diff --git a/README.md b/README.md index d7d7807de..04c5ef533 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ - + @@ -254,8 +254,12 @@ - - + + + + + + @@ -269,12 +273,8 @@ - - - - - - + + @@ -521,9 +521,9 @@ atscan --dork [dork] --level [10] [--lfi | --sql ..] --payload [payload | payloads.txt]
SEARCH VALIDATION:
- atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string]
- atscan -d [dork / dorks.txt] -l [level] --status [code] --none (Positive when status does\'nt match)
- atscan -d [dork / dorks.txt] -l [level] --status [code] / -v [string] / --ifinurl [string] / --sregex [regex] --none
+ atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string/list.txt]
+ atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string/list.txt] --all
+ atscan -d [dork / dorks.txt] -l [level] --status [code] / --exclude [string/list.txt]
atscan -d [dork / dorks.txt] -l [level] --ifinurl [string]
atscan -d [dork / dorks.txt] -l [level] --sregex [regex] --valid [string]
atscan -d [dork / dorks.txt] -l [level] --regex [regex] --valid [string]
diff --git a/atscan.pl b/atscan.pl index f32de14da..55e45e1d1 100644 --- a/atscan.pl +++ b/atscan.pl @@ -67,31 +67,32 @@ our (@c, @XSS, @LFI, @RFI, @ADFWP, @ADMIN, @SUBDOMAIN, @UPLOAD, @ZIP, @TT, @OTHERS, @AUTH, @ErrT, @DT, @DS, @cms, @SCAN_TITLE, @E_MICROSOFT, @E_ORACLE, @E_DB2, @E_ODBC, @E_POSTGRESQL, @E_SYBASE, @E_JBOSSWEB, @E_JDBC, @E_JAVA, @E_PHP, @E_ASP, @E_LUA, @E_UNDEFINED, @E_MARIADB, @E_SHELL, @strings, @browserlangs, @googleDomains, @Ids, @MsIds, @sys, @vary, @buildArrays, @dorks, @z, @ZT, @userArraysList, @exploits, @data, @proxies, @aTsearch, @aTscans, @defaultHeaders, @userHeaders, @aTtargets, @aTcopy, @ports, @motor, @motors, @systems, @mrands, @allMotors, @V_WP, @V_JOOM, @V_TP, @V_SMF, @V_VB, @V_MyBB, - @V_CF, @V_DRP, @V_PN, @V_AT, @V_PHPN, @V_MD, @V_ACM, @V_SS, @V_MX, @V_XO, @V_OSC, @V_PSH, @V_BB2, @V_MG, @V_ZC, @V_CC5, @V_OCR, @V_XSS, @V_LFI,@V_TODO, @V_AFD, @TODO, @V_VALID, @ERR, @CMS)=(); + @V_CF, @V_DRP, @V_PN, @V_AT, @V_PHPN, @V_MD, @V_ACM, @V_SS, @V_MX, @V_XO, @V_OSC, @V_PSH, @V_BB2, @V_MG, @V_ZC, @V_CC5, @V_OCR, @V_XSS, @V_LFI,@V_TODO, @V_AFD, @TODO, @V_VALID, @ERR, @CMS, + @validTexts, @notIns)=(); ## TOP CONFIG require "$Bin/inc/top.pl"; ## VARIABLES our ($Version, $logoVersion, $scriptUrl, $logUrl, $ipUrl, $conectUrl, $script, $script_bac, $scriptbash, $paylNote, $psx, $V_EMAIL, $V_IP, $V_RANG, $V_SEARCH, $V_REGEX, $S_REGEX, $motor1, $motor2, - $motor3, $motor4, $motor5, $motorparam, $mrand, $pat2, $nolisting, $Hstatus, $validText, $noExist, $WpSites, $JoomSites, $xss, $lfi, $JoomRfi, $WpAfd, $adminPage, $subdomain, $mupload, $mzip, + $motor3, $motor4, $motor5, $motorparam, $mrand, $pat2, $nolisting, $Hstatus, $validText, $WpSites, $JoomSites, $xss, $lfi, $JoomRfi, $WpAfd, $adminPage, $subdomain, $mupload, $mzip, $eMails, $command, $mmd5, $mencode64, $mdecode64, $port, $mindex, $mdom, $Target, $exploit, $p, $tcp, $udp, $proxy, $prandom