Location: PHPKode > projects > WebSecurityTester > php-gtk/security/wst.php
<?
/**
* @package WST command line attacker
* @author simone cosci <hide@address.com>
* @
* 
* First Beta of command interface for wst
* 
* Usage:
* 			$ php4 wst.php [command] 
* 			where command can be XSS for CrossSiteScripting attack
* 								 TRV for Directory-trasversal attack
* 								 DOS for Denial of Service attack
* 								 RCX for Remote Command Execution
* 								 SQL for Sql Injection attack
* 			configuration files of each attack type can be handmade or generated by
* 			wst web interface by analizing via WebAnalizers resources or forms
* 			and must be located in ./web/attack/
* 
* 			the attack result can be scrolled by adding | less at the end of the command
* 			ex. $ php4 wst.php TRV | less
* 			or can be redirected to a file using > (redirection)
* 			ex. $ php4 wst.php TRV > result.txt
* 
* */


error_reporting(E_ALL);
set_time_limit(0);
@ob_end_flush();
ob_implicit_flush(true);

header ("Pragma: no-cache");
header ("Content-type: text/plain");
header ("Cache-Control: no-cache, must-revalidate");  // HTTP/1.1

define ('LIB_PATH','lib/');
define ('FILES_PATH','web/upload/');

$lfcr=strstr(PHP_OS,'WIN')?"\r\n":"\n";
define('APP_NAME','WST');
define('APP_VERSION','1.0');
define('LFCR',$lfcr);

if(!file_exists(FILES_PATH)) mkdir(FILES_PATH,0777);

include(LIB_PATH."FileSystem.lib.php");
include(LIB_PATH."HttpRequest.cls.php");
include(LIB_PATH."HttpResponse.cls.php");
include(LIB_PATH."HtmlParser.cls.php");
include(LIB_PATH.'HtmlFormParser.cls.php');
include(LIB_PATH.'CssParser.cls.php');
include(LIB_PATH."String.lib.php");

include(LIB_PATH.'HtmlFormAnalizer.cls.php');
include(LIB_PATH.'WebAnalizer.cls.php');
include(LIB_PATH.'WebResource.cls.php');
include(LIB_PATH.'WebAttack.cls.php');

if(isset($argv[1])) $code = $argv[1];
if(isset($_GET['code'])) $code = $_GET['code'];
if(isset($_POST['code'])) $code = $_POST['code'];
if(!isset($code)) usage($argv);

function usage($argv)
{
	echo "\r\n".APP_NAME." ".APP_VERSION."\r\n\r\nusage: ".$argv[0]." (TRV,XSS,RCX,SQL,DOS)\r\n\r\n";
	exit;
}

$myWebAttack = new WebAttack();
if(!$myWebAttack->load('./web/attack/'.$code)) die('ini files not found');
if(!$myWebAttack->Send()) die($myWebAttack->err);

$response = $code." attack\r\n".getenv('REMOTE_ADDR')."---------------------------------------------".LFCR;
$response .= $myWebAttack->_request.LFCR;
$response .= "-----------------------------------------------".getenv('REMOTE_ADDR').LFCR;
$response .= $myWebAttack->server."---------------------------------------------".LFCR;
$response .= $myWebAttack->response->code.LFCR;
foreach ($myWebAttack->response->headers as $header_name=>$header_value)
	$response .= "$header_name: $header_value".LFCR;
$response .= ($myWebAttack->response->body);
$response .= "-----------------------------------------------".$myWebAttack->server.LFCR;
echo $response;
exit;
?>
Return current item: WebSecurityTester