whisker port

1999-11-01 16:10:57 +00:00 · 1999-11-01 16:10:57 +00:00 · 7c5faefb28
commit 7c5faefb28
parent be7d6a6efb
6 changed files with 143 additions and 0 deletions
--- a/security/whisker/Makefile
+++ b/security/whisker/Makefile
@ -0,0 +1,32 @@
+# Makefile for:		whisker
+# Version required:	1.2.0
+# Date created:		Halloween 1999
+# Whom:			dugsong@monkey.org
+#
+# $OpenBSD: Makefile,v 1.1.1.1 1999/11/01 16:10:57 dugsong Exp $
+
+PKGNAME=	whisker-1.2.0
+
+DISTNAME=	whisker
+
+CATEGORIES=	security
+
+MASTER_SITES=	http://www.wiretrip.net/rfp/bins/whisker/
+
+MAINTAINER=	dugsong@monkey.org
+
+NO_WRKSUBDIR=	yes
+
+NO_CONFIGURE=	yes
+
+do-build:
+		(cd ${WRKSRC}; sed "s%y0y0y0%${PREFIX}%g" whisker.pl > whisker)
+
+do-install:
+		${INSTALL_SCRIPT} ${WRKSRC}/whisker ${PREFIX}/bin
+		${INSTALL_DATA_DIR} ${PREFIX}/lib/whisker
+		${INSTALL_DATA} ${WRKSRC}/*.db ${PREFIX}/lib/whisker
+		${INSTALL_DATA_DIR} ${PREFIX}/share/doc/whisker
+		${INSTALL_DATA} ${WRKSRC}/whisker.txt ${PREFIX}/share/doc/whisker
+
+.include <bsd.port.mk>
--- a/security/whisker/files/md5
+++ b/security/whisker/files/md5
@ -0,0 +1,3 @@
+MD5 (whisker.tar.gz) = 0b13a1b32e1a4cbae211e6c4272de5bd
+RMD160 (whisker.tar.gz) = 563d48947b987d8c220751e4bcf2cd941c1454a0
+SHA1 (whisker.tar.gz) = 861a54ef99fb5a82ae753e0d9fd61ed4696b015f
--- a/security/whisker/patches/patch-aa
+++ b/security/whisker/patches/patch-aa
@ -0,0 +1,40 @@
+--- whisker.pl.orig	Mon Nov  1 08:40:55 1999
+++ whisker.pl	Mon Nov  1 10:46:03 1999
+@@ -5,6 +5,8 @@
+ # (emphasis on massive) -- read the dox for usage infoz
+ 
+ $whisker_version="1.2.0";
+$default_db="y0y0y0/lib/whisker/scan.db";
+
+ use Socket; use Getopt::Std; # hopefully these are standard :)
+ 
+ getopts("fs:n:vdp:h:l:H:Vu:iINS:EA", \%args);
+@@ -33,11 +35,11 @@
+ 
+ wprint("-- whisker / v$whisker_version / rain.forest.puppy / ADM / wiretrip --\n");
+ 
+-if((!defined $args{n} && !defined $args{h}) && !defined $args{H} || !defined $args{s}){
+-print qq~Usage:  whisker -s script.file ((-n input.file) | (-h host) | (-H list))
+if((!defined $args{n} && !defined $args{h}) && !defined $args{H}){
+print qq~Usage:  whisker (-s script.file) ((-n input.file) | (-h host) | (-H list))
+ 		(-l log.file)
+ 
+-	-s specifies the script database file     **
+	-s specifies the script database file
+ 	-n nmap output (machine format, v2.06+)   *
+ 	-h scan single host (IP or domain)        *
+ 	-H host list to scan (file)               *
+@@ -54,11 +56,11 @@
+ 	-S force server version (e.g. -S "Apache/1.3.6")
+ 	-A bounce your scans off of altavista.com (using netcraft.com)
+ 
+- 	** required     * optional; one must exist
+ 	* optional; one must exist
+ ~; 
+ exit;}
+ 
+-$dbfile		=$args{s};
+if (defined($args{s})){$dbfile=$args{s};} else {$dbfile=$default_db;}
+ $nmapfile	=$args{n} if defined($args{n});
+ $singlehost	=$args{h} if defined($args{h});
+ $hostsfile	=$args{H} if defined($args{H});
--- a/security/whisker/pkg/COMMENT
+++ b/security/whisker/pkg/COMMENT
@ -0,0 +1 @@
+next-generation CGI scanner
--- a/security/whisker/pkg/DESCR
+++ b/security/whisker/pkg/DESCR
@ -0,0 +1,61 @@
+hacked up whisker.txt, sorry rfp...
+
+---------[ Whisker: next-generation CGI scanner
+
+--[ by rain.forest.puppy / ADM / wiretrip  	(rfp@wiretrip.net)
+								
+Wait...CGI scanning isn't that complex, is it?  Well, to do it right,
+yes.  Why?  Hmmm...I can think of a few reasons:
+
+1.  /cgi-bin is pretty damn common, I'll give you that.  But I've also
+been on many a hosting provider that used /cgi-local.  And I've seen
+people use /cgi, /cgibin, etc.
+
+Point of the point: wouldn't it be nice to define multiple
+directories?
+
+2.  You know what really irks me?  Seeing a CGI scanner thrash around
+through /cgi-bin or whatnot, when /cgi-bin doesn't even exist.
+
+Point of the point: save noise/time by querying parent dirs
+
+3.  Why should I query for, say, test-cgi on an IIS server? Or
+/scripts/samples/details.idc on Apache?
+
+Point of the point: tailor your scan to the server you're scanning
+
+4.  Virtual hosts.
+
+Point of the point: there's a whole 'nother world out there hiding
+behind virtual hosts--and you may not be scanning who you think you
+really are
+
+5.  Some places user custom error pages.  Unfortunately, the
+implementation is such that instead of generating a 404 'not found',
+you always get a 200 'success', with HTML to indicate the missing
+page.
+
+Point of the point: being able to minimize this anomaly would lessen
+false positives
+
+6.  More wishes: at a decent rate, it seems more CGI and webserver
+problems are found.  Plus, I might like to customize which scans I
+want to do against a particular host.
+
+Point of the point: if this was all scriptable, that'd be nifty
+
+7.  Input sources.  Sometimes I want to just feed in output from nmap
+(after all, it has a list of the found open port 80's, right?),
+sometimes just a laundry list of IPs/domains, and sometimes, I'd just
+like to do a single host on the command line.
+
+Point of the point: flexibility of input would be nice as well.
+
+8.  IDS/log avoidance.
+
+Point of the point: being able to spoof IDSs would be a nice feature
+
+Well, that's enough wishes, don't you think?  Now, do they come
+true....
+
+----[ Whisker has all that, plus a bonus feature or two :)
--- a/security/whisker/pkg/PLIST
+++ b/security/whisker/pkg/PLIST
@ -0,0 +1,6 @@
+bin/whisker
+lib/whisker/scan.db
+lib/whisker/server.db
+@dirrm lib/whisker
+share/doc/whisker/whisker.txt
+@dirrm share/doc/whisker