dash/Typo3Scan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

0.6.3

Browse Source
This commit is contained in:
whoot
2020-09-21 07:07:26 -04:00
parent 4afa601cdd
commit 1da64224ee
4 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## Version 0.6.3
* Fixed advisory URLs
## Version 0.6.2 ## Version 0.6.2
* Bugfix in extension vulnerability parsing * Bugfix in extension vulnerability parsing

BIN
lib/typo3scan.db
View File

Binary file not shown.

12
lib/update.py
View File

@@ -57,13 +57,13 @@ class Update:
""" """
print('\n[+] Searching for new CORE vulnerabilities...') print('\n[+] Searching for new CORE vulnerabilities...')
update_counter = 0 update_counter = 0
response = requests.get('https://typo3.org/help/security-advisories/typo3-cms/1') response = requests.get('https://typo3.org/help/security-advisories/typo3-cms/page-1')
pages = re.findall('<a class=\"page-link\" href=\"/help/security-advisories/typo3-cms/([0-9]+)\">', response.text) pages = re.findall('<a class=\"page-link\" href=\"/help/security-advisories/typo3-cms/page-([0-9]+)\">', response.text)
last_page = int(pages[-1]) last_page = int(pages[-1])
for current_page in range(1, last_page+1): for current_page in range(1, last_page+1):
print(' \u251c Page {}/{}'.format(current_page, last_page)) print(' \u251c Page {}/{}'.format(current_page, last_page))
response = requests.get('https://typo3.org/help/security-advisories/typo3-cms/{}'.format(current_page), timeout=6) response = requests.get('https://typo3.org/help/security-advisories/typo3-cms/page-{}'.format(current_page), timeout=6)
advisories = re.findall('TYPO3-CORE-SA-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9]', response.text) advisories = re.findall('TYPO3-CORE-SA-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9]', response.text)
for advisory in advisories: for advisory in advisories:
vulnerabilities = [] vulnerabilities = []
@@ -238,13 +238,13 @@ class Update:
""" """
print('\n[+] Searching for new extension vulnerabilities...') print('\n[+] Searching for new extension vulnerabilities...')
update_counter = 0 update_counter = 0
response = requests.get('https://typo3.org/help/security-advisories/typo3-extensions/1') response = requests.get('https://typo3.org/help/security-advisories/typo3-extensions/page-1')
pages = re.findall('<a class=\"page-link\" href=\"/help/security-advisories/typo3-extensions/([0-9]+)\">', response.text) pages = re.findall('<a class=\"page-link\" href=\"/help/security-advisories/typo3-extensions/page-([0-9]+)\">', response.text)
last_page = int(pages[-1]) last_page = int(pages[-1])
for current_page in range(1, last_page+1): for current_page in range(1, last_page+1):
print(' \u251c Page {}/{}'.format(current_page, last_page)) print(' \u251c Page {}/{}'.format(current_page, last_page))
response = requests.get('https://typo3.org/help/security-advisories/typo3-extensions/{}'.format(current_page), timeout=6) response = requests.get('https://typo3.org/help/security-advisories/typo3-extensions/page-{}'.format(current_page), timeout=6)
advisories = re.findall('TYPO3-EXT-SA-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9]', response.text) advisories = re.findall('TYPO3-EXT-SA-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9]', response.text)
for advisory in advisories: for advisory in advisories:
vulnerabilities = [] vulnerabilities = []

2
typo3scan.py
View File

@@ -18,7 +18,7 @@
# along with this program. If not, see [http://www.gnu.org/licenses/](http://www.gnu.org/licenses/) # along with this program. If not, see [http://www.gnu.org/licenses/](http://www.gnu.org/licenses/)
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
__version__ = '0.6.2' __version__ = '0.6.3'
__program__ = 'Typo3Scan' __program__ = 'Typo3Scan'
__description__ = 'Automatic Typo3 enumeration tool' __description__ = 'Automatic Typo3 enumeration tool'
__author__ = 'https://github.com/whoot' __author__ = 'https://github.com/whoot'