, $help, $output, $replace, $replaceFROM, $dork, $mlevel, $unique, $shell, $nobanner, $beep, $ifinurl, $noinfo, $motor, $timeout, $limit, $checkVersion, $searchIps, $regex, $searchRegex, $noQuery, $ifend, $uninstall, $post, $get, $brandom, $data, $payloads, $mrandom, $content, $scriptComplInstall, $scriptCompletion, $scriptInstall, $toolInfo, $config, $freq, $headers, $msource, $ping, $notIn, $expHost, $expIp, $zone, $validShell, $interactive, - $popup); + $popup, $all); ## ARGUMENTS use Getopt::Long qw(GetOptions); our %OPT; -Getopt::Long::GetOptions(\%OPT, 'status=s'=>\$Hstatus, 'valid|v=s'=>\$validText, 'none'=>\$noExist, 'wp'=>\$WpSites, 'joom'=>\$JoomSites, 'sql'=>\$xss, 'lfi'=>\$lfi, 'joomrfi'=>\$JoomRfi, 'wpafd'=>\$WpAfd, +Getopt::Long::GetOptions(\%OPT, 'status=s'=>\$Hstatus, 'valid|v=s'=>\$validText, 'wp'=>\$WpSites, 'joom'=>\$JoomSites, 'sql'=>\$xss, 'lfi'=>\$lfi, 'joomrfi'=>\$JoomRfi, 'wpafd'=>\$WpAfd, 'admin'=>\$adminPage, 'shost'=>\$subdomain, 'upload'=>\$mupload, 'zip'=>\$mzip, 'email'=>\$eMails, 'command|c=s'=>\$command, 'md5=s'=>\$mmd5, 'encode64=s'=>\$mencode64, 'decode64=s'=>\$mdecode64, 'port=s'=>\$port, 'index'=>\$mindex, 'host'=>\$mdom, 't|target=s'=>\$Target, 'exp|e=s'=>\$exploit, 'p|param=s'=>\$p, 'tcp'=>\$tcp, 'udp'=>\$udp, 'proxy=s'=>\$proxy, 'proxy-random=s'=>\$prandom, 'help|h'=>\$help, 'save|s=s'=>\$output, 'replace=s'=>\$replace, 'replaceFROM=s'=>\$replaceFROM, 'dork|d=s'=>\$dork, 'level|l=s'=>\$mlevel, 'unique'=>\$unique, 'shell=s'=>\$shell, 'nobanner'=>\$nobanner, 'beep'=>\$beep, 'ifinurl=s'=>\$ifinurl, 'noinfo'=>\$noinfo, 'm|motor=s'=>\$motor, 'timeout=s'=>\$timeout, 'limit=s'=>\$limit, 'update'=>\$checkVersion, 'ip'=>\$searchIps, 'regex=s'=>\$regex, 'sregex=s'=> \$searchRegex, 'noquery'=> \$noQuery, 'ifend'=>\$ifend, 'uninstall'=> \$uninstall, 'post'=>\$post, 'get'=>\$get, 'b-random'=>\$brandom, 'data=s'=>\$data, 'payload=s'=>\$payloads, 'm-random'=>\$mrandom, 'content'=>\$content, - 'tool|?'=>\$toolInfo, 'pass|config'=>\$config, 'freq=s'=>\$freq, 'header=s'=>\$headers, 'source=s'=>\$msource, 'ping'=>\$ping, 'notin=s'=>\$notIn, 'expHost=s'=>\$expHost, - 'expIp=s'=>\$expIp, 'zone=s'=>\$zone, 'interactive'=>\$interactive, 'vshell=s'=>\$validShell, 'popup'=>\$popup) or badArgs(); + 'tool|?'=>\$toolInfo, 'pass|config'=>\$config, 'freq=s'=>\$freq, 'header=s'=>\$headers, 'source=s'=>\$msource, 'ping'=>\$ping, 'exclude=s'=>\$notIn, 'expHost=s'=>\$expHost, + 'expIp=s'=>\$expIp, 'zone=s'=>\$zone, 'interactive'=>\$interactive, 'vshell=s'=>\$validShell, 'popup'=>\$popup, 'all'=>\$all) or badArgs(); ## CHOMP ARGS STRINGS our @toChomp=($Hstatus, $validText, $command, $mmd5, $mencode64, $mdecode64, $port, $Target, $exploit, $p, $proxy, $prandom, $output, diff --git a/inc/conf/atscan b/inc/conf/atscan index bba3d53dd..401b1c799 100644 --- a/inc/conf/atscan +++ b/inc/conf/atscan @@ -7,9 +7,9 @@ _atscan() COMPREPLY=() cur="${COMP_WORDS[COMP_CWORD]}" prev="${COMP_WORDS[COMP_CWORD-1]}" - opts="-v -s -e -h -l -d -p -t -m -c --interactive --target --source --motor --config --ping --freq --status --zone --none --notin --expHost --expIp --valid --tool --wp --joom --sql --lfi --joomrfi + opts="-v -s -e -h -l -d -p -t -m -c --interactive --target --source --motor --config --ping --freq --status --zone --exclude --expHost --expIp --valid --tool --wp --joom --sql --lfi --joomrfi --wpafd --admin --shost --upload --zip --email --command --md5 --encode64 --decode64 --port --index --host --exp --tcp --udp --full --proxy --proxy-random --help --save --replace --with --dork - --level --unique --shell --nobanner --beep --ifinurl --noinfo --time --limit --update --ip --regex --sregex --noquery --ifend --uninstall --post --get --b-random --data --payload --m-random + --level --unique --shell --nobanner --all --beep --ifinurl --noinfo --time --limit --update --ip --regex --sregex --noquery --ifend --uninstall --post --get --b-random --data --payload --m-random --content --source --popup" if [[ ${cur} == -* ]] ; then diff --git a/inc/conf/configure.pl b/inc/conf/configure.pl index bd7acb093..576b77f2c 100644 --- a/inc/conf/configure.pl +++ b/inc/conf/configure.pl @@ -12,7 +12,7 @@ our ($Version, $logoVersion, $scriptUrl, $logUrl, $ipUrl, $conectUrl, $script, $scriptInstall, $script_bac, $scriptbash, $scriptv, $scriptCompletion, $scriptComplInstall, $readme, $uplog, $replace, $replaceFROM); -$Version="13.3.0"; +$Version="14.0.0"; $logoVersion="V $Version"; $scriptUrl="https://raw.githubusercontent.com/AlisamTechnology/ATSCAN/master/atscan.pl"; $logUrl="https://raw.githubusercontent.com/AlisamTechnology/ATSCAN/master/inc/conf/version.log"; diff --git a/inc/conf/main.pl b/inc/conf/main.pl index 047ac5109..7474f2eae 100644 --- a/inc/conf/main.pl +++ b/inc/conf/main.pl @@ -5,7 +5,8 @@ ## Copy@right Alisam Technology see License.txt our (@TODO, @V_WP, @V_JOOM, @XSS, @V_XSS, @LFI, @V_LFI, @E_SHELL, @ADFWP, @V_AFD, @ADMIN, @V_TODO, @SUBDOMAIN, @UPLOAD, @ZIP, @SCAN_TITLE, @RFI, @c, @DT); -our ($paylNote, $V_EMAIL, $V_IP, $V_REGEX, $command, $mmd5, $mencode64, $mdecode64, $mlevel, $Target, $dork, $noExist, $Hstatus, $validText, $data); +our ($paylNote, $V_EMAIL, $V_IP, $V_REGEX, $command, $mmd5, $mencode64, $mdecode64, $mlevel, $Target, $dork, $Hstatus, $validText, + $data); ## PRINT ENGINE RESULTS sub printSearch { @@ -17,7 +18,7 @@ sub printSearch { print $c[3]."[i] ".scalar(grep { defined $_} @aTsearch)." $DT[4]\n"; my $k=getK(0, 0); if (!$k) { - if (defined $noExist || defined $Hstatus || defined $validText) { + if (defined $Hstatus || defined $validText) { ptak(); print $c[11]."