Pre-build commit
Devon Kearns
11 years ago
| 0 | davtest (1.0-1kali0) kali; urgency=low | |
| 1 | ||
| 2 | * Initial release | |
| 3 | ||
| 4 | -- dookie <[email protected]> Mon, 12 Nov 2012 08:41:04 -0700 |
| 0 | 8 |
| 0 | Source: davtest | |
| 1 | Section: net | |
| 2 | Priority: extra | |
| 3 | Maintainer: dookie <[email protected]> | |
| 4 | Build-Depends: debhelper (>= 8.0.0) | |
| 5 | Standards-Version: 3.9.3 | |
| 6 | Homepage: http://code.google.com/p/davtest/ | |
| 7 | Vcs-Git: ssh://[email protected]/packages/davtest.git | |
| 8 | Vcs-Browser: http://git.kali.org/gitweb/?p=packages/davtest.git;a=summary | |
| 9 | ||
| 10 | Package: davtest | |
| 11 | Architecture: all | |
| 12 | Depends: ${misc:Depends}, perl, libhttp-dav-perl | |
| 13 | Description: Testing tool for WebDAV servers | |
| 14 | DAVTest tests WebDAV enabled servers by uploading test | |
| 15 | executable files, and then (optionally) uploading files | |
| 16 | which allow for command execution or other actions directly | |
| 17 | on the target. It is meant for penetration testers to | |
| 18 | quickly and easily determine if enabled DAV services are | |
| 19 | exploitable. |
| 0 | Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ | |
| 1 | Upstream-Name: davtest | |
| 2 | Source: http://code.google.com/p/davtest/ | |
| 3 | ||
| 4 | Files: * | |
| 5 | Copyright: 2010 Sunera, LLC. | |
| 6 | ||
| 7 | License: GPL-3+ | |
| 8 | This program is free software: you can redistribute it and/or modify | |
| 9 | it under the terms of the GNU General Public License as published by | |
| 10 | the Free Software Foundation, either version 3 of the License, or | |
| 11 | (at your option) any later version. | |
| 12 | . | |
| 13 | This program is distributed in the hope that it will be useful, | |
| 14 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 16 | GNU General Public License for more details. | |
| 17 | . | |
| 18 | You should have received a copy of the GNU General Public License | |
| 19 | along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 20 | ||
| 21 | Files: debian/* | |
| 22 | Copyright: 2012 dookie <[email protected]> | |
| 23 | License: GPL-2+ | |
| 24 | This package is free software; you can redistribute it and/or modify | |
| 25 | it under the terms of the GNU General Public License as published by | |
| 26 | the Free Software Foundation; either version 2 of the License, or | |
| 27 | (at your option) any later version. | |
| 28 | . | |
| 29 | This package is distributed in the hope that it will be useful, | |
| 30 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 31 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 32 | GNU General Public License for more details. | |
| 33 | . | |
| 34 | You should have received a copy of the GNU General Public License | |
| 35 | along with this program. If not, see <http://www.gnu.org/licenses/> | |
| 36 | . | |
| 37 | On Debian systems, the complete text of the GNU General | |
| 38 | Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". |
| 0 | debian/kali-davtest.desktop usr/share/applications/ | |
| 1 | backdoors/ usr/share/davtest/ | |
| 2 | tests/ usr/share/davtest/ | |
| 3 | davtest.pl usr/bin/ |
| 0 | usr/share/davtest |
| 0 | README.txt |
| 0 | [Desktop Entry] | |
| 1 | Name=davtest | |
| 2 | Encoding=UTF-8 | |
| 3 | Exec=sh -c "davtest.pl;sudo -s" | |
| 4 | Icon=kali-menu.png | |
| 5 | StartupNotify=false | |
| 6 | Terminal=true | |
| 7 | Type=Application | |
| 8 | Categories=03-01-web-application-analysis;03-05-web-exploitation-tools; |
| 0 | Edited davtest.pl to point to /usr/share/davtest/ | |
| 1 | for the tests and backdoors directories. | |
| 2 | ||
| 3 | --- a/davtest.pl | |
