Enter your Live Search AppID (blank to skip): ')
> +-if user_live != '':
> +- live_id = user_live
> +- print u'[*] Live Search AppID: ' + user_live + u'\t Done!'
> +-else:
> +- live_id = ''
> +- print u'[!] AppID missing. Domain information module will not be functional.'
> ++live_id = 'False'
> ++print u'[!] AppID missing. Insert your LiveID into etc/webshag.conf.'
> +
> + ## ################################################################# ##
> + ## ALTERING FILES ##
> +@@ -92,14 +87,14 @@
> + # core_file.py
> + print u'[*] Patching source code (configuration file location)...\t',
> + # reading file
> +-core_file_handler = codecs.open(core_file, u'r', u'utf-8')
> ++core_file_handler = codecs.open(u'webshag/core/core_file.py', u'r', u'utf-8')
> + core_file_contents = core_file_handler.read()
> + core_file_handler.close()
> + # replacing path value
> + old_path = CORE_CFG_RE.findall(core_file_contents)[-1]
> + core_file_contents = core_file_contents.replace(old_path, '\'' + cfg_file + '\'')
> + # writing file back
> +-core_file_handler = codecs.open(core_file, u'w', u'utf-8')
> ++core_file_handler = codecs.open(u'webshag/core/core_file.py', u'w', u'utf-8')
> + core_file_handler.write(core_file_contents)
> + core_file_handler.close()
> + print u'Done!'
> +@@ -107,7 +102,7 @@
> + # webshag.conf
> + print u'[*] Fixing configuration file settings...\t',
> + configParser = SafeConfigParser()
> +-configParser.readfp(codecs.open(cfg_file, u'r', u'utf-8'))
> ++configParser.readfp(codecs.open(u'etc/webshag.conf', u'r', u'utf-8'))
> + configParser.set(u'core_file', u'fuzzer_file_list', FUZZ_FILES)
> + configParser.set(u'core_file', u'fuzzer_dir_list', FUZZ_DIRS)
> + configParser.set(u'core_file', u'fuzzer_ext_list', FUZZ_EXT)
> +@@ -117,7 +112,7 @@
> + configParser.set(u'module_info', u'live_id', live_id)
> + configParser.set(u'module_portscan', u'nmap', nmap)
> + configParser.set(u'module_portscan', u'nmap_location', nmap_location)
> +-cfg_file_handler = codecs.open(cfg_file, u'w', u'utf-8')
> ++cfg_file_handler = codecs.open(u'etc/webshag.conf', u'w', u'utf-8')
> + configParser.write(cfg_file_handler)
> + cfg_file_handler.close()
> + print u'Done!'
> +@@ -129,5 +124,3 @@
> + print ''
> + print 'Thanks for your interest in webshag! It is now ready to be used!'
> + print 'Enjoy! For more information please visit www.scrt.ch'
> +-print ''
> +-raw_input('Press any key to exit.\n')
>
> Added: head/security/webshag/pkg-descr
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/webshag/pkg-descr Sat Sep 6 07:46:57 2014 (r367404)
> @@ -0,0 +1,5 @@
> +Webshag is a multi-threaded, multi-platform web server audit tool. Written in
> +Python, it gathers commonly useful functionalities for web server auditing like
> +website crawling, URL scanning or file fuzzing.
> +
> +WWW: http://www.scrt.ch/en/attack/downloads/webshag
>
> Added: head/security/webshag/pkg-plist
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/webshag/pkg-plist Sat Sep 6 07:46:57 2014 (r367404)
> @@ -0,0 +1,49 @@
> +bin/webshag_cli
> +%%WXGTK%%bin/webshag_gui
> +%%ETCDIR%%.conf
Does this need a filename?
> +%%PYTHON_SITELIBDIR%%/webshag/__init__.py
> +%%PYTHON_SITELIBDIR%%/webshag/core/__init__.py
> +%%PYTHON_SITELIBDIR%%/webshag/core/core_error.py
> +%%PYTHON_SITELIBDIR%%/webshag/core/core_file.py
> +%%PYTHON_SITELIBDIR%%/webshag/core/core_http.py
> +%%PYTHON_SITELIBDIR%%/webshag/core/core_utilities.py
> +%%PYTHON_SITELIBDIR%%/webshag/export/__init__.py
> +%%PYTHON_SITELIBDIR%%/webshag/export/export.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/__init__.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui_fuzz.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui_images.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui_info.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui_pscan.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui_spider.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui_uscan.py
> +%%PYTHON_SITELIBDIR%%/webshag/gui/gui_widgets.py
> +%%PYTHON_SITELIBDIR%%/webshag/modules/__init__.py
> +%%PYTHON_SITELIBDIR%%/webshag/modules/module_fuzz.py
> +%%PYTHON_SITELIBDIR%%/webshag/modules/module_info.py
> +%%PYTHON_SITELIBDIR%%/webshag/modules/module_pscan.py
> +%%PYTHON_SITELIBDIR%%/webshag/modules/module_spider.py
> +%%PYTHON_SITELIBDIR%%/webshag/modules/module_uscan.py
> +%%PYTHON_SITELIBDIR%%/webshag/update/__init__.py
> +%%PYTHON_SITELIBDIR%%/webshag/update/update.py
> +%%DATADIR%%/custom/banners.db
> +%%DATADIR%%/custom/custom_tests.db
> +%%DATADIR%%/fuzzer/directory-list-1.0.txt
> +%%DATADIR%%/fuzzer/directory-list-2.3-small.txt
> +%%DATADIR%%/fuzzer/extensions.txt
> +%%DATADIR%%/nikto/db_tests
> +%%DATADIR%%/nikto/db_variables
> +%%DATADIR%%/proxies/proxies.txt
> + at dirrmtry %%DATADIR%%/proxies
> + at dirrmtry %%DATADIR%%/nikto
> + at dirrmtry %%DATADIR%%/fuzzer
> + at dirrmtry %%DATADIR%%/custom
> + at dirrmtry %%DATADIR%%
> + at dirrmtry %%PYTHON_SITELIBDIR%%/webshag/update
> + at dirrmtry %%PYTHON_SITELIBDIR%%/webshag/modules
> + at dirrmtry %%PYTHON_SITELIBDIR%%/webshag/gui
> + at dirrmtry %%PYTHON_SITELIBDIR%%/webshag/export
> + at dirrmtry %%PYTHON_SITELIBDIR%%/webshag/core
> + at dirrmtry %%PYTHON_SITELIBDIR%%/webshag
> + at dirrmtry %%PYTHON_SITELIBDIR%%
> + at dirrmtry %%PYTHON_LIBDIR%%
>
More information about the svn-ports-all
mailing list