Network Security Tools by Nitesh Dhanjani, Justin Clarke

#!/usr/bin/perl use LWP::UserAgent; use strict; use Getopt::Std; my %args; getopts('c:o:v', \%args); printReport("\n** Simple Web Application Scanner **\n"); if ($#ARGV < 1) { die "\n$0 [-o <file>] [-c <cookie data>] [-v] inputfile http://hostname\n\n-c: Use HTTP Cookie\n-o: Output File\n-v: Be Verbose\n"; } # Open input file open(IN, "< $ARGV[0]") or die"ERROR => Can't open file $ARGV[0].\n"; my @requestArray = <IN>; my ($oRequest,$oResponse, $oStatus, %dirLog, %paramLog); printReport("\n** Beginning Scan **\n\n"); # Loop through each of the input file requests foreach $oRequest (@requestArray) { # Remove line breaks and carriage returns $oRequest =~ s/(\n|\r)//g; # Only process GETs and POSTs if ($oRequest =~ /^(GET|POST)/) { # Check for request data if ($oRequest =~ /\?/) { # Issue the original request for reference purposes ($oStatus, $oResponse) = makeRequest($oRequest); #Populate methodAndFile and reqData variables my ($methodAndFile, $reqData) = split(/\?/, $oRequest, 2); my @reqParams = split(/\&/, $reqData); my $pLogEntry = $methodAndFile; # Build parameter log entry my $parameter; foreach $parameter (@reqParams) { my ($pName) = split("=", $parameter); $pLogEntry .= "+".$pName; } $paramLog{$pLogEntry}++; if ($paramLog{$pLogEntry} eq 1) { # Loop to perform test on each parameter for (my $i = 0; $i <= $#reqParams; $i++) { my $testData; # Loop to ...