[!] ";timer(); print " ::: STARTING VALIDATION PROCESS SCAN.. :::\n"; } makeSscan("", "", "", \@TODO, \@V_TODO, "", "", "1", "", "", "", "", "", "1"); diff --git a/inc/conf/version.log b/inc/conf/version.log index e13ee3e42..01e3533a8 100644 --- a/inc/conf/version.log +++ b/inc/conf/version.log @@ -1,6 +1,6 @@ -ATSCAN SCANNER VERSION 13.3.0 RELEASE +ATSCAN SCANNER VERSION 14.0.0 RELEASE ===================================================== - CHANGES: 14/11/2018 - - Optimization. + CHANGES: 16/11/2018 + - Add multiple validation. - Enjoy! ================= diff --git a/inc/errors/useErrors.pl b/inc/errors/useErrors.pl index e869b1be9..7faf688ec 100644 --- a/inc/errors/useErrors.pl +++ b/inc/errors/useErrors.pl @@ -112,12 +112,4 @@ sub advise_no_file { print $c[2]."[!] Cannot whrite in $no_file !\n"; logoff(); } -## Negative scans -our $noExist; -if (defined $noExist) { - if (!defined $Hstatus && !defined $validText && !defined $ifinurl && !defined $searchRegex){ - print $c[4]."[!] You cannot use --none command here! Use -h for help\n"; logoff(); - } -} - 1; diff --git a/inc/funcs.pl b/inc/funcs.pl index 9ee1a27ab..ff55dd151 100644 --- a/inc/funcs.pl +++ b/inc/funcs.pl @@ -7,8 +7,8 @@ ## FUNCTS our ($payloads, $exploit, $expHost, $data, $mlevel, $dork, $Target, $V_RANG, $noQuery, $mdom, $replace, $replaceFROM, $unique, $ifinurl, $pat2, $limit, $port, $output, $ifend, $ipUrl, $noinfo, - $V_IP, $expIp, $interactive, $command, $uplog, $validShell); -our (@aTscans, @userArraysList, @exploits, @dorks, @aTsearch, @aTcopy, @aTtargets, @c, @OTHERS, @DS, @DT, @TT, @proxies, @ErrT, @defaultHeaders, @userHeaders); + $V_IP, $expIp, $interactive, $command, $uplog, $validShell, $validText, $notIn, $all); +our (@aTscans, @userArraysList, @exploits, @dorks, @aTsearch, @aTcopy, @aTtargets, @c, @OTHERS, @DS, @DT, @TT, @proxies, @ErrT, @defaultHeaders, @userHeaders, @validTexts, @notIns); ## USER PRE-CONFIGURATION our($userSetting, $proxy, $prandom, $password, $brandom, $mrandom, $zone, $motor, $nobanner, $beep, $timeout, $dateupdate, $freq, $method, $checkVersion, $get, $post, $scriptbash); @@ -133,6 +133,10 @@ sub deletSetting { if (defined $expHost) { @exploits=buildArraysLists($expHost); } if (defined $expIp) { @exploits=buildArraysLists($expIp); } +## VALIDATION ARRAYS +if (defined $validText) { @validTexts=buildArraysLists($validText); } +if (defined $notIn) { @notIns=buildArraysLists($notIn); } + ## MAX POSITIVE SCAN RESULTS ## Change for more positive scans!! $limit="500" if !defined $limit; @@ -547,23 +551,13 @@ sub checkFilters { ## GET FILTRED URLS sub filterUr { my ($URL, $dorkToCheeck)=@_; - our $noExist; my $U=""; - if (defined $noExist) { - if (defined $unique || $unique) { - if (index($URL, $dorkToCheeck) == -1) { $U=$URL; } - } - if (defined $ifinurl) { - if (index($URL, $ifinurl) == -1) { $U=$URL; } - } - }else{ - if (defined $unique || $unique) { - if (index($URL, $dorkToCheeck) != -1) { $U=$URL; } - } - if (defined $ifinurl) { - if (index($URL, $ifinurl) != -1) { $U=$URL; } - } - } + if (defined $unique || $unique) { + if (index($URL, $dorkToCheeck) != -1) { $U=$URL; } + } + if (defined $ifinurl) { + if (index($URL, $ifinurl) != -1) { $U=$URL; } + } return $U; } @@ -588,7 +582,7 @@ sub checkHeaders { ## END SCAN PROCESS sub subfin { our $ifend; - print $c[2]."