2000-01-06 13:56:57 -05:00
|
|
|
--- whisker.pl.orig Thu Dec 23 20:25:05 1999
|
|
|
|
|
+++ whisker.pl Thu Jan 6 13:42:58 2000
|
|
|
|
|
@@ -6,10 +6,8 @@
|
|
|
|
|
|
|
|
|
|
$whisker_version="1.3.0a";
|
|
|
|
|
|
|
|
|
|
-# attempt to find where the script is; deal with both Unix and Win (/ vs \)
|
|
|
|
|
-$WHEREIS_WHISKER=$0; # this should be the path to the script
|
|
|
|
|
-$WHEREIS_WHISKER=~s/[^\/\\]+$//; # hack off the name of the script
|
|
|
|
|
-# we should be left over with the path
|
|
|
|
|
+# where the db files are
|
|
|
|
|
+$WHEREIS_WHISKER="y0y0y0/share/whisker/";
|
|
|
|
|
|
1999-11-01 11:10:57 -05:00
|
|
|
use Socket; use Getopt::Std; # hopefully these are standard :)
|
2000-01-06 13:56:57 -05:00
|
|
|
getopts("fs:n:vdp:h:l:H:Vu:iI:A:NS:EaF:B:PM:", \%args);
|
|
|
|
|
@@ -50,7 +48,7 @@
|
|
|
|
|
-h+ *scan single host (IP or domain)
|
|
|
|
|
-H+ *host list to scan (file)
|
|
|
|
|
-F+ *(for unix multi-threaded front end use only)
|
|
|
|
|
- -s+ specifies the script database file (defaults to scan.db)
|
|
|
|
|
+ -s specifies the script database file (defaults to scan.db)
|
|
|
|
|
-V use virtual hosts when possible
|
|
|
|
|
-N query Netcraft for server OS guess
|
|
|
|
|
-S+ force server version (e.g. -S "Apache/1.3.6")
|
|
|
|
|
@@ -93,7 +91,7 @@
|
|
|
|
|
|
|
|
|
|
# new to v1.3--default to scan.db
|
|
|
|
|
if(defined $args{s}){ $dbfile=$args{s};}
|
|
|
|
|
-else {$dbfile="scan.db";}
|
|
|
|
|
+else {$dbfile=$WHEREIS_WHISKER."scan.db";}
|
1999-11-01 11:10:57 -05:00
|
|
|
|
|
|
|
|
$nmapfile =$args{n} if defined($args{n});
|
|
|
|
|
$singlehost =$args{h} if defined($args{h});
|
2000-01-06 13:56:57 -05:00
|
|
|
@@ -176,7 +174,7 @@
|
|
|
|
|
|
|
|
|
|
# experimental SSL support; only available within scripts
|
|
|
|
|
$D{'XXUseSSL'}=0;
|
|
|
|
|
-$D{'XXSSLPath'}="/usr/local/ssl/bin/openssl";
|
|
|
|
|
+$D{'XXSSLPath'}="/usr/sbin/openssl";
|
|
|
|
|
|
|
|
|
|
if($proxy eq "1"){ #setup proxy stuff - icky icky, gross gross!
|
|
|
|
|
verbose("- Proxy: $proxy_addy Port: $proxy_port");
|
|
|
|
|
@@ -205,18 +203,18 @@
|
|
|
|
|
# wprint("- Using Anonymizer bounce scan");}
|
|
|
|
|
# I'm tired; I don't want to code this!
|
|
|
|
|
elsif($args{B}==4){
|
|
|
|
|
- if(!-e $WHEREIS_WHISKER."proxlist.txt"){
|
|
|
|
|
+ if(!-e "proxlist.txt"){
|
|
|
|
|
print "Whoa! Run -P to get a proxy list first\n\n";
|
|
|
|
|
exit;}
|
|
|
|
|
wprint("- Using distributed proxy-bounce scan");
|
|
|
|
|
$D{'XXDistProxy'}=1;
|
|
|
|
|
wprint("- Randomizing proxlist.txt...");
|
|
|
|
|
- open(IN,"<$WHEREIS_WHISKER".'proxlist.txt');
|
|
|
|
|
+ open(IN,"<proxlist.txt");
|
|
|
|
|
@temp=<IN>; close(IN);
|
|
|
|
|
array_shuffle(\@temp);
|
|
|
|
|
- open(OUT,">$WHEREIS_WHISKER"."prox$$.txt");
|
|
|
|
|
+ open(OUT,">prox$$.txt");
|
|
|
|
|
print OUT @temp; close(OUT); undef @temp;
|
|
|
|
|
- open(PROXYIN,"<$WHEREIS_WHISKER"."prox$$.txt");}
|
|
|
|
|
+ open(PROXYIN,"<prox$$.txt");}
|
|
|
|
|
else {
|
|
|
|
|
print "Unknown Bounce type.\n"; exit; }
|
|
|
|
|
|
|
|
|
|
@@ -563,7 +561,7 @@
|
|
|
|
|
$GLOBAL_WHISKER_LOOP_CONTROL=1;
|
|
|
|
|
$nmapfile=$singlehost="";
|
|
|
|
|
$hostsfile="dumb$$.lst"; # we made a list of dumb servers
|
|
|
|
|
-$dbfile="dumb.db";
|
|
|
|
|
+$dbfile=$WHEREIS_WHISKER."dumb.db";
|
|
|
|
|
$D{'XXRescanDumb'}=0; $GLOBAL_WHISKER_NOMORE_DUMB=1;}
|
|
|
|
|
|
|
|
|
|
} # this is the $GLOBAL_WHISKER_LOOP_CONTROL while() loop
|
|
|
|
|
@@ -1055,7 +1053,7 @@
|
|
|
|
|
"\nTry again in a few minutes\n\n"; exit;}
|
|
|
|
|
|
|
|
|
|
array_shuffle(\@lines);
|
|
|
|
|
- open(OUT, ">$WHEREIS_WHISKER".'proxlist.txt');
|
|
|
|
|
+ open(OUT, ">proxlist.txt");
|
|
|
|
|
print OUT @lines;
|
|
|
|
|
close(OUT); # all this ugly code for anonymous proxies..geez...
|
|
|
|
|
|