| 4 | +++ b/davtest.pl | |
| 5 | @@ -203,7 +203,7 @@ if ($OPTIONS{'sendbackdoors'} ne '') { | |
| 6 | foreach my $type (keys %tests) { | |
| 7 | if ($tests{$type}->{'execute'} eq 1) { | |
| 8 | if (($OPTIONS{'sendbackdoors'} eq $type) || ($OPTIONS{'sendbackdoors'} eq 'auto')) { | |
| 9 | - my @files = dirlist("backdoors/", ".*\.$type"); | |
| 10 | + my @files = dirlist("/usr/share/davtest/backdoors/", ".*\.$type"); | |
| 11 | if ($files[0] eq '') { | |
| 12 | print STDERR "** ERROR: Unable to find a backdoor for $type **\n" | |
| 13 | unless $OPTIONS{'quiet'}; | |
| 14 | @@ -215,7 +215,7 @@ if ($OPTIONS{'sendbackdoors'} ne '') { | |
| 15 | my $txtfile = $filesid . $files[$i]; | |
| 16 | if ($filesid ne '') { $txtfile = $filesid . "_" . $txtfile; } | |
| 17 | $txtfile =~ s/\.$oext$/_$oext\.txt/; | |
| 18 | - if (put_local_file("$OPTIONS{'url'}/$txtfile", "backdoors/$files[$i]")) | |
| 19 | + if (put_local_file("$OPTIONS{'url'}/$txtfile", "/usr/share/davtest/backdoors/$files[$i]")) | |
| 20 | { | |
| 21 | print "PUT\ttxt\tSUCCEED:\t$OPTIONS{'url'}/$txtfile\n" | |
| 22 | unless $OPTIONS{'quiet'}; | |
| 23 | @@ -241,7 +241,7 @@ if ($OPTIONS{'sendbackdoors'} ne '') { | |
| 24 | else { | |
| 25 | my $putfile = $files[$i]; | |
| 26 | if ($filesid ne '') { $putfile = $filesid . "_" . $putfile; } | |
| 27 | - if (put_local_file("$OPTIONS{'url'}/$putfile", "backdoors/$files[$i]")) | |
| 28 | + if (put_local_file("$OPTIONS{'url'}/$putfile", "/usr/share/davtest/backdoors/$files[$i]")) | |
| 29 | { | |
| 30 | print "PUT Shell:\t$type\tSUCCEED:\t$OPTIONS{'url'}/$putfile\n" | |
| 31 | unless $OPTIONS{'quiet'}; | |
| 32 | @@ -385,9 +385,9 @@ sub generate_tests { | |
| 33 | my $sid = $_[0]; | |
| 34 | my %tests; | |
| 35 | ||
| 36 | - my @files = dirlist("tests/", ".*\.txt"); | |
| 37 | + my @files = dirlist("/usr/share/davtest/tests/", ".*\.txt"); | |
| 38 | foreach my $file (@files) { | |
| 39 | - open(TESTFILE, "<tests/$file") || die print "Unable to open '$file': $!\n"; | |
| 40 | + open(TESTFILE, "</usr/share/davtest/tests/$file") || die print "Unable to open '$file': $!\n"; | |
| 41 | my $type = $file; | |
| 42 | $type =~ s/\.txt$//; | |
| 43 | $tests{$type}->{'filename'} = "davtest_" . $sid . "." . $type; | |
| 44 | @@ -402,7 +402,7 @@ sub generate_tests { | |
| 45 | my $value = $2; | |
| 46 | if (($key eq '') || ($value eq '')) { | |
| 47 | delete $tests{$type}; | |
| 48 | - print STDERR "** ERROR: 'tests/$file' is not a valid test file **\n"; | |
| 49 | + print STDERR "** ERROR: '/usr/share/davtest/tests/$file' is not a valid test file **\n"; | |
| 50 | next; | |
| 51 | } | |
| 52 | ||
| 53 | @@ -416,7 +416,7 @@ sub generate_tests { | |
| 54 | } | |
| 55 | close(TESTFILE); | |
| 56 | if (($tests{$type}->{'content'} eq '') || ($tests{$type}->{'execmatch'} eq '')) { | |
| 57 | - print STDERR "** ERROR: 'tests/$file' is not a valid test file **\n"; | |
| 58 | + print STDERR "** ERROR: '/usr/share/davtest/tests/$file' is not a valid test file **\n"; | |
| 59 | delete $tests{$type}; | |
| 60 | } | |
| 61 | } |
| 0 | change-dir-locations |
| 0 | #!/usr/bin/make -f | |
| 1 | # -*- makefile -*- | |
| 2 | # Sample debian/rules that uses debhelper. | |
| 3 | # This file was originally written by Joey Hess and Craig Small. | |
| 4 | # As a special exception, when this file is copied by dh-make into a | |
| 5 | # dh-make output file, you may use that output file without restriction. | |
| 6 | # This special exception was added by Craig Small in version 0.37 of dh-make. | |
| 7 | ||
| 8 | # Uncomment this to turn on verbose mode. | |
| 9 | #export DH_VERBOSE=1 | |
| 10 | ||
| 11 | %: | |
| 12 | dh $@ |
| 0 | 3.0 (quilt) |