[!] "; timer(); print " $DT[3]!\n"; + print $c[4]."[!] "; timer(); print " $DT[3]!\n"; if (defined $ifend || $ifend) { print chr(7); } } @@ -602,13 +596,8 @@ sub countResultLists { ## SEARCH REGEX FILTER sub doRegex { my $searchRegex=$_[0]; - our $noExist; for my $URL(@aTsearch) { - if (defined $noExist) { - if ($URL!~/$searchRegex/) { saveCopy($URL); } - }else{ - if ($URL=~/$searchRegex/) { saveCopy($URL); } - } + if ($URL=~/$searchRegex/) { saveCopy($URL); } } } @@ -734,7 +723,7 @@ sub printProxy { sub Targs { our ($mindex, $Hstatus, $validText); my @Targs=($xss, $data, $lfi, $ifinurl, $WpSites, $Hstatus, $validText, $adminPage, $subdomain, $JoomRfi, $WpAfd, $mindex, $port, $mupload, $mzip, $JoomSites, $eMails, $searchIps, - $regex, $command, $ping, $interactive, $validShell); + $regex, $command, $ping, $interactive, $validShell, $notIn); my $Targ=0; for (@Targs) { $Targ++ if defined $_; } return $Targ; diff --git a/inc/help.pl b/inc/help.pl index 9536bd7ff..a061e4534 100644 --- a/inc/help.pl +++ b/inc/help.pl @@ -85,9 +85,10 @@ ." atscan -d -l --unique \n\n"; ltak(); print $c[12]." SCAN VALIDATION: \n".$c[10] - ." atscan -t [--status | --valid ] \n" + ." atscan -t [--status | --valid | --valid ] \n" + ." atscan -t [--status | --valid --all] \n" + ." atscan -t [--status | --exclude | --exclude ] \n" ." atscan -t --vshell \n" - ." atscan -t [--status | --valid --none] \n" ." atscan -d -l --exp/expHost --status | --valid \n" ." atscan -d -l --replace \"string \=\> new_string\" --status | --valid \n" ." atscan -d -l [--admin | --sql ..] --status | --valid \n" diff --git a/inc/interactive/values.pl b/inc/interactive/values.pl index b7724d5f9..f8a1124f3 100644 --- a/inc/interactive/values.pl +++ b/inc/interactive/values.pl @@ -44,12 +44,12 @@ our %ARGUMENTSALL=("status"=>"status code", "valid"=>"content by string", "vshell"=>"validate by url", "exp"=>"exploit", "proxy"=>"use proxy", "proxy-random"=>"random proxy", "save"=>"output file", "replace"=>"Exact string replace", "replaceFROM"=>"full string replace", "ifinurl"=>"valid url by string", "noquery"=>"remove query string", "b-random"=>"random browser", "content"=>"response content", "expHost"=>"exploit host", "expIp"=>"exploit target ip", "timeout"=>"browser time out", "host"=>"host name"); -our @ARGUMENTSALL=('status', 'valid', '', 'exp', 'proxy', 'proxy-random', 'save', 'replace', 'replaceFROM', 'ifinurl', 'noquery', 'b-random', 'content', 'expHost', 'expIp', 'timeout', 'host'); +our @ARGUMENTSALL=('status', 'valid', 'vshell', 'exp', 'proxy', 'proxy-random', 'save', 'replace', 'replaceFROM', 'ifinurl', 'noquery', 'b-random', 'content', 'expHost', 'expIp', 'timeout', 'host'); ## NOT REQUIRE A VALUE -our @NoValRequierd=('none', 'host', 'tcp', 'udp', 'full', 'unique', 'nobanner', 'beep', 'noinfo', 'update', 'ip', 'noquery', 'ifend', 'post', 'get', 'b-random', 'm-random', 'content', 'ping', +our @NoValRequierd=('host', 'tcp', 'udp', 'full', 'unique', 'nobanner', 'beep', 'noinfo', 'update', 'ip', 'noquery', 'ifend', 'post', 'get', 'b-random', 'm-random', 'content', 'ping', 'HOST', 'PORT', 'HOSTIP', 'TARGET', 'sql', 'lfi', 'wpafd', 'admin', 'index', 'wp', 'joom', 'zip', 'email', 'ip', 'ports', 'commands', 'form', 'search', 'normal', - 'advanced', 'joomrfi', 'shost', 'email', 'decrypt', 'nomodule', 'popup'); + 'advanced', 'joomrfi', 'shost', 'email', 'decrypt', 'nomodule', 'popup', 'all'); ## DATA ARGUMENTS our @INTERDataScan=('post', 'get', 'data', 'header', 'upload'); @@ -84,9 +84,9 @@ our %ENGINEARGUMENTS=(%ENGINEARGUMENTS, %INTERdork, %INTERtarget, %INTERSearchScans, %INTERlevel); ## ADVANCED MODE -our @INTERadvanced=("nobanner", "beep", "noinfo", "ifend", "freq", "regex", "sregex", "none", "notin", "source", "limit"); +our @INTERadvanced=("nobanner", "beep", "noinfo", "ifend", "freq", "regex", "sregex", "exclude", "all", "source", "limit"); our %INTERadvanced=("nobanner"=>"hide banner", "beep"=>"beep sound", "noinfo"=>"hide target info", "ifend"=>"beep at end", "freq"=>"random frequency", "regex"=>"get matching regex", - "sregex"=>"valid url by regex", "none"=>"negative validation", "notin"=>"no string in html", "source"=>"html output folder", "limit"=>"max positive scans"); + "sregex"=>"valid url by regex", "exclude"=>"negative validation", "all"=>"validate all", "source"=>"html output folder", "limit"=>"max positive scans"); ############################################################################################## 1; diff --git a/inc/search/print.pl b/inc/search/print.pl index d5b1c53dc..cb644c526 100644 --- a/inc/search/print.pl +++ b/inc/search/print.pl @@ -4,8 +4,8 @@ use FindBin '$Bin'; ## Copy@right Alisam Technology see License.txt -our ($limit, $get, $post, $Hstatus, $validText, $noExist, $content, $beep, $output, $msource, $notIn, $expHost, $expIp, $command, $data, $validShell, - @c, @DT, @DS, @TT, @aTsearch, @aTscans, @data); +our ($limit, $get, $post, $Hstatus, $validText, $content, $beep, $output, $msource, $notIn, $expHost, $expIp, $command, $all, + $data, $validShell, @c, @DT, @DS, @TT, @aTsearch, @aTscans, @data, @validTexts, @notIns, @exists, @notExists); ## BUILD SCAN RESULTS LISTS sub buildPrint { @@ -62,15 +62,28 @@ sub buildPrint { ## BUILD SCAN RESULTS LISTS sub titleSCAN { my $o=OO(); + my $html=$_[0]; if ($o<$limit) { if ((defined $Hstatus) || (defined $validText)) { print $c[1]." $DS[12] "; - if (defined $noExist) { print $c[10]."None: "; } - if (defined $validText) { print $c[10]."$validText "; } + if (defined $validText) { + if (defined $all) { print $c[10]."[All] "; } + print $c[10]."$validText "; + if (!defined $all) { + for my $ffff(@validTexts) { + if ($html=~m/\b$ffff\b/) { + print $c[4]."[$ffff]"; + } + } + } + + } if (defined $Hstatus) { print $c[10]."