0.6.3

doc/CHANGELOG.md

@@ -1,6 +1,7 @@
 ## Version 0.6.3
 
 * Fixed advisory URLs
+* Fixed rootCheck
 
 ## Version 0.6.2
 

lib/config.json

@@ -1 +1 @@
-{"threads": 5, "timeout": 10, "cookie": "", "auth": "", "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.13+ (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2"}
+{"threads": 5, "timeout": 10, "cookie": "", "auth": "", "User-Agent": "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"}

lib/domain.py

@@ -91,9 +91,8 @@ class Domain:
             If found, it searches for a Typo3 path reference
             in order to determine the Typo3 installation path.
         """
-        response = request.get_request('{}'.format(self.get_name()))
-        self.set_name(response['url'][:-1])
         full_path = self.get_name()
+        response = request.get_request('{}'.format(self.get_name()))
         if re.search('powered by TYPO3', response['html']):
             self.set_typo3()
             path = re.search('="(?:{})/?(\S*?)/?(?:typo3temp|typo3conf)/'.format(self.get_name()), response['html'])
@@ -185,6 +184,7 @@ class Domain:
                 }
 
         version = None
+        version_path = None
         for path, regex in files.items():
             response = request.version_information('{}/{}'.format(self.get_path(), path), regex)
             if response and (version is None or (len(response) > len(version))):
@@ -226,4 +226,4 @@ class Domain:
                 else:
                     print('  \u2514 No Known Vulnerabilities')
         else:
-            print(' \u2514', Fore.RED + 'No Version Information Found.' + Fore.RESET)
+            print('  \u2514', Fore.RED + 'Could not be determined.' + Fore.RESET)

lib/extensions.py

@@ -35,7 +35,6 @@ class Extensions:
         """
             This method loads the extensions from the database and searches for installed extensions.
                 /typo3conf/ext/:        Local installation path. This is where extensions usually get installed.
-                /typo3/ext/:            Global installation path (not used atm)
                 /typo3/sysext/:         Extensions shipped with core
         """
         found_extensions = {}
@@ -43,7 +42,6 @@ class Extensions:
         for ext in extensions:
             thread_pool.add_job((request.head_request, ('{}/typo3conf/ext/{}/'.format(domain, ext))))
             thread_pool.add_job((request.head_request, ('{}/typo3/sysext/{}/'.format(domain, ext))))
-            #thread_pool.add_job((request.head_request, ('{}/typo3/ext/{}/'.format(domain, ext))))
         thread_pool.start(threads)
 
         for installed_extension in thread_pool.get_result():

typo3scan.py

@@ -75,8 +75,8 @@ class Typo3:
                     print(Fore.RED + '\n[x] It seems that Typo3 is not used on this domain\n' + Fore.RESET)
                 else:
                     # check for typo3 information
-                    print('\n[+] Typo3 Installation')
+                    print('\n [+] Core Information')
-                    print('----------------------')
+                    print(' --------------------')
                     check.search_login()
                     check.search_typo3_version()