$DS[13] $Hstatus "; } print "\n"; } - if (defined $notIn) { print $c[1]." Filter $c[10]\[None: $notIn]\n"; } + if (defined $notIn) { + print $c[1]." EXCLUDE $c[10]\[$notIn]\n"; + } print $c[1]." $DS[4] "; } } @@ -84,15 +97,15 @@ sub printResults { my $o=OO(); if ($o<$limit) { if ($result) { - titleSCAN() if $result && (defined $Hstatus || defined $validText || defined $notIn || defined $validShell); + titleSCAN($html) if $result && (defined $Hstatus || defined $validText || defined $notIn || defined $validShell); validateResult($URL1, $status, $html, $response, $result); } elsif ($reg) { getRegex($URL1, $html, $reg); } elsif ($data) { - titleSCAN(); formData($URL1, $html, $status, $response); + titleSCAN($html); formData($URL1, $html, $status, $response); }else{ - titleSCAN(); + titleSCAN($html); if ($isFilter) { if ($html=~/$filter/) { validateResult($URL1, $status, $html, $response, ""); @@ -155,21 +168,44 @@ sub ifShellSuccess { return $ccv; } +## GET VALIDATION PARTS +sub getValidationParts { + my ($html, $validType, $validRef)=@_; + my @validationArray=@{ $validType }; + my $validation_number=0; + (@exists, @notExists)=(); + for my $validPart(@validationArray) { + if ($html=~m/\b$validPart\b/) { + $validation_number++; + if ($validRef eq 1) { + push @exists, $validPart; + }else{ + push @notExists, $validPart; + } + } + } + return $validation_number; +} ## CHECK VALIDATION SEARCH RESULTS / TARGETS LIST sub checkValidation { my ($URL1, $status, $html, $response, $result)=@_; my $cV=$URL1; - if (defined $noExist || defined $Hstatus || $validText) { - if (defined $noExist) { - if (defined $Hstatus) { if ($status == $Hstatus) { $cV=""; } } - if (defined $validText) { if ($html=~m/\b$validText\b/) { $cV=""; } } + if (defined $Hstatus) { if ($status ne $Hstatus) { $cV=""; } } + if (defined $validText) { + my $validation_number = getValidationParts($html, \@validTexts, "1"); + if (defined $all) { + if (scalar(grep { defined $_} @validTexts) ne scalar(grep { defined $_} @exists)) { $cV=""; } }else{ - if (defined $Hstatus) { if ($status ne $Hstatus) { $cV=""; } } - if (defined $validText) { if ($html!~m/\b$validText\b/) { $cV=""; } } + if ($validation_number <= 0) { $cV=""; } } } - if (defined $notIn) { if (index($html, $notIn) != -1) { $cV=""; } } + + if (defined $notIn) { + my $notin_number = getValidationParts($html, \@notIns, "2"); + if ($notin_number > 0) { $cV=""; } + } + if (defined $validShell) { my $isUploaded=checkUloadedShell($URL1); if (!$isUploaded) { $cV=""; } diff --git a/inc/search/process.pl b/inc/search/process.pl index 7700058b3..6f99bf7e6 100644 --- a/inc/search/process.pl +++ b/inc/search/process.pl @@ -5,7 +5,7 @@ ## Copy@right Alisam Technology see License.txt our ($browserLang, $mrand, $motorparam, $motor, $motor1, $motor2, $motor3, $motor4, $motor5, $mrandom, $googleDomain, $prandom, $proxy, $psx, $mlevel, $ifinurl, $unique, $mdom, - $searchRegex, $Target, $dork, $ua, $Id, $MsId, $V_SEARCH,$nolisting, $mindex, $headers, $zone, $agent, $noExist, $notIn, $expHost, $mupload, $expIp, $popup, $JoomSites, $WpSites); + $searchRegex, $Target, $dork, $ua, $Id, $MsId, $V_SEARCH,$nolisting, $mindex, $headers, $zone, $agent, $notIn, $expHost, $mupload, $expIp, $popup, $JoomSites, $WpSites); our (@motor, @TODO, @V_TODO, @c, @TT, @DS, @DT, @dorks, @SCAN_TITLE, @motors, @mrands, @aTsearch, @proxies); our ($limit, $post, $get, $replace, $output, $data, $noQuery, $V_IP, $replaceFROM, $eMails, $searchIps, $brandom, $validShell, $noinfo, $timeout, $method, $command, @defaultHeaders, @OTHERS, @ErrT); @@ -101,7 +101,6 @@ sub printDork { print $c[1]."[::] $DS[18] $c[10] [$mlevel]\n"; if (defined $ifinurl || defined $unique || $unique || defined $searchRegex) { print $c[1]."[::] $SCAN_TITLE[24] $c[10]"; - if (defined $noExist) { print "[None]"; } if (defined $ifinurl) { print "[$TT[19]\]"; } if (defined $unique || $unique) { print "[$DS[30]\]"; } if (defined $searchRegex) { print " [$searchRegex]"; } @@ -285,8 +284,8 @@ sub getRegex { my ($URL1, $html, $reg)=@_; my $o=OO(); if ($o<$limit) { - if (!defined $searchIps and !defined $eMails) { print $c[1]." $SCAN_TITLE[25] $c[10]"; - if (defined $noExist) { print "[None: "; } + if (!defined $searchIps and !defined $eMails) { + print $c[1]." $SCAN_TITLE[25] $c[10]"; print "$reg] \n"; } titleSCAN(); diff --git a/inc/theme/dialog.pl b/inc/theme/dialog.pl index d6a165116..0e0aadaad 100644 --- a/inc/theme/dialog.pl +++ b/inc/theme/dialog.pl @@ -91,13 +91,12 @@ sub interHelp { ."$c[5] --header $c[10] | Set headers Ex: --header \"Authorization => 'Basic YWRtaW46YWRtaW4', keep_alive => '1'\" \n" ."$c[5] --ping $c[10] | Ping host. \n" ."$c[5] --host $c[10] | Domain name [Ex: site.com] \n" - ."$c[5] --valid | -v $c[10] | Validate by string \n" + ."$c[5] --valid | -v $c[10] | Validate strings at least 1 is matching\n" + ."$c[5] --all $c[10] | Validate all strings are matching\n" + ."$c[5] --exclude $c[10] | Validate by excluding strings\n" ."$c[5] --status $c[10] | Validate by http header status \n" ."$c[5] --ifinurl $c[10] | Get targets with exact string matching\n" ."$c[5] --sregex $c[10] | Get targets with exact regex matching\n" - ."$c[5] --none $c[10] | Get negative validation or engine regex matching.\n" - ."$c[5] $c[10] | use with -v --status --ifinurl --s/regex commands\n" - ."$c[5] --notin $c[10] | Get targets where string does not exist in html\n" ."$c[5] --replace $c[10] | Exact string to replace \n" ."$c[5] --replaceFROM $c[10] | Replace from string to the end of target\n" ."$c[5] --exp | -e $c[10] | Exploit/Payload will be added to full target\n"
Tool:ATSCAN V 13.3.0 ATSCAN V 14.0.0
Codename:4n0n4t
--valid / -v Validate by string
Validate by string at least 1 is matching
--all Validate all given strings
--status Validate by http header status Get targets with exact regex matching
--none Get negative validation or engine regex matching
--notin Get targets where string doesnot exist in html--exclude Get targets where strings do not exist in html
--unique